/// <summary> /// 获得完整路径 /// </summary> /// <returns>返回url</returns> public override string ToString() { return(StringUrlExtension.GetRequestUrlByParameter(this.AreaName, this.ControllerName, this.ActionName)); }
/// <summary> /// Action执行之前调用 /// </summary> /// <param name="filterContext"> /// 过滤器上下文 /// </param> public override void OnActionExecuting(ActionExecutingContext filterContext) { if (filterContext == null) { throw new ArgumentNullException("filterContext"); } var isAjaxRequest = filterContext.HttpContext.Request.Headers["X-Requested-With"] != null && filterContext.HttpContext.Request.Headers["X-Requested-With"].ToLower() == "xmlhttprequest"; var controllerName = filterContext.RouteData.Values["controller"].ToString(); var actionName = filterContext.RouteData.Values["action"].ToString(); var areaName = (filterContext.RouteData.DataTokens["area"] ?? string.Empty).ToString(); var requestUrl = StringUrlExtension.GetRequestUrlByParameter(areaName, controllerName, actionName); // 没有经过登录验证 if (UserIdentity.CurrentUser == null) { if (isAjaxRequest) { filterContext.HttpContext.Response.StatusCode = 401; filterContext.Result = new JsonResult { Data = new { errorMessage = "抱歉,您的登录已经失效,请刷新页面重试!" }, JsonRequestBehavior = JsonRequestBehavior.AllowGet }; return; } // 同步请求,直接返回登录页面 filterContext.Result = new RedirectResult("/account/Index"); return; } // 默认开放首页权限 if (controllerName.ToLower() == "home") { return; } // 不需要权限验证 if (filterContext.ActionDescriptor.IsDefined(typeof(AnonymousAttribute), true)) { return; } // 已经登录,判断是否有访问该Url的权限 if (UserIdentity.CurrentUser.AuthenticationUrl.FirstOrDefault(a => a == requestUrl) == null) { if (!isAjaxRequest) { throw new AppAuthorizationException("抱歉,您对" + requestUrl + "访问没有权限,请检查配置。"); } filterContext.HttpContext.Response.StatusCode = 403; filterContext.Result = new JsonResult { Data = new { errorMessage = "抱歉,您对" + requestUrl + "访问没有权限,请检查配置。" }, JsonRequestBehavior = JsonRequestBehavior.AllowGet }; } }
/// <summary> /// 返回配置文件中的权限列表 /// </summary> /// <returns>权限集合</returns> public static List <AuthorityUrls> InitAllFunc() { try { var cache = IocManager.Instance.Resolve <ICache>(); var all = cache.Get <List <AuthorityUrls> >("AllFunc"); if (all != null) { return(all); } var list = new List <AuthorityUrls>(); var doc = new XmlDocument(); doc.Load(File.OpenText(HttpContext.Current.Server.MapPath("/config/authority.config"))); var groupList = doc.GetElementsByTagName("container"); foreach (XmlNode item in groupList) { if (item.Attributes != null) { var needAreaName = item.Attributes["areaName"].Value; var needControllerName = item.Attributes["controllerName"].Value; var needActionName = item.Attributes["actionName"].Value; // 组装url var roleName = StringUrlExtension.GetRequestUrlByParameter( needAreaName, needControllerName, needActionName); var model = new AuthorityUrls { RoleName = roleName }; foreach (XmlNode chin in item.ChildNodes) { if (chin.Attributes == null || chin.Attributes["controllerName"] == null || chin.Attributes["actionName"] == null) { continue; } var controllerName = chin.Attributes["controllerName"].Value; var actionName = chin.Attributes["actionName"].Value; var includerul = StringUrlExtension.GetRequestUrlByParameter(needAreaName, controllerName, actionName); model.IncludeUrl.Add(includerul); } list.Add(model); } } cache.Add("AllFunc", list, 60 * 60 * 12); return(list); } catch (Exception ex) { throw new UserFriendlyException("读取权限列表失败!" + ex); } }