/// <summary>
/// 第一步
/// 是否有效AppKey和App密钥
/// </summary>
/// <returns></returns>
public static bool ValidKey(PermissionModel model)
{
var app = BaseAppBLL.Instance.Single(p => p.Id == model.AppKey && p.Secret == model.AppSecret);
if (app != null)
{
return(true);
}
return(false);
}
/// <summary>
/// 第二步
/// 是否有权限访问此接口
/// </summary>
/// <returns></returns>
public static bool ValidPermission(PermissionModel model)
{
var app = BaseAppBLL.Instance.Single(p => p.Id == model.AppKey && p.Secret == model.AppSecret);
foreach (var role in app.Roles)
{
foreach (var function in role.Functions)
{
if (function.Controller.ToLower() == model.ControllerName.ToLower() + "controller" && function.Action.ToLower() == model.ActionName.ToLower())
{//循环比对出权限
return(true);
}
}
}
return(false);
}
/// <summary>
/// 接口调用之前
/// </summary>
/// <param name="actionContext"></param>
public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext)
{
string json = string.Empty;
if (Valid.NoKey(HttpContext.Current.Request.Headers.AllKeys))
{
json = JsonConvert.SerializeObject(new ApiMsg
{
status = ApiMsgStatus.error,
msg = Resources.error,
info = new { result = Resources.ValidKey }
});
actionContext.Response = new HttpResponseMessage()
{
StatusCode = HttpStatusCode.Unauthorized, Content = new StringContent(json, System.Text.Encoding.UTF8, "application/json")
};
return;
}
var permission = new PermissionModel()
{
ControllerName = actionContext.ControllerContext.ControllerDescriptor.ControllerName,
ActionName = actionContext.ActionDescriptor.ActionName,
AppKey = new Guid(HttpContext.Current.Request.Headers["AppKey"]),
AppSecret = HttpContext.Current.Request.Headers["AppSecret"]
};
#region 权限验证
if (Valid.ValidKey(permission))
{
if (Valid.ValidPermission(permission))
{
base.OnActionExecuting(actionContext);
}
else
{//
json = JsonConvert.SerializeObject(new ApiMsg
{
status = ApiMsgStatus.error,
msg = Resources.error,
info = new { result = Resources.ValidPermission }
});
actionContext.Response = new HttpResponseMessage()
{
StatusCode = HttpStatusCode.Unauthorized, Content = new StringContent(json, System.Text.Encoding.UTF8, "application/json")
};
}
}
else
{//
json = JsonConvert.SerializeObject(new ApiMsg
{
status = ApiMsgStatus.error,
msg = Resources.error,
info = new { result = Resources.ValidKey }
});
actionContext.Response = new HttpResponseMessage()
{
StatusCode = HttpStatusCode.Unauthorized, Content = new StringContent(json, System.Text.Encoding.UTF8, "application/json")
};
}
#endregion
}
public override void OnActionExecuting(System.Web.Mvc.ActionExecutingContext filterContext)
{
string json = string.Empty;
var urlTpl = "/Home/PermissionError?msg={0}";
string url = string.Empty;
var permission = new PermissionModel()
{
ControllerName = filterContext.RouteData.Values["controller"] as string,
ActionName = filterContext.RouteData.Values["action"] as string
};
if (permission.ActionName == "PermissionError" && permission.ControllerName == "Home")
{
base.OnActionExecuting(filterContext);
}
else
{
if (Valid.NoKey(HttpContext.Current.Request.Headers.AllKeys))
{
json = JsonConvert.SerializeObject(new ApiMsg
{
status = ApiMsgStatus.error,
msg = Resources.error,
info = new { result = Resources.ValidKey }
});
url = string.Format(urlTpl, json);
filterContext.HttpContext.Response.Redirect(url);
return;
}
else
{
#region 权限验证
permission.AppKey = new Guid(HttpContext.Current.Request.Headers["AppKey"]);
permission.AppSecret = HttpContext.Current.Request.Headers["AppSecret"];
if (Valid.ValidKey(permission))
{
if (Valid.ValidPermission(permission))
{
base.OnActionExecuting(filterContext);
}
else
{//
json = JsonConvert.SerializeObject(new ApiMsg
{
status = ApiMsgStatus.error,
msg = Resources.error,
info = new { result = Resources.ValidPermission }
});
url = string.Format(urlTpl, json);
filterContext.HttpContext.Response.Redirect(url);
}
}
else
{//
json = JsonConvert.SerializeObject(new ApiMsg
{
status = ApiMsgStatus.error,
msg = Resources.error,
info = new { result = Resources.ValidKey }
});
url = string.Format(urlTpl, json);
filterContext.HttpContext.Response.Redirect(url);
}
#endregion
}
}
}
