Role based Authentication using action name

Question

I am working on a C# MVC project with Entity Framework. I am trying to get Role based authentication.

I have three tables as Roles, PermissionFunction and Permission.

Roles :

roleId | rolename 
-------------------
 1     | admin    
 2     | super admin
 3     | user

Permission Function

pfId | functionname 
-------------------------
 1   | usercreate        
 2   | useredit      
 3   | userdelete        
 4   | userview              
 5   | productcreate         
 6   | productedit       
 7   | productdelete         
 8   | productview

Permision

permisionId | roleid| pfid
-------------------------
 1          | 1     | 1
 2          | 1     | 2
 3          | 1     | 3
 4          | 1     | 4
 5          | 3     | 5
 6          | 3     | 6

These are only sample datas.

I need to check the role of user when he logins and according to that give access only to the permissible pages.

I have a view from where admin can change the permission details.

The functionname in permission function table is just some string, and i need to use this to give or stop access to corresponding action.

I searched and found nothing, i am new to this type of stuff, please suggest me a better way to achieve this.

Thanks in advance.

Answer 1

 public override void OnActionExecuting(ActionExecutingContext filterContext)

You can override on Action executeing and check the permision over this method(eg: with user credentials).based on pemission you can return flag from this method like true or false.

MORE INFORMATION