public override void OnAuthorization(AuthorizationContext filterContext)
{
AuthorizeDbContext _db = new AuthorizeDbContext();
var userlogged = Exts.UserLogged();
//List<string> permission = new List<string> { "Product-Index"};
var permission = _db.Permission.Single(i => i.RoleId == userlogged.RoleId).ListPermission.Split(';');
string currentControllerAction = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName + "-" + filterContext.ActionDescriptor.ActionName;
if (!permission.Contains(currentControllerAction))
{
filterContext.Result = new RedirectResult("~/Account/AccessDenied");
}
}
public static User UserLogged()
{
AuthorizeDbContext _db = new AuthorizeDbContext();
return(_db.User.Single(i => i.Username == HttpContext.Current.User.Identity.Name));
}