Esempio n. 1
0
        /// <summary>
        ///     检查登录
        /// </summary>
        /// <param name="context"></param>
        /// <returns></returns>
        private static bool CheckSession(ControllerContext context)
        {
            if (context.HttpContext == null)
            {
#if DEBUG
                LogHelper.WriteLog("HttpContext为NULL");
#endif
                return(false);
            }
            var session = new SessionExt(context.HttpContext);

            if (session["currentUser"] == null)
            {
#if DEBUG
                LogHelper.WriteLog("SessionId=" + session.SessionId);
                LogHelper.WriteLog("HttpContext.Session[\"currentUser\"]为NULL");
#endif
                return(false);
            }
            if (session["currentTenant"] == null)
            {
#if DEBUG
                LogHelper.WriteLog("HttpContext.Session[\"currentTenant\"]为NULL");
#endif
                return(false);
            }
            return(true);
        }
Esempio n. 2
0
        /// <summary>
        /// 生成Button
        /// </summary>
        /// <param name="helper"></param>
        /// <param name="area"></param>
        /// <param name="controller"></param>
        /// <param name="action"></param>
        /// <param name="attributes"></param>
        /// <returns></returns>
        public static MvcHtmlString Button(this HtmlHelper helper, string area, string controller, string action, object attributes)
        {
            var session = new SessionExt(HttpContext.Current);
            var user    = session["currentUser"] as SysUser;

            if (user == null)
            {
                return(new MvcHtmlString(""));
            }

            //检查权限控制
            var permissions = RetechWing.BusinessCache.SystemCache.Instance.Permissions;

            //找到请求对应的权限
            var currentPermission =
                permissions.FirstOrDefault(
                    p => p.Controller.Equals(controller, StringComparison.OrdinalIgnoreCase) &&
                    p.Action.Equals(action, StringComparison.OrdinalIgnoreCase)
                    );

            //指定的权限不在权限表中
            if (currentPermission == null)
            {
                return(GenerateButton(attributes));
            }
            var userRights = RetechWing.BusinessCache.SystemCache.Instance.UserPermissions(user.UserId, new RoleManager().GetUserPermissionIds);

            if (userRights.Contains(currentPermission.PermissionId))
            {
                return(GenerateButton(attributes));
            }
            return(new MvcHtmlString(""));
        }
Esempio n. 3
0
        /// <summary>
        /// Checks the permission.
        /// </summary>
        /// <returns>The permission.</returns>
        /// <param name="filterContext">Filter context.</param>
        /// <param name="message">Message.</param>
        protected virtual PermissionCheckResult CheckPermission(ActionExecutingContext filterContext, out string message)
        {
            var currentRequestController = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
            var currentRequestAction     = filterContext.ActionDescriptor.ActionName;
            var session = new SessionExt(filterContext.HttpContext);

            message = "";
            //检查是否在排除列表
            var ex =
                ExcludeUrlConfiguration.GetExcludeUrl(
                    currentRequestController,
                    currentRequestAction);

            if (ex != null)
            {
                return(PermissionCheckResult.Passed);
            }

            //检查Session
            if (!CheckSession(filterContext))
            {
                message = LanguageResources.Common.NeedLogin;
#if DEBUG
                LogHelper.WriteLog("跳登陆,原因:Session丢失\r\nSessionId" + new SessionExt(filterContext.HttpContext).SessionId);
#endif
                return(PermissionCheckResult.NeedLogin);
            }

            //检查权限控制
            var permissions = RetechWing.BusinessCache.SystemCache.Instance.Permissions;

            //找到请求对应的权限
            var currentPermission =
                permissions.FirstOrDefault(
                    p => p.Controller.Equals(currentRequestController, StringComparison.OrdinalIgnoreCase) &&
                    p.Action.Equals(currentRequestAction, StringComparison.OrdinalIgnoreCase)
                    );
            if (currentPermission == null)
            {
                //当前请求没有在权限列表中,暂定通过
                return(PermissionCheckResult.Passed);
            }
            //属于用户的权限
            var user       = session["currentUser"] as SysUser;
            var userRights = RetechWing.BusinessCache.SystemCache.Instance.UserPermissions(user.UserId, new RoleManager().GetUserPermissionIds);
            if (userRights.Contains(currentPermission.PermissionId))
            {
                //通过
                return(PermissionCheckResult.Passed);
            }
#if DEBUG
            LogHelper.WriteLog("跳登陆,原因:没有权限\r\nSessionId" + new SessionExt(filterContext.HttpContext).SessionId);
#endif
            //以下是未通过的情况
            message = LanguageResources.Common.NoRight;
            return(PermissionCheckResult.NoPermission);
        }
Esempio n. 4
0
        protected override void Initialize(RequestContext requestContext)
        {
            var          session = new SessionExt(requestContext.HttpContext);
            Type         type    = typeof(NameObjectCollectionBase);
            PropertyInfo isReadonlyPropertyInfo = type.GetProperty("IsReadOnly",
                                                                   BindingFlags.Instance | BindingFlags.NonPublic);
            var copy = new NameValueCollection();
            NameValueCollection queryStrings = requestContext.HttpContext.Request.QueryString;

