Ejemplo n.º 1
0
        public static bool isAllow(string controller, string action)
        {
            if (System.Web.HttpContext.Current.Session[ComConst.Manager] == null)
            {
                return(false);
            }
            Manager m = System.Web.HttpContext.Current.Session[ComConst.Manager] as Manager;

            if (m.username.Equals("admin"))
            {
                return(true);
            }
            if (m.roles == null || m.roles.Count == 0)
            {
                return(false);
            }
            //foreach (AdminUserRole userRole in m.roles)
            //{
            //    if (userRole.role != null)
            //        if (userRole.role.actions != null)
            //        {
            //            foreach (AdminControllerAction aca in userRole.role.actions)
            //                if (controller.ToLower().Equals(aca.controllerName.ToLower()) && action.ToLower().Equals(aca.actionName.ToLower()))
            //                    return false;
            //        }
            //}
            //return true;
            IList <AdminControllerAction> allActions = AdminControllerActionServices.GetInstance().GetList();

            IList <AdminControllerAction> allallows = new List <AdminControllerAction>();

            foreach (AdminUserRole userRole in m.roles)
            {
                if (userRole.role != null)
                {
                    IList <AdminControllerAction> roleAllows = AdminRole.AllowActionsList(allActions, userRole.role.actions);
                    foreach (AdminControllerAction aca in roleAllows)
                    {
                        allallows.Add(aca);
                    }
                }
            }

            IList <AdminControllerAction> alldenies = AdminRole.AllowActionsList(allActions, allallows);

            foreach (AdminControllerAction aca in alldenies)
            {
                if (controller.ToLower().Equals(aca.controllerName.ToLower()) && action.ToLower().Equals(aca.actionName.ToLower()))
                {
                    return(false);
                }
            }
            return(true);
        }
Ejemplo n.º 2
0
        public ActionResult Index(User user, bool autoLogin, string localZone, string validatecode)
        {
            float lzone = 0;

            try
            {
                float.TryParse(localZone, out lzone);
            }
            catch (Exception ee)
            {
                Console.WriteLine("转换时区异常:" + ee.Message);
                try
                {
                    LogUtil.error("登录转换时区异常: " + user == null ? "" : user.username + ee.Message);
                }
                catch (Exception ee2)
                {
                    Console.WriteLine("写日志文件异常:" + ee2.Message);
                }
            }

            //验证码验证提示
            try
            {
                if (validatecode != null && ValidateCodeUtil.Validated(validatecode) == false)
                {
                    ModelState.AddModelError("Error", "验证码输入错误!");
                    System.Web.HttpContext.Current.Response.Cookies["a_login"].Expires = DateTime.Now.AddDays(-1);
                    loadIndexData();
                    return(View(user));
                }
            }
            catch (Exception ee)
            {
                Console.WriteLine("验证码验证异常:" + ee.Message);
                ModelState.AddModelError("Error", "验证码验证错误!");
                System.Web.HttpContext.Current.Response.Cookies["a_login"].Expires = DateTime.Now.AddDays(-1);
                loadIndexData();
                return(View(user));
            }

            //验证用户名输入项
            if (user == null || user.username == null)
            {
                ModelState.AddModelError("Error", Resources.SunResource.HOME_INDEX_USERNAME_REQUIRED);
                System.Web.HttpContext.Current.Response.Cookies["a_login"].Expires = DateTime.Now.AddDays(-1);
                loadIndexData();
                return(View(user));
            }

            //首先认为是电站用户登录
            User loginUser = userService.GetUserByName(user.username);

            if (loginUser == null || !loginUser.depassword.Equals(user.password))
            {
                //判断是否管理员
                Manager manager = managerService.GetUserByName(user.username);
                if (manager != null)
                {
                    if (manager.depassword.Equals(user.password))
                    {
                        manager = managerService.GetManagerByLocked(user.username);
                        if (manager != null)
                        {
                            if (autoLogin)
                            {
                                SetCookie(user.username, manager.password);
                            }
                            base.mlogin(manager);

