public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//获取当前的Action
string currentAction = filterContext.RouteData.Values["action"].ToString();
string currentController = filterContext.RouteData.Values["controller"].ToString();
//当前action不是 logon 则判断session session为空 跳转到登录页
if (SessionUtil.GetStaffSession() == null)
{
string requestWith = filterContext.HttpContext.Request.Headers["X-Requested-With"];
//如果为 ajax 请求
if (!string.IsNullOrEmpty(requestWith) && requestWith.ToLower() == "xmlhttprequest")
{
var contentResult = new ContentResult();
contentResult.Content = "登录超时,请刷新页面";
filterContext.Result = contentResult;
}
else
{
if (currentController.ToLower() == "admin")
{
filterContext.Result = new RedirectResult("/");
}
else
{
var contentResult = new ContentResult();
contentResult.Content = "<script type='text/javascript'>parent.location.href='/Logon/Login';</script>";
filterContext.Result = contentResult;
}
}
}
base.OnActionExecuting(filterContext);
}
/// <summary>
/// 获取左侧 Menu 列表
/// </summary>
/// <param name="webtagId">
///
/// </param>
/// <returns></returns>
public ActionResult MenuInfo(string Id)
{
//获取当前用户
Staff staff = Gecko.Security.NHHelper.Db.Session.Load(typeof(Staff), SessionUtil.GetStaffSession().LoginId) as Staff;
List <ModuleType> moduleList = null;
//适用于两个平台的分类 或者 单独模块的加载
//在 home index 页面增加 跳转链接
if (Request.QueryString["moduletype"] == null)
{
moduleList = Gecko.Security.Service.ModuleTypeSrv.GetAllTopModuleType().Cast <ModuleType>().ToList();
}
else if (Request.QueryString["moduletype"] != null)
{
var moduleType = Request.QueryString["moduletype"].ToString();
var moduleTopType = Gecko.Security.Service.ModuleTypeSrv.GetTopModuleType(moduleType)[0];
moduleList = ((ModuleType)moduleTopType).SubModuleTypes.Cast <ModuleType>().ToList();
}
//获取模块分类
var nodeTypeList = GetModuleTypeList(moduleList, staff);
return(new ContentResult
{
ContentType = "application/json",
Content = JsonConvert.SerializeObject(nodeTypeList, new JsonSerializerSettings {
ContractResolver = new CamelCasePropertyNamesContractResolver()
}),
ContentEncoding = Encoding.UTF8
});
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
SessionUtil.SavaModuleTag("ChangeMyPwd");
if (SessionUtil.GetStaffSession().IsInnerUser == 0)
{
PermissionUtil.SaveGrantPermissionsToSession();
if (!PermissionUtil.HasGrantPermission("rights_browse"))
{
throw new ModuleSecurityException("无权限访问此模块。");
}
}
}
catch (MissSessionException)
{
ClientScript.RegisterClientScriptBlock(this.GetType(), "reload",
"<script type=\"text/javascript\">parent.location='../../Default.aspx';</script>");
}
catch (ModuleSecurityException)
{
Response.Redirect("../../Frameset/Welcome.aspx");
}
catch (Exception ex)
{
log.Error(null, ex);
throw;
}
}
protected void Page_Load(object sender, EventArgs e)
{
Response.Cache.SetCacheability(HttpCacheability.NoCache);
try
{
SessionUtil.SavaModuleTag("StaffMgr");
if (SessionUtil.GetStaffSession().IsInnerUser == 0)
{
PermissionUtil.SaveGrantPermissionsToSession();
if (!PermissionUtil.HasGrantPermission("rights_browse"))
{
throw new ModuleSecurityException("无权限访问此模块。");
}
if (!PermissionUtil.HasGrantPermission("rights_add"))
{
btnNew.Style.Add("display", "none");
}
if (!PermissionUtil.HasGrantPermission("rights_edit"))
{
btnEdit.Style.Add("display", "none");
btnEditPassword.Style.Add("display", "none");
}
if (!PermissionUtil.HasGrantPermission("rights_move"))
