protected override bool IsAuthorized(HttpActionContext actionContext)
{
var claims = ClaimsPrincipal.Current.Claims;
if (!claims.Any())
{
return(false);
}
Claim claim = claims.Where(o => o.Type == ClaimTypes.System).FirstOrDefault();
if (claim == null)
{
return(false);
}
//[TokenAuthorize(Users = "Admin")]
if (!string.IsNullOrEmpty(Users))
{
//TODO
}
//[TokenAuthorize(Roles = "Edit")]
if (string.IsNullOrEmpty(Roles))
{
//TODO
}
if (EnumHelper.ToEnum <SiteType>(claim.Value) == SiteType.Admin)
{
AdminNavigationHelper helper = new AdminNavigationHelper();
if (!helper.IsValidAjaxRequest(actionContext.Request.RequestUri.AbsolutePath))
{
_IsNoPermissionToAccess = true;
return(false);
}
}
return(base.IsAuthorized(actionContext));
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (!httpContext.Request.RequestContext.RouteData.DataTokens.Keys.Contains("area"))
{
return(true);
}
_Area = httpContext.Request.RequestContext.RouteData.DataTokens["area"].ToString();
SessionHelper session = TypeHelper.GetInstance <SessionHelper>(_Area);
if (session == null)
{
return(true);
}
_LoginUri = session.LoginUri;
if (session.IsNullSession())
{
return(false);
}
if (httpContext.Request.IsAjaxRequest())
{
if (_Area == SiteType.Admin.ToString())
{
AdminNavigationHelper helper = new AdminNavigationHelper();
if (!helper.IsValidAjaxRequest(httpContext.Request.Url.AbsolutePath))
{
_IsNoPermissionToAccess = true;
return(false);
}
}
}
return(true);
}