public override void OnAuthorization(AuthorizationContext filterContext) { if (filterContext.RouteData.Values["controller"].Equals("Account")) { return; } MyAuthorizeDBContent = new MyCMSDBContent(); string userName = WebSecurity.CurrentUserName; var isAllowed = false; if (userName.Length > 0)//用户已经登录 { var controller = filterContext.RouteData.Values["controller"].ToString(); var action = filterContext.RouteData.Values["action"].ToString(); isAllowed = this.IsAllowed(userName, controller, action); } else { filterContext.HttpContext.Response.Redirect(new UrlHelper(filterContext.RequestContext).Action("Login", "Account"), true); filterContext.RequestContext.HttpContext.Response.End(); //filterContext.Result = new EmptyResult(); return; } if (!isAllowed) { filterContext.RequestContext.HttpContext.Response.Write("无权访问"); filterContext.RequestContext.HttpContext.Response.End(); } }
public override void OnAuthorization(AuthorizationContext filterContext) { if(filterContext.RouteData.Values["controller"].Equals("Account")) { return; } MyAuthorizeDBContent = new MyCMSDBContent(); string userName = WebSecurity.CurrentUserName; var isAllowed = false; if (userName.Length > 0)//用户已经登录 { var controller = filterContext.RouteData.Values["controller"].ToString(); var action = filterContext.RouteData.Values["action"].ToString(); isAllowed = this.IsAllowed(userName, controller, action); } else { filterContext.HttpContext.Response.Redirect(new UrlHelper(filterContext.RequestContext).Action("Login", "Account"),true); filterContext.RequestContext.HttpContext.Response.End(); //filterContext.Result = new EmptyResult(); return; } if (!isAllowed) { filterContext.RequestContext.HttpContext.Response.Write("无权访问"); filterContext.RequestContext.HttpContext.Response.End(); } }