/// <summary>
/// 在一个action被执行前调用
/// </summary>
/// <param name="filterContext"></param>
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
int productid = 1;
BaseController control = filterContext.Controller as BaseController;
//跳过对/Base/的任何检查
if (control != null && control.GetType() == typeof(BaseController))
{
base.OnActionExecuting(filterContext);
return;
}
string LoginIP = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"] as string;
//用户权限较验
CRMService crm = new CRMService();
//获得当前用户的登陆信息
CookieUserInfo cui = MembershipService.GetUserCookie();
//CookieUserInfo cui = new CookieUserInfo() { UserID = "1", UserName = "******", LoginGuid = Guid.NewGuid().ToString() };
Int32? userid = null;
if (cui != null)
{
userid = Convert.ToInt32(cui.UserID);
Hashtable counthtparm = new Hashtable();
counthtparm["UserID"] = userid.Value;
counthtparm["LoginIP"] = LoginIP;
int countIP = CRMMapper.Get().QueryForObject<int>("BlackIP.MyFind", counthtparm);
if (countIP != 0)
{
filterContext.Result = new RedirectResult("/Base/IPError.mvc");
}
}
else
{
userid = -1;
Hashtable counthtparm = new Hashtable();
counthtparm["UserID"] = userid.Value;
counthtparm["LoginIP"] = LoginIP;
int countIP = CRMMapper.Get().QueryForObject<int>("BlackIP.MyFind", counthtparm);
if (countIP != 0)
{
filterContext.Result = new RedirectResult("/Base/IPError.mvc");
}
}
//用户ip使用次数校验
int count = 0;
int times = 30;
Hashtable htparm = new Hashtable();
if (userid != null)
htparm["UserID"] = userid.Value;
else
htparm["UserID"] = -1;
htparm["LoginIP"] = LoginIP;
htparm["Now"] = DateTime.Now;
htparm["Last"] = DateTime.Now.AddMinutes(-1);
count = CRMMapper.Get().QueryForObject<Int32>("UserLogin.Total", htparm);
if (count < times)
{
UserLogin userlogin = new UserLogin();
if (userid != null)
userlogin.UserID = userid.Value;
else
userlogin.UserID = -1;
userlogin.LoginIP = LoginIP;
userlogin.LoginTime = DateTime.Now;
userlogin.FuntionCode = control.functionCode();
userlogin.URL = HttpContext.Current.Request.Url.PathAndQuery;
new UserLoginDao().Insert(userlogin);
}
else
{
BlackIP bIP = new BlackIP();
bIP.LogIP = LoginIP;
bIP.UserID = userid.Value;
bIP.BlackTime = DateTime.Now;
new BlackIPDao().Insert(bIP);
filterContext.Result = new RedirectResult("/Base/IPError.mvc");
}
//检验是否是重复登录
if (userid != null)
{
string url = HttpContext.Current.Request.Url.PathAndQuery;
UserLoginGuidService ulgs = new UserLoginGuidService();
UserLoginGuid ulg = ulgs.selectbyuserid(userid.Value);
if (ulg != null)
{
if (ulg.LoginGuid != cui.LoginGuid)
{
UserModel olduser = new MembershipUserService().GetUserName(Int32.Parse(cui.UserID));
DateTime oldtime = olduser.LastLoginDate;
string oldip = olduser.LastLoginIp;
if (oldtime.AddMinutes(30) < DateTime.Now || oldip == LoginIP)
filterContext.Result = new RedirectResult("/Base/MutiLogin.mvc?Url=" + url);
else
{
int t = 30 - (DateTime.Now - oldtime).Minutes;
filterContext.Result = new RedirectResult("/Base/LessTime.mvc?t=" + t);
}
}
}
}
int helptopic = 0;
EnumPrivilegeCheckResult checkresult = crm.UserPrivilegeCheck(control.ProductID, control.functionCode(), userid, out helptopic);
//处理验证结果
switch (checkresult)
{
case EnumPrivilegeCheckResult.未登陆失败:
filterContext.Result = new RedirectResult("/Base/NotLogin.mvc");
return;
case EnumPrivilegeCheckResult.非会员失败:
filterContext.Result = new RedirectResult("/Base/NotMember.mvc/" + helptopic);
return;
case EnumPrivilegeCheckResult.会员等级不足失败:
filterContext.Result = new RedirectResult("/Base/MemberLevelError.mvc/" + helptopic);
return;
case EnumPrivilegeCheckResult.未购买产品失败:
filterContext.Result = new RedirectResult("/Base/NotBuyer.mvc/" + helptopic);
return;
case EnumPrivilegeCheckResult.试用账号超过次数上限:
filterContext.Result = new RedirectResult("/Base/TryError.mvc");
return;
}
//如果是子账户,检查是否有相应权限
if (userid != null && new MemberUserInfoDao().Find((int)userid) != null)
{
int uid = (int)userid;
bool IsAdmin = new MemberUserInfoDao().IsAdmin(uid);
if (!IsAdmin)//如果是子账户
{
//找到子账户的functionlist
string functionlist = FindFunctionlist(uid, productid);
List<string> codelist = new List<string>();
if (functionlist != null)
{
string[] list = functionlist.Split(',');
//再找到相应的functioncode
foreach (string str in list)
{
if (str.Trim().ToLower() != "on")
{
codelist.Add(new ProductFunctionDao().Find(Int32.Parse(str)).FunctionCode);
}
}
}
codelist.Add("IndexPage");//首页都有
//如果当前code不在列表中则失败
if (!codelist.Contains(control.functionCode()))
{
filterContext.Result = new RedirectResult("/Base/NotAdmin.mvc");
}
}
}
//通过检杳,允许访问
base.OnActionExecuting(filterContext);
}
