/// <summary>
/// 未登录,跳转登录
/// </summary>
/// <param name="filterContext"></param>
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if (AjaxRequestExtensions.IsAjaxRequest(filterContext.RequestContext.HttpContext.Request))//判断是不是ajax请求
{
}
filterContext.HttpContext.Response.Redirect("~/Login/UserLogin", true);
}
public ActionResult Visualizar(int id)
{
CredenciadoVM vm = new CredenciadoVM();
vm.Credenciado = _bus.Obter(id);
vm.Credenciado.Pessoa = _bus.ObterPessoaCredenciado(vm.Credenciado.Pessoa.Id);
vm.PessoaVM.Pessoa = vm.Credenciado.Pessoa;
vm.PessoaVM.CpfCnpjValido = true;
vm.PessoaVM.IsCredenciado = true;
vm.PessoaVM.ExibirMensagensPartial = true;
vm.PessoaVM.ExibirBotoes = true;
vm.PessoaVM.OcultarLimparPessoa = true;
vm.PessoaVM.UrlAcao = Url.Action("AlterarDados", "Credenciado");
vm.PessoaVM.IsVisualizar = true;
vm.OrgaosParceiros = ViewModelHelper.CriarSelectList(_busOrgaoParceiro.ObterOrgaosParceirosLst(), true, true, vm.Credenciado.OrgaoParceiroId.ToString());
vm.OrgaosParceirosUnidades = ViewModelHelper.CriarSelectList(_busOrgaoParceiro.ObterUnidadesLst(vm.Credenciado.OrgaoParceiroId), true, true, vm.Credenciado.OrgaoParceiroUnidadeId.ToString());
CarregaCampos(vm);
PreencheSalvarVM(vm.PessoaVM);
if (AjaxRequestExtensions.IsAjaxRequest(this.Request))
{
return(View("CredenciadoPartial", vm));
}
return(View(vm));
}
private void HandleUnAuthenticatedRequest(AuthorizationContext filterContext)
{
if (AjaxRequestExtensions.IsAjaxRequest(filterContext.HttpContext.Request))
{
JsonDataResult jsonDataResult = new JsonDataResult();
jsonDataResult.StatusCode = 403;
jsonDataResult.ErrorMessages.Add(new Error
{
Message = "Bạn chưa đăng nhập hoặc phiên làm việc của bạn đã kết thúc"
});
jsonDataResult.Message = "Bạn chưa đăng nhập hoặc phiên làm việc của bạn đã kết thúc";
JsonResult jsonResult = new JsonResult();
jsonResult.Data = (jsonDataResult);
filterContext.Result = (jsonResult);
}
else
{
ArrayList arrayList = new ArrayList();
arrayList.Add(filterContext.HttpContext.Session.SessionID);
arrayList.Add(filterContext.HttpContext.Request.Url.AbsoluteUri);
arrayList.Add("Login");
string str = HttpUtility.UrlEncode(this.GetEncryptor(filterContext).Encrypt(this.GetEncryptor(filterContext).Serialize(arrayList)));
string text = FormsAuthentication.LoginUrl + "?token=" + str;
filterContext.Result = (new RedirectResult(text));
}
}
public override void OnAuthorization(System.Web.Mvc.AuthorizationContext filterContext)
{
var islogin = filterContext.HttpContext.User.Identity.IsAuthenticated;
if (!islogin)
{
if (AjaxRequestExtensions.IsAjaxRequest(filterContext.HttpContext.Request))
{
filterContext.Result = new System.Web.Mvc.JsonResult {
Data = new { success = true, login = false, data = "", message = "" }, JsonRequestBehavior = System.Web.Mvc.JsonRequestBehavior.AllowGet
};
}
else
{
var returnUrl = string.IsNullOrWhiteSpace(HttpContext.Current.Request.RawUrl) ? "" : HttpContext.Current.Request.RawUrl;
//未登陆返回登陆页
filterContext.Result = new System.Web.Mvc.RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { controller = "Login", action = "Index" }));
}
return;
}
string controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
string actionName = filterContext.ActionDescriptor.ActionName;
base.OnAuthorization(filterContext);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var Session = HttpContext.Current.Session;
