c# - Authorization based on assigned Permission function -
i have 3 tables dbo.permissionfunc, dbo.roles, dbo.permissions asp.net mvc web application.
dbo.permissionfunc contains function name in project. dbo.roles contains user roles such admin, user, subuser etc dbo.permissions contains rolesid dbo.roles , permissionfuncid dbo.permissionfunc. want give authorization based on value assigned in dbo.permission.
update in question: query using determine if current user has permission or not
string mail = formsauthentication.decrypt(request.cookies[formsauthentication.formscookiename].value).name; var usr = _user.getuserbymail(mail); var permfunc = _permissionfunc.findbyname("actionresultname"); var permission = _permission.checkifpermitted(convert.toint64(usr.usr_role_id), permfunc.permfunc_id);//usr.usr_role_id roleid , permfunc.permfunc_id permissionfunctionid if(permission != null) { //permission granted } else { //permission rejected } thanks in advance
you can create custom authorizationattribute logic of checking roles , permissions in , use operations requires that.
you can use mvc.filters implementation of iauthorizationfilter, filter every request. register in filterconfig
filters.add(new myauthorizationattribute());
Comments
Post a Comment