コード例 #1
0
        /// <summary>授权发生时触发</summary>
        /// <param name="filterContext"></param>
        public void OnAuthorization(AuthorizationFilterContext filterContext)
        {
            /*
             * 验证范围:
             * 1,魔方区域下的所有控制器
             * 2,所有带有EntityAuthorize特性的控制器或动作
             */
            var act  = filterContext.ActionDescriptor;
            var ctrl = (ControllerActionDescriptor)act;

            // 允许匿名访问时,直接跳过检查
            if (
                ctrl.MethodInfo.IsDefined(typeof(AllowAnonymousAttribute)) ||
                ctrl.ControllerTypeInfo.IsDefined(typeof(AllowAnonymousAttribute)))
            {
                return;
            }

            // 如果控制器或者Action放有该特性,则跳过全局
            var hasAtt =
                ctrl.MethodInfo.IsDefined(typeof(EntityAuthorizeAttribute), true) ||
                ctrl.ControllerTypeInfo.IsDefined(typeof(EntityAuthorizeAttribute));

            if (IsGlobal && hasAtt)
            {
                return;
            }

            // 只验证管辖范围
            var create = false;

            if (!AreaBaseX.Contains(ctrl))
            {
                if (!hasAtt)
                {
                    return;
                }
                // 不属于魔方而又加了权限特性,需要创建菜单
                create = true;
            }

            // 根据控制器定位资源菜单
            var menu = GetMenu(filterContext, create);

            // 如果已经处理过,就不处理了
            if (filterContext.Result != null)
            {
                return;
            }

            if (!AuthorizeCore(filterContext.HttpContext))
            {
                HandleUnauthorizedRequest(filterContext);
            }
        }
コード例 #2
0
        /// <summary>拦截异常</summary>
        /// <param name="ctx"></param>
        public override void OnException(ExceptionContext ctx)
        {
            if (ctx.ExceptionHandled)
            {
                return;
            }

            XTrace.WriteException(ctx.Exception);
            var ex = ctx.Exception?.GetTrue();

            if (ex != null)
            {
                //此异常不属于mvc流程,需要使用中间件拦截处理
                //// 避免反复出现缺少文件
                //if (ex is HttpException hex && (UInt32)hex.ErrorCode == 0x80004005)
                //{
                //    var url = HttpContext.Current.Request.RawUrl + "";
                //    if (!NotFoundFiles.Contains(url))
                //        NotFoundFiles.Add(url);
                //    else
                //        ex = null;
                //}

                // 拦截没有权限
                if (ex is NoPermissionException nex)
                {
                    ctx.Result           = ctx.NoPermission(nex);
                    ctx.ExceptionHandled = true;
                }

                if (ex != null)
                {
                    XTrace.WriteException(ex);
                }
            }
            if (ctx.ExceptionHandled)
            {
                return;
            }

            // 判断控制器是否在管辖范围之内,不拦截其它控制器的异常信息
            if (/*Setting.Current.CatchAllException ||*/ AreaBaseX.Contains((ControllerActionDescriptor)ctx.ActionDescriptor))
            {
                ctx.ExceptionHandled = true;

                var ctrl = "";
                var act  = "";
                if (ctx.RouteData.Values.ContainsKey("controller"))
                {
                    ctrl = ctx.RouteData.Values["controller"] + "";
                }
                if (ctx.RouteData.Values.ContainsKey("action"))
                {
                    act = ctx.RouteData.Values["action"] + "";
                }

                if (ctx.HttpContext.Request.IsAjaxRequest())
                {
                    if (act.IsNullOrEmpty())
                    {
                        act = "操作";
                    }
                    ctx.Result = ControllerHelper.JsonTips("[{0}]失败!{1}".F(act, ex.Message));
                }
                else
                {
                    var vr = new ViewResult
                    {
                        ViewName = "CubeError"
                    };

                    vr.ViewData = new ViewDataDictionary(new EmptyModelMetadataProvider(), ctx.ModelState)
                    {
                        ["Context"]   = ctx,
                        ["Exception"] = ex,
                        ["Ctrl"]      = ctrl,
                        ["Act"]       = act
                    };

                    ctx.Result = vr;
                }
            }

            base.OnException(ctx);
        }