protected override bool AuthorizeCore(HttpContextBase httpContext) { bool retVal = base.AuthorizeCore(httpContext); if (!retVal) { var maNhaThuoc = nhaThuoc.MaNhaThuoc; if (!string.IsNullOrEmpty(maNhaThuoc)) { var id = (httpContext.Request.RequestContext.RouteData.Values["id"] as string) ?? (httpContext.Request["id"] as string); int maPhieuNhap = 0; int.TryParse(id, out maPhieuNhap); retVal = FunctionsService.AuthorizeInputBill(WebSecurity.GetCurrentUserId, maNhaThuoc, maPhieuNhap); } } return(retVal); }
protected override bool AuthorizeCore(HttpContextBase httpContext) { //Get the current claims principal var prinicpal = (ClaimsPrincipal)Thread.CurrentPrincipal; //Make sure they are authenticated if (!prinicpal.Identity.IsAuthenticated) { return(false); } //allows if SuperUser. if (prinicpal.IsInRole(Constants.Security.Roles.SuperUser.Value)) { return(true); } //var roles = prinicpal.Claims.Where(c => c.Type == ClaimTypes.Role).Select(c => c.Value).ToArray(); //Check if they are authorized return(FunctionsService.Authorize(controller, action, nhaThuoc, checkRoles)); }