            foreach (string key in queryStrings.AllKeys)
            {
                Array.ForEach(queryStrings.GetValues(key), v => copy.Add(key, v.NoHtml()));
            }
            isReadonlyPropertyInfo.SetValue(queryStrings, false, null);
            queryStrings.Clear();
            queryStrings.Add(copy);
            isReadonlyPropertyInfo.SetValue(queryStrings, true, null);

            session["lastRequestUrl"] = requestContext.HttpContext.Request.RawUrl;

            base.Initialize(requestContext);
            object cultureValue;

            if (requestContext.RouteData.Values.TryGetValue("culture", out cultureValue))
            {
                try
                {
                    CultureInfo culture = CultureProvider.GetCultureInfo(cultureValue.ToString());
                    if (culture == null)
                    {
                        culture = CultureProvider.GetCultureInfo(defaultLanguage);
                    }
                    Thread.CurrentThread.CurrentUICulture = culture;
                    Thread.CurrentThread.CurrentCulture   = culture;

                    requestContext.HttpContext.Response.Cookies.Add(new HttpCookie(CultureProvider.culturecookiekey,
                                                                                   culture.Name));
                }
                catch (Exception)
                {
                }
            }
            else
            {
                try
                {
                    Thread.CurrentThread.CurrentUICulture = CultureProvider.GetCultureInfo(defaultLanguage);
                    Thread.CurrentThread.CurrentCulture   = CultureProvider.GetCultureInfo(defaultLanguage);
                    requestContext.HttpContext.Response.Cookies.Add(new HttpCookie(CultureProvider.culturecookiekey,
                                                                                   defaultLanguage));
                }
                catch (Exception)
                {
                }
            }
        }
Esempio n. 5
0
        private SysUser GetCurrentUser()
        {
            var session = new SessionExt(HttpContext.Current);

            var curruser = session["currentUser"] as SysUser;

            return(curruser);

            //return new SysUser();
        }
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var session = new SessionExt(filterContext.HttpContext);

            MethodInfo[] methods = GetActions(filterContext);
            var          method  =
                methods.First(
                    p =>
                    p.Name.Equals(filterContext.ActionDescriptor.ActionName,
                                  StringComparison.CurrentCultureIgnoreCase));

            Type returnType = method.ReturnType;

            if (session["currentSuperAdmin"] != null)
            {
                base.OnActionExecuting(filterContext);
                return;
            }
            if (returnType == typeof(JsonResult))
            {
                filterContext.Result = new JsonResult
                {
                    Data = new
                    {
                        permissionError = 1,
                        result          = 403,
                        errorMsg        = "请登陆后再操作",
                        title           = "提示",
                        btnValue        = RetechWing.LanguageResources.Common.Sure,
                        loginUrl        = System.Web.Mvc.UrlHelper.GenerateUrl("Default", "Index", "EnterPoint", new RouteValueDictionary(new Dictionary <string, object>()), RouteTable.Routes, filterContext.RequestContext, false)
                                          //loginUrl = UrlHelper.GenerateUrl("Culture","Login","Home",null,null,filterContext.RequestContext,false)
                    },
                    JsonRequestBehavior = JsonRequestBehavior.AllowGet
                };
                return;
            }
            //直接输入Url地址
            string urlReferrer = filterContext.HttpContext.Request.UrlReferrer == null
                                     ? ""
                                     : filterContext.HttpContext.Request.UrlReferrer.ToString();