{
btnMove.Style.Add("display", "none");
}
if (!PermissionUtil.HasGrantPermission("rights_accredit"))
{
btnRole.Style.Add("display", "none");
btnPermission.Style.Add("display", "none");
}
if (!PermissionUtil.HasGrantPermission("rights_delete"))
{
btnDelete.Style.Add("display", "none");
}
}
LoadDepartmentTree(tvDepartments.Nodes[0], null);
}
catch (MissSessionException)
{
ClientScript.RegisterClientScriptBlock(this.GetType(), "reload",
"<script type=\"text/javascript\">parent.location='../../Default.aspx';</script>");
}
catch (ModuleSecurityException)
{
Response.Redirect("../../Frameset/Welcome.aspx");
}
catch (Exception ex)
{
log.Error(null, ex);
throw;
}
}
/// <summary>
/// 在Session中保存当前登录职员对于当前模块拥有的所有肯定授权标示。
/// <remarks>
/// 在每一个模块的主界面初始化时被调用,用于在Session中保存当前登录职员对于当前模块拥有的所有肯定授权标示。
/// 以后模块在每次需要做授权判断时只需依据Session中保存的授权标示判断即可,不用再次读数据库。
/// 注意:如果是内置职员登录系统,则此函数将不会被调用,同时在以后的任何操作时也不会调用HasGrantPermission函数来做授权判断。
/// </remarks>
/// </summary>
public static void SaveGrantPermissionsToSession()
{
StaffSession ss = SessionUtil.GetStaffSession();
string moduleTag = SessionUtil.GetModuleTag();
Staff staff = CommonSrv.LoadObjectById(typeof(Staff), ss.LoginId) as Staff;
Module module = ModuleSrv.GetModuleByTag(moduleTag);
ArrayList alGrantPermissions = staff.GetGrantPermissions(module);
SessionUtil.SavaGrantPermissions(alGrantPermissions);
}
/// <summary>
/// 判断当前已登录职员是否对当前模块的某项权限有肯定的授权。
/// </summary>
/// <remarks>
/// 在每一个模块的主界面加载时被调用,用于确认职员的授权,进而判断哪些操作按钮需要被隐藏。
/// 在模块的每一项操作(ashx)被执行前再次被调用,用于再次确认职员的授权,防止用户对ashx的恶意调用。
/// 注意:如果是内置职员登录系统,则不使用Session中保存的授权标示信息做授权判断,而是直接返回true。
/// </remarks>
/// <param name="rightTag">权限标示。</param>
/// <returns>是否有肯定的授权。</returns>
public static bool HasGrantPermission(string rightTag)
{
StaffSession ss = SessionUtil.GetStaffSession();
if (ss.IsInnerUser == 0)
{
ArrayList al = SessionUtil.GetGrantPermissions();
return(al.Contains(rightTag));
}
else
{
return(true);
}
}
/// <summary>
/// 获取左侧 Menu 列表
/// </summary>
/// <param name="webtagId">
///
/// </param>
/// <returns></returns>
public JsonResult MenuInfo(string Id)
{
//获取当前用户
Staff staff = Gecko.Security.NHHelper.Db.Session.Load(typeof(Staff), SessionUtil.GetStaffSession().LoginId) as Staff;
//Staff staff = Anole.Security.NHHelper.Db.Session.Load(typeof(Staff),"admin") as Staff;
IList moduleList = null;
//if (staff.IsInnerUser == 1)//如果是内置用户
//平台如果集成单点登录 则获取当前的平台Id 加载对应的module列表
//else
//moduleList = Anole.Security.Service.ModuleTypeSrv.GetTopModuleType("0000000023");
moduleList = Gecko.Security.Service.ModuleTypeSrv.GetAllTopModuleType();
var nodeTypeList = GetModuleTypeList(moduleList, staff);
return(Json(nodeTypeList, JsonRequestBehavior.AllowGet));
}
private void LoadModuleTree()
{
//获取当前登录的职员信息。
StaffSession ss = SessionUtil.GetStaffSession();
Staff s = CommonSrv.LoadObjectById(typeof(Staff), ss.LoginId) as Staff;
//获取所有顶层模块。
IList ilModuleType = ModuleTypeSrv.GetAllTopModuleType();
//增加模块分类和模块。
foreach (ModuleType mt in ilModuleType)
{
Microsoft.Web.UI.WebControls.TreeNode node = new Microsoft.Web.UI.WebControls.TreeNode();
tvModules.Nodes.Add(node);
node.Type = "moduletype";
node.Text = mt.Name;
AddSubNodes(node, mt, s);
node.Expanded = true;
}
//删除不必要的模块分类节点。
RemoveNeedlessModuleType(null);
}
//修改密码
public ActionResult ChangePassword()
{
ViewBag.loginId = SessionUtil.GetStaffSession().LoginId;
return(View());
}