                            //这里admin 默认所有权限
                            if (manager.username.Equals("admin"))
                            {
                                return(RedirectToAction(@"users", "admin"));
                            }
                            if (manager.roles == null || manager.roles.Count == 0)
                            {
                                return(Content("access denied"));
                            }
                            try
                            {
                                foreach (AdminUserRole auserRole in manager.roles)
                                {
                                    if (auserRole.role != null)
                                    {
                                        IList <AdminControllerAction> acas  = AdminControllerActionServices.GetInstance().GetList();
                                        IList <AdminControllerAction> allow = AdminRole.AllowActionsList(acas, auserRole.role.actions);
                                        foreach (AdminControllerAction aca in allow)
                                        {
                                            if (aca.isAutoRedirect)
                                            {
                                                return(RedirectToAction(@aca.actionName, aca.controllerName));
                                            }
                                        }
                                    }
                                }
                            }
                            catch (Exception ee3) { }
                        }
                        else
                        {
                            System.Web.HttpContext.Current.Response.Cookies["a_login"].Expires = DateTime.Now.AddDays(-1);
                            ModelState.AddModelError("Error", Resources.SunResource.MANAGER_LOGIN_LOCKED);
                            loadIndexData();
                            return(View(user));
                        }
                    }
                }
                else
                {
                    System.Web.HttpContext.Current.Response.Cookies["a_login"].Expires = DateTime.Now.AddDays(-1);
                    ModelState.AddModelError("Error", Resources.SunResource.HOME_INDEX_VALIDATED);
                    loadIndexData();
                    return(View(user));
                }
            }
            else
            {
                if (loginUser.depassword.Equals(user.password))
                {
                    //注释  不根据用户语言设置默认语言
                    //CultureInfo cultureInfo = null;
                    //if (loginUser.Language == null)
                    //    loginUser.Language = new Language() { codename = "en-us" };
                    //cultureInfo = new CultureInfo(loginUser.Language.codename);
                    //Session["Culture"] = cultureInfo;
                    //Thread.CurrentThread.CurrentCulture = cultureInfo;
                    //Session["display"] = loginUser.Language.name;

                    if (autoLogin)
                    {
                        SetCookie(user.username, loginUser.depassword);
                    }
                    UserUtil.login(loginUser);

                    //记录登录记录
                    try
                    {
                        string ip = WebUtil.getClientIp(Request);
                        LoginRecordService.GetInstance().Save(loginUser.id, loginUser.username, ip, lzone);
                    }
                    catch (Exception ee)
                    {
                        Console.WriteLine("记录ip错误:" + ee.Message);
                    }



                    //如果是非门户用户进入
                    if (!loginUser.isBigCustomer)
                    {
                        //判断是否完成注册的三个步骤
                        return(adjustUserPosition(loginUser));
                    }
                    else
                    {
                        IList <Plant> protalPlants = loginUser.assignedPortalPlants;
                        ///判断是否有电站
                        if (protalPlants.Count < 1)
                        {
                            ModelState.AddModelError("Error", "您的账户中无电站,暂时不能登录");
                            return(View(user));
                        }
                        Session[ComConst.portalautoLogin] = null;
                        if (protalPlants.Count == 1)
                        {
                            return(RedirectToAction(protalPlants[0].isVirtualPlant ? "virtual" : "plant", "portal", new { @id = protalPlants[0].id }));
                        }
                        else
                        {
                            return(RedirectToAction("index", "portal"));
                        }
                    }
                }
            }

            if (user.username.Equals("manuser") && user.depassword.Equals("sungrow2011"))
            {
                Session["collectorAddedEnable"] = true;
                return(RedirectToAction("admin", "admin"));
            }


            //登录失败
            ModelState.AddModelError("Error", Resources.SunResource.HOME_INDEX_VALIDATED);
            System.Web.HttpContext.Current.Response.Cookies["a_login"].Expires = DateTime.Now.AddDays(-1);
            loadIndexData();
            return(View(user));
        }