/// <summary>
/// 检查登录
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
private static bool CheckSession(ControllerContext context)
{
if (context.HttpContext == null)
{
#if DEBUG
LogHelper.WriteLog("HttpContext为NULL");
#endif
return(false);
}
var session = new SessionExt(context.HttpContext);
if (session["currentUser"] == null)
{
#if DEBUG
LogHelper.WriteLog("SessionId=" + session.SessionId);
LogHelper.WriteLog("HttpContext.Session[\"currentUser\"]为NULL");
#endif
return(false);
}
if (session["currentTenant"] == null)
{
#if DEBUG
LogHelper.WriteLog("HttpContext.Session[\"currentTenant\"]为NULL");
#endif
return(false);
}
return(true);
}
/// <summary>
/// 生成Button
/// </summary>
/// <param name="helper"></param>
/// <param name="area"></param>
/// <param name="controller"></param>
/// <param name="action"></param>
/// <param name="attributes"></param>
/// <returns></returns>
public static MvcHtmlString Button(this HtmlHelper helper, string area, string controller, string action, object attributes)
{
var session = new SessionExt(HttpContext.Current);
var user = session["currentUser"] as SysUser;
if (user == null)
{
return(new MvcHtmlString(""));
}
//检查权限控制
var permissions = RetechWing.BusinessCache.SystemCache.Instance.Permissions;
//找到请求对应的权限
var currentPermission =
permissions.FirstOrDefault(
p => p.Controller.Equals(controller, StringComparison.OrdinalIgnoreCase) &&
p.Action.Equals(action, StringComparison.OrdinalIgnoreCase)
);
//指定的权限不在权限表中
if (currentPermission == null)
{
return(GenerateButton(attributes));
}
var userRights = RetechWing.BusinessCache.SystemCache.Instance.UserPermissions(user.UserId, new RoleManager().GetUserPermissionIds);
if (userRights.Contains(currentPermission.PermissionId))
{
return(GenerateButton(attributes));
}
return(new MvcHtmlString(""));
}
/// <summary>
/// Checks the permission.
/// </summary>
/// <returns>The permission.</returns>
/// <param name="filterContext">Filter context.</param>
/// <param name="message">Message.</param>
protected virtual PermissionCheckResult CheckPermission(ActionExecutingContext filterContext, out string message)
{
var currentRequestController = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
var currentRequestAction = filterContext.ActionDescriptor.ActionName;
var session = new SessionExt(filterContext.HttpContext);
message = "";
//检查是否在排除列表
var ex =
ExcludeUrlConfiguration.GetExcludeUrl(
currentRequestController,
currentRequestAction);
if (ex != null)
{
return(PermissionCheckResult.Passed);
}
//检查Session
if (!CheckSession(filterContext))
{
message = LanguageResources.Common.NeedLogin;
#if DEBUG
LogHelper.WriteLog("跳登陆,原因:Session丢失\r\nSessionId" + new SessionExt(filterContext.HttpContext).SessionId);
#endif
return(PermissionCheckResult.NeedLogin);
}
//检查权限控制
var permissions = RetechWing.BusinessCache.SystemCache.Instance.Permissions;
//找到请求对应的权限
var currentPermission =
permissions.FirstOrDefault(
p => p.Controller.Equals(currentRequestController, StringComparison.OrdinalIgnoreCase) &&
p.Action.Equals(currentRequestAction, StringComparison.OrdinalIgnoreCase)
);
if (currentPermission == null)
{
//当前请求没有在权限列表中,暂定通过
return(PermissionCheckResult.Passed);
}
//属于用户的权限
var user = session["currentUser"] as SysUser;
var userRights = RetechWing.BusinessCache.SystemCache.Instance.UserPermissions(user.UserId, new RoleManager().GetUserPermissionIds);
if (userRights.Contains(currentPermission.PermissionId))
{
//通过
return(PermissionCheckResult.Passed);
}
#if DEBUG