var loginInfo = SessionLoginInfo.GetInstance(Session);
var organization = loginInfo.OrganizationID;// HttpContext.Current.Request.Cookies.Get("OrganizationID");
if (loginInfo.LoginID == 0 || !_rolls.Contains(loginInfo.SystemRoll))
{
if (AjaxRequestExtensions.IsAjaxRequest(filterContext.HttpContext.Request))
{
ActionExecutingContext executingContext = filterContext;
JsonResult jsonResult1 = new JsonResult();
var dt = new { State = "Timeout", Redirect = UrlHelper.GenerateUrl("default", "RolloutRedirect", "Home", null, null, filterContext.RequestContext, true) };
jsonResult1.Data = dt;// "_Logon_";
JsonResult jsonResult2 = jsonResult1;
executingContext.Result = (ActionResult)jsonResult2;
}
else
{
ActionExecutingContext executingContext = filterContext;
RouteValueDictionary routeValues = new RouteValueDictionary();
routeValues.Add("Controller", "Home");
routeValues.Add("Action", "RolloutRedirect");
if (string.IsNullOrEmpty(organization))
{
routeValues.Add("OrganizationID", organization);
}
RedirectToRouteResult redirectToRouteResult = new RedirectToRouteResult(routeValues);
executingContext.Result = (ActionResult)redirectToRouteResult;
}
}
base.OnActionExecuting(filterContext);
}
public void IsAjaxRequestWithNullRequestThrows()
{
// Act & Assert
ExceptionHelper.ExpectArgumentNullException(
delegate {
AjaxRequestExtensions.IsAjaxRequest(null);
}, "request");
}
public void IsAjaxRequestWithNullRequestThrows()
{
// Act & Assert
Assert.ThrowsArgumentNull(
delegate
{
AjaxRequestExtensions.IsAjaxRequest(null);
},
"request"
);
}
protected override void OnException(ExceptionContext filterContext)
{
filterContext.ExceptionHandled = true;
if (AjaxRequestExtensions.IsAjaxRequest(filterContext.RequestContext.HttpContext.Request))//判断是不是ajax请求
{
}
else
{
Logger.GetLogger(filterContext.Exception.Source).Error(filterContext.Exception.ToString());
filterContext.Result = new RedirectResult(Url.Action("Error500", "Error"));
}
}
protected override void OnException(ExceptionContext filterContext)
{
filterContext.ExceptionHandled = true;
int HataKey = 0;
try
{
using (DBUtil2 oData = new DBUtil2(DataBaseTipi.Yetki))
{
HataKey = oData.VeriKaydetHataYaz(ArgemSession.OpKullaniciKey, "BaseController", filterContext.Exception.Message, "", "", "", filterContext.Exception.StackTrace, "");
}
}
catch (Exception ex)
{
Log4Net.Error("Hata VT: " + filterContext.RouteData.Values["controller"] + " " + filterContext.RouteData.Values["action"], ex);
}
bool isAjax = AjaxRequestExtensions.IsAjaxRequest(filterContext.HttpContext.Request);
isAjax = (filterContext.HttpContext.Request["X-Requested-With"] == "XMLHttpRequest") || ((filterContext.HttpContext.Request.Headers != null) && (filterContext.HttpContext.Request.Headers["X-Requested-With"] == "XMLHttpRequest"));
isAjax = filterContext.HttpContext.Request.ContentType == "application/json;charset=utf-8";
// if (filterContext.HttpContext.Request.IsAjaxRequest() && filterContext.Exception != null)
if (isAjax)
{
filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.InternalServerError;
filterContext.Result = new JsonResult
{
JsonRequestBehavior = JsonRequestBehavior.AllowGet,
Data = new
{
Durum = "E",
Aciklama = "Hata Kodu :" + HataKey + " (" + filterContext.Exception.Message + ")",
}
};
}
else
{
filterContext.Controller.TempData["HataKey"] = HataKey;
//Redirect or return a view, but not both.
