public static bool AuthorizePage(int UserId, string Url) { DBManager db = new DBManager(); try { string query = @"select top 1 Module_Id,Url from TBL_MODULES_MST where url=@url"; db.CreateParameters(1); db.AddParameters(0, "@url", Url); db.Open(); int ModuleId = (int)db.ExecuteScalar(CommandType.Text, query); BusinessModules Module = (BusinessModules)ModuleId; return(AuthorizeUser(UserId, Module, PermissionTypes.Retrieve)); } catch (Exception ex) { Application.Helper.LogException(ex, "Permissions | AuthorizePage(int UserId,string Url)"); return(false); } }
public static bool AuthorizeUser(int UserId, BusinessModules Module, PermissionTypes PermissionLevel) { DBManager db = new DBManager(); try { db.Open(); string query = @"[dbo].[USP_GET_USER_PERMISSIONS] " + UserId + " , " + (int)Module; DataRow row = db.ExecuteDataSet(System.Data.CommandType.Text, query).Tables[0].Rows[0]; if (Convert.ToBoolean(row["all"])) { return(true); } else { switch (PermissionLevel) { case PermissionTypes.Retrieve: if (Convert.ToBoolean(row["view"])) { return(true); } else { return(false); } case PermissionTypes.Create: if (Convert.ToBoolean(row["create"])) { return(true); } else { return(false); } case PermissionTypes.Update: if (Convert.ToBoolean(row["update"])) { return(true); } else { return(false); } case PermissionTypes.Delete: if (Convert.ToBoolean(row["delete"])) { return(true); } else { return(false); } default: return(false); } } } catch (Exception ex) { Application.Helper.LogException(ex, "Permissions | AuthorizeUser(int UserId,BusinessModules Module,PermissionTypes PermissionLevel)"); return(false); } finally { db.Close(); } }