public override void OnAuthorization(AuthorizationContext filterContext)
{
//AdminEntity LoginUser = filterContext.HttpContext.Session[CacheKey.SESSION_LOGIN_ADMIN] as AdminEntity;
////如果是未登陆则跳转到登陆页面
//if (LoginUser == null)
//{
// string path = GetPath(filterContext);
// string url = "/Home/Index";
// if (!path.IsEmpty())
// {
// path = filterContext.HttpContext.Server.UrlEncode(path);
// url = "/Home/Index?returnurl=" + path;
// }
// filterContext.Result = new RedirectResult(url);
//}
if (this.ValidateLogin)
{
AdminEntity LoginUser = filterContext.HttpContext.Session[CacheKey.SESSION_LOGIN_ADMIN] as AdminEntity;
string path = filterContext.HttpContext.Request.Path;
if (LoginUser.IsNull())
{
string url = "/Home/Index";
if (!path.IsEmpty())
{
path = filterContext.HttpContext.Server.UrlEncode(path);
url = "/Home/Index?returnurl=" + path;
}
filterContext.Result = new RedirectResult(url);
}
else
{
if (ValidateRequest && path != "/")
{
PowerProvider provider = new PowerProvider();
bool hasPower = provider.HasPower(path, LoginUser.RoleNum);
if (!hasPower)
{
string url = "/Home/Error";
filterContext.Result = new RedirectResult(url);
}
}
}
}
}
/// <summary>
/// 判断是否有权限
/// </summary>
/// <returns></returns>
public ActionResult HasPower()
{
string CompanyID = WebUtil.GetFormValue <string>("CompanyID", string.Empty);
string RoleNum = WebUtil.GetFormValue <string>("RoleNum", string.Empty);
string ResNum = WebUtil.GetFormValue <string>("ResNum", string.Empty);
PowerProvider provider = new PowerProvider(CompanyID);
bool hasPower = provider.HasPower(ResNum, RoleNum);
DataResult dataResult = new DataResult();
if (hasPower)
{
dataResult.Code = (int)EResponseCode.Success;
dataResult.Message = "验证有权限";
}
else
{
dataResult.Code = (int)EResponseCode.Exception;
dataResult.Message = "验证无权限";
}
return(Content(JsonHelper.SerializeObject(dataResult)));
}