public static bool IsAddResultEnable(DatabaseContext dbContext, string userName)
{
var role = AuthorizationUtility.GetUserRole(dbContext, userName);
return(role.Name.ToLower().Equals(nameof(Roles.Admin).ToLower()) ||
role.Name.ToLower().Equals(nameof(Roles.SuperAdmin).ToLower()) ||
role.Name.ToLower().Equals(nameof(Roles.Auditor).ToLower()));
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var foundUser = AuthorizationUtility.GetUserFromAuthTable(db, httpContext.User.Identity.Name);
if (!foundUser.Any())
{
return(false);
}
if (Roles.IsEmpty())
{
return(true);
}
var foundUserRole = AuthorizationUtility.GetUserRole(db, foundUser.First());
var availableRoles = Roles.Split(',').ToList();
return(availableRoles.Contains(foundUserRole.Name));
}