Ejemplo n.º 1
0
 /// <summary>
 /// 获得完整路径
 /// </summary>
 /// <returns>返回url</returns>
 public override string ToString()
 {
     return(StringUrlExtension.GetRequestUrlByParameter(this.AreaName, this.ControllerName, this.ActionName));
 }
Ejemplo n.º 2
0
        /// <summary>
        /// Action执行之前调用
        /// </summary>
        /// <param name="filterContext">
        /// 过滤器上下文
        /// </param>
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }

            var isAjaxRequest  = filterContext.HttpContext.Request.Headers["X-Requested-With"] != null && filterContext.HttpContext.Request.Headers["X-Requested-With"].ToLower() == "xmlhttprequest";
            var controllerName = filterContext.RouteData.Values["controller"].ToString();
            var actionName     = filterContext.RouteData.Values["action"].ToString();
            var areaName       = (filterContext.RouteData.DataTokens["area"] ?? string.Empty).ToString();

            var requestUrl = StringUrlExtension.GetRequestUrlByParameter(areaName, controllerName, actionName);

            // 没有经过登录验证
            if (UserIdentity.CurrentUser == null)
            {
                if (isAjaxRequest)
                {
                    filterContext.HttpContext.Response.StatusCode = 401;
                    filterContext.Result = new JsonResult
                    {
                        Data = new { errorMessage = "抱歉,您的登录已经失效,请刷新页面重试!" },
                        JsonRequestBehavior = JsonRequestBehavior.AllowGet
                    };
                    return;
                }

                // 同步请求,直接返回登录页面
                filterContext.Result = new RedirectResult("/account/Index");
                return;
            }

            // 默认开放首页权限
            if (controllerName.ToLower() == "home")
            {
                return;
            }


            // 不需要权限验证
            if (filterContext.ActionDescriptor.IsDefined(typeof(AnonymousAttribute), true))
            {
                return;
            }

            // 已经登录,判断是否有访问该Url的权限
            if (UserIdentity.CurrentUser.AuthenticationUrl.FirstOrDefault(a => a == requestUrl) == null)
            {
                if (!isAjaxRequest)
                {
                    throw new AppAuthorizationException("抱歉,您对" + requestUrl + "访问没有权限,请检查配置。");
                }

                filterContext.HttpContext.Response.StatusCode = 403;
                filterContext.Result = new JsonResult
                {
                    Data = new { errorMessage = "抱歉,您对" + requestUrl + "访问没有权限,请检查配置。" },
                    JsonRequestBehavior = JsonRequestBehavior.AllowGet
                };
            }
        }
Ejemplo n.º 3
0
        /// <summary>
        /// 返回配置文件中的权限列表
        /// </summary>
        /// <returns>权限集合</returns>
        public static List <AuthorityUrls> InitAllFunc()
        {
            try
            {
                var cache = IocManager.Instance.Resolve <ICache>();

                var all = cache.Get <List <AuthorityUrls> >("AllFunc");
                if (all != null)
                {
                    return(all);
                }

                var list = new List <AuthorityUrls>();
                var doc  = new XmlDocument();
                doc.Load(File.OpenText(HttpContext.Current.Server.MapPath("/config/authority.config")));

                var groupList = doc.GetElementsByTagName("container");

                foreach (XmlNode item in groupList)
                {
                    if (item.Attributes != null)
                    {
                        var needAreaName       = item.Attributes["areaName"].Value;
                        var needControllerName = item.Attributes["controllerName"].Value;
                        var needActionName     = item.Attributes["actionName"].Value;

                        // 组装url
                        var roleName = StringUrlExtension.GetRequestUrlByParameter(
                            needAreaName,
                            needControllerName,
                            needActionName);

                        var model = new AuthorityUrls {
                            RoleName = roleName
                        };

                        foreach (XmlNode chin in item.ChildNodes)
                        {
                            if (chin.Attributes == null || chin.Attributes["controllerName"] == null || chin.Attributes["actionName"] == null)
                            {
                                continue;
                            }

                            var controllerName = chin.Attributes["controllerName"].Value;
                            var actionName     = chin.Attributes["actionName"].Value;

                            var includerul = StringUrlExtension.GetRequestUrlByParameter(needAreaName, controllerName, actionName);

                            model.IncludeUrl.Add(includerul);
                        }

                        list.Add(model);
                    }
                }

                cache.Add("AllFunc", list, 60 * 60 * 12);
                return(list);
            }
            catch (Exception ex)
            {
                throw new UserFriendlyException("读取权限列表失败!" + ex);
            }
        }