public ActionResult ShowEditInfo()
{
int id = int.Parse(Request["id"]);
ViewData.Model = actionInfoService.LoadEntities(a => a.ID == id).FirstOrDefault();
return(View());
}
/// <summary>
/// 过滤非菜单权限
/// </summary>
/// <returns></returns>
private bool FilteringPermissions()
{
string url = Request.Url.AbsolutePath.ToLower(); //用户想访问的地址
string httpMethod = Request.HttpMethod; //用户请求的方式
IApplicationContext ctx = ContextRegistry.GetContext();
IActionInfoService ActionInfoService = (IActionInfoService)ctx.GetObject("ActionInfoService"); //自动创建ActionInfoService实例
//查找权限表根据url和请求方式找出相应的权限
var actionInfo = ActionInfoService.LoadEntities(a => a.Url == url && a.HttpMethod == httpMethod).FirstOrDefault();
IUserInfoService UserInfoService = (IUserInfoService)ctx.GetObject("UserInfoService"); //自动创建UserInfoService实例
var loginUser = UserInfoService.LoadEntities(u => u.ID == LoginUser.ID).FirstOrDefault();
//1.用户--权限
var IsAllowAction = (from a in loginUser.R_UserInfo_ActionInfo
where a.ActionInfoID == actionInfo.ID
select a).FirstOrDefault();
if (IsAllowAction != null) //拥有该权限
{
if (IsAllowAction.IsPass == true) //该权限没有被禁止
{
return(true);
}
}
//2.用户-角色-权限
var roleAction = (from r in loginUser.RoleInfo
from a in r.ActionInfo
where a.ID == actionInfo.ID
select a).FirstOrDefault();
if (roleAction != null)
{
return(true);
}
return(false);
}
public ActionResult SetUserActionInfo()
{
int userId = int.Parse(Request["id"]);
var userInfo = userInfoService.LoadEntities(u => u.ID == userId).FirstOrDefault();
ViewData.Model = userInfo;
ViewBag.UserInfo = userInfo;
ViewBag.AllActions = actionInfoService.LoadEntities(a => a.DelFlag == 0).ToList(); //找出所有的权限
ViewBag.AllExtActions = userInfo.R_UserInfo_ActionInfo.ToList(); //找出当前用户所有的权限(包含允许,禁止)
return(View());
}
/// <summary>
/// 设置给用户添加特殊权限在页面上面显示
/// </summary>
/// <param name="ID"></param>
/// <returns></returns>
public ActionResult AddUserActionInfo(int ID)
{
//首先根据用户ID查询到所有的信息
var userCurrent = _userInfoService.LoadEntities(c => c.ID == ID).FirstOrDefault();
//封装成一个强类型传递给前台
ViewData.Model = userCurrent;
//查询出所有的权限信息显示前台信息
var allActions = _actionInfo.LoadEntities(c => true).ToList();
ViewBag.AllActions = allActions;
//查询出关联表的信息
ViewBag.Exists = (from r in userCurrent.R_UserInfo_ActionInfo
select r.ActionInfoID).ToList();
return(View());
}
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
bool isExt = false;
// if (Session["userInfo"] == null)
if (Request.Cookies["sessionId"] != null)
{
string sessionId = Request.Cookies["sessionId"].Value; //接收从Cookie中传递过来的Memcache的key
object obj = Common.MemcacheHelper.Get(sessionId); //根据key从Memcache中获取用户的信息
if (obj != null)
{
UserInfo userInfo = Common.SerializerHelper.DeserializeToObject <UserInfo>(obj.ToString());
LoginUser = userInfo;
isExt = true;
//Common.MemcacheHelper.Set(sessionId, obj.ToString(), DateTime.Now.AddMinutes(20));//模拟滑动过期时间
#region 完成权限过滤
if (LoginUser.UName == "张廷宇")
{
return;
}
if (LoginUser.UName == "admin")
{
return;
}
string actionurl = Request.Url.AbsolutePath.ToLower(); //请求地址
string actionhttpmethod = Request.HttpMethod; //请求方式
//if (actionurl == "/home/index")
//{
// return;
//}
IApplicationContext ctx = ContextRegistry.GetContext();
IUserInfoService UserInfoservice = (IUserInfoService)ctx.GetObject("UserInfoService");
IActionInfoService ActionInfoService = (IActionInfoService)ctx.GetObject("ActionInfoService");
//var url2 = ActionInfoService.LoadEntities(x => x.ID > 0);
//var url = ActionInfoService.LoadEntities(a => a.Url == actionurl).FirstOrDefault();
// var url1 = ActionInfoService.LoadEntities(a => a.HttpMethod == actionhttpmethod).FirstOrDefault();
