/// <summary>
/// 检查某个用户是否属于某角色
/// </summary>
/// <param name="user"></param>
/// <param name="roleConfigKey"></param>
public void CheckCurrentUserInRole(IUser user, string roleConfigKey)
{
ExceptionHelper.CheckStringIsNullOrEmpty("roleConfigKey", "roleConfigKey");
RolesDefine rf = RolesDefineCollection[roleConfigKey];
ExceptionHelper.FalseThrow(rf != null, "您没有权限执行此操作,不能查到角色配置信息\"{0}\",请检查rolesDefineConfig配置节", roleConfigKey);
ExceptionHelper.FalseThrow(DeluxePrincipal.IsInRole(user, rf.Roles), "您不属于\"{0}\",没有权限执行此操作", rf.Description);
}
private static bool UserInRole(string rolesNames, IUser user, object callerContext)
{
bool result = DeluxePrincipal.IsInRole(user, rolesNames);
if (result == false)
{
result = IsInSOARoles(user, rolesNames, callerContext);
}
return(result);
}
public static void InitPrincipal(string userKey)
{
GenericTicketTokenContainer tokenContainer = new GenericTicketTokenContainer();
tokenContainer.User = new GenericTicketToken(Consts.Users[userKey]);
tokenContainer.RealUser = new GenericTicketToken(Consts.Users[userKey]);
DeluxeIdentity identity = new DeluxeIdentity(tokenContainer, null);
DeluxePrincipal principal = new DeluxePrincipal(identity);
PrincipaContextAccessor.SetPrincipalInContext(WfClientServiceBrokerContext.Current, principal);
}
protected override bool IsAuthorized(HttpActionContext actionContext)
{
bool result = (this.Enabled == false || RolesDefineConfig.GetConfig().Enabled == false);
if (result == false)
{
DeluxePrincipal pricipal = actionContext.RequestContext.Principal as DeluxePrincipal;
if (pricipal != null)
{
result = this.IsAuthorized(pricipal, this.Roles);
}
}
return(result);
}
private static bool IsInSOARoles(IUser user, string rolesNames, object callerContext)
{
bool result = false;
IRole[] roles = DeluxePrincipal.GetRoles(rolesNames);
for (int i = 0; i < roles.Length; i++)
{
result = IsInSOARole(user, SOARole.CreateWrapperObject(roles[i]), callerContext);
if (result)
{
break;
}
}
return(result);
}
public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
if (this.Enabled)
{
IPrincipal principal = DeluxePrincipal.CreateByRequest(false);
if (principal != null)
{
context.Principal = principal;
}
else
{
context.ErrorResult = new PassportAuthenticationFailureResult("Need Passport Authentication", context.Request);
}
}
return(Task.FromResult(0));
}
public void OguRoleCollectionSerializationTest()
{
JSONSerializerExecute.RegisterConverter(typeof(OguApplicationConverter));
JSONSerializerExecute.RegisterConverter(typeof(OguRoleConverter));
IRole[] testRoles = DeluxePrincipal.GetRoles(RolesDefineConfig.GetConfig().RolesDefineCollection["testRole"].Roles);
OguRoleCollection roles = new OguRoleCollection(testRoles);
string serializedData = JSONSerializerExecute.Serialize(roles);
Console.WriteLine(serializedData);
OguRoleCollection deserializedData = JSONSerializerExecute.Deserialize <OguRoleCollection>(serializedData);
for (int i = 0; i < roles.Count; i++)
{
ValidatePermissionObject(roles[i], deserializedData[i]);
}
}
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
DeluxePrincipal pricipal = actionContext.RequestContext.Principal as DeluxePrincipal;
string message = string.Empty;
if (pricipal == null)
{
message = "用户需要认证后才能够判断权限";
}
else
{
message = "用户没有权限";
}
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent(JsonConvert.SerializeObject(new { number = -1, description = message, stackTrace = string.Empty })),
};
}
/// <summary>
/// 某个用户是否在已经配置的角色中
/// </summary>
/// <param name="user"></param>
/// <param name="roleConfigKeys"></param>
/// <returns></returns>
public bool IsCurrentUserInRoles(IUser user, params string[] roleConfigKeys)
{
user.NullCheck("user");
ExceptionHelper.FalseThrow <ArgumentNullException>(roleConfigKeys != null, "roleConfigKeys");
bool result = false;
foreach (string roleKey in roleConfigKeys)
{
RolesDefine rf = RolesDefineCollection[roleKey];
if (rf != null)
{
if (DeluxePrincipal.IsInRole(user, rf.Roles))
{
result = true;
break;
}
}
}
return(result);
}
/// <summary>
/// 得到定义的角色的实例
/// </summary>
/// <returns></returns>
public IRole[] GetRolesInstances()
{
return(DeluxePrincipal.GetRoles(Roles));
}
private static IRole GetTestRole()
{
IRole[] roles = DeluxePrincipal.GetRoles(RolesDefineConfig.GetConfig().RolesDefineCollection["testRole"].Roles);
return(roles[0]);
}
public static void InitPrincipal(string userKey)
{
GenericTicketTokenContainer tokenContainer = new GenericTicketTokenContainer();
tokenContainer.User = new GenericTicketToken(Consts.Users[userKey]);
tokenContainer.RealUser = new GenericTicketToken(Consts.Users[userKey]);
DeluxeIdentity identity = new DeluxeIdentity(tokenContainer, null);
DeluxePrincipal principal = new DeluxePrincipal(identity);
PrincipaContextAccessor.SetPrincipalInContext(WfClientServiceBrokerContext.Current, principal);
}
protected override bool IsAuthorized(DeluxePrincipal principal, string permissions)
{
throw new NotImplementedException();
}
protected abstract bool IsAuthorized(DeluxePrincipal principal, string roles);
protected override bool IsAuthorized(DeluxePrincipal principal, string roles)
{
return(principal.IsInRole(roles));
}