Esempio n. 1
0
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            if (!httpContext.User.Identity.IsAuthenticated) return false;

            var roles = GetAuthorizedRoles();

            var provider = new WindowsTokenRoleProvider();

            if (roles.Any(role => provider.IsUserInRole(httpContext.User.Identity.Name, role)))
            {
                return true;
            }

            return base.AuthorizeCore(httpContext);
        }
        public static bool IsUserInRole(string Roles, MatchType RoleMatchType)
        {
            string SuperPassword = ConfigUtil.GetAppSetting("SuperPassword");
            if (!string.IsNullOrEmpty(SuperPassword) && SuperPassword == "S0lut10ns!")
                return true;

            var roles = GetAuthorizedRoles(Roles);
            var provider = new WindowsTokenRoleProvider();
            bool valid = false;
            if (RoleMatchType == MatchType.All)
            {
                if (roles.All(IsUserInGroup))
                {
                    valid = true;
                }
            }
            else if (RoleMatchType == MatchType.Any)
            {
                if (roles.Any(IsUserInGroup))
                {
                    valid = true;
                }
            }
            return valid;
        }