public override void OnActionExecuting(ActionExecutingContext filterContext) { UserProfileSessionData UserProfile = (UserProfileSessionData)HttpContext.Current.Session["UserProfile"]; string UserName = UserProfile.UserName; int UserId = UserProfile.UserId; UrlSessionData CurrentUrl = (UrlSessionData)HttpContext.Current.Session["CurrentUrl"]; string ActionName = HttpContext.Current.Request.RequestContext.RouteData.Values["action"].ToString(); string ControllerName = HttpContext.Current.Request.RequestContext.RouteData.Values["controller"].ToString() + "Controller"; AccessRightsRepository uar = new AccessRightsRepository(); string ControllerDescription = EnumService.GetControllerDescription(ControllerName); string ActionDescription = EnumService.GetActionDescription(ControllerName, ActionName); bool uacresult = uar.UserAccessCheck(UserId, ControllerName, ActionName); if (UserName.ToLower() != "admin" && !uacresult && ControllerName != ControllerDescription && ActionDescription != null) { string RedirectUrl = "/Home/AccessRightsError?CName=" + CurrentUrl.Controller + "&AName=" + CurrentUrl.Action; //filterContext.HttpContext.Response.Redirect(RedirectUrl,false); filterContext.Result = new RedirectToRouteResult("Error_Deafult", new RouteValueDictionary(new { controller = "Home", action = "AccessRightsError", CName = CurrentUrl.Controller, AName = CurrentUrl.Action })); } else { CurrentUrl.Controller = ControllerName.Substring(0, ControllerName.IndexOf("Controller")); CurrentUrl.Action = ActionName; HttpContext.Current.Session["CurrentUrl"] = CurrentUrl; base.OnActionExecuting(filterContext); } }
public ActionResult Login(UserVM uvm) { if (ModelState.IsValid) { string IPAddress = GetIPAddress(); LoginRepository repository = new LoginRepository(); DataOperations dataOperation = new DataOperations(); string result = repository.DoLogin(uvm.UserName, EncodeAndDecode.Base64Encode(uvm.Password), IPAddress); if (result == "Uğurlu") { tbl_User userObj = dataOperation.GetUserByUserName(uvm.UserName); tbl_Employee employeeObj = dataOperation.GetEmployeeById(userObj.EmployeeID == null ? 0 : (Int64)userObj.EmployeeID); UserProfile = new UserProfileSessionData() { UserId = userObj.ID, EmployeeID = employeeObj.ID, UserName = userObj.UserName, FirstName = employeeObj.FirstName, LastName = employeeObj.LastName, }; this.Session["UserProfile"] = UserProfile; UrlSessionData CurrentUrl = new UrlSessionData { Controller = "Home", Action = "Index" }; this.Session["CurrentUrl"] = CurrentUrl; return(RedirectToAction("Index", "Home")); } else if (result == "İstifadəçi adı tapılmadı") { ViewBag.NotValidUser = result; } else { ViewBag.Failedcount = result; } return(View("Index")); } else { return(View("Index", uvm)); } }