public static bool IsPermitted(FunctionSecurityContext fsc) { bool Ret = false; if (null != fsc) { FunctionPermissionList fpl = LoadUserPermissionsEx(LoginToken.LoginUser.ID, fsc.ObjectName); FunctionPermission fp = fpl[fsc.FunctionName]; if (null != fp) { if (EnumPermission.Allow == fp.Permission) { if (fp.Restricted && 0 != fsc.ObjectID) { Ret = (fsc.OwnerID == LoginToken.LoginUser.ID); } else { Ret = true; // function not restricted, or no specific object } } } else { Ret = true; // function is not secured } } else { Ret = true; // no secuirty context } return(Ret); }
public static void VerifyPermission(FunctionSecurityContext fsc) { if (!IsPermitted(fsc)) { Navigate(fsc.FunctionName, fsc.ObjectName, fsc.ObjectID.ToString()); } }
public override void OnActionExecuting(ActionExecutingContext filterContext) { string ObjectName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; FunctionSecurityContext fsc = new FunctionSecurityContext(Functions.FunctionName_Browse, ObjectName, 0); if (!BypassSecurity) { PermissionHelper.VerifyPermission(fsc); } base.OnActionExecuting(filterContext); }