public PtcIdentity(
IIdentity identity,
UserBase currentUser,
string GroupName,
MenuNodeAttribute actionAuthDefine)
{
//原始ID
_orgIdentity = identity;
//目前使用者
_currentUser = currentUser;
//action沒設定,表示全部有效
if (actionAuthDefine == null)
{
_groupActionOperation = AuthNodeType.All;
return;
}
//取得使用者的定義
if (_currentUser.UserPageAuth.ContainsKey(GroupName))
{
_currentUserGroupAction = _currentUser.UserPageAuth[GroupName];
_groupActionOperation = _currentUserGroupAction.AuthType;
//使用者沒有設定操作操限
if (_currentUserGroupAction.AuthType == null)
{
throw new Exception("沒設定功能的操作權限(CRUD)");
}
//操作權限不符合
if (_currentUserGroupAction.AuthType.Value.HasFlag(actionAuthDefine.AuthType) == false)
{
throw new Exception("功能的操作權限不符合(CRUD)");
}
}
else
{
//找出使用者權限設定項目
throw new Exception("沒該功能權限");
}
}
public void OnAuthentication(AuthenticationContext filterContext)
{
//未登入
if (filterContext.Principal == null || !filterContext.Principal.Identity.IsAuthenticated)
{
//filterContext.Controller.TempData["UnauthorizedMessage"] = "尚未登入";
filterContext.Result = new System.Web.Mvc.HttpUnauthorizedResult();
return;
}
var currentUser = new UserBase();
#region 取得用户信息
try
{
currentUser = _userService.Integration(filterContext.Principal.Identity.Name);
currentUser.CompCd = "711"; //目前網頁只for超商,部份廠商服務多個Bu(帳號主檔無公司別)
if (currentUser == null)
{
filterContext.Controller.TempData["UnauthorizedMessage"] = "找不到用户信息";
filterContext.Result = new System.Web.Mvc.HttpUnauthorizedResult();
return;
}
currentUser.CalcAuth();
}
catch (Exception ex)
{
filterContext.Controller.TempData["UnauthorizedMessage"] = ex.Message;
filterContext.Result = new System.Web.Mvc.HttpUnauthorizedResult();
return;
}
#endregion
#region 检查controller action上的meta Data
//取得Menu上的權限定義
MenuNodeAttribute actionAuthDefine = null;
foreach (object item in filterContext.ActionDescriptor.GetCustomAttributes(false))
{
actionAuthDefine = item as MenuNodeAttribute;
if (actionAuthDefine != null)
{
break;
}
}
#endregion
#region 取得controller加action的組合名稱groupName
string groupName = "bypass";
if (actionAuthDefine != null)
{
//組合GroupName
string controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
if (string.IsNullOrEmpty(actionAuthDefine.GroupName))
{
groupName = controllerName;
}
else
{
groupName = controllerName + "_" + actionAuthDefine.GroupName;
}
}
#endregion
PtcIdentity id = null;
try
{
//没有设定meta Data
if (groupName == "bypass")
{
id = new PtcIdentity(
filterContext.Principal.Identity,
currentUser,
"No GroupName",
null);
}
else
{
id = new PtcIdentity(
filterContext.Principal.Identity,
currentUser,
groupName,
actionAuthDefine);
}
//产生身份信息
filterContext.Principal =
new GenericPrincipal(id, null);
}
catch (Exception ex)
{
filterContext.Controller.TempData["UnauthorizedMessage"] = ex.Message;
filterContext.Result = new System.Web.Mvc.HttpUnauthorizedResult();
return;
}
}
