public override void OnAuthorization(AuthorizationContext filterContext) { base.OnAuthorization(filterContext); if (filterContext == null) { FormsAuthentication.SignOut(); filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary( new { controller = "Auth", action = "Authenticate" })); return; } PmcsUserPrincipal user = filterContext.HttpContext.User as PmcsUserPrincipal; if (user == null) { FormsAuthentication.SignOut(); filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary( new { controller = "Auth", action = "Authenticate" })); return; } if (!user.Identity.IsAuthenticated) { FormsAuthentication.SignOut(); filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary( new { controller = "Auth", action = "Authenticate" })); return; } }
public override void OnAuthorization(AuthorizationContext filterContext) { base.OnAuthorization(filterContext); if (filterContext != null) { PmcsUserPrincipal user = filterContext.HttpContext.User as PmcsUserPrincipal; if (filterContext.HttpContext.User == null || !filterContext.HttpContext.User.Identity.IsAuthenticated) { FormsAuthentication.SignOut(); filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary( new { controller = "Auth", action = "index" })); } if (!filterContext.HttpContext.User.Identity.IsAuthenticated) { FormsAuthentication.SignOut(); filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary( new { controller = "Auth", action = "index" })); } //if(filterContext.HttpContext.User != null // && !((PmcsUserPrincipal)filterContext.HttpContext.User).IsAdministrator) //{ //} } }
public override void OnAuthorization(AuthorizationContext filterContext) { base.OnAuthorization(filterContext); if (filterContext == null) { filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { controller = "StatusCodes", action = "NotAuthorized401" })); } if (filterContext.HttpContext.User == null) { filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { controller = "StatusCodes", action = "NotAuthorized401" })); } if (!filterContext.HttpContext.User.Identity.IsAuthenticated) { filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { controller = "StatusCodes", action = "NotAuthorized401" })); } var actionName = filterContext.ActionDescriptor.ActionName; var controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; PmcsUserPrincipal principal = filterContext.HttpContext.User as PmcsUserPrincipal; var sheet = authService.GetUserMappingsSheet(principal.UserId); bool canAccess; if (principal.IsAdministrator) { canAccess = true; } else { canAccess = UserRoleViewAccessAuthenticator.CanAccessResource(modulesService, rolesService, authService, sheet, controllerName, actionName); } if (actionName.ToLower() == "dashboard" && controllerName.ToLower() == "dashboards") { canAccess = true; } if (!canAccess) { filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { controller = "StatusCodes", action = "NotAuthorized401" })); } }