public override void OnActionExecuting(ActionExecutingContext filterContext) { GreenBox_GreenBoxEntities _db = new GreenBox_GreenBoxEntities(); MainUser user = LoginHelper.CurrentUser(); if (!LoginHelper.IsLoggedIn() || _db.Operators.FirstOrDefault(item => item.CategoryID == user.Category) == null || user.Category < 3) { filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden); } base.OnActionExecuting(filterContext); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { GreenBox_GreenBoxEntities _db = new GreenBox_GreenBoxEntities(); if (!LoginHelper.IsLoggedIn()) { filterContext.Result = new RedirectToRouteResult( new RouteValueDictionary{{ "controller", "Account" }, { "action", "Login" } }); } else { MainUser user = (MainUser)LoginHelper.CurrentUser(); var userFromDb = _db.Operators.FirstOrDefault(item => item.OperatorID == user.Id && item.Name == user.Name && item.CategoryID == user.Category); if (userFromDb == null) { filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden); } } base.OnActionExecuting(filterContext); }