Exemplo n.º 1
0
        /// <summary>
        /// Action执行之前执行
        /// </summary>
        /// <param name="filterContext">过滤器上下文</param>
        public void OnActionExecuting(ActionExecutingContext filterContext)
        {
            //若为本地测试,则不需要校验
            if (GlobalSwitch.RunModel == RunModel.LocalTest)
            {
                return;
            }
            AjaxResult res = new AjaxResult();
            //判断是否需要校验
            List <string> attrList  = FilterHelper.GetFilterList(filterContext);
            bool          needCheck = attrList.Contains(typeof(CheckAppIdPermissionAttribute).FullName) && !attrList.Contains(typeof(IgnoreAppIdPermissionAttribute).FullName);

            if (!needCheck)
            {
                return;
            }

            var allRequestParams = HttpHelper.GetAllRequestParams(filterContext.HttpContext);

            if (!allRequestParams.ContainsKey("appId"))
            {
                res.Success          = false;
                res.Msg              = "缺少appId参数!";
                filterContext.Result = new ContentResult {
                    Content = res.ToJson()
                };
            }
            string appId             = allRequestParams["appId"]?.ToString();
            var    allUrlPermissions = UrlPermissionManage.GetAllUrlPermissions();
            string requestUrl        = filterContext.HttpContext.Request.Path;
            var    thePermission     = allUrlPermissions.Where(x => requestUrl.Contains(x.Url.ToLower())).FirstOrDefault();

            if (thePermission == null)
            {
                return;
            }
            string needPermission = thePermission.PermissionValue;
            bool   hasPermission  = PermissionManage.GetAppIdPermissionValues(appId).Any(x => x.ToLower() == needPermission.ToLower());

            if (hasPermission)
            {
                return;
            }
            else
            {
                res.Success          = false;
                res.Msg              = "权限不足!访问失败!";
                filterContext.Result = new ContentResult {
                    Content = res.ToJson()
                };
            }
        }
Exemplo n.º 2
0
        /// <summary>
        /// Action执行之前执行
        /// </summary>
        /// <param name="filterContext">过滤器上下文</param>
        public void OnActionExecuting(ActionExecutingContext filterContext)
        {
            //若为本地测试,则不需要校验
            if (GlobalSwitch.RunModel == RunModel.LocalTest)
            {
                return;
            }
            //判断是否需要校验
            List <string> attrList  = FilterHelper.GetFilterList(filterContext);
            bool          needCheck = attrList.Contains(typeof(CheckUrlPermissionAttribute).FullName) && !attrList.Contains(typeof(IgnoreUrlPermissionAttribute).FullName);

            if (!needCheck)
            {
                return;
            }

            var    allUrlPermissions = UrlPermissionManage.GetAllUrlPermissions();
            string requestUrl        = filterContext.HttpContext.Request.Path;
            var    thePermission     = allUrlPermissions.Where(x => requestUrl.Contains(x.Url.ToLower())).FirstOrDefault();

            if (thePermission == null)
            {
                return;
            }
            string needPermission = thePermission.PermissionValue;
            bool   hasPermission  = PermissionManage.GetOperatorPermissionValues().Any(x => x.ToLower() == needPermission.ToLower());

            if (hasPermission)
            {
                return;
            }
            else
            {
                AjaxResult res = new AjaxResult
                {
                    Success = false,
                    Msg     = "权限不足!无法访问!"
                };
                filterContext.Result = new ContentResult {
                    Content = res.ToJson()
                };
            }
        }
        /// <summary>
        /// Action执行之前执行
        /// </summary>
        /// <param name="filterContext">过滤器上下文</param>
        public void OnActionExecuting(ActionExecutingContext filterContext)
        {
            //若为本地测试,则不需要校验
            if (GlobalSwitch.RunModel == RunModel.LocalTest)
            {
                return;
            }
            //判断是否需要校验
            bool needCheck = filterContext.ContainsAttribute <CheckUrlPermissionAttribute>() && !filterContext.ContainsAttribute <IgnoreUrlPermissionAttribute>();

            if (!needCheck)
            {
                return;
            }

            var    allUrlPermissions = UrlPermissionManage.GetAllUrlPermissions();
            string requestUrl        = filterContext.HttpContext.Request.Url.ToString().ToLower();
            var    thePermission     = allUrlPermissions.Where(x => requestUrl.Contains(x.Url.ToLower())).FirstOrDefault();

            if (thePermission == null)
            {
                return;
            }
            string needPermission = thePermission.PermissionValue;
            bool   hasPermission  = PermissionManage.GetOperatorPermissionValues().Any(x => x.ToLower() == needPermission.ToLower());

            if (hasPermission)
            {
                return;
            }
            else
            {
                AjaxResult res = new AjaxResult
                {
                    Success = false,
                    Msg     = "权限不足!无法访问!"
                };
                filterContext.Result = new ContentResult {
                    Content = res.ToJson(), ContentEncoding = Encoding.UTF8
                };
            }
        }