public override bool IsAuthorized(AuthFilterContext context) { var authenticated = Thread.CurrentPrincipal.Identity.IsAuthenticated; var portalSettings = PortalSettings.Current; var currentUser = UserController.Instance.GetCurrentUserInfo(); var administratorRoleName = Constants.AdminsRoleName; if (portalSettings != null) { administratorRoleName = portalSettings.AdministratorRoleName; } var isHost = currentUser.IsSuperUser; var isAdmin = currentUser.IsInRole(administratorRoleName); var isRegular = currentUser.UserID > 0; if (authenticated && isHost) { return(true); } //when there have excluded roles defined, and current user in the role. the service call will failed. if (!string.IsNullOrEmpty(Exclude)) { foreach (var roleName in Exclude.Split(';')) { var cleanRoleName = roleName.Trim(); if (!string.IsNullOrEmpty(cleanRoleName)) { if (currentUser.IsInRole(cleanRoleName)) { return(false); } } } } //if menu identifier defined, then will check the menu permission, multiple identifier should split with ",". if (!string.IsNullOrEmpty(MenuName)) { if (isAdmin) { return(true); } var hasPermission = false; MenuName.Split(',').ForEach(menuName => { if (!hasPermission) { var menuItem = GetMenuByIdentifier(menuName); if (menuItem != null && portalSettings != null) { hasPermission = PersonaBarController.Instance.IsVisible(portalSettings, portalSettings.UserInfo, menuItem); } } }); return(hasPermission); } //when menu identifier not defined, will check the service scope permission. switch (Scope) { case ServiceScope.Admin: return(authenticated && isAdmin); case ServiceScope.Regular: if (portalSettings != null) { //if user have ability on any persona bar menus, then need allow to request api. return(PersonaBarController.Instance.GetMenu(portalSettings, portalSettings.UserInfo).AllItems.Count > 0); } return(isAdmin || isRegular); default: return(false); } }
/// <summary> /// Returns the menu name split by the '/' separator. /// </summary> public string[] GetSplittedMenuName() { return(!string.IsNullOrWhiteSpace(MenuName) ? MenuName.Split(k_Separeters, StringSplitOptions.RemoveEmptyEntries) : Array.Empty <string>()); }