/// <summary>
/// 拦截
/// </summary>
/// <param name="basicReturn">基本返回</param>
/// <param name="invocation">拦截参数</param>
/// <param name="attr">特性</param>
/// <param name="isExecProceeded">是否已执行</param>
protected override void Intercept(BasicReturnInfo basicReturn, IInvocation invocation, AuthAttribute attr, out bool isExecProceeded)
{
isExecProceeded = false;
if (UserTool.CurrUser == null)
{
basicReturn.SetCodeMsg(403, "您还未授权,无权限访问");
}
}
/// <summary>
/// 无权限处理
/// </summary>
/// <param name="context">http上下文</param>
/// <returns>任务</returns>
protected virtual async Task NotPermissionHandle(HttpContext context)
{
var basicReturn = new BasicReturnInfo();
basicReturn.SetCodeMsg(CommonCodeDefine.NOT_PERMISSION, localize.Get(CommonCodeDefine.NOT_PERMISSION_CULTURE_KEY, "对不起,您没有权限"));
await WriteContent(context, basicReturn);
}
public BasicReturnInfo Test()
{
var re = new BasicReturnInfo();
re.SetCodeMsg(1, "fds", "des");
return(re);
}
/// <summary>
/// 执行
/// </summary>
/// <param name="context">http上下文</param>
/// <returns>任务</returns>
public async Task InvokeAsync(HttpContext context)
{
var path = context.Request.Path.Value.ToLower();
if (path.StartsWith(options.PfxApiPath))
{
try
{
await next(context);
}
catch (BusinessException ex) // 业务异常不记录日志
{
var re = new BasicReturnInfo();
re.SetCodeMsg(ex.Code, ex.Msg, ex.Desc);
await WriteReturnInfo(context, options, re);
}
catch (Exception ex)
{
var routeValue = context.Request.RouteValues;
var routes = routeValue.GetControllerAction();
var msg = new StringBuilder($"请求:{path} method:{context.Request.Method} ");
string controller = null, action = null;
if (routes != null && routes.Length == 2)
{
controller = routes[0];
action = routes[1];
msg.AppendFormat("controller:{0},action:{1}.", controller, action);
}
msg.Append("发生异常." + ex.Message);
_ = log.ErrorAsync(msg.ToString(), ex, "ApiExceptionHandleMiddleware", path, controller, action);
var returnInfo = new BasicReturnInfo()
{
Code = options.ExceptionCode,
Msg = options.ExceptionMsg,
};
if (options.IsDevelopment)
{
returnInfo.Ex = ex;
returnInfo.Desc = ex.ToString();
}
else
{
returnInfo.Desc = ex.Message;
}
await WriteReturnInfo(context, options, returnInfo);
}
}
else
{
await next(context);
}
}
/// <summary>
/// 拦截
/// </summary>
/// <param name="basicReturn">基本返回</param>
/// <param name="invocation">拦截参数</param>
/// <param name="attr">特性</param>
/// <param name="isExecProceeded">是否已执行</param>
protected override void Intercept(BasicReturnInfo basicReturn, IInvocation invocation, AuthAttribute attr, out bool isExecProceeded)
{
isExecProceeded = false;
var currUser = attr.CurrUserParamIndex == -1 ? null : invocation.Arguments[attr.CurrUserParamIndex];
var user = UserTool.GetCurrUser(currUser as BasicUserInfo);
if (user == null)
{
basicReturn.SetCodeMsg(403, "您还未授权,无权限访问");
}
}
/// <summary>
/// 拦截
/// </summary>
/// <param name="basicReturn">基本返回</param>
/// <param name="invocation">拦截参数</param>
/// <param name="attr">特性</param>
/// <param name="isExecProceeded">是否已执行</param>
protected override void Intercept(BasicReturnInfo basicReturn, IInvocation invocation, FunctionAttribute attr, out bool isExecProceeded)
{
isExecProceeded = false;
var ignorePerAttr = invocation.Method.GetAttribute <IgnorePermissionAttribute>();
if (ignorePerAttr != null)
{
return;
}
if (attr.Codes.IsNullOrCount0())
{
basicReturn.SetFailureMsg("功能编码不能为空");
return;
}
MenuAttribute menuAttr = invocation.TargetType.GetAttribute <MenuAttribute>();
if (menuAttr == null)
{
return;
}
if (string.IsNullOrWhiteSpace(menuAttr.Code))
{
basicReturn.SetFailureMsg("菜单编码不能为空");
return;
}
// 这里执行权限验证
IUserService userService = AutofacTool.Resolve <IUserService>();
if (userService == null)
{
basicReturn.SetFailureMsg("找不到用户服务");
return;
}
ReturnInfo <bool> perReInfo = userService.IsCurrUserPermission(menuAttr.Code, attr.Codes);
if (perReInfo.Failure())
{
basicReturn.FromBasic(perReInfo);
return;
}
if (perReInfo.Data)
{
return;
}
else
{
basicReturn.SetCodeMsg(ErrCodeDefine.NOT_PERMISSION, "Sorry,您没有访问此功能权限");
}
}