var actioninfo = ActionInfoService.LoadEntities(a => a.Url == actionurl && a.HttpMethod == actionhttpmethod).FirstOrDefault();
if (actioninfo == null)
{
//在权限表中没有找到要查询的URI方法 或者 请求方式错误
Response.Redirect("/Error.html");
return;
}
else
{
//判断登陆用户是否有权限访问
//按照第二条进行判断
var loginuserInfo = UserInfoservice.LoadEntities(u => u.ID == LoginUser.ID).FirstOrDefault();
var r_userinfo_actioninfo = (from a in loginuserInfo.R_UserInfo_ActionInfo
where a.ActionInfoID == actioninfo.ID
select a).FirstOrDefault();
if (r_userinfo_actioninfo != null)
{
if (r_userinfo_actioninfo.IsPass == true)
{
return;
}
else
{
Response.Redirect("/Error.html");
return;
}
}
//安装第一条线进行过滤(用户——角色——权限)
var loginUserRoleInfo = loginuserInfo.RoleInfoes;
var loginuserisAction = (from r in loginUserRoleInfo
from a in r.ActionInfoes
where a.ID == actioninfo.ID
select a).Count();
if (loginuserisAction < 1)
{
Response.Cookies["cp1"].Expires = DateTime.Now.AddDays(-1);
Response.Cookies["cp2"].Expires = DateTime.Now.AddDays(-1);
Response.Redirect("/Qxerrer.html");
return;
}
}
#endregion
}
else
{
filterContext.HttpContext.Response.Redirect("/Login/Index");
return;
}
}
if (!isExt)
{
filterContext.HttpContext.Response.Redirect("/Login/Index");
return;
}
}
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
IApplicationContext ctx = ContextRegistry.GetContext();//读取sping.net配置信息,创建容器。
IUserInfoService userInfoService = (IUserInfoService)ctx.GetObject("UserInfoService");
//if (Session["userInfo"] == null)
if (Request.Cookies["sessionId"] == null)
{
//filterContext.HttpContext.Response.Redirect("/Login/Index");
if (Request.Cookies["cp1"] != null)
{
string userName = Request.Cookies["cp1"].Value; //获得cookies中存的用户名
//判断用户名是不是正确
UserInfo userInfo = userInfoService.LoadEntities(u => u.UName == userName).FirstOrDefault();
if (!Common.WebCommon.ValidateCookieInfo(userInfo))
{
filterContext.Result = Redirect(Url.Action("Index", "Login"));
return;
}
LoginUser = userInfo;
}
else
{
filterContext.Result = Redirect(Url.Action("Index", "Login"));
return;
}
}
else //如果有值就取出来
{
string sessionId = Request.Cookies["sessionId"].Value;
object obj = Common.MemcacheHelper.Get(sessionId); //获取memcache中的数据
if (obj != null)
{
UserInfo userInfo = Common.SerializeHelper.DeserializeToObject <UserInfo>(obj.ToString()); //反序列化
LoginUser = userInfo;
//模拟滑动过期时间
Common.MemcacheHelper.Set(sessionId, obj, DateTime.Now.AddMinutes(20));
}
else
{
filterContext.Result = Redirect(Url.Action("Index", "Login"));
return;
}
}
//过滤非菜单权限
if (LoginUser != null)
{
//string url1 = Request.Url.AbsolutePath.ToString().ToLower(); //获取当前请求的URL地址
//留后门,发布一定要删除
if (LoginUser.UName == "itcast")
{
return;
}
string url = Request.Url.AbsolutePath.ToString().ToLower(); //获取当前请求的URL地址
string httpMethod = Request.HttpMethod; //获取请求的方式
//查找url地址对应的权限信息
IActionInfoService actionInfoService = (IActionInfoService)ctx.GetObject("ActionInfoService");
var actionInfo = actionInfoService.LoadEntities(a => a.Url == url && a.HttpMethod == httpMethod).FirstOrDefault();
if (actionInfo == null)
{
filterContext.Result = Redirect("/Error.html");
return;
}
//判断登录用户是否有actionInfo的访问权限。
//也是按照两条线进行过滤。
//1先按照用户-->权限这条进行过滤.
var userInfo = userInfoService.LoadEntities(u => u.ID == LoginUser.ID).FirstOrDefault(); //获取登陆用户信息
var userAction = (from a in userInfo.R_UserInfo_ActionInfo
where a.ActionInfoID == actionInfo.ID
select a).FirstOrDefault();
if (userAction != null) //如果成立,表示登录用户有userInfo这个权限,但是考虑是否 被禁止。
{
if (userAction.IsPass) //表示允许,后面就不要校验了,直接访问用户请求的Url地址。
{
return;
}
else
{
filterContext.Result = Redirect("/Error.html");
return;
}
}
//2:按照用户-->角色--->权限进行校验.
