public override void OnActionExecuting(ActionExecutingContext actionContext) { var clientKeyString = actionContext.HttpContext.Request.Headers["ClientKey"]; if (string.IsNullOrWhiteSpace(clientKeyString)) { var objectResult = new ObjectResult(ErrorDto.Create("ClientKey is not provided", DocumentationLinks.ClientKey)); objectResult.StatusCode = StatusCodes.Status403Forbidden; actionContext.Result = objectResult; return; } Guid clientKey = Guid.Empty; if(!Guid.TryParse(clientKeyString, out clientKey)) { var objectResult = new ObjectResult(ErrorDto.Create("ClientKey have bad format", DocumentationLinks.ClientKey)); objectResult.StatusCode = StatusCodes.Status403Forbidden; actionContext.Result = objectResult; return; } if(!_externalClientService.IsClientKeyValid(clientKey)) { var objectResult = new ObjectResult(ErrorDto.Create("ClientKey is not authorized", DocumentationLinks.ClientKey)); objectResult.StatusCode = StatusCodes.Status403Forbidden; actionContext.Result = objectResult; } }
public override void OnActionExecuting(ActionExecutingContext context) { var uowParam = context.ActionDescriptor.Parameters.FirstOrDefault(x => x.ParameterType == typeof(IUnitOfWork)); if (uowParam != null) { var connectionKey = this.GetType().GetCustomAttribute<ConnectionKeyAttribute>(); if (connectionKey == null) throw new ArgumentNullException("connectionKey"); this.connection = SqlConnections.NewByKey(connectionKey.Value); this.unitOfWork = new UnitOfWork(connection); context.ActionArguments[uowParam.Name] = this.unitOfWork; base.OnActionExecuting(context); return; } var cnnParam = context.ActionDescriptor.Parameters.FirstOrDefault(x => x.ParameterType == typeof(IDbConnection)); if (cnnParam != null) { var connectionKey = this.GetType().GetCustomAttribute<ConnectionKeyAttribute>(); if (connectionKey == null) throw new ArgumentNullException("connectionKey"); this.connection = SqlConnections.NewByKey(connectionKey.Value); context.ActionArguments[cnnParam.Name] = connection; base.OnActionExecuting(context); } base.OnActionExecuting(context); }
public override void OnActionExecuting(ActionExecutingContext context) { if (context.RouteData.Values[routeField] == null) claimValue = null; else claimValue = context.RouteData.Values[routeField].ToString(); var user = context.HttpContext.User; foreach (var r in roles) { if (user.IsInRole(r)) { base.OnActionExecuting(context); return; } } if (!string.IsNullOrEmpty(claimValue)) { foreach(var c in claimTypes) { if (user.HasClaim(c, claimValue)) { base.OnActionExecuting(context); return; } } } HandleUnauthorizedRequest(context); }
public override void OnActionExecuting(ActionExecutingContext context) { if (!context.RouteData.DataTokens.ContainsKey("actionName")) { context.RouteData.DataTokens.Add("actionName", context.ActionDescriptor.Name); } }
public override void OnActionExecuting(ActionExecutingContext context) { if (context.HttpContext.User.Identity.IsAuthenticated) HandleUnauthorizedRequest(context); else base.OnActionExecuting(context); }
public bool HandleAuthorization(ActionExecutingContext context) { Console.WriteLine("[RecAaaService] Handling Authorization"); var controllerName = context.RouteData.Values["Controller"]?.ToString(); var errorType = string.Empty; if (controllerName == null) errorType = "Invalid Route"; else if (!FunctionList.Keys.Contains(controllerName)) errorType = "Invalid Controller"; else { //var roleService = AutoSessionServiceFactory.GetRoleService(ServiceDbConnStr); //var permissions = roleService.GetPermissionsByCurrentUserID(); //if (!permissions.Contains(FunctionList[controllerName])) // errorType = "No-Access-Right"; var sessonUserIdStr = context.HttpContext.Session.GetString("UI.CURRENT_USERID"); var sessonUserId = int.Parse(sessonUserIdStr); var permissions = GetUserPermission(sessonUserId); //or even just if(permissions.IndexOf(FunctionList[controllerName]) < 0) if (Array.IndexOf(permissions.Split(','), FunctionList[controllerName]) < 0) errorType = "No-Access-Right"; } if (errorType.Equals(string.Empty)) return true; //No error if (!IsAjaxRequest(context.HttpContext.Request)) context.Result = new RedirectResult(RedirectToWomUrl); else context.Result = new JsonResult(new { Data = new { isSuccess = false, errorType } }); return false; }
