public static bool IsAccessAllowed(string Controller, string Action, CustomPrincipal User, string IP, ActivityType activity)
{
IMenuService menuService = UnityConfigurator.GetConfiguredContainer().Resolve<IMenuService>();
if (User != null)
{
//default controller for all user
if (Controller.ToLower().Contains("account") || Controller.ToLower().Contains("home"))
{
return true;
}
else
{
bool allowed = false;
//check if user have access to controller
//ensure that 1 form/modul = 1 controller
allowed = menuService.isAccessAllowed(Controller, User.RoleId);
//if activity type is supplied, check the activity permission too
if (activity != ActivityType.None)
{
allowed = allowed && menuService.isAccessAllowed(Controller, activity.ToString(), User.RoleId);
}
return allowed;
}
}
else
{
return false;
}
}
protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
JavaScriptSerializer serializer = new JavaScriptSerializer();
CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(authTicket.UserData);
CustomPrincipal newUser = new CustomPrincipal(authTicket.Name)
{
UserId = serializeModel.UserId,
EmpId = serializeModel.EmpId,
UserName = serializeModel.UserName,
FullName = serializeModel.FullName,
RoleId = serializeModel.RoleId,
RoleCode = serializeModel.RoleCode,
RoleName = serializeModel.RoleName,
Culture = serializeModel.Culture
};
UserContext userContext = new UserContext()
{
FullName = serializeModel.FullName,
UserName = serializeModel.UserName,
UserId = serializeModel.UserId
};
HttpContext.Current.User = newUser;
UserContextThreadLocal.Value = userContext;
}
}