/// <summary> /// 权限验证 /// </summary> /// <param name="action"></param> private void Authorize(string action) { if (this.JsonProcessor.ContainsKey(action) || this.ImageProcessor.ContainsKey(action) || this.FileDownloadProcessor.ContainsKey(action) ) { System.Reflection.MethodInfo methodInfo = this.JsonProcessor.ContainsKey(action) ? this.JsonProcessor[action].Method : this.ImageProcessor.ContainsKey(action) ? this.ImageProcessor[action].Method : this.FileDownloadProcessor[action].Method; var attr = methodInfo.GetCustomAttributes(false).OfType <AuthorizeAttribute>().FirstOrDefault(); if (attr != null) { if (SccService.Authorized() && SccService.IsInRole(attr.Role, this.FunctionCode)) { //通过权限检查 } else { this.ReturnJson(JsonConvert.SerializeObject(new AjaxResult { Message = Commons.Language.GetText("UnAuthorized", "CN:你无权访问!~EN:UnAuthorized", SccService.CurrentLanguageType), IsSuccess = false })); } } } }
/// <summary> /// 从配置文件中载入基本数据和初始化基本参数,并检验是否有权限访问 /// </summary> /// <param name="functionID">web config 中功能Key</param> /// <param name="pageID"></param> /// <param name="functionName"></param> private void LoadBaseData() { //当前系统中的识别号 this.SysID = ConfigurationManager.AppSettings["SysID"]; this.SysCode = ConfigurationManager.AppSettings["SysCode"]; if (String.IsNullOrEmpty(SysCode)) { this.SysCode = SysID; } //菜单编号(在SBA数据库中生成的ID) this.LoadFunctionId(); this.PageID = this.GetType().BaseType.Name; this.Debug = Tools.DataTypeConvertHelper.ToBoolean(ConfigurationManager.AppSettings["Debug"]); this.FunctionName = Commons.Language.GetText(this.FunctionID + ".Name", this.FunctionID); this.LanguageSourceType = Tools.ConfigHelper.GetConfigString("LanguageSourceType").ToUpper(); //获取加密参数 this.EncryptionParas = new Dictionary <string, string>(); String paras = Tools.DataTypeConvertHelper.ToString(Request["paras"]); if (!String.IsNullOrEmpty(paras)) { paras = Tools.DESEncrypt.Decrypt(paras); this.EncryptionParas = Tools.DataTypeConvertHelper.StringToDictionary(paras, '&', '='); } //验证是否有查看权限,查看为最基本权限 if (SccService.Authorized() && SccService.IsInRole(SccService.Roles.View, this.FunctionCode)) { //通过权限检查 this.LangType = SccService.CurrentLanguageType; this.LoginUserID = SccService.CurrentUserId; } else { // throw new System.Web.HttpException(403, "没有权限,访问禁止"); } }
protected void Page_Load(object sender, EventArgs e) { StartTime = DateTime.Now; using (var t = new Log4WebStandard.Tracker("Page_Load")) { // 验证权限 if (!SccService.Authorized()) { throw new System.Web.HttpException(401, "Auth Failed"); } LoadBaseData(); SetLangAttribute(); GetMenu(); lblLoginerName.Text = SccService.CurrentUserInfo.UserInfo.displayname; if (!String.IsNullOrEmpty(this.CompanyCode)) { var company = SccService.GetCompany(this.CompanyCode); if (company != null) { lblComapnyName.Text = this.LangType.EqualWithTrim("CN") ? company.Company_Name_CN.SafeTrim() : company.Company_Name_EN.SafeTrim(); } else { lblComapnyName.Text = this.CompanyCode; } CompanyGroup.Visible = true; } } TimeSpan BlackRunTime = DateTime.Now.Subtract(StartTime); }