/// <summary>
/// 重写以实现功能权限的核心验证逻辑的实现
/// </summary>
/// <param name="httpContext">Http请求上下文</param>
/// <param name="function">要验证的功能</param>
/// <returns></returns>
protected virtual AuthorizationResult AuthorizeCore(HttpContextBase httpContext, IFunction function)
{
IPrincipal user = httpContext.User;
AuthorizationResult result = FunctionAuthorization.Authorize(function, user);
return(result);
}
/// <summary>
/// 重写以实现功能权限验证的逻辑
/// </summary>
/// <param name="actionContext">功能上下文</param>
/// <returns>权限验证结果</returns>
protected virtual AuthorizationResult AuthorizeCore(HttpActionContext actionContext)
{
IFunction function = actionContext.Request.GetExecuteFunction(ServiceProvider);
IPrincipal principal = actionContext.ControllerContext.RequestContext.Principal;
AuthorizationResult result = FunctionAuthorization.Authorize(function, principal);
return(result);
}
