public void OnAuthorization(AuthorizationContext context) { string sessionId = HttpContext.Current.Request["sessionId"]; Employee e = EmployeeService.GetUserBySessionId(sessionId); string userRole = e.EmpRole; string displayRole = e.EmpDisplayRole; bool between = DelegateService.CheckDate(e.DeptId); bool after = DelegateService.AfterDate(e.DeptId); bool delegated = false; if (between && !after) { delegated = true; } if (!EmployeeService.IsActiveSessionId(sessionId)) { context.Result = new RedirectToRouteResult( new RouteValueDictionary { { "controller", "Home" }, { "action", "Login" } } ); } else if ((!(userRole == "HEAD" && displayRole == "HEAD" && !delegated)) && (!(userRole == "HEAD" && displayRole == "EMPLOYEE" && delegated))) { context.Result = new RedirectToRouteResult( new RouteValueDictionary { { "controller", "Home" }, { "action", "NotAuthorised" } } ); } else if (userRole != "HEAD") { context.Result = new RedirectToRouteResult( new RouteValueDictionary { { "controller", "Home" }, { "action", "NotAuthorised" } } ); } }
public ActionResult All(string sessionid) { if (sessionid == null) { RedirectToAction("Login"); } // for login employee sessin data Employee emp = EmployeeService.GetUserBySessionId(sessionid); string empRole = emp.EmpRole; string userName = emp.UserName; string empDisplayRole = emp.EmpDisplayRole; if (empRole == "STORE_CLERK" || empRole == "STORE_SUPERVISOR" || empRole == "STORE_MANAGER") { ViewData["userName"] = userName; ViewData["sessionId"] = sessionid; return(View("~/Views/StoreLandingPage/Home.cshtml")); } else if ((empRole == "EMPLOYEE" || empRole == "REPRESENTATIVE") && (empDisplayRole != "HEAD")) { return(RedirectToAction("NewRequisition", "Requisition", new { sessionId = sessionid })); } //else if ((empRole=="HEAD" && empDisplayRole=="HEAD")) //{ // return RedirectToAction("GetPendingRequisitions","Requisition",new { sessionId=sessionid}); //} else if ((empRole == "HEAD" && empDisplayRole == "HEAD")) { bool between = DelegateService.CheckDate(emp.DeptId); bool after = DelegateService.AfterDate(emp.DeptId); if (between && !after) { return(RedirectToAction("ViewDelegate", "Delegate", new { sessionId = sessionid })); } else if (!between && !after) { return(RedirectToAction("GetPendingRequisitions", "Requisition", new { sessionId = sessionid })); } else if (!between && after) { DelegateService.DelegateToPreviousHead(emp.DeptId); return(RedirectToAction("GetPendingRequisitions", "Requisition", new { sessionId = sessionid })); } else { return(RedirectToAction("GetPendingRequisitions", "Requisition", new { sessionId = sessionid })); } } else if ((empRole == "HEAD" && empDisplayRole == "EMPLOYEE")) { bool between = DelegateService.CheckDate(emp.DeptId); bool after = DelegateService.AfterDate(emp.DeptId); if (between && !after) { return(RedirectToAction("GetPendingRequisitions", "Requisition", new { sessionId = sessionid })); } else if (!between && !after) { return(RedirectToAction("NewRequisition", "Requisition", new { sessionId = sessionid })); } else if (!between && after) { DelegateService.DelegateToPreviousHead(emp.DeptId); return(RedirectToAction("NewRequisition", "Requisition", new { sessionId = sessionid })); } else { return(RedirectToAction("NewRequisition", "Requisition", new { sessionId = sessionid })); } } else { ViewData["userName"] = userName; ViewData["sessionId"] = sessionid; return(null); //For departments' head landing page } }