/// <summary>
/// 操作授权验证
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public static VerifyAuthorizationResult Authentication(AuthorizationFilterContext context)
{
if (context == null)
{
return(VerifyAuthorizationResult.ChallengeResult());
}
#region 操作信息
string controllerName = context.RouteData.Values["controller"].ToString().ToUpper();
string actionName = context.RouteData.Values["action"].ToString().ToUpper();
string methodName = context.HttpContext.Request.Method;
AuthorityOperationCmdDto operation = new AuthorityOperationCmdDto()
{
ControllerCode = controllerName,
ActionCode = actionName
};
#endregion
//登陆用户
var loginUser = IdentityManager.GetLoginUser();
if (loginUser == null)
{
return(VerifyAuthorizationResult.ChallengeResult());
}
var allowAccess = Authorization(loginUser, operation);
return(allowAccess ? VerifyAuthorizationResult.SuccessResult() : VerifyAuthorizationResult.ForbidResult());
}
/// <summary>
/// 授权验证
/// </summary>
/// <param name="request">认证授权信息</param>
/// <returns></returns>
public static VerifyAuthorizationResult Authentication(VerifyAuthorizationOption request)
{
if (request == null)
{
return(VerifyAuthorizationResult.ForbidResult());
}
var operation = new AuthorityOperationCmdDto()
{
ActionCode = request.ActionCode,
ControllerCode = request.ControllerCode
};
var user = AuthenticationUser <long> .GetUserFromClaims(request.Claims?.Select(c => new Claim(c.Key, c.Value)).ToList());
var allowAccess = Authorization(user, operation);
return(new VerifyAuthorizationResult()
{
Status = allowAccess ? AuthorizationVerificationStatus.Success : AuthorizationVerificationStatus.Forbid
});
}
