public bool IsUserAuthorized(int userId, byte moduleId, int[] functionIds)
{
using (AuthenticationDemoEntities dbContext = new AuthenticationDemoEntities())
{
try
{
var user = dbContext.Users
.Include("AccessToModuleFunctions")
.Include("Role")
.Include("AccessToModuleFunctions.ModulesFunctions")
.Include("AccessToModuleFunctions.ModulesFunctions.Module")
.Include("AccessToModuleFunctions.ModulesFunctions.Function")
.Include("Role.AccessToModuleFunctions")
.Include("Role.AccessToModuleFunctions.ModulesFunctions")
.Include("Role.AccessToModuleFunctions.ModulesFunctions.Module")
.Include("Role.AccessToModuleFunctions.ModulesFunctions.Function")
.FirstOrDefault(usr => usr.ID == userId);
if (user == null)
return false;
IEnumerable<AccessToModuleFunctions> userModFuncs = user.AccessToModuleFunctions
.Where(modFunc => modFunc.ModulesFunctions.Module.ID == moduleId
&& functionIds.Contains((int)modFunc.ModulesFunctions.Function.ID));
if (userModFuncs.Count() == 0)
userModFuncs = user.Role.AccessToModuleFunctions
.Where(modFunc => modFunc.ModulesFunctions.Module.ID == moduleId
&& functionIds.Contains((int)modFunc.ModulesFunctions.Function.ID));
if (userModFuncs.Count() == 0)
return false;
bool hasAccess = true;
foreach (var usrModFunc in userModFuncs)
{
hasAccess = usrModFunc.HasAccess ?? false;
if (!hasAccess)
break;
}
return hasAccess;
}
catch (Exception e)
{
throw e;
}
}
}
private AccessToModuleFunctions GetAccessByRoleModuleFunciton(int roleId, byte moduleId, long functionId)
{
using (AuthenticationDemoEntities dbContext = new AuthenticationDemoEntities())
{
try
{
return dbContext.AccessToModuleFunctions
.FirstOrDefault(urmf => urmf.Role.ID == roleId && urmf.ModulesFunctions.Module.ID == moduleId
&& urmf.ModulesFunctions.Function.ID == functionId);
}
catch (Exception ex)
{
throw ex;
}
}
}
private bool HasUserAccessToModule(int userId, byte moduleId)
{
using (AuthenticationDemoEntities dbContext = new AuthenticationDemoEntities())
{
try
{
int functionId = Convert.ToInt32(Functions.Access);
Users user = dbContext.Users
.Include("AccessToModuleFunctions")
.Include("Role")
.Include("AccessToModuleFunctions.ModulesFunctions")
.Include("AccessToModuleFunctions.ModulesFunctions.Module")
.Include("AccessToModuleFunctions.ModulesFunctions.Function")
.FirstOrDefault(usr => usr.ID == userId);
if (user == null)
return false;
AccessToModuleFunctions userFunc = user.AccessToModuleFunctions
.SingleOrDefault(modFunc => modFunc.ModulesFunctions.Function.ID == functionId
&& modFunc.ModulesFunctions.Module.ID == moduleId);
if (userFunc == null)
{
if (user.Role == null)
return false;
userFunc = GetAccessByRoleModuleFunciton(user.Role.ID, moduleId, (long)Functions.Access);
if (userFunc == null)
return false;
}
return userFunc.HasAccess ?? false;
}
catch (Exception e)
{
throw e;
}
}
}
private bool Login(string username, string pass)
{
if (username == null)
throw new ArgumentNullException("userName");
if (username == string.Empty)
throw new ArgumentException("userName");
if (pass == null)
throw new ArgumentNullException("password");
if (pass == string.Empty)
throw new ArgumentException("password");
using (AuthenticationDemoEntities dbContext = new AuthenticationDemoEntities())
{
var strDBHash = string.Empty;
var strDBSalt = string.Empty;
var logonUser = dbContext.Users.FirstOrDefault(user => user.UserName.Equals( username));
if (logonUser == null) return false;
strDBSalt = logonUser.Salt;
WebSecurity.HashWithSalt(pass, ref strDBSalt, out strDBHash);
if (strDBHash != logonUser.Hash) return false;
}
return true;
}
private Users GetUserByUserName(string username)
{
using (AuthenticationDemoEntities dbContext = new AuthenticationDemoEntities())
{
var logonUser = dbContext.Users.FirstOrDefault(user => user.UserName.Equals(username));
if (logonUser == null) return null;
return logonUser;
}
}