/// <summary> /// This method calls the data factory(middle-tier) to retrieve data from the DataBase. /// It loads the model with the data returned and passes it to the partial view for rendering. /// </summary> /// <returns>CodeSampleEmployeeView.cshtml</returns> public ActionResult CodeSampleEmployeeView() { //CHECK IF USER HAS ACCESS BY CALLING THE SECURITY CHECK METHOD BELOW. //------------------------------------------------------------------------------------------------------- if (SecurityCheck() == false) { return(Content("<script type='text/javascript'>window.opener='blah';window.close();</script>")); } //------------------------------------------------------------------------------------------------------- //create an instace of CodeSampleEmployeeModel class CodeSampleEmployeeModel CodeSampleEmployeeModel = new CodeSampleEmployeeModel(); //Build the reference to the datafactory (middle-tier) getdata class SampleDataFactory.GetData GD = new SampleDataFactory.GetData(); //call middle-tier get data method and load model with data returned CodeSampleEmployeeModel.GetCodeSampleList = GD.GetCodeSampleList(); //get a count of the records returned. ViewBag.count = CodeSampleEmployeeModel.GetCodeSampleList.Count; //If no records are returned,notify user. if (ViewBag.count == 0) { ViewBag.ShowMessage = "No results found"; } return(PartialView("~/Views/CodeSample/CodeSampleEmployeeView.cshtml", CodeSampleEmployeeModel)); }
/// <summary> /// /// This routine makes sure that any calls to this controller from the outside world came from a legitimate users, and not some hacker sending random requests. /// </summary> /// <returns></returns> public bool SecurityCheck() { bool pass = true; string currentUser = User.Identity.Name; currentUser = currentUser.ToLower().Replace("companyname\\", ""); //This method will be called by every method that returns a partialview. If a false value is returned, // access to that view will be denied. if (System.Configuration.ConfigurationManager.AppSettings["websiteSecurity"] == "TRUE") { SampleDataFactory.GetData SampleDFGetData = new SampleDataFactory.GetData(); if (SampleDFGetData.CheckuserSecurityAccess(currentUser) == "false") { pass = false; } } return(pass); }