public ActionResult Login()
{
//已經登入導向首頁
if (SessionManager.UserID != Guid.Empty &&
SessionManager.AccountType == AccountType.Admin &&
//(不分大小寫)
RouteHelper.Get(RouteName.AdminRoute).ToLower() == SessionManager.Client.AdminRoute.ToLower())
{
return(RedirectToAction("Index", "Home"));
}
return(View());
}
private bool SetClient()
{
var clientRoute = RouteHelper.Get(RouteName.AdminRoute);
var result = clientService.GetByAdminRoute(clientRoute);
if (result.IsSuccess)
{
SessionManager.Client = result.Data;
}
else
{
SetAlertMessage(result.Message, AlertType.error);
}
return(result.IsSuccess);
}
/// <summary>
/// 回傳授權結果
/// </summary>
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (httpContext == null)
{
throw new ArgumentNullException("httpContext");
}
//if (!httpContext.User.Identity.IsAuthenticated)
// return false;
var adminRoute = RouteHelper.Get(RouteName.AdminRoute);
string actionName = RouteHelper.Get(RouteName.action);
string controllerName = RouteHelper.Get(RouteName.controller);
//string rolename = controllerName + actionName;
//會員已登入 & 有Client權限
if (SessionManager.UserID != Guid.Empty &&
SessionManager.AccountType == AccountType.Admin
//(不分大小寫)
&& adminRoute.ToLower() == SessionManager.Client.AdminRoute.ToLower())
{
// Super管理員
if (SessionManager.IsSuperManager)
{
return(true);
}
//首頁: 有登入都可進入
if (controllerName == "Home" && (string.IsNullOrEmpty(actionName) || actionName == "Index"))
{
return(true);
}
//權限檔controller : 只能進入Menu範圍內的程式
ControllerType controllerType;
if (Enum.TryParse(controllerName, out controllerType))
{
var contain = SessionManager.RolePermissions.Any(x => x.ControllerType == (int)controllerType);
return(contain);
}
}
return(false);
}
/// <summary>
/// 權限驗證
/// </summary>
public override void OnAuthorization(AuthorizationContext filterContext)
{
var adminRoute = RouteHelper.Get(RouteName.AdminRoute);
// 如果沒有filterContext 則報錯
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
// 允許匿名訪問
if (ActionAllowAnonymousAccess(filterContext))
{
}
// 擁有權限
else if (AuthorizeCore(filterContext.HttpContext))
{
}
// 有登入
else if (SessionManager.UserID != Guid.Empty &&
SessionManager.AccountType == AccountType.Admin
//(不分大小寫)
&& adminRoute.ToLower() == SessionManager.Client.AdminRoute.ToLower())
{
filterContext.Result = new HttpStatusCodeResult(403);
}
//partial提示已經logout (prevent login display in partial view)
else if (ActionPartialViewOnly(filterContext))
{
filterContext.Result = new ContentResult {
Content = $"LogOutError"
};
}
// 無權限
else
{
filterContext.Result = new RedirectResult($"~/Admins/{adminRoute}/User/Login?url=" + RouteHelper.Url());
}
}
/// <summary>
/// 權限驗證
/// </summary>
public override void OnAuthorization(AuthorizationContext filterContext)
{
var adminRoute = RouteHelper.Get(RouteName.AdminRoute);
// 如果沒有filterContext 則報錯
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
// 允許匿名訪問
if (ActionAllowAnonymousAccess(filterContext))
{
}
// 擁有權限
else if (SessionManager.UserID != Guid.Empty &&
SessionManager.AccountType == AccountType.Member)
{
}
//partial提示已經logout (prevent login display in partial view)
else if (ActionPartialViewOnly(filterContext))
{
filterContext.Result = new ContentResult {
Content = $"LogOutError"
};
}
//登入頁是跳窗
else if (ApplicationHelper.LoginStyle == LoginStyle.Popup)
{
filterContext.Result = new RedirectResult("~/?url=" + RouteHelper.Url());
}
// 無權限
else
{
filterContext.Result = new RedirectResult($"~/Member/Login?url=" + RouteHelper.Url());
}
}