Public Overrides Function Authorize(ByVal principal As System.Security.Principal.IPrincipal) As Boolean
If (principal.IsInRole("Attendee") And principal.Identity.Name.StartsWith("A")) Then
Public Class RestrictAccessToAssignedManagers
Inherits AuthorizationAttribute
Protected Overrides Function IsAuthorized(ByVal principal As System.Security.Principal.IPrincipal, ByVal authorizationContext As System.ComponentModel.DataAnnotations.AuthorizationContext) As System.ComponentModel.DataAnnotations.AuthorizationResult
Dim eph As EmployeePayHistory
Dim selectedEmployee As Employee
Dim authenticatedUser As Employee
eph = CType(authorizationContext.Instance, EmployeePayHistory)
Using context As New AdventureWorksEntities()
selectedEmployee = context.Employees.SingleOrDefault(Function(e) e.EmployeeID = eph.EmployeeID)
authenticatedUser = context.Employees.SingleOrDefault(Function(e) e.LoginID = principal.Identity.Name)
If (selectedEmployee.ManagerID = authenticatedUser.EmployeeID) Then
Return AuthorizationResult.Allowed
Return New AuthorizationResult("Only the authenticated manager for the employee can add a new record.")
public class CheckAttendeeNameAttribute : System.Web.DomainServices.AuthorizationAttribute
public override bool Authorize(System.Security.Principal.IPrincipal principal)
if (principal.IsInRole("Attendee") && principal.Identity.Name.StartsWith("A"))
public class RestrictAccessToAssignedManagers : AuthorizationAttribute
protected override AuthorizationResult IsAuthorized(System.Security.Principal.IPrincipal principal, AuthorizationContext authorizationContext)
EmployeePayHistory eph = (EmployeePayHistory)authorizationContext.Instance;
Employee selectedEmployee;
Employee authenticatedUser;
using (AdventureWorksEntities context = new AdventureWorksEntities())
selectedEmployee = context.Employees.SingleOrDefault(e => e.EmployeeID == eph.EmployeeID);
authenticatedUser = context.Employees.SingleOrDefault(e => e.LoginID == principal.Identity.Name);
if (selectedEmployee.ManagerID == authenticatedUser.EmployeeID)
return AuthorizationResult.Allowed;
return new AuthorizationResult("Only the authenticated manager for the employee can add a new record.");