public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var filterInfo = new FilterContextInfo(filterContext);
var authority = new DBAdapter().Authority;
if (filterInfo.Parameters.Count != 1)
{
throw new ApplicationException("Project guid access attribute detected wrong action parameters.");
}
var projectId = int.Parse(filterInfo.Parameters.Values.Single().ToString());
if (!authority.IsAuthorized(projectId))
{
/// todo 跳到 No Access
}
else
{
base.OnActionExecuting(filterContext);
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var filterInfo = new FilterContextInfo(filterContext);
var userInfo = new UserInfo(filterInfo.Username);
var authority = new DBAdapter().Authority;
bool isAuthorized = false;
//有指定权限中的任何一种权限,即可通过该filter验证
//AuthorityType.Undefined 表示任意权限
var flags = CommUtils.GetEnumFlags(m_authorityType);
foreach (var flag in flags)
{
if (authority.IsAuthorized((AuthorityType)flag))
{
isAuthorized = true;
break;
}
}
if (!isAuthorized)
{
string msg = "Check authority failed:" + (m_authorityType == AuthorityType.Undefined ?
"Design" : m_authorityType.ToString());
var routeValue = new RouteValueDictionary(new
{
controller = "Error",
action = "NoAccess",
message = msg
});
filterContext.Result = new RedirectToRouteResult(routeValue);
base.OnActionExecuting(filterContext);
return;
}
base.OnActionExecuting(filterContext);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var filterInfo = new FilterContextInfo(filterContext);
if (ChineseAbs.ABSManagement.Utils.CommUtils.IsLocalDeployed())
{
if (!System.Web.Security.Roles.IsUserInRole(filterInfo.Username,
ChineseAbs.ABSManagementSite.Controllers.ManageController.RoleAdmin))
{
var routeValue = new RouteValueDictionary(new
{
controller = "Error",
action = "NoAccess",
});
filterContext.Result = new RedirectToRouteResult(routeValue);
}
base.OnActionExecuting(filterContext);
}
else
{
var authority = new DBAdapter().Authority;
var isAdmin = authority.IsEnterpriseAdministrator(filterInfo.Username);
if (isAdmin)
{
base.OnActionExecuting(filterContext);
}
else
{
var routeValue = new RouteValueDictionary(new
{
controller = "Error",
action = "NoAccess",
});
filterContext.Result = new RedirectToRouteResult(routeValue);
base.OnActionExecuting(filterContext);
}
}
}