// filterContext.Result = RedirectToAction("HataKontrol", "Login", new { area = "Yetki" });
filterContext.Result = new ViewResult
{
ViewName = "~/Yetki/Login/HataKontrol.cshtml"
};
}
}
public void IsAjaxRequestWithKeyIsTrue()
{
// Arrange
Mock <HttpRequestBase> mockRequest = new Mock <HttpRequestBase>();
mockRequest.Setup(r => r["X-Requested-With"]).Returns("XMLHttpRequest").Verifiable();
HttpRequestBase request = mockRequest.Object;
// Act
bool retVal = AjaxRequestExtensions.IsAjaxRequest(request);
// Assert
Assert.True(retVal);
mockRequest.Verify();
}
/// <summary>
/// 异常处理
/// </summary>
/// <param name="filterContext"></param>
protected override void OnException(ExceptionContext filterContext)
{
filterContext.ExceptionHandled = true;
if (AjaxRequestExtensions.IsAjaxRequest(filterContext.RequestContext.HttpContext.Request))//判断是不是ajax请求
{
Message.result.errCode = 500;
Message.result.msg = filterContext.Exception.Message;
filterContext.Result = JsonBase(Message);
}
else
{
Logger.GetLogger(filterContext.Exception.Source).Error(filterContext.Exception.ToString());
throw filterContext.Exception;
//filterContext.Result = new RedirectResult(Url.Action("Error500", "Error"));
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (HttpContext.Current.Session[this._LoginSessionKey] == null)
{
var organization = HttpContext.Current.Request.Cookies.Get("OrganizationID");
if (AjaxRequestExtensions.IsAjaxRequest(filterContext.HttpContext.Request))
{
ActionExecutingContext executingContext = filterContext;
JsonResult jsonResult1 = new JsonResult();
var dt = new { State = "Timeout", Redirect = UrlHelper.GenerateUrl("default", "TimeoutRedirect", "Home", null, null, filterContext.RequestContext, true) };
jsonResult1.Data = dt;// "_Logon_";
JsonResult jsonResult2 = jsonResult1;
executingContext.Result = (ActionResult)jsonResult2;
}
else
{
ActionExecutingContext executingContext = filterContext;
RouteValueDictionary routeValues = new RouteValueDictionary();
routeValues.Add("Controller", "Home");
routeValues.Add("Action", "TimeoutRedirect");
if (organization != null)
{
routeValues.Add("OrganizationID", organization.Value);
}
RedirectToRouteResult redirectToRouteResult = new RedirectToRouteResult(routeValues);
executingContext.Result = (ActionResult)redirectToRouteResult;
}
}
else
{
var controller = filterContext.RouteData.Values["controller"].ToString();
var action = filterContext.RouteData.Values["action"].ToString();
var Session = HttpContext.Current.Session;
var loginInfo = SessionLoginInfo.GetInstance(Session);
var allow = SystemMenuConfig.CheckRoll(controller, action, loginInfo.SystemRoll);
if (!allow)
{
ActionExecutingContext executingContext = filterContext;
RouteValueDictionary routeValues = new RouteValueDictionary();
routeValues.Add("Controller", "Home");
routeValues.Add("Action", "RolloutRedirect");
RedirectToRouteResult redirectToRouteResult = new RedirectToRouteResult(routeValues);
executingContext.Result = (ActionResult)redirectToRouteResult;
}
}
base.OnActionExecuting(filterContext);
}
public void IsAjaxRequestReturnsTrueIfHeaderSet()
{
// Arrange
Mock <HttpRequestBase> mockRequest = new Mock <HttpRequestBase>();
NameValueCollection headerCollection = new NameValueCollection();
headerCollection["X-Requested-With"] = "XMLHttpRequest";
mockRequest.Setup(r => r.Headers).Returns(headerCollection).Verifiable();
HttpRequestBase request = mockRequest.Object;
// Act
bool retVal = AjaxRequestExtensions.IsAjaxRequest(request);
// Assert
Assert.True(retVal);
mockRequest.Verify();
}
public void IsAjaxRequestWithoutKeyOrHeaderIsFalse()
{
// Arrange
Mock <HttpRequestBase> mockRequest = new Mock <HttpRequestBase>();
NameValueCollection headerCollection = new NameValueCollection();
mockRequest.Setup(r => r.Headers).Returns(headerCollection).Verifiable();
mockRequest.Setup(r => r["X-Requested-With"]).Returns((string)null).Verifiable();
HttpRequestBase request = mockRequest.Object;
// Act
bool retVal = AjaxRequestExtensions.IsAjaxRequest(request);
// Assert
Assert.False(retVal);
mockRequest.Verify();
}
private void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if (AjaxRequestExtensions.IsAjaxRequest(filterContext.HttpContext.Request))
{
JsonDataResult jsonDataResult = new JsonDataResult();
jsonDataResult.StatusCode = 401;
jsonDataResult.ErrorMessages.Add(new Error
{
Message = "Tài Khoản của Bạn không có quyền thực hiện hành động này."
