using Step.Database.Controllers; using Step.Model.DTOModels; using System; using System.Collections.Generic; using System.Linq; using System.Security.Claims; using System.Web.Http; using static Step.Model.Constants; namespace Step.Controllers.WebApi { [RoutePrefix("api/authorization")] public class AuthorizationController : ApiController { [Route("functions"), HttpGet] [WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.GENERAL, Action = ACTIONS.READ)] public IHttpActionResult GetFunctionsConfig() { using (FunctionsAccessController acController = new FunctionsAccessController()) { var identity = User.Identity as ClaimsIdentity; var userRoleLevel = identity.Claims.Where(c => c.Type == ROLE_LEVEL_KEY).FirstOrDefault(); List functionsList = acController.GetFunctionsAccess(Convert.ToInt32(userRoleLevel.Value)); if (functionsList == null) return NotFound(); return Ok(functionsList); } } } }