public void OnActionExecuting(ActionExecutingContext filterContext)
{
if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
return;
}
if (filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) ||
filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true))
{
return;
}
WdContext = (WdContext)filterContext.HttpContext.Items["WdContext"];
if (WdContext.WdUser.IsInRole("Root") ||
WdContext.WdUser.IsInRole("SuperAdmin"))
{
return;
}
var executer = new NamedAuthorizeExecuter(filterContext);
if (!(executer.ActionRequired && executer.ControllerRequired) ||
executer.ActionModule == "Ignore" ||
(executer.ActionModule == string.Empty && executer.ControllerModule == "Ignore"))
{
return;
}
executer.AdjustModule(filterContext);
var actionPermission = WdContext.Permissions.FirstOrDefault(obj => obj.PermissionName == executer.ActionModule);
var controllerPermission =
WdContext.Permissions.FirstOrDefault(obj => obj.PermissionName == executer.ControllerModule);
if (actionPermission == null || (actionPermission.ParentPermissionId != null && controllerPermission == null))
{
filterContext.Result = new RedirectResult("/Error/UnAuthorized");
}
}
/// <summary>
/// 设置程序所需的上下文
/// </summary>
/// <param name="context">HTTP上下文信息</param>
private void SetApplicationContext(HttpContext context)
{
WdContext = new WdContext(context);
WdContext.WdUser = _controllerProcess.GetCurrentUser(WdContext.HttpContext);
}
public ControllerBase()
{
WdContext = new WdContext();
DbContext = new ESMonitorEntities();
}
