protected override bool IsAuthorized(HttpActionContext actionContext)
{
bool isAuthorized = false;
MemoryCache memCache = MemoryCache.Default;
string lControllerAction = actionContext.ActionDescriptor.ControllerDescriptor.ControllerName + "." + actionContext.ActionDescriptor.ActionName;
List <SecurityFormControlConfigGridDTO> data;
data = (List <SecurityFormControlConfigGridDTO>)memCache.Get("RolePermissions");
if (data == null)
{
AdministrationController adminController = new AdministrationController(new SecurityControlService(new UnitOfWork()), new SecurityFormService(new UnitOfWork()), new SecurityFormControlService(new UnitOfWork()), new SecurityFormControlControlConfigService(new UnitOfWork()));
data = adminController.GetSecurityActionConfig(Convert.ToInt32(ConfigurationManager.AppSettings["SecurityApplicationId"]));
memCache.Add("RolePermissions", data, DateTimeOffset.UtcNow.AddDays(Convert.ToDouble(System.Web.Configuration.WebConfigurationManager.AppSettings["CacheRolePermissionDays"])));
}
if (data != null)
{
List <SecurityFormControlConfigGridDTO> filteredList = data.FindAll(permissionObj => permissionObj.SecurityFormControlName.ToUpper() == lControllerAction.ToUpper() && permissionObj.SecurityControlDesc == "ControllerAction");
foreach (SecurityFormControlConfigGridDTO obj in filteredList)
{
if (actionContext.RequestContext.Principal.IsInRole(obj.RoleDescription))
{
isAuthorized = obj.IsVisible;
break;
}
}
}
return(isAuthorized);
}
