/// <summary>
/// Core logic for permissions-based security checks
/// </summary>
/// <param name="httpContext">Current HttpContextBase instance</param>
/// <returns>True if they have the permission, false otherwise (or if the permission doesn't exist)</returns>
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
//var isAuthorized = base.AuthorizeCore(httpContext);
//if (!isAuthorized)
//{
// return false;
//}
return(PermsChecker.HasPermission(this.Permissions));
}
/// <summary>
/// Core logic for permissions-based security checks
/// </summary>
/// <param name="httpContext">Current HttpContextBase instance</param>
/// <returns>True if they have the permission, false otherwise (or if the permission doesn't exist)</returns>
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var isAuthorized = base.AuthorizeCore(httpContext);
if (!isAuthorized)
{
return(false);
}
return(PermsChecker.HasPermission(this.Permissions));
}
/// <summary>
/// Validates that the current user has permisson
/// </summary>
/// <param name="actionContext"></param>
/// <returns></returns>
protected override bool IsAuthorized(System.Web.Http.Controllers.HttpActionContext actionContext)
{
return(PermsChecker.HasPermission(this.Permissions));
}