LogHelper.WriteLog("跳登陆,原因:没有权限\r\nSessionId" + new SessionExt(filterContext.HttpContext).SessionId);
#endif
//以下是未通过的情况
message = LanguageResources.Common.NoRight;
return(PermissionCheckResult.NoPermission);
}
protected override void Initialize(RequestContext requestContext)
{
var session = new SessionExt(requestContext.HttpContext);
Type type = typeof(NameObjectCollectionBase);
PropertyInfo isReadonlyPropertyInfo = type.GetProperty("IsReadOnly",
BindingFlags.Instance | BindingFlags.NonPublic);
var copy = new NameValueCollection();
NameValueCollection queryStrings = requestContext.HttpContext.Request.QueryString;
foreach (string key in queryStrings.AllKeys)
{
Array.ForEach(queryStrings.GetValues(key), v => copy.Add(key, v.NoHtml()));
}
isReadonlyPropertyInfo.SetValue(queryStrings, false, null);
queryStrings.Clear();
queryStrings.Add(copy);
isReadonlyPropertyInfo.SetValue(queryStrings, true, null);
session["lastRequestUrl"] = requestContext.HttpContext.Request.RawUrl;
base.Initialize(requestContext);
object cultureValue;
if (requestContext.RouteData.Values.TryGetValue("culture", out cultureValue))
{
try
{
CultureInfo culture = CultureProvider.GetCultureInfo(cultureValue.ToString());
if (culture == null)
{
culture = CultureProvider.GetCultureInfo(defaultLanguage);
}
Thread.CurrentThread.CurrentUICulture = culture;
Thread.CurrentThread.CurrentCulture = culture;
requestContext.HttpContext.Response.Cookies.Add(new HttpCookie(CultureProvider.culturecookiekey,
culture.Name));
}
catch (Exception)
{
}
}
else
{
try
{
Thread.CurrentThread.CurrentUICulture = CultureProvider.GetCultureInfo(defaultLanguage);
Thread.CurrentThread.CurrentCulture = CultureProvider.GetCultureInfo(defaultLanguage);
requestContext.HttpContext.Response.Cookies.Add(new HttpCookie(CultureProvider.culturecookiekey,
defaultLanguage));
}
catch (Exception)
{
}
}
}
private SysUser GetCurrentUser()
{
var session = new SessionExt(HttpContext.Current);
var curruser = session["currentUser"] as SysUser;
return(curruser);
//return new SysUser();
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var session = new SessionExt(filterContext.HttpContext);
MethodInfo[] methods = GetActions(filterContext);
var method =
methods.First(
p =>
p.Name.Equals(filterContext.ActionDescriptor.ActionName,
StringComparison.CurrentCultureIgnoreCase));
Type returnType = method.ReturnType;
if (session["currentSuperAdmin"] != null)
{
base.OnActionExecuting(filterContext);
return;
}
if (returnType == typeof(JsonResult))
{
filterContext.Result = new JsonResult
{
Data = new
{
permissionError = 1,
result = 403,
errorMsg = "请登陆后再操作",
title = "提示",
btnValue = RetechWing.LanguageResources.Common.Sure,
loginUrl = System.Web.Mvc.UrlHelper.GenerateUrl("Default", "Index", "EnterPoint", new RouteValueDictionary(new Dictionary <string, object>()), RouteTable.Routes, filterContext.RequestContext, false)
//loginUrl = UrlHelper.GenerateUrl("Culture","Login","Home",null,null,filterContext.RequestContext,false)
},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
return;
}
//直接输入Url地址
string urlReferrer = filterContext.HttpContext.Request.UrlReferrer == null
? ""
: filterContext.HttpContext.Request.UrlReferrer.ToString();
if (string.IsNullOrEmpty(urlReferrer))
{
session["backUrl"] = "zh-CN/EnterPoint/Index";
var routeValues =
new RouteValueDictionary(new { controller = "Message", action = "NoRight", msg = "请登陆后再操作" });
filterContext.Result = new RedirectToRouteResult("Culture", routeValues);
return;
}
filterContext.Result =
new RedirectToRouteResult("Culture",
