Ejemplo n.º 1
0
        public Task OnExceptionAsync(HttpActionExecutedContext actionExecutedContext, CancellationToken cancellationToken)
        {
            var response = new HttpResponseMessage();
            response.StatusCode = HttpStatusCode.OK;
            var responseContent = new ResponseBaseModel();

            if (actionExecutedContext.Exception is LogicErrorException)
            {
                responseContent.SetResponse(ResStatusCode.LogicError, actionExecutedContext.Exception.Message);
            }
            else if (actionExecutedContext.Exception is UnAuthorizeException)
            {
                responseContent.SetResponse(ResStatusCode.UnAuthorize, actionExecutedContext.Exception.Message);
            }
            else if (actionExecutedContext.Exception is UnAuthenticateException)
            {
                responseContent.SetResponse(ResStatusCode.UnAuthenticate, actionExecutedContext.Exception.Message);
            }
            else if(actionExecutedContext.Exception is FrontInputValidateErrorException)
            {
                responseContent.SetResponse(ResStatusCode.FrontInputValidateError, actionExecutedContext.Exception.Message);
            }
            else if (actionExecutedContext.Exception is UserInputValidateErrorException)
            {
                responseContent.SetResponse(ResStatusCode.UserInputValidateError, actionExecutedContext.Exception.Message);
            }
            else
            {
                responseContent.SetResponse(ResStatusCode.InternalServerError, "服务器内部错误");

                _logger.Error(JsonConvert.SerializeObject(new { uri = actionExecutedContext.Request.RequestUri, head = actionExecutedContext.Request.Headers, content = actionExecutedContext.Request.Content }), actionExecutedContext.Exception);
            }
            response.Content = new StringContent(JsonConvert.SerializeObject(responseContent));
            actionExecutedContext.Response = response;
            actionExecutedContext.Response.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
        
            return Task.FromResult(0);
        }
Ejemplo n.º 2
0
        public Task OnActionExecutingAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
        {
            var actionAttrs = actionContext.ActionDescriptor.GetCustomAttributes <CustomAuthorizeAttribute>();

            if (actionAttrs.Count > 0)
            {
                var responseBaseModel = new ResponseBaseModel();

                ClaimsPrincipal principal = actionContext.RequestContext.Principal as ClaimsPrincipal;
                if (principal != null && principal.Identity.IsAuthenticated)
                {
                    //认证成功
                    if (actionAttrs.Any(s => null != s.Roles && s.Roles.Count() > 0))
                    {
                        //需要验证权限的情况
                        List <Role> needRoles = actionAttrs
                                                .Select(s => s.Roles.Select(m => new Role()
                        {
                            roleType = s.RoleType, roleCode = m
                        }).ToList())
                                                .Aggregate((result, next) =>
                        {
                            result.AddRange(next.Where(s => !result.Exists(m => m.roleType.Equals(s.roleType) && m.roleCode.Equals(s.roleCode))));
                            return(result);
                        });
                        //当前用户具有的权限
                        //var oAuthRoles = principal.Claims.Where(s => s.Type.Equals(ClaimTypes.Role)).Select(s => s.Value).ToList();
                        //List<Role> localRoles = identityService.TransformOAuthRoleToLocalRole(oAuthRoles);
                        var         userMail      = ((ClaimsIdentity)principal.Identity).FindFirst(ClaimTypes.Email).Value;
                        var         userRepoModel = this.userRepository.GetUser(userMail);
                        List <Role> localRoles    = userRepoModel.roleList;
                        var         reqParams     = actionContext.ActionArguments.Values.FirstOrDefault() as RequestBaseModel;
                        if (needRoles.Count(s => s.roleType.Equals(RoleType.Team)).Equals(needRoles.Count()) && (null == reqParams || reqParams.teamID == 0))
                        {
                            //为了可读性,因此不采用!needRoles.Exists(s=>!s.roleType.Equals(RoleType.Team))
                            //全部是团队的角色
                            responseBaseModel.SetResponse(ResStatusCode.FrontInputValidateError, "团队ID不能为空");
                            SetOAuthErrorResponse(actionContext, responseBaseModel);
                        }
                        else if (needRoles.Count(s => s.roleType.Equals(RoleType.Project)).Equals(needRoles.Count()) && (null == reqParams || reqParams.projectID == 0))
                        {
                            //全部是项目的角色
                            responseBaseModel.SetResponse(ResStatusCode.FrontInputValidateError, "项目ID不能为空");
                            SetOAuthErrorResponse(actionContext, responseBaseModel);
                        }
                        else if (null == reqParams || (reqParams.teamID == 0 && reqParams.projectID == 0))
                        {
                            //混合项目和团队的角色(一般不可能发生)
                            responseBaseModel.SetResponse(ResStatusCode.FrontInputValidateError, "团队ID和项目ID不能同时为空");
                            SetOAuthErrorResponse(actionContext, responseBaseModel);
                        }
                        else if (!CheckAuthorize(localRoles, needRoles, reqParams))
                        {
                            //无角色匹配
                            responseBaseModel.SetResponse(ResStatusCode.UnAuthorize, "未授权用户");
                            SetOAuthErrorResponse(actionContext, responseBaseModel);
                        }
                    }
                }
                else
                {
                    //认证失败
                    responseBaseModel.SetResponse(ResStatusCode.UnAuthenticate, "未认证用户");
                    SetOAuthErrorResponse(actionContext, responseBaseModel);
                }

                #region 废弃代码

                //var response = new HttpResponseMessage();
                //var responseContent = new ResponseBaseModel();
                //var resMsg = new List<string>();
                //var reqParams = (RequestBaseModel)actionContext.ActionArguments.Values.FirstOrDefault();
                //reqParams = reqParams == null ? new RequestBaseModel() : reqParams;
                //if (string.IsNullOrEmpty(reqParams.createUser))
                //{
                //    resMsg.Add("创建人未填");
                //}
                //if (string.IsNullOrEmpty(reqParams.createUserName))
                //{
                //    resMsg.Add("创建人姓名未填");
                //}
                //if (reqParams.createTime < 0)
                //{
                //    resMsg.Add("创建时间未填");
                //}
                //if (string.IsNullOrEmpty(reqParams.token))
                //{
                //    resMsg.Add("token未填");
                //}

                //if (resMsg.Count > 0)
                //{
                //    responseContent.SetResponse(ResStatusCode.UnAuthenticate, String.Join(",", resMsg));
                //    response.Content = new StringContent(JsonConvert.SerializeObject(responseContent));
                //    actionContext.Response = response;
                //    actionContext.Response.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
                //}

                #endregion
            }

            return(Task.FromResult(0));
        }