public override void OnActionExecuting(ActionExecutingContext context) { this.userService = context.HttpContext.RequestServices.GetService(typeof(IUserService)) as IUserService; this.roleUserService = context.HttpContext.RequestServices.GetService(typeof(IRoleUserService)) as IRoleUserService; this.requestService = context.HttpContext.RequestServices.GetService(typeof(IRequestService)) as IRequestService; this.roleRequestService = context.HttpContext.RequestServices.GetService(typeof(IRoleRequestService)) as IRoleRequestService; string controller = context.RouteData.Values["controller"].ToString(); string action = context.RouteData.Values["action"].ToString(); string loggedInUserIdCookie = context.HttpContext.Request.Cookies[CookieKeys.LoggedInUserId]; var loggedInUserId = string.IsNullOrEmpty(loggedInUserIdCookie) ? Guid.Empty : Guid.Parse(loggedInUserIdCookie); context.HttpContext.Response.Cookies.Append(CookieKeys.LoggedInUserId, loggedInUserId.ToString()); var roleUsers = this.roleUserService.GetMany(ru => ru.UserId == loggedInUserId); var request = this.requestService.Get(r => r.Action.Equals(action) && r.Controller.Equals(controller)); var roleRequests = request == null ? new List <RoleRequest>() : this.roleRequestService.GetMany(rr => rr.RequestId == request.Id); bool isAuthorized = false; IList <Guid> userRoleIds = new List <Guid>(roleUsers.Count + 1); //+1 for guest roleId userRoleIds.Add(Guid.Empty); // add guest roleId foreach (var roleUser in roleUsers) { userRoleIds.Add(roleUser.RoleId); } foreach (var roleRequest in roleRequests) { if (userRoleIds.Contains(roleRequest.RoleId)) { isAuthorized = true; break; } } if (isAuthorized == false) { //context.HttpContext.Response.Redirect("/Account/Login"); // Prevent the action from actually being executed context.Result = new RedirectResult("/Account/Login?returnUrl=/" + controller + "/" + action); } base.OnActionExecuting(context); }
public RequestsController(IRequestService requestService, IRoleRequestService roleRequestService, IRoleService roleService) { this.requestService = requestService; this.roleRequestService = roleRequestService; this.roleService = roleService; }