Exemplo n.º 1
0
        public static bool IsAddResultEnable(DatabaseContext dbContext, string userName)
        {
            var role = AuthorizationUtility.GetUserRole(dbContext, userName);

            return(role.Name.ToLower().Equals(nameof(Roles.Admin).ToLower()) ||
                   role.Name.ToLower().Equals(nameof(Roles.SuperAdmin).ToLower()) ||
                   role.Name.ToLower().Equals(nameof(Roles.Auditor).ToLower()));
        }
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            var foundUser = AuthorizationUtility.GetUserFromAuthTable(db, httpContext.User.Identity.Name);

            if (!foundUser.Any())
            {
                return(false);
            }

            if (Roles.IsEmpty())
            {
                return(true);
            }

            var foundUserRole  = AuthorizationUtility.GetUserRole(db, foundUser.First());
            var availableRoles = Roles.Split(',').ToList();

            return(availableRoles.Contains(foundUserRole.Name));
        }