private void WidgetController_BeforeActionExecute(object sender, BeforeActionExecuteEventArgs e) { JContext jc = e.JContext; if (jc == null) { //服务器错误 ResponseUtil.OutputJson(httpContext.Response, new { code = 500, msg = "不合法请求" }); e.PreventDefault = true; return; } if (!jc.IsAuth) { //权限验证失败 ResponseUtil.OutputJson(httpContext.Response, new { code = 403, msg = "没有权限访问" }); e.PreventDefault = true; return; } #region 校验站点信息 if (string.IsNullOrEmpty(jc.Params["siteId"])) { ResponseUtil.OutputJson(httpContext.Response, new { code = 200, msg = "参数列表不正确,缺少SiteId参数" }); e.PreventDefault = true; return; } var site = Site.Get(jc.Params["siteId"]); if (site == null) { ResponseUtil.OutputJson(httpContext.Response, new { code = 200, msg = "指定的站点不存在" }); e.PreventDefault = true; return; } #endregion #region 校验用户对站点的权限 var relation = (from q in SiteUsers.CreateContext() where q.UserId == jc.UserName && q.SiteId == site.Id select q).FirstOrDefault(); //只有管理人员才可以对站点的挂件进行编辑 if (relation == null || relation.PermissionLevel != PermissionLevel.ADMIN) { ResponseUtil.OutputJson(httpContext.Response, new { code = 403, msg = "没有权限访问" }); e.PreventDefault = true; return; } #endregion jc["site"] = site; }
public virtual void OnBeforeActionExecute(BeforeActionExecuteEventArgs e) { EventHandler <BeforeActionExecuteEventArgs> handler = BeforeActionExecute; if (handler != null) { handler(this, e); } }
private void CategoryController_BeforeActionExecute(object sender, BeforeActionExecuteEventArgs e) { JContext jc = e.JContext; if (jc == null) { //服务器错误 ResponseUtil.OutputJson(httpContext.Response, new { code = 500, msg = "不合法请求" }); e.PreventDefault = true; return; } if (!jc.IsAuth) { //权限验证失败 ResponseUtil.OutputJson(httpContext.Response, new { code = 403, msg = "没有权限访问" }); e.PreventDefault = true; return; } #region 校验站点信息 if (string.IsNullOrEmpty(jc.Params["siteId"])) { ResponseUtil.OutputJson(httpContext.Response, new { code = 200, msg = "参数列表不正确,缺少SiteId参数" }); e.PreventDefault = true; return; } var site = Site.Get(jc.Params["siteId"]); if (site == null) { ResponseUtil.OutputJson(httpContext.Response, new { code = 200, msg = "指定的站点不存在" }); e.PreventDefault = true; return; } #endregion jc["site"] = site; }
private void SiteController_BeforeActionExecute(object sender, BeforeActionExecuteEventArgs e) { JContext jc = e.JContext; if (jc == null) { //服务器错误 ResponseUtil.OutputJson(httpContext.Response, new { code = 500, msg = "不合法请求" }); e.PreventDefault = true; return; } //只有管理员角色才能访问该控制器下的接口 if (!jc.IsAuth || !jc.User.IsInRole("admin")) { //权限验证失败 ResponseUtil.OutputJson(httpContext.Response, new { code = 403, msg = "没有权限访问" }); e.PreventDefault = true; return; } }