public void OnActionExecuting(ActionExecutingContext filterContext) { if (!filterContext.HttpContext.User.Identity.IsAuthenticated) { return; } if (filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true)) { return; } WdContext = (WdContext)filterContext.HttpContext.Items["WdContext"]; if (WdContext.WdUser.IsInRole("Root") || WdContext.WdUser.IsInRole("SuperAdmin")) { return; } var executer = new NamedAuthorizeExecuter(filterContext); if (!(executer.ActionRequired && executer.ControllerRequired) || executer.ActionModule == "Ignore" || (executer.ActionModule == string.Empty && executer.ControllerModule == "Ignore")) { return; } executer.AdjustModule(filterContext); var actionPermission = WdContext.Permissions.FirstOrDefault(obj => obj.PermissionName == executer.ActionModule); var controllerPermission = WdContext.Permissions.FirstOrDefault(obj => obj.PermissionName == executer.ControllerModule); if (actionPermission == null || (actionPermission.ParentPermissionId != null && controllerPermission == null)) { filterContext.Result = new RedirectResult("/Error/UnAuthorized"); } }
/// <summary> /// 设置程序所需的上下文 /// </summary> /// <param name="context">HTTP上下文信息</param> private void SetApplicationContext(HttpContext context) { WdContext = new WdContext(context); WdContext.WdUser = _controllerProcess.GetCurrentUser(WdContext.HttpContext); }
public ControllerBase() { WdContext = new WdContext(); DbContext = new ESMonitorEntities(); }