public override void OnActionExecuting(ActionExecutingContext context) { if (!context.ModelState.IsValid) { context.Result = new BadRequestObjectResult(context.ModelState); } }
//parts that contains this. /* 1. This action filter attribute --------------------------------------------------- 2. CourseAdd - View = @inject Microsoft.AspNet.Antiforgery.IAntiforgery Xsrf @functions { public string GetAntiXsrfToken() { var tokens = Xsrf.GetTokens(Context); return tokens.CookieToken + ":" + tokens.FormToken; } } <form....> <input type="hidden" name="__RequestVerificationToken" value="@GetAntiXsrfToken()" /> --------------------------------------------------- 3. Angular controller var token = $('[name=__RequestVerificationToken]').val(); var config = { headers: { 'RequestVerificationToken': token } }; //$scope.model $http.post('AddACourse', $scope.model, config) .then(function (response) { debugger; var s = response; $scope.model.Location = 'teststest'; // this callback will be called asynchronously // when the response is available }, function (response) { var s = response; // called asynchronously if an error occurs // or server returns response with an error status. }); 4. Mvc Controller [ValidateCustomAntiForgeryToken()] */ public override void OnActionExecuting(ActionExecutingContext actionContext) { IAntiforgery antiforgery = actionContext.HttpContext.ApplicationServices.GetService(typeof(IAntiforgery)) as IAntiforgery; var cookieToken = string.Empty; var formToken = string.Empty; StringValues tokenHeaders; string[] tokens = null; //go grab this token if (actionContext.HttpContext.Request.Headers.TryGetValue("RequestVerificationToken", out tokenHeaders)) { tokens = tokenHeaders.First().Split(':'); if (tokens != null && tokens.Length == 2) { cookieToken = tokens[0]; formToken = tokens[1]; } else { throw new Exception("Can't Find Request Verification Token"); } } else { throw new Exception("Can't Find Request Verification Token"); } antiforgery.ValidateTokens(actionContext.HttpContext, new AntiforgeryTokenSet(formToken, cookieToken)); base.OnActionExecuting(actionContext); }
public void OnActionExecuting(ActionExecutingContext filterContext) { var messages = Convert.ToString(_httpContextAccessor.HttpContext.Request.Cookies[CookiePrefix]); if (String.IsNullOrEmpty(messages)) { return; } IList<NotifyEntry> messageEntries; messageEntries = DeserializeNotifyEntries(messages); if(messageEntries == null) { // An error occured during deserialization _shouldDeleteCookie = true; return; } if (!messageEntries.Any()) { return; } // Make the notifications available for the rest of the current request. _existingEntries = messageEntries; }
public override void OnActionExecuting(ActionExecutingContext context) { var gitHubAccessToken = context.HttpContext.Session.GetString("GitHubAccessToken"); var gitHubName = context.HttpContext.Session.GetString("GitHubName"); // If session state didn't have our data, either there's no one logged in, or they just logged in // but the claims haven't yet been read. if (string.IsNullOrEmpty(gitHubAccessToken)) { if (!context.HttpContext.User.Identity.IsAuthenticated) { // Not authenticated at all? Go to GitHub to authorize the app context.Result = new ChallengeResult( authenticationScheme: "GitHub", properties: new AuthenticationProperties { RedirectUri = "/" }); return; } // Authenticated but haven't read the claims? Process the claims gitHubAccessToken = context.HttpContext.User.FindFirst("access_token")?.Value; gitHubName = context.HttpContext.User.Identity.Name; context.HttpContext.Session.SetString("GitHubAccessToken", gitHubAccessToken); context.HttpContext.Session.SetString("GitHubName", gitHubName); } context.ActionArguments.Add("gitHubAccessToken", gitHubAccessToken); context.ActionArguments.Add("gitHubName", gitHubName); }