            if (string.IsNullOrEmpty(urlReferrer))
            {
                session["backUrl"] = "zh-CN/EnterPoint/Index";
                var routeValues =
                    new RouteValueDictionary(new { controller = "Message", action = "NoRight", msg = "请登陆后再操作" });
                filterContext.Result = new RedirectToRouteResult("Culture", routeValues);
                return;
            }
            filterContext.Result =
                new RedirectToRouteResult("Culture",
                                          new RouteValueDictionary(new { controller = "EnterPoint", action = "Index", backUrl = urlReferrer }));
        }
Esempio n. 7
0
        public static string WriteLoginErrorMessage(HttpContext context)
        {
            var session = new SessionExt(context);

            if (session["errmsg"] == null)
            {
                return(string.Empty);
            }
            var msg = session["errmsg"].ToString();

            session.Remove("errmsg");
            return(msg);
        }
Esempio n. 8
0
        public static HtmlString PermissionCheck(this HtmlHelper htmlHelper, string controller, string action)
        {
            var session = new SessionExt(HttpContext.Current);

            var permissions = session["myRights"] as List <vTenantFunction>;

            if (permissions != null)
            {
                var pm = permissions.Find(p => p.Controller == controller && p.Action == action);
                if (pm != null)
                {
                    return(new HtmlString(""));
                }
            }

            return(new HtmlString("style='display:none;'"));
        }
Esempio n. 9
0
        public override void OnActionExecuted(ActionExecutedContext filterContext)
        {
            var session = new SessionExt(filterContext.HttpContext);
            var result  = filterContext.Result;

            if (result is ViewResult)
            {
                if (filterContext.HttpContext.Session != null)
                {
                    if (session["currentUser"] != null)
                    {
                        var user = session["currentUser"] as RetechWing.Models.SysUser;
                        OnlineUserHelper.CheckOnline(user.UserId, user.TenantId);
                        SampleLoginLog.SetAlive();
                        //Log.SysLoginLogManager.SetAlive(user.UserId);
                    }
                }
            }
            base.OnActionExecuted(filterContext);
        }
Esempio n. 10
0
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var session = new SessionExt(filterContext.HttpContext);
            //检查是否在排除列表
            var currentRequestController = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
            var currentRequestAction     = filterContext.ActionDescriptor.ActionName;
            var ex = ExcludeUrlConfiguration.GetExcludeUrl(currentRequestController, currentRequestAction);

            if (ex == null)
            {
                if (session["currentUser"] == null)
                {
                    //直接输入Url地址
                    string urlReferrer = "";
                    if (filterContext.HttpContext.Request.QueryString["keep"] == "1")
                    {
                        urlReferrer = filterContext.HttpContext.Request.Url.ToString();
                    }
                    else
                    {
                        if (session["lastRequestUrl"] != null)
                        {
                            urlReferrer = session["lastRequestUrl"].ToString();
                        }
                        else
                        {
                            urlReferrer = filterContext.HttpContext.Request.UrlReferrer == null ? "/" : filterContext.HttpContext.Request.UrlReferrer.ToString();
                        }
                    }

                    var controller = filterContext.Controller as System.Web.Mvc.Controller;
                    if (string.IsNullOrWhiteSpace(filterContext.HttpContext.Request.Params["code"]) && string.IsNullOrWhiteSpace(filterContext.HttpContext.Request.Params["openID"]))
                    {
                        filterContext.Result = new RedirectResult(WeixinCommon.GetAuthorizeUserInfoUrl(controller.Url.RetechAction("VerifyUser", "WeiXin", new { area = "Mobile" }) + "?backUrl=" + controller.Url.Encode(urlReferrer), Senparc.Weixin.MP.AdvancedAPIs.OAuthScope.snsapi_userinfo));
                        return;
                    }
                    else
                    {
                        string openID = "";
                        if (string.IsNullOrWhiteSpace(filterContext.HttpContext.Request.Params["openID"]))
                        {
                            string code = filterContext.HttpContext.Request.Params["code"];
                            openID = WeixinCommon.GetOpenidByCode(code);
                        }
                        else
                        {
                            openID = filterContext.HttpContext.Request.Params["openID"];
                        }

                        var user = new UserManager().GetUserByOpenID(openID);
                        if (user == null)
                        {
                            filterContext.Result = new RedirectResult(controller.Url.RetechAction("BindingAccount", "WeiXin", new { area = "Mobile" }) + "?openID=" + openID + "&msg=您还未绑定用户信息!&backUrl=" + controller.Url.Encode(urlReferrer));

