public static bool IsPermitted(FunctionSecurityContext fsc)
{
bool Ret = false;
if (null != fsc)
{
FunctionPermissionList fpl = LoadUserPermissionsEx(LoginToken.LoginUser.ID, fsc.ObjectName);
FunctionPermission fp = fpl[fsc.FunctionName];
if (null != fp)
{
if (EnumPermission.Allow == fp.Permission)
{
if (fp.Restricted && 0 != fsc.ObjectID)
{
Ret = (fsc.OwnerID == LoginToken.LoginUser.ID);
}
else
{
Ret = true; // function not restricted, or no specific object
}
}
}
else
{
Ret = true; // function is not secured
}
}
else
{
Ret = true; // no secuirty context
}
return(Ret);
}
public static void VerifyPermission(FunctionSecurityContext fsc)
{
if (!IsPermitted(fsc))
{
Navigate(fsc.FunctionName, fsc.ObjectName, fsc.ObjectID.ToString());
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
string ObjectName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
FunctionSecurityContext fsc = new FunctionSecurityContext(Functions.FunctionName_Browse, ObjectName, 0);
if (!BypassSecurity)
{
PermissionHelper.VerifyPermission(fsc);
}
base.OnActionExecuting(filterContext);
}
