public override void OnBeforeExecute(object requestDto)
{
var webeasRepositoryBase = (IRepositoryBase)repository;
webeasRepositoryBase.Session = SessionAs <IWebEasSession>();
((RepositoryBase)Repository).SetRequestEsamDbContext(requestDto as IEsamDbSession, Request.GetHeader("EsamDb"));
if (HostContext.ServiceName != "pfe" && requestDto.GetType().Name != "NotifyPersonDataChangeDto" && requestDto.GetType().Name != "LongOperationListDto")
{
if (requestDto.GetType().HasAttribute <RouteAttribute>())
{
var rootNode = webeasRepositoryBase.RenderModuleRootNode;
var routeUrl = requestDto.GetType().FirstAttribute <RouteAttribute>().Path;
var usernoderights = webeasRepositoryBase.GetUserTreeRights(webeasRepositoryBase.Code);
var hierarchyNodesWithUrl = rootNode.Children.RecursiveSelect(w => w.Children).Where(x => x.Actions.Any(z => z.Url != null && z.Url.Contains(routeUrl)));
//kontrola na akciu
foreach (var node in hierarchyNodesWithUrl)
{
var userTreeRight = usernoderights.FirstOrDefault(r => r.Kod == RepairNodeKey(node.KodPolozky));
if (node.GeneratedNode)
{
}
foreach (NodeAction act in node.Actions.Where(z => z.Url != null && z.Url.Contains(routeUrl)))
{
if (act.ActionType is NodeActionType.MenuButtonsAll)
{
act.MenuButtons.ForEach((x) => {
if (!HierarchyNode.HasRolePrivileges(x, userTreeRight))
{
throw new WebEasUnauthorizedAccessException();
}
});
}
else
{
if (!HierarchyNode.HasRolePrivileges(act, userTreeRight))
{
throw new WebEasUnauthorizedAccessException();
}
}
}
}
// kontrola na ListDto
if (requestDto.GetType().HasInterface(typeof(IListDto)))
{
var kodPolozky = ((IListDto)requestDto).KodPolozky;
var cleanKodPolozky = RepairNodeKey(kodPolozky);
var userTreeRight = usernoderights.FirstOrDefault(r => r.Kod == cleanKodPolozky);
if (userTreeRight == null || userTreeRight.Pravo == 0)
{
var node = rootNode.Find(kodPolozky);
if (node == null || !node.GeneratedNode || !HasParentPermissionForGeneratedNode(node, usernoderights))
{
throw new WebEasUnauthorizedAccessException();
}
}
}
// kontrola na ListComboDto
if (requestDto.GetType().HasInterface(typeof(IListComboDto)))
{
var kodPolozky = ((IListComboDto)requestDto).KodPolozky;
var cleanKodPolozky = RepairNodeKey(kodPolozky);
var userTreeRight = usernoderights.FirstOrDefault(r => r.Kod == cleanKodPolozky);
if (userTreeRight == null || userTreeRight.Pravo == 0)
{
var node = rootNode.Find(kodPolozky);
if (node == null || !node.GeneratedNode || !HasParentPermissionForGeneratedNode(node, usernoderights))
{
throw new WebEasUnauthorizedAccessException();
}
}
}
}
}
base.OnBeforeExecute(requestDto);
}
