Update AuthorizeMenuAttribute to return ForbidResult instead of previ…

…ous result

src/Tests/Grand.Web.Common.Tests/AuthorizeMenuAttributeTests.cs

@@ -139,7 +139,7 @@ public async Task TestAuthorizeMenuAttribute_WithValidSiteMap_AllPermissions()
         await filter.OnAuthorizationAsync(_mockFilterContext);
 
         // Assert
-        Assert.IsInstanceOfType(_mockFilterContext.Result, typeof(RedirectToRouteResult));
+        Assert.IsInstanceOfType(_mockFilterContext.Result, typeof(ForbidResult));
     }
 
     [Test]
@@ -217,6 +217,6 @@ public async Task TestAuthorizeMenuAttribute_WithoutAllPermissions_NotAuthorized
 
         // Assert
         // Permission exists but user is not authorized, so a redirect should occur
-        Assert.IsInstanceOfType(_mockFilterContext.Result, typeof(RedirectToRouteResult));
+        Assert.IsInstanceOfType(_mockFilterContext.Result, typeof(ForbidResult));
     }
 }

src/Web/Grand.Web.Common/Filters/AuthorizeMenuAttribute.cs

@@ -107,13 +107,13 @@ private async Task ValidateMenuSiteMapPermissions(AuthorizationFilterContext fil
                     {
                         if (!(await menuSiteMap.PermissionNames.AllAsync(async x =>
                                 await _permissionService.Authorize(x, _workContext.CurrentCustomer))))
-                            filterContext.Result = new RedirectToRouteResult("AdminLogin", new RouteValueDictionary());
+                            filterContext.Result = new ForbidResult();
                     }
                     else
                     {
                         if (!(await menuSiteMap.PermissionNames.AnyAsync(async x =>
                                 await _permissionService.Authorize(x, _workContext.CurrentCustomer))))
-                            filterContext.Result = new RedirectToRouteResult("AdminLogin", new RouteValueDictionary());
+                            filterContext.Result = new ForbidResult();
                     }
                 }
             }