public AdminRoleController(IAdminRoleService adminRoleService, IAdminModuleService adminModuleService, IAdminRole_ModuleService adminRole_ModuleService, IAdminActionService adminActionService, CurrentAdmin currentAdmin) { this._adminRoleService = adminRoleService; this._adminModuleService = adminModuleService; this._adminRole_ModuleService = adminRole_ModuleService; this._adminActionService = adminActionService; _currentAdmin = currentAdmin; }
private CurrentAdmin GetInfos() { CurrentAdmin current = new CurrentAdmin(); string id = User.Identity.Name; var infos = _dbContext.InfoTable.Where(s => s.Id.Equals(id)).Select(x => new { x.Id, x.Name, x.RoleId }).ToList(); current.ID = infos[0].Id; current.Name = infos[0].Name; if (infos[0].RoleId == 1) { current.Role = "Super Admin"; } else if (infos[0].RoleId == 3) { current.Role = "Admin"; } return(current); }
public AdminActionController(IAdminActionService adminActionService, CurrentAdmin currentAdmin) { this._adminActionService = adminActionService; _currentAdmin = currentAdmin; }
public SystemAdminController(ISystemAdminService sysadminService, IAdminRoleService adminRoleService, CurrentAdmin curradmin) { this._sysadminService = sysadminService; this._adminRoleService = adminRoleService; this._curradmin = curradmin; }
public override void OnAuthorization(AuthorizationContext filterContext) { if (filterContext.HttpContext == null) { throw new ArgumentNullException("httpContext"); } object[] attrs = filterContext.ActionDescriptor.GetCustomAttributes(typeof(ExcAdminAuthAttribute), true); var isExc = attrs.Length == 1;//是否取消验证 if (isExc) { return; } if (!filterContext.HttpContext.User.Identity.IsAuthenticated) { filterContext.Result = new HttpUnauthorizedResult(); return; } string myRole = string.Empty; Uri url = filterContext.HttpContext.Request.Url; string fileurl = "/" + url.Segments[url.Segments.Length - 2] + url.Segments[url.Segments.Length - 1]; AdminModule AMentity = null;//根据url取得功能模块的Forms角色名称 try { AMentity = adminModuleService.GetOneByPageUrl(fileurl); } catch { } myRole = AMentity == null ? string.Empty : AMentity.FormRoleName; base.Roles = string.IsNullOrEmpty(base.Roles) ? myRole : base.Roles;//硬编码设置了Roles优先于数据库配置的Forms角色 //登录验证、Forms角色验证 base.OnAuthorization(filterContext); base.Roles = string.Empty; //showstopper: 验证过后,避免另一角色的用户登录后身份验证冲突,清除可能存在的Roles缓存 if (filterContext.Result is HttpUnauthorizedResult) { return; } //只能放在这里创建对象实例,才能实现验证登录成功后调用 CurrentAdmin curAdmin = UnityContainerFactory.Instance.CurrentContainer.Resolve <CurrentAdmin>(); //同一帐号不能多人同时登陆使用检测 try { if (!systemAdminService.CheckIsRepeatLogon(curAdmin.AdminInfo.SAID, curAdmin.LoginedIP)) { if (filterContext.HttpContext.Request.IsAjaxRequest()) { filterContext.Result = new JsonResult() { Data = new ShowResultModel() { TipMsg = "很抱歉,你被迫下线,该帐号已在别处登录!" }, JsonRequestBehavior = JsonRequestBehavior.AllowGet } } ; else { filterContext.Result = new ContentResult { Content = "很抱歉,你被迫下线,该帐号已在别处登录!" } }; return; } } catch { } //Notice:要么同一功能菜单下功能模块的Forms角色名称要不同,要么就要增加设置操作权限[查看]的Controller/Action Name,才能避免登录成功的用户,通过url进入相同Forms角色的页面 var controller = filterContext.RouteData.Values["controller"].ToString(); var action = filterContext.RouteData.Values["action"].ToString(); //filterContext.HttpContext.Response.Write(myRole); // filterContext.Result = new HttpUnauthorizedResult();//直接URL输入的页面地址跳转到登陆页 //功能权限检测 //根据Controller与Action取得当前用户拥有关联该功能模块的权值,逻辑并后,是否等于该权值 try { if (!curAdmin.CheckActionWeight(controller, action)) { if (filterContext.HttpContext.Request.IsAjaxRequest()) { filterContext.Result = new JsonResult() { Data = new ShowResultModel() { TipMsg = "抱歉,你不具有当前操作的权限!" }, JsonRequestBehavior = JsonRequestBehavior.AllowGet } } ; else { filterContext.Result = new ContentResult { Content = "抱歉,你不具有当前操作的权限!" } }; } } catch { } //filterContext.RequestContext.HttpContext.Response.Write("无权访问"); //filterContext.RequestContext.HttpContext.Response.End(); }
public AdminModuleController(IAdminModuleService adminModuleService, CurrentAdmin currentAdmin) { _adminModuleService = adminModuleService; _currentAdmin = currentAdmin; }
public AdminLogController(IAdminLogService AdminLogService, CurrentAdmin currentAdmin) { this._AdminLogService = AdminLogService; _currentAdmin = currentAdmin; }