/*
* public static void LoadSecurityAccess()
* {
* using (OGDBEntities db = new OGDBEntities())
* {
* long? ROLE_NO = null;
* List<SET_ROLE_ACTION> per_list = new List<SET_ROLE_ACTION>();
* try
* {
* ROLE_NO = long.Parse(HttpContext.Current.Session["ROLE_NO"].ToString());
* }
* catch (Exception ex)
* {
* }
*
* if (ROLE_NO.HasValue)
* {
* var rd = HttpContext.Current.Request.RequestContext.RouteData;
*
* string controller_name = rd.GetRequiredString("controller").Trim();
* string action_name = rd.GetRequiredString("action").Trim();
*
* per_list = db.SET_ROLE_ACTION.Where(a => (a.ROLE_NO == ROLE_NO.Value)).ToList();
*
* }
* }
* }
*/
private static bool IsAllowed()
{
using (OGDBEntities db = new OGDBEntities())
{
long?ROLE_NO = null;
try
{
ROLE_NO = long.Parse(HttpContext.Current.Session["ROLE_NO"].ToString());
}
catch (Exception ex)
{
}
if (ROLE_NO.HasValue)
{
var rd = HttpContext.Current.Request.RequestContext.RouteData;
string controller_name = rd.GetRequiredString("controller").Trim();
string action_name = rd.GetRequiredString("action").Trim();
SET_ROLE_ACTION per = db.SET_ROLE_ACTION
.Where(a => a.ROLE_NO == ROLE_NO.Value).FirstOrDefault();
}
return(false);
}
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
using (OGDBEntities db = new OGDBEntities())
{
HttpBrowserCapabilitiesBase browser = httpContext.Request.Browser;
string controllerName = httpContext.Request.RequestContext.RouteData.GetRequiredString("controller").Trim();
string actionName = httpContext.Request.RequestContext.RouteData.GetRequiredString("action").Trim();
List <GEN_CONTROLLER_ACTION> public_list = httpContext.Session["sess_PUBLIC_LIST"] as List <GEN_CONTROLLER_ACTION>;
if (public_list == null)
{
public_list = db.GEN_CONTROLLER_ACTION.Where(a => (a.IS_ACTIVE == 1) && (a.IS_PUBLIC == 1)).ToList();
httpContext.Session["sess_PUBLIC_LIST"] = public_list;
}
GEN_CONTROLLER_ACTION public_allow = public_list.Where(a =>
(a.CONTROLLER_NAME.Trim().ToUpper() == controllerName.Trim().ToUpper()) &&
(a.ACTION_NAME.Trim().ToUpper() == actionName.Trim().ToUpper())
).FirstOrDefault();
if (public_allow != null)
{
return(true);
}
SEC_USERS_LOGIN_Result1 user = httpContext.Session["sess_sec_users"] as SEC_USERS_LOGIN_Result1;
if (user != null && user.USER_TYPE_NO == (decimal)EUserTypes.GeneralUser)
{
List <SET_USER_ACTION> perm_list = httpContext.Session["sess_PERMISSION_LIST"] as List <SET_USER_ACTION>;
if (perm_list == null)
{
perm_list = db.SET_USER_ACTION.Include(a => a.GEN_CONTROLLER_ACTION)
.Where(a => a.USER_NO == user.USER_NO).ToList();
httpContext.Session["sess_PERMISSION_LIST"] = perm_list;
}
if ((perm_list == null) || (perm_list.Count == 0))
{
return(false);
}
else
{
SET_USER_ACTION action_allow = perm_list.Where(a =>
(a.GEN_CONTROLLER_ACTION.CONTROLLER_NAME.Trim().ToUpper() == controllerName.Trim().ToUpper()) &&
(a.GEN_CONTROLLER_ACTION.ACTION_NAME.Trim().ToUpper() == actionName.Trim().ToUpper())
/*&& (a.IS_ALLOWED == 1)*/).FirstOrDefault();
if (action_allow != null)
{
return(true);
}
}
}
else
{
List <SET_ROLE_ACTION> perm_list = httpContext.Session["sess_PERMISSION_LIST"] as List <SET_ROLE_ACTION>;
long?role_no = null;
if (httpContext.Session["ROLE_NO"] != null)
{
role_no = long.Parse(httpContext.Session["ROLE_NO"].ToString());
}
if (role_no == null)
{
//userType = (long)UserTypes.Public;
return(false);
}
if (perm_list == null)
{
perm_list = db.SET_ROLE_ACTION.Include(a => a.GEN_CONTROLLER_ACTION)
.Where(a => a.ROLE_NO == role_no).ToList();
httpContext.Session["sess_PERMISSION_LIST"] = perm_list;
}
if ((perm_list == null) || (perm_list.Count == 0))
{
return(false);
}
else
{
SET_ROLE_ACTION action_allow = perm_list.Where(a =>
(a.GEN_CONTROLLER_ACTION.CONTROLLER_NAME.Trim().ToUpper() == controllerName.Trim().ToUpper()) &&
(a.GEN_CONTROLLER_ACTION.ACTION_NAME.Trim().ToUpper() == actionName.Trim().ToUpper())
/*&& (a.IS_ALLOWED == 1)*/).FirstOrDefault();
if (action_allow != null)
{
return(true);
}
}
}
return(base.AuthorizeCore(httpContext));
}
}
