public override void OnAuthorization(AuthorizationContext filterContext) { //no1: 判断是否登录 var user = filterContext.HttpContext.Session?["User"] as UserDto; var controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; var action = filterContext.ActionDescriptor.ActionName; var method = filterContext.HttpContext.Request.HttpMethod; var url = filterContext.HttpContext.Request.RawUrl; var categoryKey = filterContext.HttpContext.Request.QueryString["CategoryKey"]; if (user != null) { var token = CacheHelper.GetCache(user.LoginName); var info = AuthConfigXmlHelper.GetAuthConfigByXml(Api.PhysicsUrl + "/Config/AuthConfig.xml" , url, controller, action, method, categoryKey); _roles = BusinessHelper.BreakUpOptions(info.Roles, ','); if (!AuthManager.TryAuthorize(filterContext, token.ToString(), _roles)) { var respMessage = ResponseProvider.Error("你没有被授权访问此资源。", 401); //异常处理模块接入 } } base.OnAuthorization(filterContext); }
public ActionResult Save(ResourceDto model) { var saveState = BusinessHelper.BuildSaveState(Request); var operationList = Request["OperationList"]; var array = BusinessHelper.BreakUpStr(operationList, ','); _resourceBll.HttpPostSave(model, saveState, array); var info = new AuthConfig { ControllerName = model.ControllerName, ResourceId = model.ResourceId, ResourceUrl = model.ResourceUrl, Roles = "" }; if (saveState.OperationState == OperationState.Add) { AuthConfigXmlHelper.AttachAuthConfigByXml(Api.PhysicsUrl + "/Config/AuthConfig.xml" , info); } else { AuthConfigXmlHelper.UpateResourceAuthConfigByXml(Api.PhysicsUrl + "/Config/AuthConfig.xml" , info); } return(RedirectToAction("Index", "Resource")); }
public ActionResult Save() { var saveState = BusinessHelper.BuildSaveState(Request); if (saveState == null) { throw new ArgumentNullException(nameof(saveState)); } ViewBag.ActionList = AssemblyHelper.LoadAction(WebConfig.AssemblyName); switch (saveState.OperationState) { case OperationState.Add: case OperationState.Update: var roleDto = _roleBll.Query(saveState); var resourceTree = _resourceBll.GetSourceTree(false, null); ViewBag.ResourceTree = resourceTree; ViewBag.SaveState = saveState.ToJson(); ViewBag.InfoList = string.Join(",", roleDto.Resources.Select(p => p.ResourceId)); ViewBag.AuthConfigList = AuthConfigXmlHelper.GetAuthConfigListByXml(Api.PhysicsUrl + "/Config/AuthConfig.xml", roleDto.Code); return(View(roleDto)); case OperationState.Remove: //逻辑删除 _roleBll.HttpGetSave(saveState); return(RedirectToAction("Index", "Role")); default: throw new ArgumentOutOfRangeException(); } }
public ActionResult Save(RoleDto model) { var saveState = BusinessHelper.BuildSaveState(Request); var resourceList = Request["resourceList"]; var array = BusinessHelper.BreakUpStr(resourceList, ','); var arrayStr = BusinessHelper.BreakUpOptions(resourceList, ','); _roleBll.HttpPostSave(model, saveState, array); var actionList = Request["actionList"]; var actionArr = BusinessHelper.BreakUpOptions(actionList, '|'); //资源授权 AuthConfigXmlHelper.UpateRolesAuthConfigByXml(Api.PhysicsUrl + "/Config/AuthConfig.xml" , arrayStr, model.Code); //Action授权 AuthConfigXmlHelper.UpateActionRolesAuthConfigByXml(Api.PhysicsUrl + "/Config/AuthConfig.xml" , model.Code, actionArr); return(RedirectToAction("Index", "Role")); }