public ActionResult LoginOut()
{
if (WebCookieHelper.AdminCheckLogin())
{
WebCookieHelper.AdminLoginOut();
}
return(RedirectToAction("Login", "Account"));
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//用MVC系统自带的功能 获取当前方法上的特性名称
bool skipAuthorization = filterContext.ActionDescriptor.IsDefined(typeof(NoNeedAdminAuthory), inherit: true) ||
filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(NoNeedAdminAuthory), inherit: true);
if (skipAuthorization)
{
return;
}
//检查是否登录
if (!WebCookieHelper.AdminCheckLogin())
{
filterContext.Result = new RedirectResult("~/Admin/Account/Login", true);
return;
}
//如果是超级管理就免去验证
if (WebCookieHelper.GetAdminId(5) == 1)
{
return;
}
//页面权限验证开始
var customAttributes = filterContext.ActionDescriptor.GetCustomAttributes(true);
if (customAttributes != null && customAttributes.Length > 0)
{
for (int i = 0; i < customAttributes.Count(); i++)
{
if (customAttributes.GetValue(i).GetType().Name == "AdminActionMethod") //判断anction特性名称
{
string actionCode = (customAttributes[i] as AdminActionMethod).RoleCode; //获取特性功能按钮代码
string actionUrl = (customAttributes[i] as AdminActionMethod).ActionUrl; //获取特性功能地址
int actionResultType = (customAttributes[i] as AdminActionMethod).ActionResultType; //获取返回视图类型
if (actionCode == "NoNeedAuthory") //不需要权限认证
{
return;
}
else //判断权限是否符合
{
List <AuthorDesign.Model.AdminPageAction> pageActionList = AdminMenuHelper.GetNowAdminMenu();
var pageSelect = pageActionList.Where(m => m.PageUrl == actionUrl);
if (pageSelect != null && pageSelect.Count() > 0) //判断有无执行该页面的权利
//判断有误执行该动作权利
{
var codeList = AdminMenuHelper.LoadActionCodeList();
//先根据动作按钮代码查找到代码所在按钮Id
var codeSelect = codeList.Where(m => m.ActionCode == actionCode);
if (codeSelect != null && codeSelect.Count() > 0)
{
int codeId = codeSelect.First().Id;
JavaScriptSerializer serializer = new JavaScriptSerializer();
//判断codeId在角色动作列表中是否为选择状态
string roleActionList = pageSelect.First().RoleActionList;
List <AuthorDesign.Web.Areas.Admin.Models.RolePageActionModel> roleActionListModel = serializer.Deserialize <List <AuthorDesign.Web.Areas.Admin.Models.RolePageActionModel> >(roleActionList);
if (roleActionListModel != null && roleActionListModel.Where(m => m.ActionId == codeId && m.actionChecked == 1).Count() > 0)
{
//判断CodeId在管理员动作列表中是否为选择状态
List <AuthorDesign.Web.Areas.Admin.Models.RolePageActionModel> adminActionListModel = serializer.Deserialize <List <AuthorDesign.Web.Areas.Admin.Models.RolePageActionModel> >(pageSelect.First().AdminActionList);
if (adminActionListModel != null && adminActionListModel.Where(m => m.ActionId == codeId && m.actionChecked == 1).Count() > 0)
{
StringBuilder sb = new StringBuilder();
sb.Append("[");
//传递在该页面可执行的按钮
foreach (var item in roleActionListModel)
{
if (item.actionChecked == 1)
{
var needChangeAction = adminActionListModel.Where(m => m.ActionId == item.ActionId).FirstOrDefault();
if (needChangeAction == null)
{
item.actionChecked = 0;
}
else if (needChangeAction.actionChecked == 0)
{
item.actionChecked = 0;
}
}
AuthorDesign.Model.PageAction OneAction = codeList.Where(m => m.Id == item.ActionId).FirstOrDefault();
sb.Append("{").Append("\"").Append("ActionName").Append("\"").Append(":").Append("\"").Append(OneAction == null ? "" : OneAction.ActionCode).Append("\"").Append(",").Append("\"").Append("IsChecked").Append("\"").Append(":").Append(item.actionChecked).Append("}").Append(",");
}
sb.Remove(sb.Length - 1, 1);
sb.Append("]");
filterContext.Controller.ViewBag.CanOperationActionList = sb.ToString();
}
else
{
if (actionResultType == 0)
{
filterContext.Result = new RedirectResult("~/Admin/Home/NoAuthory", true);
}
else if (actionResultType == 1)
{
filterContext.Result = new JsonResult()
{
Data = new { state = "error", message = "您暂无权限操作" }
};
}
return;
}
}
else
{
if (actionResultType == 0)
{
filterContext.Result = new RedirectResult("~/Admin/Home/NoAuthory", true);
}
else if (actionResultType == 1)
{
filterContext.Result = new JsonResult()
{
Data = new { state = "error", message = "您暂无权限操作" }
};
}
return;
}
}
else
{
if (actionResultType == 0)
{
filterContext.Result = new RedirectResult("~/Admin/Home/NoAuthory", true);
}
else if (actionResultType == 1)
{
filterContext.Result = new JsonResult()
{
Data = new { state = "error", message = "您暂无权限操作" }
};
}
return;
}
}
else
{
if (actionResultType == 0)
{
filterContext.Result = new RedirectResult("~/Admin/Home/NoAuthory", true);
}
else if (actionResultType == 1)
{
filterContext.Result = new JsonResult()
{
Data = new { state = "error", message = "您暂无权限操作" }
};
}
return;
}
}
}
}
}
base.OnActionExecuting(filterContext);
}