/// <summary> /// 操作授权验证 /// </summary> /// <param name="context"></param> /// <returns></returns> public static VerifyAuthorizationResult Authentication(AuthorizationFilterContext context) { if (context == null) { return(VerifyAuthorizationResult.ChallengeResult()); } #region 操作信息 string controllerName = context.RouteData.Values["controller"].ToString().ToUpper(); string actionName = context.RouteData.Values["action"].ToString().ToUpper(); string methodName = context.HttpContext.Request.Method; AuthorityOperationCmdDto operation = new AuthorityOperationCmdDto() { ControllerCode = controllerName, ActionCode = actionName }; #endregion //登陆用户 var loginUser = IdentityManager.GetLoginUser(); if (loginUser == null) { return(VerifyAuthorizationResult.ChallengeResult()); } var allowAccess = Authorization(loginUser, operation); return(allowAccess ? VerifyAuthorizationResult.SuccessResult() : VerifyAuthorizationResult.ForbidResult()); }
/// <summary> /// 授权验证 /// </summary> /// <param name="request">认证授权信息</param> /// <returns></returns> public static VerifyAuthorizationResult Authentication(VerifyAuthorizationOption request) { if (request == null) { return(VerifyAuthorizationResult.ForbidResult()); } var operation = new AuthorityOperationCmdDto() { ActionCode = request.ActionCode, ControllerCode = request.ControllerCode }; var user = AuthenticationUser <long> .GetUserFromClaims(request.Claims?.Select(c => new Claim(c.Key, c.Value)).ToList()); var allowAccess = Authorization(user, operation); return(new VerifyAuthorizationResult() { Status = allowAccess ? AuthorizationVerificationStatus.Success : AuthorizationVerificationStatus.Forbid }); }