private static void ErrorRediect(SystemAuthorizeErrorRedirect errorRediect, Action <string> RedirectUrl, Func <SystemAuthorizeErrorRedirectItemList, bool> actionExpression, Func <SystemAuthorizeErrorRedirectItemList, bool> controllerExpression, Func <SystemAuthorizeErrorRedirectItemList, bool> areaExpression) { if (errorRediect.ItemList == null) {//返回默认错误地址 RedirectUrl(errorRediect.DefaultUrl); } else if (errorRediect.ItemList.Any(actionExpression)) { var red = errorRediect.ItemList.Single(actionExpression); RedirectUrl(red.ErrorUrl); } else if (errorRediect.ItemList.Any(controllerExpression)) { var red = errorRediect.ItemList.Single(controllerExpression); RedirectUrl(red.ErrorUrl); } else if (errorRediect.ItemList.Any(areaExpression)) { var red = errorRediect.ItemList.Single(areaExpression); RedirectUrl(red.ErrorUrl); } else if (errorRediect.ItemList.Any(it => it.SystemAuthorizeType == SystemAuthorizeType.All)) { var red = errorRediect.ItemList.Single(it => it.SystemAuthorizeType == SystemAuthorizeType.All); RedirectUrl(red.ErrorUrl); } else { RedirectUrl(errorRediect.DefaultUrl); } }
/// <summary> /// 后台管理员验证 /// </summary> /// <param name="filterContext"></param> private static void CheckAdmin(AuthorizationContext filterContext) { List <SystemAuthorizeModel> smList = new List <SystemAuthorizeModel>() { new SystemAuthorizeModel() { SystemAuthorizeType = SystemAuthorizeType.Area, AreaName = "AdminSite", UserKeyArray = new dynamic[] { true } } }; AuthorizeService.PubControllerNames = new List <string>() { "Login" }; //无需验证的控制器 SystemAuthorizeErrorRedirect sr = new SystemAuthorizeErrorRedirect(); sr.DefaultUrl = "/AdminSite/Login/Index";//没有权限都跳转到DefaultUrl AuthorizeService.Start(filterContext, smList, sr, () => { var cm = CacheManager <UserInfo> .GetInstance(); string uniqueKey = PubGet.GetUserKey; var isLogin = cm.ContainsKey(uniqueKey); return(isLogin); }); }
/// <summary> /// 启动系统授权 /// </summary> /// <param name="filterContext"></param> /// <param name="SystemAuthorizeList">所有验证项</param> /// <param name="errorRediect">没有权限跳转地址</param> /// <param name="GetCurrentUserId">获取当前用户ID</param> public static void Start(AuthorizationContext filterContext, List <SystemAuthorizeModel> systemAuthorizeList, SystemAuthorizeErrorRedirect errorRediect, Func <object> GetCurrentUserKey) { if (errorRediect == null) { throw new ArgumentNullException("SystemAuthorizeService.Start.errorRediect"); } if (systemAuthorizeList == null) { throw new ArgumentNullException("SystemAuthorizeService.Start.systemAuthorizeList"); } //全部小写 foreach (var it in systemAuthorizeList) { if (it.ControllerName != null) { it.ControllerName = it.ControllerName.ToLower(); } if (it.ActionName != null) { it.ActionName = it.ActionName.ToLower(); } if (it.AreaName != null) { it.AreaName = it.AreaName.ToLower(); } } //声名变量 var context = filterContext.HttpContext; var request = context.Request; var response = context.Response; string actionName = filterContext.ActionDescriptor.ActionName.ToLower(); string controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName.ToLower(); string areaName = null; bool isArea = filterContext.RouteData.DataTokens["area"] != null; //是否有无需验证的控制器 if (PubControllerNames != null && PubControllerNames.Count > 0) { //无需验证跳过 if (PubControllerNames.Any(it => it.Equals(controllerName, StringComparison.CurrentCultureIgnoreCase))) { return; } } //变量赋值 if (isArea) { areaName = filterContext.RouteData.DataTokens["area"].ToString().ToLower(); } //函数方法 #region 函数方法 Action <string, string, string> Redirect = (action, controller, area) => { filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = controller, action = action, area = area })); }; Action <string> RedirectUrl = url => { filterContext.Result = new RedirectResult(url); }; #endregion Func <SystemAuthorizeErrorRedirectItemList, bool> redirectActionExpression = it => it.SystemAuthorizeType == SystemAuthorizeType.Action && it.Area == areaName && it.Controller == controllerName && it.Action == actionName; Func <SystemAuthorizeErrorRedirectItemList, bool> redirectControllerExpression = it => it.SystemAuthorizeType == SystemAuthorizeType.Action && it.Area == areaName && it.Controller == controllerName; Func <SystemAuthorizeErrorRedirectItemList, bool> redirectAreaExpression = it => it.SystemAuthorizeType == SystemAuthorizeType.Action && it.Area == areaName; Func <SystemAuthorizeModel, bool> actionExpression = it => it.SystemAuthorizeType == SystemAuthorizeType.Action && it.AreaName == areaName && it.ControllerName == controllerName && it.ActionName == actionName; Func <SystemAuthorizeModel, bool> controllerExpression = it => it.SystemAuthorizeType == SystemAuthorizeType.Controller && it.AreaName == areaName && it.ControllerName == controllerName; Func <SystemAuthorizeModel, bool> areaExpression = it => it.SystemAuthorizeType == SystemAuthorizeType.Area && it.AreaName == areaName; dynamic userId = GetCurrentUserKey(); //所有权限 bool isAllByUserKey = IsAllByUserKey(systemAuthorizeList, userId); bool isAreaByUserKey = IsAreaByUserKey(systemAuthorizeList, areaName, userId); bool isControllerByUserKey = IsControllerByUserKey(systemAuthorizeList, areaName, controllerName, userId); bool isActionByUserKey = IsActionByUserKey(systemAuthorizeList, areaName, controllerName, actionName, userId); //有权限 var hasPower = (isAllByUserKey || isActionByUserKey || isControllerByUserKey || isAreaByUserKey); //需要验证 var mustValidate = systemAuthorizeList.Any(actionExpression) || systemAuthorizeList.Any(controllerExpression) || systemAuthorizeList.Any(areaExpression); if (!hasPower && mustValidate) { ErrorRediect(errorRediect, RedirectUrl, redirectActionExpression, redirectControllerExpression, redirectAreaExpression); } }