Esempio n. 1
0
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            if (filterContext.RouteData.Values["controller"].Equals("Account"))
            {
                return;
            }

            MyAuthorizeDBContent = new MyCMSDBContent();

            string userName = WebSecurity.CurrentUserName;

            var isAllowed = false;

            if (userName.Length > 0)//用户已经登录
            {
                var controller = filterContext.RouteData.Values["controller"].ToString();
                var action     = filterContext.RouteData.Values["action"].ToString();
                isAllowed = this.IsAllowed(userName, controller, action);
            }
            else
            {
                filterContext.HttpContext.Response.Redirect(new UrlHelper(filterContext.RequestContext).Action("Login", "Account"), true);
                filterContext.RequestContext.HttpContext.Response.End();
                //filterContext.Result = new EmptyResult();
                return;
            }

            if (!isAllowed)
            {
                filterContext.RequestContext.HttpContext.Response.Write("无权访问");
                filterContext.RequestContext.HttpContext.Response.End();
            }
        }
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            if(filterContext.RouteData.Values["controller"].Equals("Account"))
            {
                return;
            }

            MyAuthorizeDBContent = new MyCMSDBContent();

            string userName = WebSecurity.CurrentUserName;

            var isAllowed = false;

            if (userName.Length > 0)//用户已经登录
            {
                var controller = filterContext.RouteData.Values["controller"].ToString();
                var action = filterContext.RouteData.Values["action"].ToString();
                isAllowed = this.IsAllowed(userName, controller, action);
            }
            else
            {
                filterContext.HttpContext.Response.Redirect(new UrlHelper(filterContext.RequestContext).Action("Login", "Account"),true);
                filterContext.RequestContext.HttpContext.Response.End();
                //filterContext.Result = new EmptyResult();
                return;
            }

            if (!isAllowed)
            {
                filterContext.RequestContext.HttpContext.Response.Write("无权访问");
                filterContext.RequestContext.HttpContext.Response.End();
            }
        }