public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { if (context.HttpContext.Request.Method == "GET") { await HandleQueryRequest(context, next); } }
public override void OnActionExecuting(ActionExecutingContext context) { if (!context.HttpContext.User.Identity.IsAuthenticated) { context.Result = new HttpStatusCodeResult((int)System.Net.HttpStatusCode.Forbidden); } else { var scopeAttribute = (ScopeAttribute)context.Controller.GetType().GetTypeInfo().GetCustomAttribute(typeof(ScopeAttribute)); var result = from claim in context.HttpContext.User.Claims where claim.Type == "scope" select claim; if (!result.Any()) { context.Result = new HttpStatusCodeResult((int) System.Net.HttpStatusCode.Forbidden); return; } var scopeClaim = result.First(); if (!scopeAttribute.Values.Contains(scopeClaim.Value)) { context.Result = new HttpStatusCodeResult((int)System.Net.HttpStatusCode.Forbidden); return; } } base.OnActionExecuting(context); }
public override void OnActionExecuting(ActionExecutingContext context) { object age = null; var controller = context.Controller as FiltersController; if (controller != null) { controller.CustomUser.Log += "Age Enhanced!" + Environment.NewLine; } if (context.ActionArguments.TryGetValue("age", out age)) { if (age is int) { var intAge = (int)age; if (intAge < 21) { intAge += 5; } else if (intAge > 30) { intAge = 29; } context.ActionArguments["age"] = intAge; } } }
public override void OnActionExecuting(ActionExecutingContext context) { userAgent = Request?.UserAgent(); IsMobile = Request != null ? Request.IsMobileBrowser() : false; ViewData["IsMobile"] = IsMobile; base.OnActionExecuting(context); }
public override void OnActionExecuting(ActionExecutingContext context) { if (context.HttpContext.Session.GetString("Admin") != "true") context.Result = new RedirectResult("/Admin/Login"); else base.OnActionExecuting(context); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { var httpsPort = Convert.ToInt32(ConfigurationManager.AppSettings["httpsPort"]); var httpPort = Convert.ToInt32(ConfigurationManager.AppSettings["httpPort"]); var request = filterContext.HttpContext.Request; var response = filterContext.HttpContext.Response; if (httpsPort > 0 && RequireSecure) { string url = null; if (httpsPort > 0) { url = "https://" + request.Url.Host + request.RawUrl; if (httpsPort != 443) { var builder = new UriBuilder(url) { Port = httpsPort }; url = builder.Uri.ToString(); } } if (httpsPort != request.Url.Port) { filterContext.Result = new RedirectResult(url); } } // se for uma conexao segura e não está requerendo um SSL, retira o ssl e volta para http. else if (filterContext.HttpContext.Request.IsSecureConnection && !RequireSecure) { filterContext.Result = new RedirectResult(filterContext.HttpContext.Request.Url.ToString().Replace("https:", "http:").Replace(httpsPort.ToString(), httpPort.ToString())); filterContext.Result.ExecuteResult(filterContext); } base.OnActionExecuting(filterContext); }
public override void OnActionExecuting(ActionExecutingContext context) { if (!context.ModelState.IsValid) { var bodyParameter = context.ActionDescriptor .Parameters .FirstOrDefault(parameter => IsBodyBindingSource( parameter.BindingInfo?.BindingSource)); if (bodyParameter != null) { // Body model binder normally reports errors for parameters using the empty name. var parameterBindingErrors = context.ModelState[bodyParameter.Name]?.Errors ?? context.ModelState[string.Empty]?.Errors; if (parameterBindingErrors != null && parameterBindingErrors.Count != 0) { var errorInfo = new ErrorInfo { ActionName = context.ActionDescriptor.Name, ParameterName = bodyParameter.Name, Errors = parameterBindingErrors.Select(x => x.ErrorMessage).ToList(), Source = "filter" }; context.Result = new ObjectResult(errorInfo); } } } base.OnActionExecuting(context); }
