/// <summary>授权发生时触发</summary>
/// <param name="filterContext"></param>
public override void OnAuthorization(AuthorizationContext filterContext)
{
/*
* 验证范围:
* 1,魔方区域下的所有控制器
* 2,所有带有EntityAuthorize特性的控制器或动作
*/
var act = filterContext.ActionDescriptor;
var ctrl = act.ControllerDescriptor;
// 允许匿名访问时,直接跳过检查
if (act.IsDefined(typeof(AllowAnonymousAttribute), true) || ctrl.IsDefined(typeof(AllowAnonymousAttribute), true))
{
return;
}
// 如果控制器或者Action放有该特性,则跳过全局
var hasAtt = act.IsDefined(typeof(EntityAuthorizeAttribute), true) || ctrl.IsDefined(typeof(EntityAuthorizeAttribute), true);
if (IsGlobal && hasAtt)
{
return;
}
// 只验证管辖范围
var create = false;
if (!AreaRegistrationBase.Contains(filterContext.Controller))
{
if (!hasAtt)
{
return;
}
// 不属于魔方而又加了权限特性,需要创建菜单
create = true;
}
// 根据控制器定位资源菜单
var menu = GetMenu(filterContext, create);
// 如果已经处理过,就不处理了
if (filterContext.Result != null)
{
return;
}
base.OnAuthorization(filterContext);
}
/// <summary>拦截异常</summary>
/// <param name="ctx"></param>
public override void OnException(ExceptionContext ctx)
{
// 判断控制器是否在管辖范围之内,不拦截其它控制器的异常信息
if (!ctx.ExceptionHandled && AreaRegistrationBase.Contains(ctx.Controller))
{
XTrace.WriteException(ctx.Exception);
ctx.ExceptionHandled = true;
var vr = new ViewResult();
vr.ViewName = "Error";
vr.ViewBag.Context = ctx;
ctx.Result = vr;
}
base.OnException(ctx);
}
/// <summary>拦截异常</summary>
/// <param name="ctx"></param>
public override void OnException(ExceptionContext ctx)
{
// 判断控制器是否在管辖范围之内,不拦截其它控制器的异常信息
if (!ctx.ExceptionHandled && AreaRegistrationBase.Contains(ctx.Controller))
{
//XTrace.WriteException(ctx.Exception);
var ex = ctx.Exception?.GetTrue();
if (ex != null)
{
// 避免反复出现缺少文件
if (ex is HttpException hex && (UInt32)hex.ErrorCode == 0x80004005)
{
var url = HttpContext.Current.Request.RawUrl + "";
if (!NotFoundFiles.Contains(url))
NotFoundFiles.Add(url);
else
ex = null;
}
if (ex != null) XTrace.WriteException(ex);
}
ctx.ExceptionHandled = true;
if (ctx.RequestContext.HttpContext.Request.IsAjaxRequest())
{
var act = "操作";
if (ctx.RouteData.Values.ContainsKey("action")) act = "[{0}]".F(ctx.RouteData.Values["action"]);
ctx.Result = ControllerHelper.JsonTips("{0}失败!{1}".F(act, ex.Message));
}
else
{
var vr = new ViewResult
{
ViewName = "CubeError"
};
vr.ViewBag.Context = ctx;
ctx.Result = vr;
}
}
base.OnException(ctx);
}
/// <summary>拦截异常</summary>
/// <param name="ctx"></param>
public override void OnException(ExceptionContext ctx)
{
// 判断控制器是否在管辖范围之内,不拦截其它控制器的异常信息
if (!ctx.ExceptionHandled && AreaRegistrationBase.Contains(ctx.Controller))
{
//XTrace.WriteException(ctx.Exception);
var ex = ctx.Exception?.GetTrue();
if (ex != null)
{
// 避免反复出现缺少文件
var hex = ex as HttpException;
if (hex != null && (UInt32)hex.ErrorCode == 0x80004005)
{
var url = HttpContext.Current.Request.RawUrl + "";
if (!NotFoundFiles.Contains(url))
{
NotFoundFiles.Add(url);
}
else
{
ex = null;
}
}
if (ex != null)
{
XTrace.WriteException(ex);
}
}
ctx.ExceptionHandled = true;
var vr = new ViewResult();
vr.ViewName = "Error";
vr.ViewBag.Context = ctx;
ctx.Result = vr;
}
base.OnException(ctx);
}
/// <summary>授权发生时触发</summary>
/// <param name="filterContext"></param>
public override void OnAuthorization(AuthorizationContext filterContext)
{
//// 基类方法会检查AllowAnonymous
//base.OnAuthorization(filterContext);
//if (filterContext.Result == null) return;
// 只验证管辖范围
if (!AreaRegistrationBase.Contains(filterContext.Controller))
{
return;
}
var act = filterContext.ActionDescriptor;
// 如果控制器或者Action放有该特性,则跳过全局
if (IsGlobal)
{
if (act.IsDefined(typeof(EntityAuthorizeAttribute), true) || act.ControllerDescriptor.IsDefined(typeof(EntityAuthorizeAttribute), true))
{
return;
}
}
// 允许匿名访问时,直接跳过检查
if (act.IsDefined(typeof(AllowAnonymousAttribute), true) || act.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true))
{
return;
}
// 判断当前登录用户
var user = ManageProvider.User;