new RouteValueDictionary(new { controller = "EnterPoint", action = "Index", backUrl = urlReferrer }));
}
public static string WriteLoginErrorMessage(HttpContext context)
{
var session = new SessionExt(context);
if (session["errmsg"] == null)
{
return(string.Empty);
}
var msg = session["errmsg"].ToString();
session.Remove("errmsg");
return(msg);
}
public static HtmlString PermissionCheck(this HtmlHelper htmlHelper, string controller, string action)
{
var session = new SessionExt(HttpContext.Current);
var permissions = session["myRights"] as List <vTenantFunction>;
if (permissions != null)
{
var pm = permissions.Find(p => p.Controller == controller && p.Action == action);
if (pm != null)
{
return(new HtmlString(""));
}
}
return(new HtmlString("style='display:none;'"));
}
public override void OnActionExecuted(ActionExecutedContext filterContext)
{
var session = new SessionExt(filterContext.HttpContext);
var result = filterContext.Result;
if (result is ViewResult)
{
if (filterContext.HttpContext.Session != null)
{
if (session["currentUser"] != null)
{
var user = session["currentUser"] as RetechWing.Models.SysUser;
OnlineUserHelper.CheckOnline(user.UserId, user.TenantId);
SampleLoginLog.SetAlive();
//Log.SysLoginLogManager.SetAlive(user.UserId);
}
}
}
base.OnActionExecuted(filterContext);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var session = new SessionExt(filterContext.HttpContext);
//检查是否在排除列表
var currentRequestController = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
var currentRequestAction = filterContext.ActionDescriptor.ActionName;
var ex = ExcludeUrlConfiguration.GetExcludeUrl(currentRequestController, currentRequestAction);
if (ex == null)
{
if (session["currentUser"] == null)
{
//直接输入Url地址
string urlReferrer = "";
if (filterContext.HttpContext.Request.QueryString["keep"] == "1")
{
urlReferrer = filterContext.HttpContext.Request.Url.ToString();
}
else
{
if (session["lastRequestUrl"] != null)
{
urlReferrer = session["lastRequestUrl"].ToString();
}
else
{
urlReferrer = filterContext.HttpContext.Request.UrlReferrer == null ? "/" : filterContext.HttpContext.Request.UrlReferrer.ToString();
}
}
var controller = filterContext.Controller as System.Web.Mvc.Controller;
if (string.IsNullOrWhiteSpace(filterContext.HttpContext.Request.Params["code"]) && string.IsNullOrWhiteSpace(filterContext.HttpContext.Request.Params["openID"]))
{
filterContext.Result = new RedirectResult(WeixinCommon.GetAuthorizeUserInfoUrl(controller.Url.RetechAction("VerifyUser", "WeiXin", new { area = "Mobile" }) + "?backUrl=" + controller.Url.Encode(urlReferrer), Senparc.Weixin.MP.AdvancedAPIs.OAuthScope.snsapi_userinfo));
return;
}
else
{
string openID = "";
if (string.IsNullOrWhiteSpace(filterContext.HttpContext.Request.Params["openID"]))
{
string code = filterContext.HttpContext.Request.Params["code"];
openID = WeixinCommon.GetOpenidByCode(code);
}
else
{
openID = filterContext.HttpContext.Request.Params["openID"];
}
var user = new UserManager().GetUserByOpenID(openID);
if (user == null)
{
filterContext.Result = new RedirectResult(controller.Url.RetechAction("BindingAccount", "WeiXin", new { area = "Mobile" }) + "?openID=" + openID + "&msg=您还未绑定用户信息!&backUrl=" + controller.Url.Encode(urlReferrer));
return;
}
else
{
user.OpenID = openID;
session["currentUser"] = user;
session["currentTenant"] = new TenantManager().GetTenantById(user.TenantId);
}
}
}
}
base.OnActionExecuting(filterContext);
}
/// <summary>
/// Builds a session from the factory, when initialized...
