public void OnAuthorization(AuthorizationFilterContext context)
        {
            var userId = int.Parse(context.HttpContext.Request.Headers["userId"][0]);

            // assume from the database for user with [userId]:
            Models.InformationRequestDto informationRequestDto = new Models.InformationRequestDto()
            {
                AccessLevel = Enumerations.AccessLevel.Unknown,
                StartTime   = new DateTime(2000, 1, 1),
                EndTime     = new DateTime(3000, 12, 1), //or new DateTime(2000, 12, 1) for a different result
            };
            DateTime currentDate    = DateTime.Now;
            bool     isEligibleDate = currentDate >= informationRequestDto.StartTime || currentDate <= informationRequestDto.EndTime;
            var      auth           = int.Parse(context.HttpContext.Request.Headers["auth"][0]);

            if (auth != (int)ApprovalStatus.Approved || !isEligibleDate)
            {
                context.Result = new JsonResult(
                    new
                {
                    Message     = "You do not have permissions/The admin doesn't yet approve your request/requests",
                    RequestsIds = new[] { 1, 4, 7 },            // assume from the database, after checking..
                });
            }
        }
Пример #2
0
        public void OnActionExecuted(ActionExecutedContext context)
        {
            // Do something after the action executes.
            // assume from the database:
            Models.InformationRequestDto informationRequestDto = new Models.InformationRequestDto()
            {
                AccessLevel = Enumerations.AccessLevel.Unknown,
                StartTime   = new DateTime(2000, 1, 1),
                EndTime     = new DateTime(2000, 12, 1), //or new DateTime(3000, 12, 1) for a different result
            };
            var myResult      = (OkObjectResult)context.Result;
            var doctorDtoList = (IEnumerable <DoctorDto>)myResult.Value;
            var network       = int.Parse(context.HttpContext.Request.Headers["network"][0]);

            if (network == (int)NetworkType.Internal && informationRequestDto.AccessLevel != AccessLevel.Redacted)
            {
                foreach (var doctor in doctorDtoList)
                {
                    doctor.DoctorName = "Redacted";
                }
            }
        }