private static RemoteMethodInfo GetRemoteMethod(MethodInfo method)
{
string serviceKey = SecurityUtility.HashObject(method.DeclaringType);
RemoteMethodAttribute rmAttribute = method.GetCustomAttributes(typeof(RemoteMethodAttribute), true)[0] as RemoteMethodAttribute;
return(new RemoteMethodInfo(SecurityUtility.HashObject(method), serviceKey, method.Name, rmAttribute.Description, rmAttribute.Offline, method, String.Empty));
}
/// <summary>
/// 检查指定类型的服务并根据自定义属性标签在系统中进行注册
/// </summary>
/// <param name="type">服务类型</param>
public void InspectService(Type type)
{
if (type.IsDefined(typeof(RemoteServiceAttribute), true))
{
// 通过服务属性标签来注册服务
RemoteServiceAttribute serviceAttribute = type.GetCustomAttributes(typeof(RemoteServiceAttribute), true)[0] as RemoteServiceAttribute;
string serviceKey = SecurityUtility.HashObject(type);
RegisterService(serviceKey, type.Name,
serviceAttribute.Description,
serviceAttribute.ServiceType,
type,
serviceAttribute.ServiceScope);
// 检查所有方法并注册
MethodInfo[] methods = type.GetMethods();
foreach (MethodInfo method in methods)
{
MethodInfo mi = method;
if (method.IsGenericMethod)
{
mi = method.GetGenericMethodDefinition();
}
if (mi.IsDefined(typeof(RemoteMethodAttribute), true))
{
string dataUpdateEvent = null;
if (mi.IsDefined(typeof(ClientCacheAttribute), true))
{
if (mi.ReturnType == typeof(void))
{
logger.Warn("方法 [" + mi.Name + "] 定义了 [ClientCacheAttribute] 特性,但是却没有返回值,已被忽略。");
}
else
{
ClientCacheAttribute cacheAttribute = mi.GetCustomAttributes(typeof(ClientCacheAttribute), true)[0] as ClientCacheAttribute;
dataUpdateEvent = cacheAttribute.DataUpdateEvent;
}
}
// 注册方法
RemoteMethodAttribute rmAttribute = mi.GetCustomAttributes(typeof(RemoteMethodAttribute), true)[0] as RemoteMethodAttribute;
RegisterFunction(SecurityUtility.HashObject(mi),
serviceKey,
mi.Name,
rmAttribute.Description,
rmAttribute.Offline,
mi,
dataUpdateEvent);
}
else if (method.IsDefined(typeof(ClientCacheAttribute), true))
{
logger.Warn("方法 [" + method.Name + "] 定义了 [ClientCacheAttribute] 特性,但是却没有定义 [RemoteMethodAttribute],已被忽略。");
}
}
}
}
private bool CanExecute(string command)
{
string authorizationUri = "";
AuthorizationAttribute[] attrs = (AuthorizationAttribute[])activeHandler.GetType().GetCustomAttributes(typeof(AuthorizationAttribute), true);
if (attrs.Length > 0)
{
authorizationUri = attrs[0].AuthorizationUri;
}
return(AuthorizationService.CanExecute(SecurityUtility.HashObject(authorizationUri + command)));
}
/// <summary>
/// 检查当前用户是否可以执行指定的操作
/// </summary>
/// <param name="command">The command.</param>
/// <returns>
/// <c>true</c> if this instance can execute the specified command; otherwise, <c>false</c>.
/// </returns>
private bool CanExecute(string command)
{
//logger = WorkItem.Services.Get<ILog>();
string authorizationUri = GetAuthorizationPath();
string actionKey = SecurityUtility.HashObject(authorizationUri + command);
//if (logger != null) {
// logger.Debug("Authorization Path: " + authorizationUri + " , Command: " + command);
// logger.Debug("Action Key:" + actionKey);
//}
return(AuthorizationService.CanExecute(actionKey));
}
/// <summary>
/// 检查当前用户是否有权限执行插件元素所对应的功能
/// </summary>
/// <param name="caller">调用者</param>
/// <param name="context">执行上下文</param>
/// <returns>如果通过权限管理系统检查用户可以执行此插件元素对应的功能返回true,否则为false</returns>
public bool IsValid(object caller, WorkItem context)
{
IAuthorizationService authorizationService = context.Services.Get <IAuthorizationService>();
if (authorizationService != null)
{
string actionKey = SecurityUtility.HashObject(addInPath + command);
bool flag = authorizationService.CanExecute(actionKey);
ILog logger = context.Services.Get <ILog>();
logger.Debug("AddIn Path: " + addInPath + ", Command : " + command + " CanExecute: " + flag);
return(flag);
}
else
{
return(true);
}
}
/// <summary>
/// 保存当前角色的权限信息
/// </summary>
private void SaveAuthorizationForRole(TreeListNode authNode)
{
foreach (TreeListNode node in authNode.Nodes)
{
if (node.Tag != null && node.Tag is AuthorizationCommand)
{
AuthorizationCommand command = node.Tag as AuthorizationCommand;
string authorizationUri = GetAuthorizationUri(node); // 获取当前操作的权限路径
authStore.Authorization(SecurityUtility.HashObject(authorizationUri + command.CommandUri),
node.Checked ? AuthorizationAction.Allow : AuthorizationAction.Deny);
}
SaveAuthorizationForRole(node); // 保存子节点的权限授权信息
}
// 保存到对象数据库中
Presenter.AuthorizationStoreService.SaveAuthorization(authStore);
}
/// <summary>
/// 加载权限节点下的操作项
/// </summary>
/// <param name="parent">The parent.</param>
/// <param name="authNode">The auth node.</param>
private void LoadAuthorizationCommandNode(TreeListNode parent, AuthorizationNode authNode)
{
Dictionary <string, TreeListNode> categories = new Dictionary <string, TreeListNode>(); // 分组
foreach (AuthorizationCommand cmd in authNode.Commands)
{
if (!categories.ContainsKey(cmd.Category))
{
categories[cmd.Category] = GetCategoryNode(cmd.Category, parent);
}
TreeListNode category = categories[cmd.Category];
TreeListNode child = tlAuth.AppendNode(new object[] { cmd.Name, cmd.CommandUri }, category, cmd);
child.ImageIndex = 3;
child.SelectImageIndex = 3;
// 设置当前操作的权限操作
string authorizationUri = GetAuthorizationUri(child);
child.Checked = authStore.CanExecute(SecurityUtility.HashObject(authorizationUri + cmd.CommandUri));
SetCheckedParentNodes(child, child.CheckState);
}
}
/// <summary>
/// 注册事件订阅者
/// </summary>
/// <param name="topic">事件唯一名称</param>
/// <param name="methodInfo">MethodInfo实例</param>
/// <param name="serviceType">服务类型</param>
public void RegisterEventSubscriber(string topic, MethodInfo methodInfo, Type serviceType)
{
AddEventSubscriber(SecurityUtility.HashObject(methodInfo), new EventSubscriberInfo(topic, methodInfo, serviceType, SubscriberLocation.Local));
}
private string GetPathAviliableKey(object obj)
{
return(SecurityUtility.HashObject(obj).Replace("/", "!"));
}
private static string GetKey(MethodInfo method, object param)
{
return(SecurityUtility.HashObject(method) + SecurityUtility.HashObject(param));
}