public override void OnAuthorization(AuthorizationContext filterContext)
{
string reqPremission = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
if (!HttpContext.Current.Request.IsAuthenticated)
{
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary {
{ "action", "Index" },
{ "controller", "Unauthorised" },
{ "errorText", "User is not Authenticated" }
});
}
else
{
CustomPrincipal cp = HttpContext.Current.User as CustomPrincipal;
if (cp == null || !cp.HasControllerPermission(reqPremission))
{
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary {
{ "action", "Index" },
{ "controller", "Unauthorised" },
{ "errorText", "User is not Authorized" }
});
}
}
}