예제 #1
0
        /// <summary>
        /// 检测是否需要登录
        /// </summary>
        /// <param name="t">ControllerType</param>
        /// <param name="actionname">actionName</param>
        /// <returns>True:需要登录;</returns>
        private bool IsCheckLogin(Type t, string actionname)
        {
            actionname = Commonfs.FirstCharToUpper(actionname);
            bool isNeedLogin = false;
            //判断controller是否需要登录
            var cAttributes = t.GetCustomAttributes(typeof(CheckLoginAttribute), true) as CheckLoginAttribute[];

            if (cAttributes.Length > 0)
            {
                isNeedLogin = true;
            }
            //判断action需要登录
            var actionMethod = t.GetMethod(actionname);

            if (actionMethod == null)
            {
                throw new Exception($"{t.FullName}控制器内未找到方法名称为“{actionname}”的方法。");
            }
            //查看是否需要权限控制
            var attrs = actionMethod.GetCustomAttributes(typeof(CheckLoginAttribute), true) as CheckLoginAttribute [];

            if (attrs.Length > 0)
            {
                isNeedLogin = true;
            }
            var attrs1 = actionMethod.GetCustomAttributes(typeof(NotCheckLoginAttribute), false) as NotCheckLoginAttribute[];

            if (attrs1.Length > 0)
            {
                isNeedLogin = false;
            }

            return(isNeedLogin);
        }
예제 #2
0
        /// <summary>
        /// 判断是否有权限
        /// </summary>
        /// <param name="actionname">方法名</param>
        /// <param name="t">Controller类型</param>
        /// <param name="errorMessage">Controller类型</param>
        /// <returns>true:有权限;</returns>
        private bool IsHaveAuthorize(string actionname, Type t, out string errorMessage)
        {
            actionname   = Commonfs.FirstCharToUpper(actionname);
            errorMessage = string.Empty;
            var method = t.GetMethod(actionname);

            if (method == null)
            {
                return(false);
            }
            ////查看是否需要权限控制
            var attrs = method.GetCustomAttributes(typeof(MyAuthorizeAttribute), true) as MyAuthorizeAttribute[];

            if (attrs.Length == 0)
            {
                return(true);
            }
            User user;

            if (!IsLogin(out user, out errorMessage))
            {
                return(false);
            }

            //获取用户权限
            if (user == null)
            {
                return(false);
            }
            var ups = Commonfs.Split(user.Permissions, ',');

            //系统管理员角色和超级管理员拥有全部权限
            if (user.Id == 1 || user.RoleIds.ToList(',').Exists(x => x == "1"))
            {
                return(true);
            }
            //获取用户角色的权限
            List <string> rlist = RoleBussiness.Init.GetRolePermissionsByUserId(user.Id, out errorMessage);

            var permissions = ups.Union(rlist);

            ////判断是否有权限
            foreach (var item in attrs)
            {
                var authorizeList = item.GetStingList();
                if (UserBussiness.Init.IsHaveAuthorize(user, authorizeList, out errorMessage))
                {
                    return(true);
                }
            }
            return(false);
        }
예제 #3
0
        /// <summary>
        /// 判断是否需要访问令牌
        /// </summary>
        /// <param name="actionName"></param>
        /// <param name="t"></param>
        /// <returns>true:需要;</returns>
        private bool IsHaveVisitToken(string actionName, Type t)
        {
            actionName = Commonfs.FirstCharToUpper(actionName);
            var method = t.GetMethod(actionName);

            if (method == null)
            {
                return(false);
            }
            ////查看是否需要访问令牌
            var attrs = method.GetCustomAttributes(typeof(AllowAnonymousAttribute), true) as AllowAnonymousAttribute[];

            if (attrs.Length == 0)
            {
                return(true);
            }
            else
            {
                return(false);
            }
        }