/// <summary> /// Core logic for permissions-based security checks /// </summary> /// <param name="httpContext">Current HttpContextBase instance</param> /// <returns>True if they have the permission, false otherwise (or if the permission doesn't exist)</returns> protected override bool AuthorizeCore(HttpContextBase httpContext) { //var isAuthorized = base.AuthorizeCore(httpContext); //if (!isAuthorized) //{ // return false; //} return(PermsChecker.HasPermission(this.Permissions)); }
/// <summary> /// Core logic for permissions-based security checks /// </summary> /// <param name="httpContext">Current HttpContextBase instance</param> /// <returns>True if they have the permission, false otherwise (or if the permission doesn't exist)</returns> protected override bool AuthorizeCore(HttpContextBase httpContext) { var isAuthorized = base.AuthorizeCore(httpContext); if (!isAuthorized) { return(false); } return(PermsChecker.HasPermission(this.Permissions)); }
/// <summary> /// Validates that the current user has permisson /// </summary> /// <param name="actionContext"></param> /// <returns></returns> protected override bool IsAuthorized(System.Web.Http.Controllers.HttpActionContext actionContext) { return(PermsChecker.HasPermission(this.Permissions)); }