public override void OnActionExecuting(ActionExecutingContext filterContext)
{
Operation operation = null;
var permissionValidatorService = filterContext.HttpContext.RequestServices.GetService <IPermissionValidatorService>();
try
{
operation = typeof(Operation).GetField(_opname).GetValue(null) as Operation;
}
catch (Exception)
{
operation = null;
}
if (operation == null)
{
filterContext.Result = NoPermissionResult.Generate();
}
else
{
try
{
IPrincipal user = filterContext.HttpContext.User;
if (!permissionValidatorService.HasAccess(user, operation))
{
filterContext.Result = NoPermissionResult.Generate();
}
}
catch
{
filterContext.Result = NoPermissionResult.Generate();
}
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
try
{
var permissionValidatorService = filterContext.HttpContext.RequestServices.GetService <IPermissionValidatorService>();
int id = 0;
if (filterContext.ActionArguments.ContainsKey("id"))
{
Int32.TryParse(filterContext.ActionArguments["id"].ToString(), out id);
}
else if (filterContext.ActionArguments.ContainsKey("employee"))
{
Employee val = filterContext.ActionArguments["employee"] as Employee;
if (val != null)
{
id = val.ID;
}
}
if (permissionValidatorService.HasAccessToEmployeeUpdate(filterContext.HttpContext.User, id))
{
return;
}
else
{
filterContext.Result = NoPermissionResult.Generate();
}
}
catch
{
filterContext.Result = NoPermissionResult.Generate();
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
try
{
var permissionValidator = filterContext.HttpContext.RequestServices.GetService <IPermissionValidatorService>();
var applicationUserService = filterContext.HttpContext.RequestServices.GetService <IApplicationUserService>();
var projectExternalWorkspaceService = filterContext.HttpContext.RequestServices.GetService <IProjectExternalWorkspaceService>();
IPrincipal user = filterContext.HttpContext.User;
if (!permissionValidator.HasAccess(user, Operation.ProjectView | Operation.ProjectExternalWorkspaceView | Operation.ProjectMyProjectView | Operation.ProjectMyDepartmentProjectView))
{
filterContext.Result = NoPermissionResult.Generate();
}
else if (permissionValidator.HasAccess(user, Operation.ProjectMyProjectView | Operation.ProjectMyDepartmentProjectView) &&
!permissionValidator.HasAccess(user, Operation.ProjectView | Operation.ProjectExternalWorkspaceView))
{
ApplicationUser applicationUser = applicationUserService.GetUser();
int? id = null;
try
{
id = filterContext.ActionArguments["id"] as int?;
}
catch (Exception)
{
}
if (id != null)
{
ProjectExternalWorkspace projectExternalWorkspace = projectExternalWorkspaceService.GetById((int)id);
Project project = projectExternalWorkspace.Project;
if (project == null)
{
filterContext.Result = NoPermissionResult.Generate();
}
else if (applicationUserService.IsMyProject(project) == false)
{
filterContext.Result = NoPermissionResult.Generate();
}
}
else
{
filterContext.Result = NoPermissionResult.Generate();
}
}
}
catch (Exception)
{
filterContext.Result = NoPermissionResult.Generate();
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
try
{
var permissionValidator = filterContext.HttpContext.RequestServices.GetService <IPermissionValidatorService>();
IPrincipal user = filterContext.HttpContext.User;
if (!permissionValidator.HasAccess(user, Operation.ProjectsHoursReportView | Operation.ProjectsHoursReportViewForManagedEmployees))
{
filterContext.Result = NoPermissionResult.Generate();
}
}
catch
{
filterContext.Result = NoPermissionResult.Generate();
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
try
{
var permissionValidatorService = filterContext.HttpContext.RequestServices.GetService <IPermissionValidatorService>();
var applicationUserService = filterContext.HttpContext.RequestServices.GetService <IApplicationUserService>();
IPrincipal user = filterContext.HttpContext.User;
if (!permissionValidatorService.HasAccess(user, Operation.TSHoursRecordPMApproveHours) || applicationUserService.GetEmployeeID() == 0)
{
filterContext.Result = NoPermissionResult.Generate();
}
}
catch
{
filterContext.Result = NoPermissionResult.Generate();
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
try
{
var permissionValidator = filterContext.HttpContext.RequestServices.GetService <IPermissionValidatorService>();
var projectService = filterContext.HttpContext.RequestServices.GetService <IProjectService>();
var applicationUserService = filterContext.HttpContext.RequestServices.GetService <IApplicationUserService>();
var projectScheduleEntryService = filterContext.HttpContext.RequestServices.GetService <IProjectScheduleEntryService>();
IPrincipal user = filterContext.HttpContext.User;
if (!permissionValidator.HasAccess(user, Operation.ProjectCreateUpdate | Operation.ProjectScheduleEntryCreateUpdate | Operation.ProjectMyProjectView | Operation.ProjectMyDepartmentProjectView))
{
filterContext.Result = NoPermissionResult.Generate();
}
else if (permissionValidator.HasAccess(user, Operation.ProjectMyProjectView | Operation.ProjectMyDepartmentProjectView) &&
!permissionValidator.HasAccess(user, Operation.ProjectCreateUpdate | Operation.ProjectScheduleEntryCreateUpdate))
{
ApplicationUser applicationUser = applicationUserService.GetUser();
int? id = null;
int? projectId = null;
try
{
id = filterContext.ActionArguments["id"] as int?;
}
catch (Exception)
{
}
if (id == null)
{
try
{
projectId = filterContext.ActionArguments["projectID"] as int?;
}
catch (Exception)
{
}
if (projectId == null)
{
try
{
projectId = filterContext.ActionArguments["projectid"] as int?;
}
catch (Exception)
{
}
}
}
if (id != null || projectId != null)
{
Project project = null;
if (id != null)
{
ProjectScheduleEntry projectScheduleEntry = projectScheduleEntryService.GetById(id.Value);
project = projectScheduleEntry.Project;
}
else
{
project = projectService.GetById(projectId.Value);
}
if (project == null)
{
filterContext.Result = NoPermissionResult.Generate();
}
else if (applicationUserService.IsMyProject(project) == false)
{
filterContext.Result = NoPermissionResult.Generate();
}
}
else
{
filterContext.Result = NoPermissionResult.Generate();
}
}
}
catch (Exception)
{
filterContext.Result = NoPermissionResult.Generate();
}
}