public override void OnActionExecuting(ActionExecutingContext context) { context.Result = new ContentResult { Content = "The Action was never executed", ContentType = new MediaTypeHeaderValue("text/plain") }; }
public override void OnActionExecuting(ActionExecutingContext context) { if (!string.IsNullOrEmpty(context.HttpContext.Request.Query["culture"])) { CultureInfo.DefaultThreadCurrentCulture = CultureInfo.DefaultThreadCurrentUICulture = new CultureInfo(context.HttpContext.Request.Query["culture"]); } base.OnActionExecuting(context); }
public override void OnActionExecuting(ActionExecutingContext context) { if (context.ActionDescriptor.DisplayName == "FiltersWebSite.ActionFilterController.GetHelloWorld") { (context.ActionArguments["fromGlobalActionFilter"] as List<ContentResult>). Add(Helpers.GetContentResult(context.Result, "Action Filter - OnActionExecuting")); } }
public override void OnActionExecuting(ActionExecutingContext context) { if (context.ModelState.IsValid == false) { context.Result = new BadRequestObjectResult(context.ModelState.Values .SelectMany(p=>p.Errors).First(p=>p.ErrorMessage!="" || p.Exception!=null).ErrorMessage); } }
public void OnActionExecuting(ActionExecutingContext context) { var controller = context.Controller as Controller; if (controller != null) { var modelBinderAccessor = context.HttpContext.RequestServices.GetRequiredService<IModelUpdaterAccessor>(); modelBinderAccessor.ModelUpdater = new ControllerModelUpdater(controller); } }
public override void OnActionExecuting(ActionExecutingContext context) { if (context.HttpContext.Request.Headers["private-key"].ToString() != Configuration["PrivateKey"].ToString()) { context.Result = new ChallengeResult(); return; } base.OnActionExecuting(context); }
public override void OnActionExecuting(ActionExecutingContext context) { if (!context.HttpContext.User.Identity.IsAuthenticated) { context.Result = new HttpStatusCodeResult((int)System.Net.HttpStatusCode.Forbidden); return; } base.OnActionExecuting(context); }
public override void OnActionExecuting(ActionExecutingContext context) { if (IsAuthorized()) { StaticManager.UserName = User.Identity.Name; } base.OnActionExecuting(context); }
public override Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { if (context.HttpContext.Request.Headers["private-key"].ToString() != Configuration["PrivateKey"].ToString()) { context.Result = new ChallengeResult(); return Task.FromResult(403); } return base.OnActionExecutionAsync(context, next); }
public override void OnActionExecuting(ActionExecutingContext context) { var pk = context.HttpContext.Request.Headers["PrivateKey"].ToString(); if (DB.Nodes.Where(x => x.PrivateKey == pk).Count() == 0) { context.Result = new ChallengeResult(); return; } base.OnActionExecuting(context); }
/// <summary> /// Forces us into the target area if MVC Framework hasn't already figured it out /// </summary> /// <param name="filterContext">The executing context</param> public override void OnActionExecuting(ActionExecutingContext filterContext) { base.OnActionExecuting(filterContext); var controllerContext = filterContext.Controller.ControllerContext; if (!controllerContext.RouteData.DataTokens.ContainsKey(DataTokenKey)) { controllerContext.RouteData.DataTokens.Add(DataTokenKey, _areaName); } }
/// <summary> /// check if request is authorized /// </summary> /// <param name="context"></param> /// <param name="roles"></param> /// <returns></returns> private bool IsAuthorized(ActionExecutingContext context, string[] roles) { var principal = context.HttpContext.User; if (principal == null) return false; var identity = principal.Identity as ErpIdentity; return identity != null; }
public override Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { var pk = context.HttpContext.Request.Headers["PrivateKey"].ToString(); if (DB.Nodes.Where(x => x.PrivateKey == pk).Count() == 0) { context.Result = new ChallengeResult(); return Task.FromResult(403); } return base.OnActionExecutionAsync(context, next); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { logValues(filterContext.RouteData); }
