public void Decide(IPrincipalToken principal, object cntext)
{
if (!principal.GetGrandedPermission().Contains(cntext as PermissionInfo))
{
AccessException ex = new AccessException("无权限") { CheckObject = cntext };
throw ex;
}
}
/// <summary>
/// 在页面的指定事件中添加事件哨兵进行权限检查
/// </summary>
public override void Decide(IPrincipalToken principal, object check, out bool result, bool throwException = true)
{
result = true;
bool r = result;
Page page = check as Page;
if (page == null)
return;
page.PreLoad += (sender, e) =>
{
try
{
IEnumerable<PermissionPoint> eventPoint = site.GetPoints(page, p =>
{
if (!p.Action.Equals(ControlPermissionInfo.VISIABLE_PERMISSION_NAME))
return true;
return false;
});
foreach (ControlPermissionPoint point in eventPoint)
{
Control c = ASPNetPageCrystalWallSite.FindControlInContainer(page, point.Name);
EventInfo eventInfo = c.GetType().GetEvent(point.EventName, BindingFlags.Instance | BindingFlags.Public | BindingFlags.NonPublic);
//加入权限检查事件
EventHandler deciderMethod = (s, ee) =>
{
base.Decide(principal, new ControlEventContextObject(point.Name, point, c, point.EventName), out r, throwException);
};
//无法动态创建委托!
//Delegate d = Delegate.CreateDelegate(eventInfo.EventHandlerType, deciderMethod.Method);
//获取控件中的指定事件对象。无法获取,.NET反射行为非常不一致!(只能通过Events列表属性获取)
//Delegate eventObject = (Delegate)eventInfo.DeclaringType.GetField(eventInfo.Name, BindingFlags.NonPublic | BindingFlags.Instance | BindingFlags.Public | BindingFlags.Static).GetValue(c);
EventHandlerList eventHandlerList = (EventHandlerList)c.GetType().GetProperty("Events", BindingFlags.NonPublic | BindingFlags.Instance | BindingFlags.Public | BindingFlags.Static).GetValue(c, null);
object eventkey = c.GetType().GetField("Event" + eventInfo.Name, BindingFlags.NonPublic | BindingFlags.Instance | BindingFlags.Public | BindingFlags.Static).GetValue(c);
Delegate eventObject = eventHandlerList[eventkey];
if (eventObject == null || eventObject.GetInvocationList() == null || eventObject.GetInvocationList().Length == 0)
{
//eventInfo.AddEventHandler(c, d);
eventInfo.AddEventHandler(c, deciderMethod);
}
else
{
//将原有列表存储,然后插入权限检查事件为第一个执行的事件
foreach (Delegate de in eventObject.GetInvocationList())
{
eventInfo.RemoveEventHandler(c, de);
}
//eventInfo.AddEventHandler(c, d);
eventInfo.AddEventHandler(c, deciderMethod);
eventInfo.AddEventHandler(c, Delegate.Combine(eventObject.GetInvocationList()));
}
}
}
catch
{
ServiceManager.LoggingService.Error("检查页面:" + page.Request.Url + "中事件的权限时出错");
}
};
result = r;
}
public void Decide(IPrincipalToken principal, object cntext)
{
if (!principal.GetGrandedPermission().Contains(cntext as PermissionInfo))
{
AccessException ex = new AccessException("无权限")
{
CheckObject = cntext
};
throw ex;
}
}
public void SetCurrentToken(IPrincipalToken token)
{
if (principals.ContainsKey(CURRENT_KEY))
{
principals[CURRENT_KEY] = token;
return;
}
if (token != null)
{
principals.Add(CURRENT_KEY, token);
}
else
principals.Add(CURRENT_KEY, FactoryServices.ANONY_PRINCIPAL_TOKEN);
}
public virtual void Decide(IPrincipalToken principal, object check, out bool result, bool throwException = true)
{
result = true;
PermissionInfoCollection pc = principal.GetGrandedPermission();
if (ConfuseElect != null)
pc.ElectVisitor = ConfuseElect;
if (check is PermissionInfo)
{
CheckPermission(pc, (PermissionInfo)check, check, out result, throwException);
}
else
{
//资源上没有配置当前权限点指定的权限,则不允许任何人访问
PermissionPoint[] point = GetPoint(check);
if (point == null || point.Length == 0)
return;//程序没有定义权限点,不做任何权限控制!
bool isThrow = true;
try
{
foreach (PermissionPoint p in point)
{//在当前对象上定义了多个权限点,每一个都需要进行权限检测
PermissionInfo checkPermission = p.NewPermission();
CheckPermission(pc, checkPermission, check, out result, throwException);
}
if (result)
isThrow = false;
}
finally
{
if (isThrow)
{
//权限检查抛出异常则执行事件,执行此事件但异常继续抛出
OnAccessException(principal, check);
}
}
}
}
public void SetCurrentToken(IPrincipalToken token)
{
if (token != null)
HttpContext.Current.Session.Add(WebPrincipalTokenStorage.__CURRENT_USER_KEY__, token);
}
public AccessExceptionEventArgs(IPrincipalToken principal, object check)
{
this.principal = principal;
this.check = check;
}
/// <summary>
/// 授权不通过,则执行不通过时的事件处理
/// </summary>
protected void OnAccessException(IPrincipalToken principal, object check)
{
if (AccessDenyed != null)
AccessDenyed(this, new AccessExceptionEventArgs(principal, check));
}
public override void Decide(IPrincipalToken principal, object check, out bool result, bool throwException = true)
{
viewDecider.Decide(principal, check, out result, throwException);
eventDecider.Decide(principal, check, out result, throwException);
}
/// <summary>
/// 添加init事件, 页面加载事件中检测具有visiable的权限点的控件,如果当前用户不具有此权限,将其visiable设置为false
/// </summary>
/// <param name="check">必须为Page对象</param>
public override void Decide(IPrincipalToken principal, object check, out bool result, bool throwException = true)
{
result = true;
bool r = result;
Page page = check as Page;
if (page == null)
return;
page.Init += (sender, e) =>
{
try
{
//查找权限点中具有可见权限的权限点
IEnumerable<PermissionPoint> controlCheckView = site.GetPoints(page, p =>
{
if (p.Action.Equals(ControlPermissionInfo.VISIABLE_PERMISSION_NAME))
return true;
return false;
});
foreach (ControlPermissionPoint point in controlCheckView)
{
Control c = ASPNetPageCrystalWallSite.FindControlInContainer(page, point.Name);
try
{
base.Decide(principal, new ControlEventContextObject(point.Name, point, c, point.EventName), out r, throwException);
}
catch (AccessException ae)
{
//DO NOTHING
ServiceManager.LoggingService.Debug("当前用户对页面:" + page.Request.Url + "中控件:" + c.ID + "没有可见权限");
}
}
}
catch (Exception ex)
{
ServiceManager.LoggingService.Error("检查页面:" + page.Request.Url + "中对象的可见权限时出错");
}
};
result = r;
}
