/// <summary> /// 重写以实现功能权限的核心验证逻辑的实现 /// </summary> /// <param name="httpContext">Http请求上下文</param> /// <param name="function">要验证的功能</param> /// <returns></returns> protected virtual AuthorizationResult AuthorizeCore(HttpContextBase httpContext, IFunction function) { IPrincipal user = httpContext.User; AuthorizationResult result = FunctionAuthorization.Authorize(function, user); return(result); }
/// <summary> /// 重写以实现功能权限验证的逻辑 /// </summary> /// <param name="actionContext">功能上下文</param> /// <returns>权限验证结果</returns> protected virtual AuthorizationResult AuthorizeCore(HttpActionContext actionContext) { IFunction function = actionContext.Request.GetExecuteFunction(ServiceProvider); IPrincipal principal = actionContext.ControllerContext.RequestContext.Principal; AuthorizationResult result = FunctionAuthorization.Authorize(function, principal); return(result); }