/// <summary>
/// 验证用户功能权限
/// 先对用户的登录状态进行验证,如果未登录则重定向到系统配置中配置的登录页面,并且终止当前请求Action的执行。
/// 如果已登录,则继续进行功能项权限验证,如果用户没有所请求Action的权限则重定向到权限验证失败页面,并且终止当前请求Action的执行。
/// 如果权限验证通过则继续执行所请求的Action
/// </summary>
public static bool ValidateUserFeatureAuthority(ActionExecutingContext actionExecutingContext, ClaimsPrincipalUser currentUser)
{
IgnoreAuthorityAttribute authorityAttribute = GetIgnoreAuthorityAttribute(actionExecutingContext);
if (authorityAttribute != null && authorityAttribute.IgnoreType == IgnoreType.IgnoreLogin) //是否有验证特性
{
return(true);
}
if (currentUser == null)
{
//页面跳转
return(false);
}
if (currentUser.IsManager) //管理员
{
return(true);
}
string loginName = currentUser.LoginName;
WriteUserTokenCookie(loginName);
string controllerName = ((ControllerActionDescriptor)actionExecutingContext.ActionDescriptor).ControllerName;
string actionName = ((ControllerActionDescriptor)actionExecutingContext.ActionDescriptor).ActionName;
if (authorityAttribute != null)
{
if (authorityAttribute.IgnoreType == IgnoreType.IgnoreFeature)
{
return(true);
}
if (authorityAttribute.IgnoreType == IgnoreType.SameAs)
{
if (string.IsNullOrEmpty(authorityAttribute.SameActionName)) //如果没有复制SameActionName,则用当前ActionName
{
authorityAttribute.SameActionName = actionName;
}
actionName = authorityAttribute.SameActionName;
if (string.IsNullOrEmpty(authorityAttribute.SameControllerName))
{
controllerName = authorityAttribute.SameControllerName;
}
var userinfo = actionExecutingContext.HttpContext.Session.Get <UserBackFullInfo>(currentUser.LoginName);
var FeatureCheck = userinfo.UserFeatureInfoList.Where(p => p.FeatureControllerName == controllerName && p.FeatureActionName == actionName).ToList();
if (FeatureCheck.Count == 1)
{
return(true);
}
else
{
throw new InvalidOperationException(string.Format("Controller:{0}上的Action:{1}配置异常,请检查配置!", (object)controllerName, (object)actionName));
}
}
}
return(true);
}
/// <summary>
/// 获取当前用户
/// </summary>
/// <returns></returns>
public static ClaimsPrincipalUser GetCurrentUser()
{
ClaimsPrincipalUser principalUser;
//取得 cookieValue
string cookieValue = GetCookies(userCMPTokenCookie);
//通过Cookie获取当前登陆名,如果没有,则需要登录
if (string.IsNullOrEmpty(cookieValue))
{
return(null);
}
string loginName = DecryptLoginName(cookieValue);
if (string.IsNullOrEmpty(loginName))
{
principalUser = null;
GlobalHttpContext.Current.Session.Set <UserBackFullInfo>(loginName, null);
if (!string.IsNullOrEmpty(cookieValue)) //删除cookie
{
DeleteCookies(userCMPTokenCookie);
}
}
else
{
//Session里面不存在
if (GlobalHttpContext.Current.Session.Get(loginName) == null)
{
//检查数据库是否有此用户
Org_User user = dalUser.GetByLoginName(loginName);
if (user == null) //没有说明有问题
{
principalUser = (ClaimsPrincipalUser)null;
if (!string.IsNullOrEmpty(cookieValue)) //删除cookie
{
DeleteCookies(userCMPTokenCookie);
}
}
else
{
//如果有此用户
principalUser = new ClaimsPrincipalUser
{
Id = user.Id,
LoginName = user.LoginName,
UserName = user.UserName,
UserCode = user.Code,
IsManager = false,
IsOutSide = user.IsOutSide,
Phone = user.Phone
};
//获取用户全信息数据
Org_UserQueryParam query = new Org_UserQueryParam {
LoginName = loginName
};
var userdatainfo = dalUser.GetUserFullInfo(query);
//重建此session和缓存数据
principalUser.IsManager = userdatainfo.BaseInfo.IsSuperMgr;
RedisHelper.Set("CMPUser_" + loginName, userdatainfo, null);
GlobalHttpContext.Current.Session.Set(principalUser.LoginName, userdatainfo);
}
}
else //Session里面存在
{
var sessionUser = GlobalHttpContext.Current.Session.Get <UserBackFullInfo>(loginName);
principalUser = new ClaimsPrincipalUser();
principalUser.Id = sessionUser.BaseInfo.Id;
principalUser.LoginName = sessionUser.BaseInfo.LoginName;
principalUser.UserName = sessionUser.BaseInfo.UserName;
principalUser.UserCode = sessionUser.BaseInfo.Code;
principalUser.IsManager = sessionUser.BaseInfo.IsSuperMgr;
principalUser.IsOutSide = sessionUser.BaseInfo.IsOutSide;
principalUser.Phone = sessionUser.BaseInfo.Phone;
}
}
return(principalUser);
}
