Exemple #1
0
        public string[] GetAuthInfo()
        {
            IServiceProvider       provider              = HttpContext.RequestServices;
            IModuleHandler         moduleHandler         = provider.GetRequiredService <IModuleHandler>();
            IFunctionAuthorization functionAuthorization = provider.GetService <IFunctionAuthorization>();

            ModuleInfo[] moduleInfos = moduleHandler.ModuleInfos;

            //先查找出所有有权限的模块
            List <ModuleInfo> authModules = new List <ModuleInfo>();

            foreach (ModuleInfo moduleInfo in moduleInfos)
            {
                bool hasAuth = moduleInfo.DependOnFunctions.All(m => functionAuthorization.Authorize(m, User).IsOk);
                if (moduleInfo.DependOnFunctions.Length == 0 || hasAuth)
                {
                    authModules.Add(moduleInfo);
                }
            }

            List <string> codes = new List <string>();

            foreach (ModuleInfo moduleInfo in authModules)
            {
                string fullCode = moduleInfo.FullCode;
                //模块下边有功能,或者拥有子模块
                if (moduleInfo.DependOnFunctions.Length > 0 ||
                    authModules.Any(m => m.FullCode.Length > fullCode.Length && m.FullCode.Contains(fullCode) && m.DependOnFunctions.Length > 0))
                {
                    codes.AddIfNotExist(fullCode);
                }
            }
            return(codes.ToArray());
        }
        /// <summary>
        /// 重写以实现功能权限的核心验证逻辑
        /// </summary>
        /// <param name="context">权限过滤器上下文</param>
        /// <param name="function">要验证的功能</param>
        /// <returns>权限验证结果</returns>
        protected virtual AuthorizationResult AuthorizeCore(AuthorizationHandlerContext context, IFunction function)
        {
            ClaimsPrincipal     user   = context.User;
            AuthorizationResult result = _functionAuthorization.Authorize(function, user);

            return(result);
        }
Exemple #3
0
 /// <summary>
 /// 重写以实现功能权限的核心验证逻辑
 /// </summary>
 /// <param name="context">权限过滤器上下文</param>
 /// <param name="function">要验证的功能</param>
 /// <returns>权限验证结果</returns>
 protected virtual AuthorizationResult AuthorizeCore(AuthorizationFilterContext context, IFunction function)
 {
     IPrincipal user = context.HttpContext.User;
     IServiceProvider provider = context.HttpContext.RequestServices;
     IFunctionAuthorization authorization = provider.GetService<IFunctionAuthorization>();
     AuthorizationResult result = authorization.Authorize(function, user);
     return result;
 }
Exemple #4
0
        /// <summary>
        /// 检测当前用户是否拥有指定URL的功能权限
        /// </summary>
        public static bool CheckFunctionAuth(this ControllerBase controller, string url)
        {
            IFunction function = controller.GetFunction(url);

            if (function == null)
            {
                return(false);
            }
            IFunctionAuthorization authorization = controller.HttpContext.RequestServices.GetService <IFunctionAuthorization>();

            return(authorization.Authorize(function, controller.User).IsOk);
        }
Exemple #5
0
        /// <summary>
        /// 检测当前用户是否有指定功能的功能权限
        /// </summary>
        public static bool CheckFunctionAuth(this ControllerBase controller, string actionName, string controllerName, string areaName = null)
        {
            IServiceProvider provider        = controller.HttpContext.RequestServices;
            IFunctionHandler functionHandler = provider.GetService <IFunctionHandler>();
            IFunction        function        = functionHandler?.GetFunction(areaName, controllerName, actionName);

            if (function == null)
            {
                return(false);
            }
            IFunctionAuthorization authorization = provider.GetService <IFunctionAuthorization>();

            return(authorization.Authorize(function, controller.User).IsOk);
        }
        /// <summary>
        /// 验证是否拥有指定模块的权限
        /// </summary>
        /// <param name="module">要验证的模块</param>
        /// <param name="empty">返回模块是否为空模块,即是否分配有功能</param>
        /// <returns></returns>
        private bool CheckFuncAuth(Module module, out bool empty)
        {
            IServiceProvider       services      = HttpContext.RequestServices;
            IFunctionAuthorization authorization = services.GetRequiredService <IFunctionAuthorization>();

            Function[] functions = _securityManager.ModuleFunctions.Where(m => m.ModuleId == module.Id).Select(m => m.Function).ToArray();
            empty = functions.Length == 0;
            if (empty)
            {
                return(true);
            }

            foreach (Function function in functions)
            {
                if (!authorization.Authorize(function, User).IsOk)
                {
                    return(false);
                }
            }
            return(true);
        }