Esempio n. 1
0
        public void authorize(object sender, EventArgs e)
        {
            HttpApplication application = (HttpApplication)sender;

            if (existValidUser())
            {
                using (SecurityDAO secDAO = new SecurityDAO())
                {
                    Menu menu = secDAO.GetMenuByPath(getVirtualPathAsLowerCase(application));
                    if (menu != null)
                    {
                        foreach (Role menuRole in secDAO.GetRolesFor(menu))
                        {
                            if (!userIsInRole(application, menuRole))
                            {
                                throw new HttpException(401, "UnAuthorized access to " + application.Request.Path);
                            }
                        }
                    }
                }
            }
        }