public CustomAuthorizeAttribute(params string[] roleKeys) { var currentUserId = HttpContext.Current.User.Identity.GetUserId <int>(); //if (currentUserId > 0) //{ POSEntities db = new POSEntities(); var userRoles = db.GetUserRoleByUserId(currentUserId).Select(p => p.RoleId).ToArray(); //var userCustomRoles = db.GetPermissionsByUserId(currentUserId).Select(p => new { Name = p.Permission, Role = p.Role }); var userCustomRoles = from ma in db.MenuAccesses join m in db.Menus on ma.MenuId equals m.Id into p from subP in p.DefaultIfEmpty() join anr in db.AspNetRoles on ma.RoleId equals anr.Id into r from subr in r.DefaultIfEmpty() select new { Name = subP.Name, Role = ma.HasAccess_YN == true ? subr.Name : "None" }; NameValueCollection allRoles = new NameValueCollection(); var roles = new List <string>(); foreach (var item in userCustomRoles) { allRoles.Add(item.Name, item.Role); } foreach (var roleKey in roleKeys) { // if (allRoles[roleKey] != null) roles.AddRange(allRoles[roleKey].Split(new[] { ',' })); } roles.Add(ConfigurationManager.AppSettings["SuperAdmin"]); Roles = string.Join(",", roles); // } }