示例#1
0
        //----------------------------
        // handling error and authentication every url
        //---------------------------

        //
        // Summary:
        //     Called before the action method is invoked.
        //
        // Parameters:
        //   filterContext:
        //     Information about the current request and action.
        protected override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            //untuk sementara datanya di tembak nanti kalo sudah jalan ini di nonactive kan
            //------------------------------------------------------
            Session["userId"] = 1;

            Session["userName"] = "******";

            Session["roleName"] = "Administrator";

            Session["isAdmin"] = "Y";

            Session["branchCode"] = "105";

            Session["branchName"] = "NCD";

            Session["IsPassExpired"] = "N";
            //------------------------------------------------------

            String controler = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
            String action    = filterContext.ActionDescriptor.ActionName;

            String errorMassage = "";

            if ((controler == "_Alert") && (action == "AjaxAlert"))
            {
                return;
            }

            if (Session["userName"] == null)
            {
                if (filterContext.HttpContext.Request.IsAjaxRequest())
                {
                    errorMassage = "[VALIDATION] Session not exists (Ajax)";

                    if (controler != "_Alert")
                    {
                        throw new Exception(errorMassage);
                    }
                }
                else
                {
                    //Action("Detail", "Login");

                    var urlHelper = new UrlHelper(filterContext.RequestContext);

                    var redirectUrl = urlHelper.Action("Detail", "Login");

                    filterContext.Result = new RedirectResult(redirectUrl);
                    //base.OnActionExecuting(filterContext);
                    return;
                }
            }
            else
            {
                if (Session["IsPassExpired"] == "Y")
                {
                    if (controler.ToLower() == "changepassword")
                    {
                    }
                    else
                    {
                        errorMassage = "[VALIDATION] tidak punya akses kesini : Pass expired";
                        throw new Exception(errorMassage);
                    }
                }
                else if (Session["isAdmin"] == "Y")
                {
                }
                else
                {
                    if (action.ToLower() == "checklayout")
                    {
                        if (!GeneralGetList.GetAuthAction((int)Session["userId"], controler + "/" + "Print"))
                        {
                            errorMassage = "[VALIDATION] tidak punya akses kesini";
                            throw new Exception(errorMassage);
                        }
                    }

                    else if (action.ToLower() == "layout")
                    {
                        int Layout_Id = int.Parse(Request["Layout_Id"]);
                        if (!Rpt.GetAuthLayout((int)Session["userId"], Layout_Id))
                        {
                            errorMassage = "[VALIDATION] tidak punya akses kesini : layout tidak di temukan";
                            throw new Exception(errorMassage);
                        }
                    }

                    else if ((action.ToLower() == "print") && (controler.ToLower() == "reportcustom"))
                    {
                        int Report_Id = int.Parse(Request["Report_Id"]);

                        if (!Rpt.GetAuthreport((int)Session["userId"], Report_Id))
                        {
                            errorMassage = "[VALIDATION] tidak punya akses kesini : report tidak di temukan";
                            throw new Exception(errorMassage);
                        }
                    }


                    string[] arrAction = { "detail", "won", "lose", "add", "update", "post", "cancel", "close", "bsclose", "paid", "process", "reject", "sendemailtoreqestor", "p2", "p3", "finish", "duplicate", "revision", "reopen", "readytosell", "stoptosell", "checkmice", "checkpassport", "checkvisa", "checktelex", "done", "send", "cancelafterupload" };

                    string[] arrControlerAttachment = { "miceinquiry" };

                    string[] arrActionAttachment = { "attachment_upload", "attachment_download", "tabattachmenteditmodesdeletepartial" };


                    if (arrAction.Contains(action.ToLower()))
                    {
                        if (!GeneralGetList.GetAuthAction((int)Session["userId"], controler + "/" + action))
                        {
                            errorMassage = "[VALIDATION] tidak punya akses kesini";
                            throw new Exception(errorMassage);
                        }
                    }
                    else if ((arrActionAttachment.Contains(action.ToLower())) && (arrControlerAttachment.Contains(controler.ToLower())))
                    {
                        if (!GeneralGetList.GetAuthAction((int)Session["userId"], controler + "/" + action))
                        {
                            errorMassage = "[VALIDATION] tidak punya akses kesini";
                            throw new Exception(errorMassage);
                        }
                    }
                }
            }


            if (errorMassage != "")
            {
                if (errorMassage.Substring(0, 12) == "[VALIDATION]")
                {
                    var content = errorMassage;

                    filterContext.Result = new ContentResult

                    {
                        ContentType = "text/plain",//Thanks Colin
                        Content     = content
                    };

                    filterContext.HttpContext.Response.Status =

                        "500 " + errorMassage

                        .Replace("\r", " ")

                        .Replace("\n", " ");

                    //filterContext.HttpContext.AddError(new Exception(errorMassage));


                    filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
                }
            }


            //System.Diagnostics.Debug.Print("test OnActionExecuting");
        }