public override void OnActionExecuting(ActionExecutingContext context) { if (HttpContext.Session.TryGetValue("user", out byte[] data) && data != null && data.Length == 4)
public override void OnActionExecuting(ActionExecutingContext filterContext) { LoginCheck(HttpContext.Current); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { Log("OnActionExecuting", filterContext.ActionDescriptor.ControllerDescriptor, filterContext.ActionDescriptor, filterContext.ActionParameters); }
public override void OnActionExecuting(ActionExecutingContext context) { base.OnActionExecuting(context); Repo.ChainQueryable(q => q.Include(b => b.User).Include(b => b.Address)); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { var httpContext = filterContext.HttpContext; var controller = filterContext.Controller as GalleryController; if (controller == null) { throw new InvalidOperationException("This attribute can only be used for GalleryController"); } DateTime lastModified; if (!string.IsNullOrEmpty(GalleryNameParameter)) { // Get the last change date for the specified gallery var galleryName = filterContext.ActionParameters[GalleryNameParameter] as string; lastModified = controller.GalleryService.GetLastChange(galleryName); } else { // Get the last changed date for all galleries lastModified = controller.GalleryService.GetLastChange(); } var lastLogin = httpContext.Session["LastLoginDate"] as DateTime?; if (lastLogin != null && lastLogin > lastModified) { lastModified = lastLogin.Value; } // // decide if the page should be rendered again or not, use ETAG // var etag = string.Format("\"{0}\"", lastModified.ToFileTime()); lastModified = new DateTime(lastModified.Year, lastModified.Month, lastModified.Day, lastModified.Hour, lastModified.Minute, lastModified.Second); var incomingDate = httpContext.Request.Headers["If-Modified-Since"]; DateTime incommingParsed; if (DateTime.TryParse(incomingDate, out incommingParsed) && incommingParsed == lastModified) { filterContext.Result = new HttpStatusCodeResult((int)HttpStatusCode.NotModified); return; // Terminate action, abort all further processing } var ifNoneMatch = httpContext.Request.Headers["If-None-Match"]; if (ifNoneMatch != null && ifNoneMatch.Contains(",")) { ifNoneMatch = ifNoneMatch.Substring(0, ifNoneMatch.IndexOf(",", StringComparison.Ordinal)); } if (etag == ifNoneMatch) { filterContext.Result = new HttpStatusCodeResult((int)HttpStatusCode.NotModified); return; // Terminate action, abort all further processing } httpContext.Response.Cache.SetCacheability(HttpCacheability.Private); httpContext.Response.Expires = -600; //httpContext.Response.Cache.SetNoStore(); httpContext.Response.AddHeader("ETag", etag); httpContext.Response.AddHeader("Last-Modified", lastModified.ToUniversalTime().ToString("r")); // Continue processing base.OnActionExecuting(filterContext); }
public void OnActionExecuting(ActionExecutingContext context) { //throw new NotImplementedException(); }
public override void OnActionExecuting(ActionExecutingContext context) { base.OnActionExecuting(context); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { AllowOriginAttribute.onExcute(filterContext, AllowSites); base.OnActionExecuting(filterContext); }
public override void OnActionExecuting(ActionExecutingContext context) { base.OnActionExecuting(context); context.HttpContext.Items[URLHELPER] = this.Url; }
public override void OnActionExecuting(ActionExecutingContext filterContext) { Log("OnActionExecuting", filterContext.RouteData); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { // Ensure ASP.NET Simple Membership is initialized only once per app start LazyInitializer.EnsureInitialized(ref _initializer, ref _isInitialized, ref _initializerLock); }
