/// <summary>授权发生时触发</summary>
/// <param name="filterContext"></param>
public void OnAuthorization(AuthorizationFilterContext filterContext)
{
/*
* 验证范围:
* 1,魔方区域下的所有控制器
* 2,所有带有EntityAuthorize特性的控制器或动作
*/
var act = filterContext.ActionDescriptor;
var ctrl = (ControllerActionDescriptor)act;
// 允许匿名访问时,直接跳过检查
if (
ctrl.MethodInfo.IsDefined(typeof(AllowAnonymousAttribute)) ||
ctrl.ControllerTypeInfo.IsDefined(typeof(AllowAnonymousAttribute)))
{
return;
}
// 如果控制器或者Action放有该特性,则跳过全局
var hasAtt =
ctrl.MethodInfo.IsDefined(typeof(EntityAuthorizeAttribute), true) ||
ctrl.ControllerTypeInfo.IsDefined(typeof(EntityAuthorizeAttribute));
if (IsGlobal && hasAtt)
{
return;
}
// 只验证管辖范围
var create = false;
if (!AreaBaseX.Contains(ctrl))
{
if (!hasAtt)
{
return;
}
// 不属于魔方而又加了权限特性,需要创建菜单
create = true;
}
// 根据控制器定位资源菜单
var menu = GetMenu(filterContext, create);
// 如果已经处理过,就不处理了
if (filterContext.Result != null)
{
return;
}
if (!AuthorizeCore(filterContext.HttpContext))
{
HandleUnauthorizedRequest(filterContext);
}
}
/// <summary>拦截异常</summary>
/// <param name="ctx"></param>
public override void OnException(ExceptionContext ctx)
{
if (ctx.ExceptionHandled)
{
return;
}
XTrace.WriteException(ctx.Exception);
var ex = ctx.Exception?.GetTrue();
if (ex != null)
{
//此异常不属于mvc流程,需要使用中间件拦截处理
//// 避免反复出现缺少文件
//if (ex is HttpException hex && (UInt32)hex.ErrorCode == 0x80004005)
//{
// var url = HttpContext.Current.Request.RawUrl + "";
// if (!NotFoundFiles.Contains(url))
// NotFoundFiles.Add(url);
// else
// ex = null;
//}
// 拦截没有权限
if (ex is NoPermissionException nex)
{
ctx.Result = ctx.NoPermission(nex);
ctx.ExceptionHandled = true;
}
if (ex != null)
{
XTrace.WriteException(ex);
}
}
if (ctx.ExceptionHandled)
{
return;
}
// 判断控制器是否在管辖范围之内,不拦截其它控制器的异常信息
if (/*Setting.Current.CatchAllException ||*/ AreaBaseX.Contains((ControllerActionDescriptor)ctx.ActionDescriptor))
{
ctx.ExceptionHandled = true;
var ctrl = "";
var act = "";
if (ctx.RouteData.Values.ContainsKey("controller"))
{
ctrl = ctx.RouteData.Values["controller"] + "";
}
if (ctx.RouteData.Values.ContainsKey("action"))
{
act = ctx.RouteData.Values["action"] + "";
}
if (ctx.HttpContext.Request.IsAjaxRequest())
{
if (act.IsNullOrEmpty())
{
act = "操作";
}
ctx.Result = ControllerHelper.JsonTips("[{0}]失败!{1}".F(act, ex.Message));
}
else
{
var vr = new ViewResult
{
ViewName = "CubeError"
};
vr.ViewData = new ViewDataDictionary(new EmptyModelMetadataProvider(), ctx.ModelState)
{
["Context"] = ctx,
["Exception"] = ex,
["Ctrl"] = ctrl,
["Act"] = act
};
ctx.Result = vr;
}
}
base.OnException(ctx);
}