/// </summary>
/// <returns></returns>
public ISession OpenSession(bool p_autoCloseSessionEnabled,ConnectionReleaseMode p_connectionReleaseMode)
{
TraceLog.LogEntry("OpenSession(): p_autoCloseSessionEnabled {0} p_connectionReleaseMode {1}", p_autoCloseSessionEnabled, p_connectionReleaseMode);
ISessionTX res = null;
if (this.m_cnnStr == String.Empty)
throw new Exception("Session Factory without connection string, can't get it from configuration!");
else
if (this.m_closed)
throw new Exception("Session Factory is closed!");
else
{
if (SharpCore.Data.CurrentSessionContext.HasBind(this))
{
res = this.GetCurrentSession();
TraceLog.LogEntry("Existe una Sesión ya ligada, GetCurrentSession() Id {0}", res.SessionId);
}
else
SharpCore.Data.CurrentSessionContext.Bind(res = new SessionExt(this, p_autoCloseSessionEnabled, p_connectionReleaseMode));
}
// SharpLogger.CallerOut();
return res;
}
/// <summary>
/// Called before an action method executes.
/// </summary>
/// <param name="filterContext">The filter context.</param>
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var session = new SessionExt(filterContext.HttpContext);
string errorString;
var checkresult = CheckPermission(filterContext, out errorString);
if (checkresult == PermissionCheckResult.Passed)
{
base.OnActionExecuting(filterContext);
return;
}
var controller = filterContext.Controller as System.Web.Mvc.Controller;
MethodInfo[] methods = GetActions(filterContext);
var method = methods.First(p => p.Name.Equals(filterContext.ActionDescriptor.ActionName, StringComparison.CurrentCultureIgnoreCase));
Type returnType = method.ReturnType;
if (returnType == typeof(JsonResult))
{
int errorCode = 403;
errorString = RetechWing.LanguageResources.Other.NeedLogin;
if (checkresult == PermissionCheckResult.NeedLogin)
{
errorCode = 404;
}
filterContext.Result = new JsonResult
{
Data = new
{
permissionError = 1,
result = errorCode,
errorMsg = errorString,
title = RetechWing.LanguageResources.Common.DialogTitle,
btnValue = RetechWing.LanguageResources.Common.Sure,
loginUrl = controller.Url.RetechAction("Index", "Login", new { area = "" })
//loginUrl = UrlHelper.GenerateUrl("Culture","Login","Home",null,null,filterContext.RequestContext,false)
},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
return;
}
//直接输入Url地址
string urlReferrer;
if (filterContext.HttpContext.Request.QueryString["keep"] == "1")
{
urlReferrer = filterContext.HttpContext.Request.Url.ToString();
}
else
{
if (session["lastRequestUrl"] != null)
{
urlReferrer = session["lastRequestUrl"].ToString();
}
else
{
urlReferrer = filterContext.HttpContext.Request.UrlReferrer == null
? "/"
: filterContext.HttpContext.Request.UrlReferrer.ToString();
}
}
if (checkresult == PermissionCheckResult.NeedLogin)
{
filterContext.Result = new RedirectResult(controller.Url.RetechAction("Index", "Login", new { area = "", backUrl = urlReferrer }));
//new RedirectToRouteResult(
// new RouteValueDictionary(new { controller = "Login", action = "Index", backUrl = urlReferrer }));
}
else
{
filterContext.Result = new RedirectResult(controller.Url.RetechAction("NoRight", "Message", new { area = "", backUrl = urlReferrer }));
//new RedirectToRouteResult(
// new RouteValueDictionary(new { controller = "Message", action = "NoRight", backUrl = urlReferrer }));
}
}
