/// <summary> /// 验证用户功能权限 /// 先对用户的登录状态进行验证,如果未登录则重定向到系统配置中配置的登录页面,并且终止当前请求Action的执行。 /// 如果已登录,则继续进行功能项权限验证,如果用户没有所请求Action的权限则重定向到权限验证失败页面,并且终止当前请求Action的执行。 /// 如果权限验证通过则继续执行所请求的Action /// </summary> public static bool ValidateUserFeatureAuthority(ActionExecutingContext actionExecutingContext, ClaimsPrincipalUser currentUser) { IgnoreAuthorityAttribute authorityAttribute = GetIgnoreAuthorityAttribute(actionExecutingContext); if (authorityAttribute != null && authorityAttribute.IgnoreType == IgnoreType.IgnoreLogin) //是否有验证特性 { return(true); } if (currentUser == null) { //页面跳转 return(false); } if (currentUser.IsManager) //管理员 { return(true); } string loginName = currentUser.LoginName; WriteUserTokenCookie(loginName); string controllerName = ((ControllerActionDescriptor)actionExecutingContext.ActionDescriptor).ControllerName; string actionName = ((ControllerActionDescriptor)actionExecutingContext.ActionDescriptor).ActionName; if (authorityAttribute != null) { if (authorityAttribute.IgnoreType == IgnoreType.IgnoreFeature) { return(true); } if (authorityAttribute.IgnoreType == IgnoreType.SameAs) { if (string.IsNullOrEmpty(authorityAttribute.SameActionName)) //如果没有复制SameActionName,则用当前ActionName { authorityAttribute.SameActionName = actionName; } actionName = authorityAttribute.SameActionName; if (string.IsNullOrEmpty(authorityAttribute.SameControllerName)) { controllerName = authorityAttribute.SameControllerName; } var userinfo = actionExecutingContext.HttpContext.Session.Get <UserBackFullInfo>(currentUser.LoginName); var FeatureCheck = userinfo.UserFeatureInfoList.Where(p => p.FeatureControllerName == controllerName && p.FeatureActionName == actionName).ToList(); if (FeatureCheck.Count == 1) { return(true); } else { throw new InvalidOperationException(string.Format("Controller:{0}上的Action:{1}配置异常,请检查配置!", (object)controllerName, (object)actionName)); } } } return(true); }
/// <summary> /// 获取当前用户 /// </summary> /// <returns></returns> public static ClaimsPrincipalUser GetCurrentUser() { ClaimsPrincipalUser principalUser; //取得 cookieValue string cookieValue = GetCookies(userCMPTokenCookie); //通过Cookie获取当前登陆名,如果没有,则需要登录 if (string.IsNullOrEmpty(cookieValue)) { return(null); } string loginName = DecryptLoginName(cookieValue); if (string.IsNullOrEmpty(loginName)) { principalUser = null; GlobalHttpContext.Current.Session.Set <UserBackFullInfo>(loginName, null); if (!string.IsNullOrEmpty(cookieValue)) //删除cookie { DeleteCookies(userCMPTokenCookie); } } else { //Session里面不存在 if (GlobalHttpContext.Current.Session.Get(loginName) == null) { //检查数据库是否有此用户 Org_User user = dalUser.GetByLoginName(loginName); if (user == null) //没有说明有问题 { principalUser = (ClaimsPrincipalUser)null; if (!string.IsNullOrEmpty(cookieValue)) //删除cookie { DeleteCookies(userCMPTokenCookie); } } else { //如果有此用户 principalUser = new ClaimsPrincipalUser { Id = user.Id, LoginName = user.LoginName, UserName = user.UserName, UserCode = user.Code, IsManager = false, IsOutSide = user.IsOutSide, Phone = user.Phone }; //获取用户全信息数据 Org_UserQueryParam query = new Org_UserQueryParam { LoginName = loginName }; var userdatainfo = dalUser.GetUserFullInfo(query); //重建此session和缓存数据 principalUser.IsManager = userdatainfo.BaseInfo.IsSuperMgr; RedisHelper.Set("CMPUser_" + loginName, userdatainfo, null); GlobalHttpContext.Current.Session.Set(principalUser.LoginName, userdatainfo); } } else //Session里面存在 { var sessionUser = GlobalHttpContext.Current.Session.Get <UserBackFullInfo>(loginName); principalUser = new ClaimsPrincipalUser(); principalUser.Id = sessionUser.BaseInfo.Id; principalUser.LoginName = sessionUser.BaseInfo.LoginName; principalUser.UserName = sessionUser.BaseInfo.UserName; principalUser.UserCode = sessionUser.BaseInfo.Code; principalUser.IsManager = sessionUser.BaseInfo.IsSuperMgr; principalUser.IsOutSide = sessionUser.BaseInfo.IsOutSide; principalUser.Phone = sessionUser.BaseInfo.Phone; } } return(principalUser); }