private bool OnAuth(CmdMethodInfo cmdMethodInfo, Session session, MsgData msg, out ActionResult result) { result = null; if (cmdMethodInfo.NoAuth) { return(true); } using (AuthorizationContext authContext = new AuthorizationContext() { Session = session, Cmd = msg.Cmd, IsAuth = false, Result = null }) { foreach (var t in this.GlobalAuthTypeList) { IAuthorize auth = (IAuthorize)Activator.CreateInstance(t); auth.OnAuthorization(authContext); if (!authContext.IsAuth) { result = authContext.Result; if (result == null) { result = new ActionResult(); result.SetMsg(MsgStatus.NeedAuth, "无权限请求!"); } return(false); } } var tarr = cmdMethodInfo.Type.GetCustomAttributes(typeof(AuthorizeAttribute), true); foreach (var attr in tarr) { var auth = attr as AuthorizeAttribute; auth.OnAuthorization(authContext); if (!authContext.IsAuth) { result = authContext.Result; if (result == null) { result = new ActionResult(); result.SetMsg(MsgStatus.NeedAuth, "无权限请求!"); } return(false); } } if (cmdMethodInfo.AuthTypeList != null && cmdMethodInfo.AuthTypeList.Count > 0) { foreach (var t in cmdMethodInfo.AuthTypeList) { IAuthorize auth = (IAuthorize)Activator.CreateInstance(t); auth.OnAuthorization(authContext); if (!authContext.IsAuth) { result = authContext.Result; if (result == null) { result = new ActionResult(); result.SetMsg(MsgStatus.NeedAuth, "无权限请求!"); } return(false); } } } tarr = cmdMethodInfo.Method.GetCustomAttributes(typeof(AuthorizeAttribute), true); foreach (var attr in tarr) { var auth = attr as AuthorizeAttribute; auth.OnAuthorization(authContext); if (!authContext.IsAuth) { result = authContext.Result; if (result == null) { result = new ActionResult(); result.SetMsg(MsgStatus.NeedAuth, "无权限请求!"); } return(false); } } } return(true); }