//================================= protected override bool AuthorizeCore(HttpContextBase httpContext) { //bool authorize = false; httpContext.Session["HasAnyRole"] = false; if (httpContext.Session["UserCmsInfo"] != null && !string.IsNullOrEmpty((httpContext.Session["UserCmsInfo"] as UserLoginCmsViewModel).UserId.ToString())) { var uId = (httpContext.Session["UserCmsInfo"] as UserLoginCmsViewModel).UserId; var rawUrl = httpContext.Request.RawUrl.Trim().ToLower(); var currentUserAccesses = (from ur in _userRoleService.FetchAll() join u in _userService.FetchAll() on ur.UserId equals u.Id join r in _roleService.FetchAll() on ur.RoleId equals r.Id join ac in _userAccessService.FetchAll() on r.Id equals ac.RoleId into tempAccess from t in tempAccess.DefaultIfEmpty() where ur.UserId == uId select new { Url = t != null ? $"/{t.ControllerName}/{t.ActionName}" : null, RoleId = ur.RoleId }).Distinct().ToList(); if (currentUserAccesses.Count() > 0) { var currentUserRoles = currentUserAccesses.Select(s => s.RoleId).Distinct().ToList(); var strUserRoles = string.Join(",", currentUserRoles).Trim(); if (!string.IsNullOrEmpty(strUserRoles)) { if (strUserRoles.Contains(RoleIds.Admin)) { httpContext.Session["HasAnyRole"] = true; return((bool)httpContext.Session["HasAnyRole"]); } else { if (!string.IsNullOrEmpty(rawUrl)) { var allUrls = currentUserAccesses.Where(w => !string.IsNullOrEmpty(w.Url)).Select(s => s.Url.ToLower()).Distinct().ToList(); foreach (var url in allUrls) { if (rawUrl.Contains(url)) { httpContext.Session["HasAnyRole"] = true; return((bool)httpContext.Session["HasAnyRole"]); } } } } } } } return((bool)httpContext.Session["HasAnyRole"]); }