public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//bool IsIgnored = false;
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
var controllerName = filterContext.RouteData.Values["controller"].ToString();
var actionName = filterContext.RouteData.Values["action"].ToString();
Enterprise.Invoicing.Service.AccountService monitorservice = new Enterprise.Invoicing.Service.AccountService(new AccountRepository());
#region 如果有配置允许的页面,则遍历
////获取当前配置保存起来的允许页面
//var path = filterContext.HttpContext.Request.Path.ToLower();
//IList<string> allowPages = ConfigSettings.GetAllAllowPage();
//foreach (string page in allowPages)
//{
// if (page.ToLower() == path)
// {
// IsIgnored = true;
// break;
// }
//}
//if (IsIgnored)
// return;
#endregion
#region 是否有加密码狗
//Dog dog = new Dog(100);
//// Read the string variable from the dog
//dog.DogAddr = 0; // The address read
//dog.DogBytes = 10; // The number of bytes read
//dog.ReadDog();
//if (dog.Retcode != 0)
//{
// RedirectLogin(filterContext, "AutoNeedLogin", "未检测到加密锁!");
// return;
//}
#endregion
#region 第一步:验证当前action是否是匿名访问action
if (Checkanonymous(filterContext))
{
return;
}
#endregion
#region 第二步:登录验证
if (filterContext.HttpContext.Session["LoginUser"] == null)//SessionHelper.GetSession("LoginUser")
{
RedirectLogin(filterContext, "AutoNeedLogin", "");
return;
}
#endregion
object[] isajax = filterContext.ActionDescriptor.GetCustomAttributes(typeof(AjaxActionAttribute), true);
object[] hasloginallow = filterContext.ActionDescriptor.GetCustomAttributes(typeof(LoginAllowAttribute), true);
#region 第三步:如果是AjaxAction,则验证其需要的权限,不验证自身的权限
if (isajax.Length >= 1)
{
var attr = (AjaxActionAttribute)isajax[0];
var conName = attr.ForController;
var actName = attr.ForAction;
LoginUser loginuser = (LoginUser)SessionHelper.GetSession("LoginUser");
//if (!WebAccountHelper.CheckHasModuleFunction(loginuser.role_guid, conName, actName))
if (!monitorservice.CheckAjaxRight(loginuser.role_sn, conName, actName))
{
RedirectLogin(filterContext, "AutoNeedLogin", "无ajax访问权限");
LogHelper.Info(loginuser.userid, "用户无:../" + controllerName + "/" + actionName + "的访问权限");
}
}
#endregion
#region 是否为用户中心权限
object[] iscu = filterContext.ActionDescriptor.GetCustomAttributes(typeof(UserCenterAttribute), true);
if (iscu.Length >= 1)
{
var attr = (UserCenterAttribute)iscu[0];
var isadmin = attr.Admin;
LoginUser loginuser = (LoginUser)SessionHelper.GetSession("LoginUser");
if (isadmin && !loginuser.IsAdmin)
{
RedirectLogin(filterContext, "AutoNeedLogin", "需要管理员权限");
}
}
#endregion
#region 第四步:权限验证,如果没有找到LoginAllow标记也没有找到AjaxAction标记则需验证权限
if (hasloginallow.Length < 1 && isajax.Length < 1 && iscu.Length < 1)
{
LoginUser loginuser = (LoginUser)SessionHelper.GetSession("LoginUser");
if (!monitorservice.CheckAjaxRight(loginuser.role_sn, controllerName, actionName))
{
RedirectLogin(filterContext, "AutoNeedLogin", "无访问权限");
LogHelper.Info(loginuser.userid, "用户无:../" + controllerName + "/" + actionName + "的访问权限");
}
}
#endregion
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//bool IsIgnored = false;
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
var controllerName = filterContext.RouteData.Values["controller"].ToString();
var actionName = filterContext.RouteData.Values["action"].ToString();
Enterprise.Invoicing.Service.AccountService monitorservice = new Enterprise.Invoicing.Service.AccountService(new AccountRepository());
#region 如果有配置允许的页面,则遍历
////获取当前配置保存起来的允许页面
//var path = filterContext.HttpContext.Request.Path.ToLower();
//IList<string> allowPages = ConfigSettings.GetAllAllowPage();
//foreach (string page in allowPages)
//{
// if (page.ToLower() == path)
// {
// IsIgnored = true;
// break;
// }
//}
//if (IsIgnored)
// return;
#endregion
#region 是否有加密码狗
//Dog dog = new Dog(100);
//// Read the string variable from the dog
//dog.DogAddr = 0; // The address read
//dog.DogBytes = 10; // The number of bytes read
//dog.ReadDog();
//if (dog.Retcode != 0)
//{
// RedirectLogin(filterContext, "AutoNeedLogin", "未检测到加密锁!");
// return;
//}
#endregion
#region 第一步:验证当前action是否是匿名访问action
if (Checkanonymous(filterContext)) return;
#endregion
#region 第二步:登录验证
if (filterContext.HttpContext.Session["LoginUser"] == null)//SessionHelper.GetSession("LoginUser")
{
RedirectLogin(filterContext, "AutoNeedLogin", "");
return;
}
#endregion
object[] isajax = filterContext.ActionDescriptor.GetCustomAttributes(typeof(AjaxActionAttribute), true);
object[] hasloginallow = filterContext.ActionDescriptor.GetCustomAttributes(typeof(LoginAllowAttribute), true);
#region 第三步:如果是AjaxAction,则验证其需要的权限,不验证自身的权限
if (isajax.Length >= 1)
{
var attr = (AjaxActionAttribute)isajax[0];
var conName = attr.ForController;
var actName = attr.ForAction;
LoginUser loginuser = (LoginUser)SessionHelper.GetSession("LoginUser");
//if (!WebAccountHelper.CheckHasModuleFunction(loginuser.role_guid, conName, actName))
if (!monitorservice.CheckAjaxRight(loginuser.role_sn, conName, actName))
{
RedirectLogin(filterContext, "AutoNeedLogin", "无ajax访问权限");
LogHelper.Info(loginuser.userid, "用户无:../" + controllerName + "/" + actionName + "的访问权限");
}
}
#endregion
#region 是否为用户中心权限
object[] iscu = filterContext.ActionDescriptor.GetCustomAttributes(typeof(UserCenterAttribute), true);
if (iscu.Length >= 1)
{
var attr = (UserCenterAttribute)iscu[0];
var isadmin = attr.Admin;
LoginUser loginuser = (LoginUser)SessionHelper.GetSession("LoginUser");
if (isadmin && !loginuser.IsAdmin)
{
RedirectLogin(filterContext, "AutoNeedLogin", "需要管理员权限");
}
}
#endregion
#region 第四步:权限验证,如果没有找到LoginAllow标记也没有找到AjaxAction标记则需验证权限
if (hasloginallow.Length < 1 && isajax.Length < 1 && iscu.Length < 1)
{
LoginUser loginuser = (LoginUser)SessionHelper.GetSession("LoginUser");
if (!monitorservice.CheckAjaxRight(loginuser.role_sn, controllerName, actionName))
{
RedirectLogin(filterContext, "AutoNeedLogin", "无访问权限");
LogHelper.Info(loginuser.userid, "用户无:../" + controllerName + "/" + actionName + "的访问权限");
}
}
#endregion
}
