public override void OnActionExecuting(ActionExecutingContext filterContext) { if (filterContext.HttpContext.User.Identity.IsAuthenticated == true) { var userId = filterContext.HttpContext.User.Identity.GetUserId(); var service = new RightService(); bool tran = false; if (!service.IsUserHasRightById(userId, Right)) { tran = true; } if (service.IsUserHasRightById(userId, "Admin right")) { tran = false; } if (tran) { filterContext.Result = new RedirectResult("/Home/NotAuthorized"); } } else { filterContext.Result = new RedirectResult("/Account/NotAuthorized"); } base.OnActionExecuting(filterContext); }
/// <summary> /// Check user has certain right /// </summary> /// <param name="right"></param> /// <param name="userId"></param> /// <returns></returns> public static bool IsHasRihgt(string right, string userId) { var service = new RightService(); if (service.IsUserHasRightById(userId, "Admin right")) { return(true); } return(service.IsUserHasRightById(userId, right)); }