public BaseController() : base() { this.permisson = new PermissonController(); ViewBag.Permisson = this.permisson; userInfo = null; }
public PermissonController getPermision(string areaName, string controllerName) { if (fAdmin) { PermissonController permisson = new PermissonController(); permisson.RoleAdmin = true; return permisson; } string _controllerName = controllerName.ToLower(); string _areaName = string.IsNullOrWhiteSpace(areaName)? "" : areaName.ToLower(); return getPermissonController(_areaName, _controllerName); }
private void buildPermisson(List<SysAction> lstAction) { lstPermission = new Hashtable(); string curentController=""; string curentArea = ""; PermissonController permisson = null; lstAction.ForEach(a => { if (!curentArea.Equals(a.Area) || !curentController.Equals(a.Controller)) { curentArea = a.Area.ToLower(); curentController = a.Controller.ToLower(); if (permisson != null) lstPermission.Add(permisson.AreaName + permisson.ControllerName, permisson); permisson = new PermissonController(); permisson.AreaName = curentArea; permisson.ControllerName = curentController; } permisson.actionPermisson.Add(a.Action.ToLower()); }); }
protected override void OnAuthorization(AuthorizationContext filterContext) { bool skipAuthorization = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true); if (skipAuthorization) return; var user = filterContext.HttpContext.User; if (user == null || !user.Identity.IsAuthenticated) { filterContext.Result = new HttpUnauthorizedResult(); return; } if (Session[Application.Session.Permisson] == null) { filterContext.Result = new HttpUnauthorizedResult(); return; } AppPermission appPermission = Session[Application.Session.Permisson] as AppPermission; this.userInfo = appPermission.UserInfo; string areaName = filterContext.RequestContext.RouteData.DataTokens["Area"] as string?? ""; string controllnerName = filterContext.RequestContext.RouteData.Values["Controller"].ToString(); string actionName = filterContext.RequestContext.RouteData.Values["Action"].ToString(); this.permisson = appPermission.getPermision(areaName, controllnerName); permisson.appPermisson = appPermission; ViewBag.Permisson = this.permisson; if (!permisson.hasPermisson(actionName)) { filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden); return; } if (Session[Application.Session.Message] != null) { ViewBag.Message = Session[Application.Session.Message]; Session[Application.Session.Message] = null; } base.OnAuthorization(filterContext); }