/// <summary>
/// Checks the permission.
/// </summary>
/// <returns>The permission.</returns>
/// <param name="filterContext">Filter context.</param>
/// <param name="message">Message.</param>
protected virtual PermissionCheckResult CheckPermission(ActionExecutingContext filterContext, out string message)
{
var currentRequestController = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
var currentRequestAction = filterContext.ActionDescriptor.ActionName;
var session = new SessionExt(filterContext.HttpContext);
message = "";
//检查是否在排除列表
var ex =
ExcludeUrlConfiguration.GetExcludeUrl(
currentRequestController,
currentRequestAction);
if (ex != null)
{
return(PermissionCheckResult.Passed);
}
//检查Session
if (!CheckSession(filterContext))
{
message = LanguageResources.Common.NeedLogin;
#if DEBUG
LogHelper.WriteLog("跳登陆,原因:Session丢失\r\nSessionId" + new SessionExt(filterContext.HttpContext).SessionId);
#endif
return(PermissionCheckResult.NeedLogin);
}
//检查权限控制
var permissions = RetechWing.BusinessCache.SystemCache.Instance.Permissions;
//找到请求对应的权限
var currentPermission =
permissions.FirstOrDefault(
p => p.Controller.Equals(currentRequestController, StringComparison.OrdinalIgnoreCase) &&
p.Action.Equals(currentRequestAction, StringComparison.OrdinalIgnoreCase)
);
if (currentPermission == null)
{
//当前请求没有在权限列表中,暂定通过
return(PermissionCheckResult.Passed);
}
//属于用户的权限
var user = session["currentUser"] as SysUser;
var userRights = RetechWing.BusinessCache.SystemCache.Instance.UserPermissions(user.UserId, new RoleManager().GetUserPermissionIds);
if (userRights.Contains(currentPermission.PermissionId))
{
//通过
return(PermissionCheckResult.Passed);
}
#if DEBUG
LogHelper.WriteLog("跳登陆,原因:没有权限\r\nSessionId" + new SessionExt(filterContext.HttpContext).SessionId);
#endif
//以下是未通过的情况
message = LanguageResources.Common.NoRight;
return(PermissionCheckResult.NoPermission);
}
public ActionResult ReLoadConfig()
{
//重新加载各种配置
MongoDBConfig.LoadConfig();
ExcludeUrlConfiguration.LoadConfig();
UrlGenerateConfig.LoadConfig();
RedisConfig.LoadConfig();
SqlDispatcherConfig.LoadConfig();
//FastDFS.Configuration.FastDFSConfigHelper.LoadConfig();
BundleConfigManager.RegisterBundles(BundleTable.Bundles);
string backUrl = Request.UrlReferrer == null?Url.RetechAction("Index") : Request.UrlReferrer.ToString();
return(Redirect(backUrl));
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var session = new SessionExt(filterContext.HttpContext);
//检查是否在排除列表
var currentRequestController = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
var currentRequestAction = filterContext.ActionDescriptor.ActionName;
var ex = ExcludeUrlConfiguration.GetExcludeUrl(currentRequestController, currentRequestAction);
if (ex == null)
{
if (session["currentUser"] == null)
{
//直接输入Url地址
string urlReferrer = "";
if (filterContext.HttpContext.Request.QueryString["keep"] == "1")
{
urlReferrer = filterContext.HttpContext.Request.Url.ToString();
}
else
{
if (session["lastRequestUrl"] != null)
{
urlReferrer = session["lastRequestUrl"].ToString();
}
else
{
urlReferrer = filterContext.HttpContext.Request.UrlReferrer == null ? "/" : filterContext.HttpContext.Request.UrlReferrer.ToString();
}
}
var controller = filterContext.Controller as System.Web.Mvc.Controller;
if (string.IsNullOrWhiteSpace(filterContext.HttpContext.Request.Params["code"]) && string.IsNullOrWhiteSpace(filterContext.HttpContext.Request.Params["openID"]))
{
filterContext.Result = new RedirectResult(WeixinCommon.GetAuthorizeUserInfoUrl(controller.Url.RetechAction("VerifyUser", "WeiXin", new { area = "Mobile" }) + "?backUrl=" + controller.Url.Encode(urlReferrer), Senparc.Weixin.MP.AdvancedAPIs.OAuthScope.snsapi_userinfo));
return;
}
else
{
string openID = "";
if (string.IsNullOrWhiteSpace(filterContext.HttpContext.Request.Params["openID"]))
{
string code = filterContext.HttpContext.Request.Params["code"];
openID = WeixinCommon.GetOpenidByCode(code);
}
else
{
openID = filterContext.HttpContext.Request.Params["openID"];
}
var user = new UserManager().GetUserByOpenID(openID);
if (user == null)
{
filterContext.Result = new RedirectResult(controller.Url.RetechAction("BindingAccount", "WeiXin", new { area = "Mobile" }) + "?openID=" + openID + "&msg=您还未绑定用户信息!&backUrl=" + controller.Url.Encode(urlReferrer));
return;
}
else
{
user.OpenID = openID;
session["currentUser"] = user;
session["currentTenant"] = new TenantManager().GetTenantById(user.TenantId);
}
}
}
}
base.OnActionExecuting(filterContext);
}