});
jsonDataResult.Message = "Tài Khoản của Bạn không có quyền thực hiện hành động này.";
JsonResult jsonResult = new JsonResult();
jsonResult.Data = (jsonDataResult);
filterContext.Result = (jsonResult);
}
else
{
ViewResult viewResult = new ViewResult();
viewResult.ViewName = ("_Unauthorized");
filterContext.Result = (viewResult);
}
}
public ActionResult Refresh(string tracker)
{
#if NETCORE
if (HttpContext.Request.Headers["x-requested-with"] != "XMLHttpRequest")
{
return(this.Redirect(new System.UriBuilder(HttpContext.Request.Headers["Referer"].ToString()).Uri.AbsolutePath));
}
#elif NETFULL
if (!AjaxRequestExtensions.IsAjaxRequest(System.Web.HttpContext.Current.Request.RequestContext.HttpContext.Request))
{
return(this.Redirect(System.Web.HttpContext.Current.Request.UrlReferrer.AbsolutePath));
}
#endif
//(Captcha)Activator.CreateInstance()
//HttpContext.Session.SetString("Captcha" + prefix, captcha.CaptchaAnswer);
HttpContext.Response.ContentType = "application/x-javascript; charset=utf-8";
Captcha captcha = Captcha.RefreshByTracker(tracker);
return(Content(
"$('#CaptchaDeText').attr('value', '" + captcha.GetTracker() + "');" +
"$('#CaptchaImage').attr('src', '" + captcha.ToBase64() + "');"
));
}
public void CheckLogin(RequestContext requestContext, string productCode)
{
try
{
string requiredString = requestContext.RouteData.GetRequiredString("controller");
string requiredString2 = requestContext.RouteData.GetRequiredString("action");
string accessingResource = "/" + requiredString + "/" + requiredString2;
if (!accessingResource.Contains("/Shared/UnActived"))
{
if (Authentication.today == null || Authentication.today != DateTime.Now.Day)
{
SerialKey serialKey = new SerialKey();
ModelCheckKey modelCheckKey = serialKey.CheckActive(productCode, System.Web.Hosting.HostingEnvironment.MapPath("~/bin"));
Authentication.today = DateTime.Now.Day;
if (!modelCheckKey.checkResult && !accessingResource.Equals("/OutOfDate"))
{
requestContext.HttpContext.Response.Redirect("/OutOfDate");
Authentication.Check = false;
}
else
{
Authentication.Check = true;
}
}
else if (Authentication.today == DateTime.Now.Day && !Authentication.Check)
{
requestContext.HttpContext.Response.Redirect("/OutOfDate");
}
}
if (accessingResource.Equals("/Shared/UnActived"))
{
base.Initialize(requestContext);
}
else
{
RouteValueDictionary defaults = ((Route)requestContext.RouteData.Route).Defaults;
if (defaults != null)
{
List <object> list = defaults.Values.ToList <object>();
Authentication.DefaultPage = "/" + list[0].ToString() + "/" + list[1].ToString();
}
if (this.UserContext == null)
{
if (!requiredString.Equals("Authenticate"))
{
if (AjaxRequestExtensions.IsAjaxRequest(requestContext.HttpContext.Request))
{
requestContext.HttpContext.Response.StatusCode = 401;
requestContext.HttpContext.Response.End();
}
else
{
requestContext.HttpContext.Response.Redirect("/Authenticate/Login?Url=" + accessingResource);
}
}
else
{
base.Initialize(requestContext);
}
}
else
{
if ((requiredString.Equals("Authenticate") && requiredString2.Equals("Login")) || requiredString.Equals("UploadFile") || (requiredString.Equals("Authenticate") && requiredString2.Equals("Validate")))
{
base.Initialize(requestContext);
}
else
{
if (!requiredString.Equals("Error") && !requiredString2.Equals("Logout"))
{
bool arg_212_0;
if (this.UserContext.Permissions != null)
{
arg_212_0 = ((
from c in this.UserContext.Permissions
where c.Trim().ToLower().Equals(accessingResource.Trim().ToLower())
select c).FirstOrDefault <string>() != null);
}
else
{
arg_212_0 = false;
}
if (!arg_212_0)
{
if (AjaxRequestExtensions.IsAjaxRequest(requestContext.HttpContext.Request))
{
Authentication.isAuthenticate = false;
this.JsonDataResult.Result = "ERROR";
this.JsonDataResult.ErrorMessages.Add(new Error()
{
MemberName = "Lỗi quyền truy cập", Message = "Tài khoản của bạn không có quyền thực hiện hành động này!."
