public ActionResult Permissions(long id) { var user = _service.UserRepository.Asset(id).Include(x => x.OperatorInfo).FirstOrDefault(); var p = _service.GetOperatorPermissions(id); ViewBag.LayoutMenuList = OptPermission.LayoutMenu(Url).WhereNested(x => !x.Execlude); ViewBag.Operator = user; var model = Mapper.Map <List <MenuPermissionViewModel> >(p); return(View(model)); }
protected override void OnActionExecuting(ActionExecutingContext filterContext) { if (!filterContext.HttpContext.Request.IsAjaxRequest()) { var requestInfo = _userService.RequestInfo; var allMenus = OptPermission.LayoutMenu(Url).WhereNested(x => !x.Hide); var allowedMenus = allMenus; if (requestInfo.IsOperator) { var permissions = GetOperatorPermissions(requestInfo.UserId); var menuPermissions = permissions.Select(x => x.MenuId); ViewBag.OperatorPermission = permissions; allowedMenus = allMenus.WhereNested(x => menuPermissions.Contains(x.Key) || x.Execlude).ToList(); } ViewBag.AllowedMenus = allowedMenus; } ViewBag.RequestInfo = _userService.RequestInfo; base.OnActionExecuting(filterContext); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { var requestInfo = _userService.RequestInfo; if (!requestInfo.IsOperator || AttributeHelper.Has <IgnorePermissionAttribute>(filterContext)) { base.OnActionExecuting(filterContext); return; } var baseUrl = filterContext.GetBaseUrl().Url.ToLower(); var urlHelper = new UrlHelper(filterContext.RequestContext); //Get all url that limited as permission. var allMenus = OptPermission.LayoutMenu(urlHelper); //Detect if request url was limited by permission or not. var menu = allMenus.FirstNested(x => x.HasUrl(baseUrl)); var passed = true; if (menu != null) { //Get operator permission. var menuPermissions = GetOperatorPermission(requestInfo.UserId); //Find Menu with same key. var letMe = menuPermissions.FirstOrDefault(x => x.MenuId == menu.Key); if (letMe == null) { passed = false; } else { if (menu.EditUrl.Eq(baseUrl) && (menu.EditUrl.Eq(menu.AddUrl) || IsUpdate(filterContext)) && !letMe.Edit || menu.AddUrl.Eq(baseUrl) && !letMe.Add || menu.DeleteUrl.Eq(baseUrl) && !letMe.Delete) { passed = false; } } } //Check operator has permission. if (passed) { base.OnActionExecuting(filterContext); } else { if (filterContext.HttpContext.Request.IsAjaxRequest()) { filterContext.Result = new JsonResult { Data = new AjaxResult("شما دسترسی لازم جهت انجام این عملیات را ندارید."), JsonRequestBehavior = JsonRequestBehavior.AllowGet } } ; else { filterContext.RouteData.Values["controller"] = "Home"; filterContext.RouteData.Values["action"] = "Index"; filterContext.Controller.TempData["Msg"] = "شما دسترسی لازم جهت انجام این عملیات را ندارید"; filterContext.Controller.ViewData.Model = new DashboardViewModel(); } } }