protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            bool retVal = base.AuthorizeCore(httpContext);

            if (!retVal)
            {
                var maNhaThuoc = nhaThuoc.MaNhaThuoc;
                if (!string.IsNullOrEmpty(maNhaThuoc))
                {
                    var id = (httpContext.Request.RequestContext.RouteData.Values["id"] as string)
                             ?? (httpContext.Request["id"] as string);
                    int maPhieuNhap = 0;
                    int.TryParse(id, out maPhieuNhap);
                    retVal = FunctionsService.AuthorizeInputBill(WebSecurity.GetCurrentUserId, maNhaThuoc, maPhieuNhap);
                }
            }

            return(retVal);
        }
示例#2
0
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            //Get the current claims principal
            var prinicpal = (ClaimsPrincipal)Thread.CurrentPrincipal;

            //Make sure they are authenticated
            if (!prinicpal.Identity.IsAuthenticated)
            {
                return(false);
            }
            //allows if SuperUser.
            if (prinicpal.IsInRole(Constants.Security.Roles.SuperUser.Value))
            {
                return(true);
            }
            //var roles = prinicpal.Claims.Where(c => c.Type == ClaimTypes.Role).Select(c => c.Value).ToArray();
            //Check if they are authorized
            return(FunctionsService.Authorize(controller, action, nhaThuoc, checkRoles));
        }