public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { bool hasPermission = false; OperatorInfo user = await Operator.Instance.Current(); if (user == null || user.UserId == 0) { #region 没有登录 if (context.HttpContext.Request.IsAjaxRequest()) { TData obj = new TData(); obj.Message = "抱歉,没有登录或登录已超时"; context.Result = new CustomJsonResult { Value = obj }; return; } else { context.Result = new RedirectResult("~/Home/Login"); return; } #endregion } else { // 系统用户拥有所有权限 if (user.IsSystem == 1) { hasPermission = true; } else { // 权限判断 if (!string.IsNullOrEmpty(Authorize)) { string[] authorizeList = Authorize.Split(','); TData <List <MenuAuthorizeInfo> > objMenuAuthorize = await new MenuAuthorizeBLL().GetAuthorizeList(user); List <MenuAuthorizeInfo> authorizeInfoList = objMenuAuthorize.Result.Where(p => authorizeList.Contains(p.Authorize)).ToList(); if (authorizeInfoList.Any()) { hasPermission = true; #region 新增和修改判断 if (context.RouteData.Values["Action"].ToString() == "SaveFormJson") { var id = context.HttpContext.Request.Form["Id"]; if (id.ParseToLong() > 0) { if (!authorizeInfoList.Where(p => p.Authorize.Contains("edit")).Any()) { hasPermission = false; } } else { if (!authorizeInfoList.Where(p => p.Authorize.Contains("add")).Any()) { hasPermission = false; } } } #endregion } if (!hasPermission) { if (context.HttpContext.Request.IsAjaxRequest()) { TData obj = new TData(); obj.Message = "抱歉,没有权限"; context.Result = new CustomJsonResult { Value = obj }; } else { context.Result = new RedirectResult("~/Home/NoPermission"); } } } else { hasPermission = true; } } if (hasPermission) { var resultContext = await next(); } } }
public override void OnActionExecuting(ActionExecutingContext filterContext) { this._unitOfWork = UnitOfWorkFactory.Create(); base.OnActionExecuting(filterContext); }
public override void OnActionExecuting(ActionExecutingContext context) { context.Result = new JsonResult("MyActionFilter设置:" + context.ModelState.AllModelStateErrors().FirstOrDefault().Message); }
public void OnActionExecuting(ActionExecutingContext context) { }
protected override void OnActionExecuting(ActionExecutingContext filterContext) { Response.Cache.SetCacheability(HttpCacheability.NoCache); Response.Cache.SetNoStore(); base.OnActionExecuting(filterContext); }
public void OnActionExecuting(ActionExecutingContext filterContext) { }
protected override void OnActionExecuting(ActionExecutingContext filterContext) { SetCurrentThreadCulture(filterContext.RouteData); }
private WebResponseContent OnActionExecutionPermission(ActionExecutingContext context) { //!context.Filters.Any(item => item is IFixedTokenFilter))固定token的是否验证权限 //if ((context.Filters.Any(item => item is IAllowAnonymousFilter) // && !context.Filters.Any(item => item is IFixedTokenFilter)) // || UserContext.Current.IsSuperAdmin // ) if (context.Filters.Any(item => item is IAllowAnonymousFilter) || UserContext.Current.IsSuperAdmin) { return(ResponseContent.OK()); } //演示环境除了admin帐号,其他帐号都不能增删改等操作 if (!_userContext.IsSuperAdmin && AppSetting.GlobalFilter.Enable && AppSetting.GlobalFilter.Actions.Contains(((Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor).ActionName)) { return(ResponseContent.Error(AppSetting.GlobalFilter.Message)); } //如果没有指定表的权限,则默认为代码生成的控制器,优先获取PermissionTableAttribute指定的表,如果没有数据则使用当前控制器的名作为表名权限 if (ActionPermission.SysController) { object[] permissionArray = ((Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor)?.ControllerTypeInfo.GetCustomAttributes(typeof(PermissionTableAttribute), false); if (permissionArray == null || permissionArray.Length == 0) { ActionPermission.TableName = ((Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor).ControllerName; } else { ActionPermission.TableName = (permissionArray[0] as PermissionTableAttribute).Name; } if (string.IsNullOrEmpty(ActionPermission.TableName)) { //responseType = ResponseType.ParametersLack; return(ResponseContent.Error(ResponseType.ParametersLack)); } } //如果没有给定权限,不需要判断 if (string.IsNullOrEmpty(ActionPermission.TableName) && string.IsNullOrEmpty(ActionPermission.TableAction) && (ActionPermission.RoleIds == null || ActionPermission.RoleIds.Length == 0)) { return(ResponseContent.OK()); } //是否限制的角色ID称才能访问 //权限判断角色ID, if (ActionPermission.RoleIds != null && ActionPermission.RoleIds.Length > 0) { if (ActionPermission.RoleIds.Contains(_userContext.UserInfo.Role_Id)) { return(ResponseContent.OK()); } //如果角色ID没有权限。