protected override bool AuthorizeCore(HttpContextBase httpContext) { if (!httpContext.User.Identity.IsAuthenticated) { return(false); } //根据用户角色 string actionName = httpContext.Request.RequestContext.RouteData.Values["action"].ToString().ToLower(); string controllerName = httpContext.Request.RequestContext.RouteData.Values["controller"].ToString().ToLower(); string httpMethod = httpContext.Request.HttpMethod.ToLower(); ISysAdminService sysAdminService = IOC.Resolve <ISysAdminService>(); //判断是否超级管理员 var sysAdmin = sysAdminService.Get(m => m.IsAdmin && m.UserName == httpContext.User.Identity.Name); if (sysAdmin != null && sysAdmin.Id > 0) { return(base.AuthorizeCore(httpContext)); } ISysAdminRoleService sysAdminRoleService = IOC.Resolve <ISysAdminRoleService>(); var entity = sysAdminRoleService.Get(m => m.SysRole.SysRoleMenu.Any(w => w.SysMenu.Controller.ToLower() == controllerName && w.SysMenu.Action.ToLower() == actionName)); if (entity != null && entity.Id > 0) { return(base.AuthorizeCore(httpContext)); } return(false); }
public AuthorityController(ISysActionService sysActionService, ISysAdminService sysAdminService, ISysRoleService sysRoleService, ISysRoleActionService sysRoleActionService, ISysAdminRoleService sysAdminRoleService, ISysMenuService sysMenuService) { _sysActionService = sysActionService; _sysAdminService = sysAdminService; _sysRoleService = sysRoleService; _sysRoleActionService = sysRoleActionService; _sysAdminRoleService = sysAdminRoleService; _sysMenuService = sysMenuService; }