public AppPermission(string _userName)
{
this.userName = _userName.ToLower();
fAdmin = CheckAdmin(userName);
IUserBussiness iUserBussiness = new UserBussiness();
userInfo = iUserBussiness.getByUserName(userName);
List<string> lstActionCode = new List<string>();
if(fAdmin)
{
lstMenu = iUserBussiness.getMenuByAction(lstActionCode, true);
return;
}
List<SysAction> lstAction = iUserBussiness.getActionByUserName(userName);
lstActionCode = lstAction.Select(a => a.Code).ToList();
if (lstAction != null && lstAction.Count > 0)
{
lstMenu = iUserBussiness.getMenuByAction(lstActionCode);
buildPermisson(lstAction);
}
else
{
lstMenu = new List<MenuView>();
}
lstActionCode = null;
lstAction = null;
iUserBussiness.Dispose();
}
public BaseController()
: base()
{
this.permisson = new PermissonController();
ViewBag.Permisson = this.permisson;
userInfo = null;
}
public int AddUser(UserModel user)
{
var userInfor = new UserInfo() ;
userInfor.Id = user.Id;
userInfor.DislayName = user.DislayName;
userInfor.UnitCode = user.UnitCode;
userInfor.Level = user.Level;
userInfor.CreateBy = user.CreateBy;
userInfor.CreateDate = user.CreateDate;
userInfor.Status = (int)Enums.RecordStatusCode.active;
db.UserInfoes.Add(userInfor);
return db.SaveChanges();
}
protected override void OnAuthorization(AuthorizationContext filterContext)
{
bool skipAuthorization = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true)
|| filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true);
if (skipAuthorization)
return;
var user = filterContext.HttpContext.User;
if (user == null || !user.Identity.IsAuthenticated)
{
filterContext.Result = new HttpUnauthorizedResult();
return;
}
if (Session[Application.Session.Permisson] == null)
{
filterContext.Result = new HttpUnauthorizedResult();
return;
}
AppPermission appPermission = Session[Application.Session.Permisson] as AppPermission;
this.userInfo = appPermission.UserInfo;
string areaName = filterContext.RequestContext.RouteData.DataTokens["Area"] as string?? "";
string controllnerName = filterContext.RequestContext.RouteData.Values["Controller"].ToString();
string actionName = filterContext.RequestContext.RouteData.Values["Action"].ToString();
this.permisson = appPermission.getPermision(areaName, controllnerName);
permisson.appPermisson = appPermission;
ViewBag.Permisson = this.permisson;
if (!permisson.hasPermisson(actionName))
{
filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden);
return;
}
if (Session[Application.Session.Message] != null)
{
ViewBag.Message = Session[Application.Session.Message];
Session[Application.Session.Message] = null;
}
base.OnAuthorization(filterContext);
}
public int EditUser(UserModel user)
{
UserInfo userInfor = db.UserInfoes.Find(user.Id);
userInfor.DislayName = user.DislayName;
userInfor.UnitCode = user.UnitCode;
userInfor.Level = user.Level;
userInfor.Status = (int)Enums.RecordStatusCode.active;
userInfor.ModifyBy = user.ModifyBy;
userInfor.ModifyDate = user.ModifyDate;
db.Entry(userInfor).State = EntityState.Modified;
return db.SaveChanges();
}