并且也没控制器权限 if (string.IsNullOrEmpty(ActionPermission.TableAction)) { return(ResponseContent.Error(ResponseType.NoRolePermissions)); } } //2020.05.05移除x.TableName.ToLower()转换,获取权限时已经转换成为小写 var actionAuth = _userContext.GetPermissions(x => x.TableName == ActionPermission.TableName.ToLower())?.UserAuthArr; if (actionAuth == null || actionAuth.Count() == 0 || !actionAuth.Contains(ActionPermission.TableAction)) { Logger.Info(LoggerType.Authorzie, $"没有权限操作," + $"用户ID{_userContext.UserId}:{_userContext.UserTrueName}," + $"角色ID:{_userContext.RoleId}:{_userContext.UserInfo.RoleName}," + $"操作权限{ActionPermission.TableName}:{ActionPermission.TableAction}"); return(ResponseContent.Error(ResponseType.NoPermissions)); } return(ResponseContent.OK()); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { actionStartTime = Helper.GetLocalDate(); userName = Helper.GetLoggedInUserID(); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { filterContext.Controller.ViewBag.Message = "Your application description page."; base.OnActionExecuting(filterContext); }
protected override void OnActionExecuting(ActionExecutingContext filterContext) { string actionName = filterContext.ActionDescriptor.ActionName; string controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; if (controllerName == "Account" && actionName == "Login") { return; } HttpCookie coockie = filterContext.RequestContext.HttpContext.Request.Cookies[FormsAuthentication.FormsCookieName]; if (coockie == null) { filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { "controller", "Account" }, { "action", "Login" } }); } else { try { FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(coockie.Value); string token = ticket.Name; TokenModel tokenModel = Account.GetTokenModel(token); if (tokenModel == null) { filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { "controller", "Account" }, { "action", "Login" } }); } if (tokenModel.IpAddress != ClientIPAddress) { filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { "controller", "Account" }, { "action", "Login" } }); } ConnectedUser = tokenModel.Account; filterContext.Controller.ViewData["MenuAbilitati"] = MenuAbilitati; if (controllerName != "Home") { if (!VerificaAbilitazioneUtente(controllerName, actionName)) { filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { "controller", "ErrorPage" }, { "action", "AccountNonAutorizzato" } }); // throw new Exception("Account non autorizzato per l'operazione"); // filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Unauthorized); return; } } } catch { filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { "controller", "Account" }, { "action", "Login" } }); } } }
public override void OnActionExecuting(ActionExecutingContext filterContext) { Debug.WriteLine("OnActionExecuting, attribute declared on: " + whereFrom); base.OnActionExecuting(filterContext); }
private void StopwatchEnabledStart(ActionExecutingContext filterContext) { System.Diagnostics.Stopwatch watch = new System.Diagnostics.Stopwatch(); filterContext.RouteData.Values.Add("Stopwatch", watch); watch.Start(); }
