/// <summary> /// 执行上下文的构造函数 /// </summary> /// <param name="filterContext"></param> /// <param name="user"></param> public ExecuteContextAuthen(ActionExecutingContext filterContext, IPrivilegeJudge user) { actionDescriptor = filterContext.ActionDescriptor; controllerDescriptor = actionDescriptor.ControllerDescriptor; this.privilegeJudge = user; Initiate(filterContext.RouteData, filterContext.RequestContext.HttpContext.Request); }
/// <summary> /// 根据传入对象,获取对象的 Type, /// 根据 Type 上的 Attribute 判断是否有权限访问此类; /// </summary> /// <param name="user"></param> /// <param name="obj"></param> /// <returns></returns> public static bool AllowAccessObject(IPrivilegeJudge user, object obj) { if (obj == null) { return(false); } return(AllowAccessType(user, obj.GetType())); }
/// <summary> /// 执行上下文的构造函数 /// </summary> /// <param name="filterContext"></param> /// <param name="user"></param> public ExecuteContextAuthen(FilterContext filterContext, IPrivilegeJudge user) { if (filterContext != null) { actionDescriptor = filterContext.ActionDescriptor as ControllerActionDescriptor;; Initiate(filterContext.RouteData, filterContext.HttpContext.Request); } this.privilegeJudge = user; }
/// <summary> /// 根据对象的类的 Attribute 属性判断是否有权限访问此类的实例; /// </summary> /// <typeparam name="T">泛型类,</typeparam> /// <param name="user"></param> /// <param name="obj"></param> /// <returns></returns> public static bool AllowAccessObject <T>(IPrivilegeJudge user, object obj) where T : AbstractAllowAttribute { if (obj == null) { return(false); } return(AllowAccessType <T>(user, obj.GetType())); }
/// <summary> /// 查找 类的 Attribute 属性判断是否有权限访问此类; /// </summary> /// <param name="user"></param> /// <param name="enumType"></param> /// <param name="enumValue"></param> /// <returns></returns> public static bool AllowAccessEnumValue(IPrivilegeJudge user, Type enumType, object enumValue) { if (enumType == null) { return(false); } return(EnumUtil.GetAttribute(enumType, enumValue) .Where(a => a is IAllowAccess) .Select(a => a as IAllowAccess) .Any(a => a.AllowAccess(user))); }
/// <summary> /// 查找 类的 Attribute 属性判断是否有权限访问此类; /// </summary> /// <typeparam name="T">泛型类,</typeparam> /// <param name="user"></param> /// <param name="type"></param> /// <returns></returns> public static bool AllowAccessType <T>(IPrivilegeJudge user, Type type) where T : AbstractAllowAttribute { if (type == null) { return(false); } return(type.GetCustomAttributes(typeof(T), true) .Select(a => (IAllowAccess)a) .Any(a => a.AllowAccess(user))); }
/// <summary> /// 判断给定用户能否进行给定的操作 /// </summary> /// <param name="privilageJudge">给定的用户</param> /// <param name="privilege"> /// 为空字符串时表示只要登录就可以访问, /// 为null时表示允许匿名访问; /// 为字符串时表示权限; /// </param> /// <returns></returns> protected bool AllowAccess(IPrivilegeJudge privilageJudge, string privilege) { bool allowAnanymous = false, allowAnyone = false, allowOnlyAdmin = false; if (privilege == AuthenUtil.PRIVILEGE_ANYONE) { allowAnyone = true; } else if (privilege == AuthenUtil.PRIVILEGE_ANANYMOUS) { allowAnanymous = true; } else if (privilege == AuthenUtil.PRIVILEGE_ADMIN) { allowOnlyAdmin = true; } if (allowAnanymous) { return(true); } if (privilageJudge == null) { return(false); //不允许匿名访问; } if (allowAnyone && HasSameUsertype(privilageJudge)) { return(true); //允许同类型的任何人访问; } if (privilageJudge.IsAdministrator()) { return(true); // 管理员肯定可以访问 } else if (allowOnlyAdmin) { return(false); //需要是管理员,但传入不是管理员; } if (!HasSameUsertype(privilageJudge)) { return(false); //用户类型不一致,无权限访问 } if (string.IsNullOrEmpty(this.Privilege)) { return(true); //不需要权限; //只需要用户就可以了; } if (privilageJudge.HasPrivilege(this.Privilege)) { return(true); } return(false); }
/// <summary> /// 查找 类的 Attribute 属性判断是否有权限访问此类; /// </summary> /// <param name="user"></param> /// <param name="type"></param> /// <returns></returns> public static bool AllowAccessType(IPrivilegeJudge user, Type type) { return(AllowAccessType <AbstractAllowAttribute>(user, type)); }
/// <summary> /// 判断给定用户是否有给定的权限; /// </summary> /// <param name="user"></param> /// <returns></returns> public bool AllowAccess(IPrivilegeJudge user) { return(this.AllowAccess(user, this.Privilege)); }
/// <summary> /// 具有相同的用户类型; /// </summary> /// <param name="user"></param> /// <returns></returns> private bool HasSameUsertype(IPrivilegeJudge user) { return(this.Usertype == Int32.MaxValue || ((this.Usertype & (user.Usertype ?? 0)) == 0)); }