Пример #1
0
        public async Task <ActionResult> Search(string query, int page)
        {
            try
            {
                // If query is empty send empty response to the caller
                if (String.IsNullOrWhiteSpace(query))
                {
                    return(Ok(new MovieResponse
                    {
                        Page = 1,
                        TotalPages = 0,
                        TotalResults = 0,
                        Results = new List <Result>()
                    }));
                }

                var search = WebUtility.UrlEncode(query);
                _logger.LogDebug("Initiating MusicDB service call with search token {0} and page {1}",
                                 query,
                                 page);
                var moviesResponse = await this._movieDBClient
                                     .SearchMoviesAsync(search, page);

                // Step - 1
                // Get the result list ordered alphabetically
                // There are some movies doesn't contain the title that matches search but
                // other attribites contains the search token. We need
                // remove those too while ordering the list.

                // Step - 2
                // We need to create proper resouce path for the image
                // Result is something like /adw6Lq9FiC9zjYEpOqfq03ituwp.jpg
                // Actual resource path is https://image.tmdb.org/t/p/w185/adw6Lq9FiC9zjYEpOqfq03ituwp.jpg
                // results.SetAbsoluteFilmPosterUrlPath(this._config.MovieDBPosterUrlFormat);

                var sortedMovieResponse = new FluentDataHelper(moviesResponse)
                                          .SortAlphabetically(query)
                                          .SetUrlPath(this._config.MovieDBPosterUrlFormat)
                                          .Build();
                return(Ok(sortedMovieResponse));
            }
            catch (Exception ex)
            {
                _logger.LogError(ex, "Error retrieving Movies");
                return(StatusCode(500, ex.Message));
            }
        }
Пример #2
0
        /// <summary>
        ///     根据用户Id构建Script
        /// </summary>
        /// <returns></returns>
        public string GetScript(long userId)
        {
            var sql = $@"SELECT MenuCode as MenuCode,AppCode as AppCode,OperationCode as OperationCode
                        FROM MenuAppAuthorize A
                    INNER JOIN RoleMenuAppAuthorize B
                        ON A.Id = B.MenuAppAuthorizeId
                    INNER JOIN UserRole C ON C.RoleId = B.RoleId
                        WHERE C.UserId = {userId}";

            using (var db = FluentDataHelper.CreateInstance())
            {
                var list = db.Sql(sql)
                           .QueryMany <AppMenuAuth>();

                var sb = new StringBuilder();
                sb.AppendLine("(function() {");

                sb.AppendLine("    abp.appMenuAuth = {};");
                sb.AppendLine("    abp.appMenuAuth.allAppMenuAuths = [");

                foreach (var item in list)
                {
                    sb.AppendLine("           {");
                    sb.AppendLine("            menuCode: '" + item.MenuCode + "',");
                    sb.AppendLine("            appCode: '" + item.AppCode + "',");
                    sb.AppendLine("            operationCode: '" + item.OperationCode + "',");
                    sb.AppendLine("},");
                }

                sb.AppendLine("    ];");

                sb.AppendLine("})();");

                return(sb.ToString());
            }
        }
Пример #3
0
        /// <summary>
        ///     判定当前登陆账号的角色是否有该操作方法的授权
        /// </summary>
        /// <param name="invocation"></param>
        public override void Authorize(IInvocation invocation)
        {
            var isAuthorized = HttpContext.Current.User.Identity.IsAuthenticated;

            if (!isAuthorized)
            {
                throw new UserFriendlyException("您未登陆,不能执行该操作");
            }
            //如果是超级管理员则跳过不验证
            var accountType = (AccountTypeEnum)Convert.ToInt32(ClaimTypeExtensions.GetClaimValue(ClaimTypeExtensions.AccountType));

            if (accountType == AccountTypeEnum.超级管理员)
            {
                return;
            }
            //从请求头中获取当前菜单的menuCode
            var menuCode = HttpContext.Current.Request.Headers["menuCode"];

            //如果为home则为工作台,只需登陆权限即可
            if (menuCode == "home")
            {
                return;
            }

            //如果是其他的menuCode则判定当前用户的角色是否有该菜单下的调用操作方法的权限

            //如果角色为空则直接不允许调用
            var roles = ClaimTypeExtensions.GetClaimValue(ClaimTypes.Role);//登陆时构造好了

            if (string.IsNullOrWhiteSpace(roles))
            {
                throw new UserFriendlyException("当前用户未拥有任何角色");
            }
            //如果service类上没打上AppAuthorizeAttribute特性则不验证直接退出
            var appAuthorizeAttribute = invocation.TargetType.GetCustomAttribute
                                            (typeof(AppAuthorizeAttribute)) as AppAuthorizeAttribute;

            if (appAuthorizeAttribute == null)
            {
                return;
            }
            var sql = $@"select  count(1)
                            from MenuAppAuthorizeRoles
                            where Role_Id in ({roles})  AND MenuAppAuthorize_Id in(
                            select Id from MenuAppAuthorizes where
                            MenuCode = '{menuCode}' and AppCode =
                            '{appAuthorizeAttribute.Code}'
                            and OperationCode = '{AppMethodAuthorizeAttribute.Action}')";

            try
            {
                using (var db = FluentDataHelper.CreateInstance())
                {
                    var data = db.Sql(sql)
                               .QuerySingle <int>();
                    if (data <= 0)
                    {
                        throw new UserFriendlyException
                                  ($"用户缺少{AppMethodAuthorizeAttribute.Description}权限!");
                    }
                }
            }
            catch (Exception e)
            {
                throw new UserFriendlyException
                          (e.Message);
            }
        }