if (user == null)
{
HandleUnauthorizedRequest(filterContext);
return;
}
// 根据请求Url定位资源菜单
var url = filterContext.HttpContext.Request.AppRelativeCurrentExecutionFilePath;
var menu = ManageProvider.Menu.Current;
if (menu != null)
{
var role = (user as IUser).Role;
if (role.Has(menu.ID, Permission))
{
return;
}
}
else
{
XTrace.WriteLine("设计错误!验证权限时无法找到[{0}]的菜单", url);
}
var vr = new ViewResult();
vr.ViewName = "NoPermission";
vr.ViewBag.Context = filterContext;
vr.ViewBag.Resource = menu != null ? (menu + "") : url;
vr.ViewBag.Permission = Permission;
filterContext.Result = vr;
}
/// <summary>授权发生时触发</summary>
/// <param name="filterContext"></param>
public override void OnAuthorization(AuthorizationContext filterContext)
{
// 只验证管辖范围
if (!AreaRegistrationBase.Contains(filterContext.Controller))
{
return;
}
ManageProvider.Provider.SetPrincipal();
var act = filterContext.ActionDescriptor;
// 如果控制器或者Action放有该特性,则跳过全局
if (IsGlobal)
{
if (act.IsDefined(typeof(EntityAuthorizeAttribute), true) || act.ControllerDescriptor.IsDefined(typeof(EntityAuthorizeAttribute), true))
{
return;
}
}
// 允许匿名访问时,直接跳过检查
if (act.IsDefined(typeof(AllowAnonymousAttribute), true) || act.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true))
{
return;
}
var ctx = filterContext.HttpContext;
// 判断当前登录用户
var user = ManageProvider.User;
if (user == null)
{
//HandleUnauthorizedRequest(filterContext);
//var rurl = HttpRuntime.AppDomainAppVirtualPath.EnsureEnd("/");
//rurl += "Admin/User/Login";
var retUrl = ctx.Request.Url?.PathAndQuery;
//if (!retUrl.IsNullOrEmpty() && retUrl != "/") rurl += "?returnUrl=" + retUrl;
var rurl = "~/Admin/User/Login".AppendReturn(retUrl);
ctx.Response.Redirect(rurl);
return;
}
// 根据请求Url定位资源菜单
var url = ctx.Request.AppRelativeCurrentExecutionFilePath;
var menu = ManageProvider.Menu?.Current;
if (menu != null)
{
var role = user?.Role;
if (role != null && role.Has(menu.ID, Permission))
{
return;
}
}
else
{
XTrace.WriteLine("设计错误!验证权限时无法找到[{0}]的菜单", url);
}
var res = "[{0}/{1}] {2}".F(act.ControllerDescriptor.ControllerName, act.ActionName, menu != null ? (menu + "") : url);
var msg = "访问资源 {0} 需要 {1} 权限".F(res, Permission.GetDescription());
LogProvider.Provider.WriteLog("访问", "拒绝", msg);
var vr = new ViewResult()
{
ViewName = "NoPermission"
};
vr.ViewBag.Context = filterContext;
vr.ViewBag.Resource = res;
vr.ViewBag.Permission = Permission;
filterContext.Result = vr;
}
/// <summary>拦截异常</summary>
/// <param name="ctx"></param>
public override void OnException(ExceptionContext ctx)
{
if (ctx.ExceptionHandled)
{
return;
}
//XTrace.WriteException(ctx.Exception);
var ex = ctx.Exception?.GetTrue();
if (ex != null)
{
// 避免反复出现缺少文件
if (ex is HttpException hex && (UInt32)hex.ErrorCode == 0x80004005)
{
var url = HttpContext.Current.Request.RawUrl + "";
if (!NotFoundFiles.Contains(url))
{
NotFoundFiles.Add(url);
}
else
{
ex = null;
}
}
// 拦截没有权限
if (ex is NoPermissionException nex)
{
ctx.Result = ctx.Controller.NoPermission(nex);
ctx.ExceptionHandled = true;
}
if (ex != null)
{
XTrace.WriteException(ex);
}
}
if (ctx.ExceptionHandled)
{
return;
}
// 判断控制器是否在管辖范围之内,不拦截其它控制器的异常信息
if (Setting.Current.CatchAllException || AreaRegistrationBase.Contains(ctx.Controller))
{
ctx.ExceptionHandled = true;
var ctrl = "";
var act = "";
if (ctx.RouteData.Values.ContainsKey("controller"))
{
ctrl = ctx.RouteData.Values["controller"] + "";
}
if (ctx.RouteData.Values.ContainsKey("action"))
{
act = ctx.RouteData.Values["action"] + "";
}
if (ctx.RequestContext.HttpContext.Request.IsAjaxRequest())
{
if (act.IsNullOrEmpty())
{
act = "操作";
}
ctx.Result = ControllerHelper.JsonTips("[{0}]失败!{1}".F(act, ex.Message));
}
else
{
var vr = new ViewResult
{
ViewName = "CubeError"
};
vr.ViewBag.Context = ctx;
var vd = vr.ViewData = ctx.Controller.ViewData;
vd.Model = new HandleErrorInfo(ex, ctrl, act);
ctx.Result = vr;
}
}
base.OnException(ctx);
}
