public override void OnAuthorization(AuthorizationContext filterContext)
{
bool authorized = false;
if (AllowAnonymous || (Cookies.IsLoggedIn && AllowedRoles.Length == 0))
{
authorized = true;
}
else if (Cookies.IsLoggedIn)
{
_iDCredential = new DCredential();
_iDRole = new DRole();
_iFCredential = new FCredential(_iDCredential);
_iFRole = new FRole(_iDRole);
authorized = _iFRole.HasRole(Cookies.CredentialId, AllowedRoles);
}
if (!authorized && !string.IsNullOrEmpty(RedirectController) && !string.IsNullOrEmpty(RedirectMethod))
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = RedirectController, action = RedirectMethod }));
}
else if (!authorized)
{
filterContext.Result = new HttpUnauthorizedResult();
}
}
protected override bool IsAuthorized(HttpActionContext actionContext)
{
bool authorized = false;
if (AllowAnonymous || (Claims.IsLoggedIn && AllowedRoles.Length == 0))
{
authorized = true;
}
else if (Claims.IsLoggedIn)
{
authorized = _iFRole.HasRole(Claims.CredentialId, AllowedRoles);
}
return(authorized);
}