public override void OnAuthorization(AuthorizationContext filterContext) { AuthorizeDbContext _db = new AuthorizeDbContext(); var userlogged = Exts.UserLogged(); //List<string> permission = new List<string> { "Product-Index"}; var permission = _db.Permission.Single(i => i.RoleId == userlogged.RoleId).ListPermission.Split(';'); string currentControllerAction = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName + "-" + filterContext.ActionDescriptor.ActionName; if (!permission.Contains(currentControllerAction)) { filterContext.Result = new RedirectResult("~/Account/AccessDenied"); } }
public static User UserLogged() { AuthorizeDbContext _db = new AuthorizeDbContext(); return(_db.User.Single(i => i.Username == HttpContext.Current.User.Identity.Name)); }