protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext) { if (!base.AuthorizeCore(httpContext)) { return(false); } string url = httpContext.Request.Url.AbsolutePath; IDomain domainService = (IDomain)DependencyResolver.Current.GetService(typeof(IDomain)); tbl_AdminMenu menuItem = domainService.GetAdminMenuItemByUrl(url); return(menuItem.tbl_AccessRights.Where(ar => ar.AR_AdminMenuID.HasValue).Any(ar => ar.AR_UserGroupID == (httpContext.User as CustomPrincipal).UserGroupID)); }