/// <summary> /// 保存信息 /// </summary> /// <param name="message">需要保存的信息</param> /// <param name="level">1 info 2 warm 3 error 4 fatal</param> public void SaveMessage(int level, string message, Exception ex = null) { Log4Net.LogMessage logmessage = new Log4Net.LogMessage(message); var user = WebSetting.GetUser(); logmessage.UserName = System.Web.HttpContext.Current.Session.SessionID; logmessage.UserID = Guid.Empty; if (user != null) { logmessage.UserID = user.ID; logmessage.UserName = user.Account; } logmessage.WebID = WingsConfigurationReader.Instance.WebID; logmessage.WebName = WingsConfigurationReader.Instance.WebName; switch (level) { case 1: if (IsInfoEnabled) { log.Info(logmessage, ex); } ; break; case 2: if (IsWarnEnabled) { log.Warn(logmessage, ex); } ; break; case 3: if (IsErrorEnabled) { log.Error(logmessage, ex); } ; break; case 4: if (IsFatalEnabled) { log.Fatal(logmessage, ex); } ; break; default: break; } }
public ActionResult LogOut() { var webid = Wings.Framework.Config.WingsConfigurationReader.Instance.WebID; var userinfo = WebSetting.GetUser(); Result r = new Result(); if (userinfo != null) { try { PluginsManger.Service.LoginOut(userinfo.ID, webid); r.success = true; } catch (Exception ex) { r.message = ex.Message; } } WebSetting.UserOffLine(); return(View()); }
/// <summary> /// 判断当前用户是否有次访问点的权限 /// </summary> /// <param name="filterContext"></param> public override void OnActionExecuting(ActionExecutingContext filterContext) { //权限拦截是否忽略 bool IsIgnored = false; string message = string.Empty; if (filterContext == null) { throw new ArgumentNullException("filterContext"); } //判断当前用户是否是管理员 var userinfo = WebSetting.GetUser(); if (userinfo != null && userinfo.ID == WingsConfigurationReader.Instance.WebAdminID) { message = "当前用户是超级管理员!"; IsIgnored = true; } //是否登录和允许匿名访问 即无权限控制 if (filterContext.ActionDescriptor.IsDefined(typeof(AnonymousAttribute), false)) { message = "匿名使用页面,无权限控制!"; IsIgnored = true; } if (!filterContext.HttpContext.User.Identity.IsAuthenticated && !IsIgnored) { message = "用户未登录,转跳登录!"; { FormsAuthentication.RedirectToLoginPage(); } } else //用户已经登录 if (!IsIgnored) { if (filterContext.ActionDescriptor.IsDefined(typeof(LoginAllowViewAttribute), false)) { message = "登录即可允许页面!"; IsIgnored = true; } else { //读取缓存 是否包含此控制器和访问 var permissionsobjs = WebSetting.GetPermission(); if (permissionsobjs != null) { List <Permission> permissions = (List <Permission>)permissionsobjs; var path = filterContext.HttpContext.Request.Path.ToLower(); string controller = filterContext.RouteData.Values["controller"].ToString(); string action = filterContext.RouteData.Values["action"].ToString(); var ispost = filterContext.HttpContext.Request.HttpMethod.ToLower() == "post"; if (permissions != null && permissions.Count > 0) { var result = permissions.Find(p => { if (p.Action == null || p.Controller == null) { return(false); } else { return(p.Action.ToLower() == action.ToLower() && p.Controller.ToLower() == controller.ToLower() && p.IsPost == ispost); } } ); IsIgnored = result != null; } } message = IsIgnored ? "权限之内页面!" : "不具有权限页面!"; } } // if (!IsIgnored) { filterContext.Result = new JsonResult() { Data = new { success = false, message = "抱歉 您不具有此页面的访问权限,如有疑问请联系管理员!" }, JsonRequestBehavior = JsonRequestBehavior.AllowGet }; } object[] Descriptions = filterContext.ActionDescriptor.GetCustomAttributes(typeof(System.ComponentModel.DescriptionAttribute), false); string OperaName = string.Empty; if (Descriptions != null && Descriptions.Count() > 0) { OperaName = ((System.ComponentModel.DescriptionAttribute)(Descriptions[0])).Description; } string paras = Newtonsoft.Json.JsonConvert.SerializeObject(filterContext.ActionParameters); Log.OperaInstance.SaveMessage(IsIgnored ? 1 : 2, string.Format("权限判断:{0};参数:{1};信息:{2}", OperaName, paras, message)); base.OnActionExecuting(filterContext); }