/// <summary> /// 在一个action被执行前调用 /// </summary> /// <param name="filterContext"></param> public override void OnActionExecuting(ActionExecutingContext filterContext) { int productid = 1; BaseController control = filterContext.Controller as BaseController; //跳过对/Base/的任何检查 if (control != null && control.GetType() == typeof(BaseController)) { base.OnActionExecuting(filterContext); return; } string LoginIP = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"] as string; //用户权限较验 CRMService crm = new CRMService(); //获得当前用户的登陆信息 CookieUserInfo cui = MembershipService.GetUserCookie(); //CookieUserInfo cui = new CookieUserInfo() { UserID = "1", UserName = "******", LoginGuid = Guid.NewGuid().ToString() }; Int32? userid = null; if (cui != null) { userid = Convert.ToInt32(cui.UserID); Hashtable counthtparm = new Hashtable(); counthtparm["UserID"] = userid.Value; counthtparm["LoginIP"] = LoginIP; int countIP = CRMMapper.Get().QueryForObject<int>("BlackIP.MyFind", counthtparm); if (countIP != 0) { filterContext.Result = new RedirectResult("/Base/IPError.mvc"); } } else { userid = -1; Hashtable counthtparm = new Hashtable(); counthtparm["UserID"] = userid.Value; counthtparm["LoginIP"] = LoginIP; int countIP = CRMMapper.Get().QueryForObject<int>("BlackIP.MyFind", counthtparm); if (countIP != 0) { filterContext.Result = new RedirectResult("/Base/IPError.mvc"); } } //用户ip使用次数校验 int count = 0; int times = 30; Hashtable htparm = new Hashtable(); if (userid != null) htparm["UserID"] = userid.Value; else htparm["UserID"] = -1; htparm["LoginIP"] = LoginIP; htparm["Now"] = DateTime.Now; htparm["Last"] = DateTime.Now.AddMinutes(-1); count = CRMMapper.Get().QueryForObject<Int32>("UserLogin.Total", htparm); if (count < times) { UserLogin userlogin = new UserLogin(); if (userid != null) userlogin.UserID = userid.Value; else userlogin.UserID = -1; userlogin.LoginIP = LoginIP; userlogin.LoginTime = DateTime.Now; userlogin.FuntionCode = control.functionCode(); userlogin.URL = HttpContext.Current.Request.Url.PathAndQuery; new UserLoginDao().Insert(userlogin); } else { BlackIP bIP = new BlackIP(); bIP.LogIP = LoginIP; bIP.UserID = userid.Value; bIP.BlackTime = DateTime.Now; new BlackIPDao().Insert(bIP); filterContext.Result = new RedirectResult("/Base/IPError.mvc"); } //检验是否是重复登录 if (userid != null) { string url = HttpContext.Current.Request.Url.PathAndQuery; UserLoginGuidService ulgs = new UserLoginGuidService(); UserLoginGuid ulg = ulgs.selectbyuserid(userid.Value); if (ulg != null) { if (ulg.LoginGuid != cui.LoginGuid) { UserModel olduser = new MembershipUserService().GetUserName(Int32.Parse(cui.UserID)); DateTime oldtime = olduser.LastLoginDate; string oldip = olduser.LastLoginIp; if (oldtime.AddMinutes(30) < DateTime.Now || oldip == LoginIP) filterContext.Result = new RedirectResult("/Base/MutiLogin.mvc?Url=" + url); else { int t = 30 - (DateTime.Now - oldtime).Minutes; filterContext.Result = new RedirectResult("/Base/LessTime.mvc?t=" + t); } } } } int helptopic = 0; EnumPrivilegeCheckResult checkresult = crm.UserPrivilegeCheck(control.ProductID, control.functionCode(), userid, out helptopic); //处理验证结果 switch (checkresult) { case EnumPrivilegeCheckResult.未登陆失败: filterContext.Result = new RedirectResult("/Base/NotLogin.mvc"); return; case EnumPrivilegeCheckResult.非会员失败: filterContext.Result = new RedirectResult("/Base/NotMember.mvc/" + helptopic); return; case EnumPrivilegeCheckResult.会员等级不足失败: filterContext.Result = new RedirectResult("/Base/MemberLevelError.mvc/" + helptopic); return; case EnumPrivilegeCheckResult.未购买产品失败: filterContext.Result = new RedirectResult("/Base/NotBuyer.mvc/" + helptopic); return; case EnumPrivilegeCheckResult.试用账号超过次数上限: filterContext.Result = new RedirectResult("/Base/TryError.mvc"); return; } //如果是子账户,检查是否有相应权限 if (userid != null && new MemberUserInfoDao().Find((int)userid) != null) { int uid = (int)userid; bool IsAdmin = new MemberUserInfoDao().IsAdmin(uid); if (!IsAdmin)//如果是子账户 { //找到子账户的functionlist string functionlist = FindFunctionlist(uid, productid); List<string> codelist = new List<string>(); if (functionlist != null) { string[] list = functionlist.Split(','); //再找到相应的functioncode foreach (string str in list) { if (str.Trim().ToLower() != "on") { codelist.Add(new ProductFunctionDao().Find(Int32.Parse(str)).FunctionCode); } } } codelist.Add("IndexPage");//首页都有 //如果当前code不在列表中则失败 if (!codelist.Contains(control.functionCode())) { filterContext.Result = new RedirectResult("/Base/NotAdmin.mvc"); } } } //通过检杳,允许访问 base.OnActionExecuting(filterContext); }