public static bool IsPermitted(FunctionSecurityContext fsc)
        {
            bool Ret = false;

            if (null != fsc)
            {
                FunctionPermissionList fpl = LoadUserPermissionsEx(LoginToken.LoginUser.ID, fsc.ObjectName);
                FunctionPermission     fp  = fpl[fsc.FunctionName];
                if (null != fp)
                {
                    if (EnumPermission.Allow == fp.Permission)
                    {
                        if (fp.Restricted && 0 != fsc.ObjectID)
                        {
                            Ret = (fsc.OwnerID == LoginToken.LoginUser.ID);
                        }
                        else
                        {
                            Ret = true; // function not restricted, or no specific object
                        }
                    }
                }
                else
                {
                    Ret = true; // function is not secured
                }
            }
            else
            {
                Ret = true; // no secuirty context
            }
            return(Ret);
        }
 public static void VerifyPermission(FunctionSecurityContext fsc)
 {
     if (!IsPermitted(fsc))
     {
         Navigate(fsc.FunctionName, fsc.ObjectName, fsc.ObjectID.ToString());
     }
 }
Esempio n. 3
0
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            string ObjectName           = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
            FunctionSecurityContext fsc = new FunctionSecurityContext(Functions.FunctionName_Browse, ObjectName, 0);

            if (!BypassSecurity)
            {
                PermissionHelper.VerifyPermission(fsc);
            }
            base.OnActionExecuting(filterContext);
        }