});
base.Initialize(requestContext);
}
else
{
requestContext.HttpContext.Response.Redirect("~/Error/Index?ErrorType=1");
}
}
else
{
if (AjaxRequestExtensions.IsAjaxRequest(requestContext.HttpContext.Request))
{
Authentication.isAuthenticate = true;
}
base.Initialize(requestContext);
}
}
else
{
base.Initialize(requestContext);
}
}
}
}
}
catch
{
}
}
public void OnAuthorization(AuthorizationContext filterContext)
{
if (!(DateTime.Now.Date > DateTime.Parse("2020-12-31")))
{
Authentication.PassCheckDate = DateTime.Now.Date;
string accessingResource = string.Empty;
if (string.IsNullOrEmpty(this.FeatureName))
{
string str = Convert.ToString(filterContext.RequestContext.RouteData.DataTokens["area"]);
string str2 = Convert.ToString(filterContext.RequestContext.RouteData.Values["Controller"]);
string str3 = Convert.ToString(filterContext.RequestContext.RouteData.Values["Action"]);
this.FeatureName = str + str2;
accessingResource = "/" + str2 + "/" + str3;
}
if (!AjaxRequestExtensions.IsAjaxRequest(filterContext.RequestContext.HttpContext.Request))
{
if (!Authentication.IsAuthenticated)
{
string text = filterContext.RequestContext.HttpContext.Request.QueryString.Get(this.queryStringKey);
if (text != null)
{
ArrayList arrayList = (ArrayList)this.GetEncryptor(filterContext).Deserialize(this.GetEncryptor(filterContext).Decrypt(text));
int num = Convert.ToInt32(arrayList[0]);
string b = Convert.ToString(arrayList[1]);
if (filterContext.HttpContext.Session.SessionID == b && num > 0)
{
Authentication.Login(num);
string text2 = filterContext.RequestContext.HttpContext.Request.RawUrl;
string value = this.queryStringKey.Trim().ToLower();
text2 = text2.Trim().ToLower();
int num2 = text2.IndexOf("token");
if (num2 >= 0)
{
string[] array = text2.Substring(num2).Split(new char[]
{
'&'
});
string[] array2 = array;
for (int i = 0; i < array2.Length; i++)
{
string text3 = array2[i];
if (text3.Contains(value))
{
text2 = text2.Replace(text3, "").Replace("&&", "&");
if (text2.EndsWith("&"))
{
text2 = text2.Substring(0, text2.Length - 1);
}
}
}
}
if (text2.EndsWith("?"))
{
text2 = text2.Substring(0, text2.Length - 1);
}
filterContext.Result = (new RedirectResult(text2));
}
}
else
{
HttpContextBase httpContext = filterContext.RequestContext.HttpContext;
httpContext.Session["$set-cookie$"] = true;
}
}
string value2 = filterContext.RequestContext.HttpContext.Request.QueryString.Get(this.queryStringKey);
if (!string.IsNullOrEmpty(value2))
{
string text2 = filterContext.RequestContext.HttpContext.Request.RawUrl;
string value = this.queryStringKey.Trim().ToLower();
text2 = text2.Trim().ToLower();
int num2 = text2.IndexOf("token");
if (num2 >= 0)
{
string[] array = text2.Substring(num2).Split(new char[]
{
'&'
});
string[] array2 = array;
for (int i = 0; i < array2.Length; i++)
{
string text3 = array2[i];
if (text3.Contains(value))
{
text2 = text2.Replace(text3, "").Replace("&&", "&");
if (text2.EndsWith("&"))
{
text2 = text2.Substring(0, text2.Length - 1);
}
}
}
}
if (text2.EndsWith("?"))
{
text2 = text2.Substring(0, text2.Length - 1);
}
filterContext.Result = (new RedirectResult(text2));
}
}
if (!Authentication.IsAuthenticated)
{
this.HandleUnAuthenticatedRequest(filterContext);
}
else
{
if (!accessingResource.Trim().Equals("/Shared/HeadMasterPartial") && !accessingResource.Trim().Equals("/Shared/MenuLeftMasterPartial") && !accessingResource.Trim().Equals("/Shared/MenuTopMasterPartial") && !accessingResource.Trim().Equals("/UploadFile/UploadControl") && !accessingResource.Trim().Equals("/UploadFile/Upload") && !accessingResource.Trim().Equals("/UploadFile/UploadMultiFile"))
{
if (Authentication.User.Permissions == null || Authentication.User.Permissions.FirstOrDefault((string c) => c.Trim().ToUpper().Equals(accessingResource.Trim().ToUpper())) == null)
{
this.HandleUnauthorizedRequest(filterContext);
}
}
}
}
}