public override void OnActionExecuting(ActionExecutingContext actionContext) { var node = ServerManager.Get(actionContext.HttpContext.Request.Host.Value); if (node == null) { actionContext.Result = new JsonResult(actionContext.HttpContext.Request.Host.Value + " no node mapping this uri"); } if ((int)node.NodeType != (int)Target && node.NodeType != NodeTypeEnum.STANDALONE) { var baseUrl = ""; if ((int)Target < 3) { baseUrl = ProxyManager.Instance.Elect((NodeProxyTypeEnum)Target); } else { baseUrl = actionContext.ActionArguments[RouteArgumentName].ToString(); } var client = new RestClient("http://" + baseUrl); var restRequest = new RestRequest(actionContext.HttpContext.Request.Path.Value + actionContext.HttpContext.Request.QueryString); restRequest.Method = (actionContext.HttpContext.Request.Method == "GET") ? Method.GET : Method.POST; restRequest.JsonSerializer = new NewtonJsonSerializer(); if (restRequest.Method == Method.POST) { foreach (var arg in actionContext.ActionArguments) { restRequest.AddJsonBody(arg.Value); } } //var resetEvent = new ManualResetEvent(false); //var handle = client.ExecuteAsync(restRequest, (restResponse) => //{ // var m = ((ControllerActionDescriptor)actionContext.ActionDescriptor).MethodInfo; // if (m.ReturnType != null) // { // var obj = JsonConvert.DeserializeObject<object>(restResponse.Content); // actionContext.Result = new JsonResult(obj); // } // else // { // actionContext.Result = null; // } // resetEvent.Set(); //}); //resetEvent.WaitOne(); var res = client.Execute(restRequest); var m = ((ControllerActionDescriptor)actionContext.ActionDescriptor).MethodInfo; if (m.ReturnType != null) { var obj = JsonConvert.DeserializeObject <object>(res.Content); actionContext.Result = new JsonResult(obj); } else { actionContext.Result = null; } } else { base.OnActionExecuting(actionContext); } }
public override void OnActionExecuting(ActionExecutingContext filterContext) { base.OnActionExecuting(filterContext); this.StopwatchEnabledStart(filterContext); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { base.OnActionExecuting(filterContext); }
protected override void OnActionExecuting(ActionExecutingContext filterContext) { base.OnActionExecuting(filterContext); //从Session中得到用户登录信息 Session["WechatUserInfo"] = new WechatUserInfo { nickname = "*ST小散", headimgurl = "http://wx.qlogo.cn/mmopen/5mxuSU5RGhY0J2JiaCXazWbGkic0KalhYJVQOWfqxbQIeK3hzQoCAgQaD4eklDVC5Fic2vuNO0j78rdQ4oX5FZT8j0erf3SJQxu/0", openid = "oC86Z09y0dkSbyPXzxz6AOGF1U_o", sex = "", province = "广东", city = "广州", country = "中国" }; Session["UserInfo"] = new User { CompanyID = "", CompanyName = "", UserID = "", CardNo = "", StoreID = "", RoleID = "", LeaderUserID = "", StoreName = "", CellPhone = "", Sex = "", EmpNo = "", EmpName = "", RoleName = "", HireDate = "", Active = "" }; CurrentWechatUserInfo = Session["WechatUserInfo"] as WechatUserInfo; //绑定的是用户微信基本信息 CurrentUserInfo = Session["UserInfo"] as User; //绑定的是用户系统基本信息 if (CurrentWechatUserInfo == null) { string redirectUrl = System.Configuration.ConfigurationManager.AppSettings["redirectUrl"]; //从新从微信获取授权 Response.Redirect(@"https://open.weixin.qq.com/connect/oauth2/authorize?appid=wxd682b8b6d9016fb4&redirect_uri=" + redirectUrl + @"/WechatAuth&response_type=code&scope=snsapi_base&state=1#wechat_redirect"); } else { ViewBag.nickname = CurrentWechatUserInfo.nickname; ViewBag.headimgurl = CurrentWechatUserInfo.headimgurl; ViewBag.openid = CurrentWechatUserInfo.openid; ViewBag.sex = CurrentWechatUserInfo.sex; ViewBag.province = CurrentWechatUserInfo.province; ViewBag.city = CurrentWechatUserInfo.city; ViewBag.country = CurrentWechatUserInfo.country; ViewBag.CompanyID = CurrentUserInfo.CompanyID; ViewBag.CompanyName = CurrentUserInfo.CompanyName; ViewBag.RoleName = CurrentUserInfo.RoleName; ViewBag.LeaderUserID = CurrentUserInfo.LeaderUserID; ViewBag.CellPhone = CurrentUserInfo.CellPhone; ViewBag.UserID = CurrentUserInfo.UserID; ViewBag.EmpNo = CurrentUserInfo.EmpNo; ViewBag.EmpName = CurrentUserInfo.EmpName; ViewBag.StoreName = CurrentUserInfo.StoreName; ViewBag.StoreID = CurrentUserInfo.StoreID; if (String.IsNullOrEmpty(ViewBag.CompanyID) || ViewBag.CompanyID == "") { RedirectToAction("UserBinding", "UserBinding"); } } }
public override void OnActionExecuting(ActionExecutingContext filterContext) { // Asegúrese de que ASP.NET Simple Membership se inicialice solo una vez por inicio de la aplicación LazyInitializer.EnsureInitialized(ref _initializer, ref _isInitialized, ref _initializerLock); }