                            return;
                        }
                        else
                        {
                            user.OpenID              = openID;
                            session["currentUser"]   = user;
                            session["currentTenant"] = new TenantManager().GetTenantById(user.TenantId);
                        }
                    }
                }
            }
            base.OnActionExecuting(filterContext);
        }
Esempio n. 11
0
        /// <summary>
        /// Builds a session from the factory, when initialized...
        /// </summary>
        /// <returns></returns>
        public ISession OpenSession(bool p_autoCloseSessionEnabled,ConnectionReleaseMode p_connectionReleaseMode)
        {
            TraceLog.LogEntry("OpenSession(): p_autoCloseSessionEnabled {0} p_connectionReleaseMode {1}", p_autoCloseSessionEnabled, p_connectionReleaseMode);

            ISessionTX res = null;

            if (this.m_cnnStr == String.Empty)
                throw new Exception("Session Factory without connection string, can't get it from configuration!");
            else
                if (this.m_closed)
                    throw new Exception("Session Factory is closed!");
                else
                {
                    if (SharpCore.Data.CurrentSessionContext.HasBind(this))
                    {
                        res = this.GetCurrentSession();

                        TraceLog.LogEntry("Existe una Sesión ya ligada, GetCurrentSession() Id {0}", res.SessionId);

                    }
                    else
                        SharpCore.Data.CurrentSessionContext.Bind(res = new SessionExt(this, p_autoCloseSessionEnabled, p_connectionReleaseMode));
                }

            // SharpLogger.CallerOut();

            return res;
        }
Esempio n. 12
0
        /// <summary>
        /// Called before an action method executes.
        /// </summary>
        /// <param name="filterContext">The filter context.</param>
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var    session = new SessionExt(filterContext.HttpContext);
            string errorString;
            var    checkresult = CheckPermission(filterContext, out errorString);

            if (checkresult == PermissionCheckResult.Passed)
            {
                base.OnActionExecuting(filterContext);
                return;
            }
            var controller = filterContext.Controller as System.Web.Mvc.Controller;

            MethodInfo[] methods = GetActions(filterContext);
            var          method  = methods.First(p => p.Name.Equals(filterContext.ActionDescriptor.ActionName, StringComparison.CurrentCultureIgnoreCase));

            Type returnType = method.ReturnType;

            if (returnType == typeof(JsonResult))
            {
                int errorCode = 403;
                errorString = RetechWing.LanguageResources.Other.NeedLogin;
                if (checkresult == PermissionCheckResult.NeedLogin)
                {
                    errorCode = 404;
                }

                filterContext.Result = new JsonResult
                {
                    Data = new
                    {
                        permissionError = 1,
                        result          = errorCode,
                        errorMsg        = errorString,
                        title           = RetechWing.LanguageResources.Common.DialogTitle,
                        btnValue        = RetechWing.LanguageResources.Common.Sure,
                        loginUrl        = controller.Url.RetechAction("Index", "Login", new { area = "" })
                                          //loginUrl = UrlHelper.GenerateUrl("Culture","Login","Home",null,null,filterContext.RequestContext,false)
                    },
                    JsonRequestBehavior = JsonRequestBehavior.AllowGet
                };

                return;
            }
            //直接输入Url地址
            string urlReferrer;

            if (filterContext.HttpContext.Request.QueryString["keep"] == "1")
            {
                urlReferrer = filterContext.HttpContext.Request.Url.ToString();
            }
            else
            {
                if (session["lastRequestUrl"] != null)
                {
                    urlReferrer = session["lastRequestUrl"].ToString();
                }
                else
                {
                    urlReferrer = filterContext.HttpContext.Request.UrlReferrer == null
                                    ? "/"
                                    : filterContext.HttpContext.Request.UrlReferrer.ToString();
                }
            }
            if (checkresult == PermissionCheckResult.NeedLogin)
            {
                filterContext.Result = new RedirectResult(controller.Url.RetechAction("Index", "Login", new { area = "", backUrl = urlReferrer }));
                //new RedirectToRouteResult(
                //    new RouteValueDictionary(new { controller = "Login", action = "Index", backUrl = urlReferrer }));
            }
            else
            {
                filterContext.Result = new RedirectResult(controller.Url.RetechAction("NoRight", "Message", new { area = "", backUrl = urlReferrer }));
                //new RedirectToRouteResult(
                //    new RouteValueDictionary(new { controller = "Message", action = "NoRight", backUrl = urlReferrer }));
            }
        }