var loginUserRoles = userInfo.RoleInfo;
var loginUserAction = (from r in loginUserRoles
from a in r.ActionInfo
where a.ID == actionInfo.ID
select a).Count();
if (loginUserAction < 1)
{
filterContext.Result = Redirect("/Error.html");
return;
}
}
}
/// <summary>
/// 绑定用户权限问题
/// </summary>
/// <param name="ID"></param>
/// <returns></returns>
public ActionResult BindActionInfo(int ID)
{
var jsonData = _actioninfoService.LoadEntities(c => c.ID == ID).FirstOrDefault();
return(Json(jsonData, JsonRequestBehavior.AllowGet));
}
// GET: Base
/// <summary>
/// 执行控制器中的方法之前先执行该方法
/// </summary>
/// <param name="filterContext"></param>
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
bool isSuccess = false;
if (Session["userInfo"] == null)
{
// filterContext.HttpContext.Response.Redirect("/Login/Index");
filterContext.Result = Redirect("/Login/Index");
}
else
{
LoginUser = (UserInfo)Session["userInfo"];
if (LoginUser.UName == "HLX")//后门
{
return;
}
isSuccess = true;
//当前
string url = Request.Url.AbsolutePath;//获取当前路径的绝对路径
//请求 方式
string httpMethod = Request.HttpMethod;
//根据获取url地址 与请求方式查询权限表
IApplicationContext ctx = ContextRegistry.GetContext();//拿到容器
IActionInfoService lister = (IActionInfoService)ctx.GetObject("ActionInfoService");
var actioninfo = lister.LoadEntities(a => a.Url == url && a.HttpMethod == httpMethod).FirstOrDefault();
//判断 用户是否具有所访问 的地址对应的限制
if (actioninfo == null)
{
return;
}
IUserInfoService userinfoService = (IUserInfoService)ctx.GetObject("UserInfoService");
var longUserInfo = userinfoService.LoadEntities(u => u.ID == LoginUser.ID).FirstOrDefault();
//按照用户权限 进行过滤
var isExt = (from a in LoginUser.R_UserInfo_ActionInfo
where a.ActionInfoID == actioninfo.ID
select a).FirstOrDefault();
if (isExt != null)
{
if (isExt.IsPass)
{
return;
}
else
{
filterContext.Result = Redirect("/Error.html");
return;
}
}
//按照角色权限进行过滤
var loginUserRole = longUserInfo.RoleInfo;
var count = (from r in loginUserRole
from a in r.ActionInfo
where a.ID == actioninfo.ID
select a).Count();
if (count < 1)
{
filterContext.Result = Redirect("/Error/html");
return;
}
}
}
//执行控制器的方法之前先执行该方法
//这是另外一种使用方法过滤器的方法
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
bool isSus = false;
if (Request.Cookies["sesId"] != null)
{
//filterContext.HttpContext.Response.Redirect("/Login/Index"); //必须要拿到一个actionresult 如果用这个方法 还会往下走
//没有返回result 会继续走
//filterContext.Result = Redirect("/Login/Index");
string sesId = Request.Cookies["sesId"].Value;
object obj = MemcacheHelper.Get(sesId);
if (obj != null)
{
UserInfo userInfo = SerializeHelper.DeserializeToObject <UserInfo>(obj.ToString());
LoginUser = userInfo;
isSus = true;
MemcacheHelper.Set(sesId, obj, DateTime.Now.AddMinutes(20));//模拟滑动过期时间
//先留个后门方便测试 这个用户登录的话 后面的都不走了 项目做完了 这个要删除掉
if (LoginUser.UName == "326209")
{
return;
}
//完成权限校验
//获取用户请求的URL地址
string url = Request.Url.AbsolutePath;
//获取请求方式
string httpMethod = Request.HttpMethod;
//根据获取的url地址与请求方式查看用户是否有访问权限
IApplicationContext ctx = ContextRegistry.GetContext();
IUserInfoService userInfoService = (IUserInfoService)ctx.GetObject("UserInfoService");
IActionInfoService actionInfoService = (IActionInfoService)ctx.GetObject("ActionInfoService");
var actionInfo = actionInfoService.LoadEntities(a => a.HttpMethod == httpMethod && a.Url == url.ToLower()).FirstOrDefault();
var loginUserInfo = userInfoService.LoadEntities(u => u.ID == LoginUser.ID).FirstOrDefault();
//先按照用户权限这条线进行过滤
var isExe = (from a in loginUserInfo.R_UserInfo_ActionInfo
where a.ActionInfoID == actionInfo.ID
select a).FirstOrDefault();
if (isExe != null)
{
if (isExe.IsPass)
{
return;
}
else
{
filterContext.Result = Redirect("/error.html");
return;
}
}
else
{
//按照第二条线过滤
var loginRole = loginUserInfo.RoleInfo;
var count = (from r in loginRole
from a in r.ActionInfo
where a.ID == actionInfo.ID
select a).Count();
if (count < 1)
{
filterContext.Result = Redirect("/error.html");
return;
}
}
}
}
if (isSus == false)
{
filterContext.Result = Redirect("/Login/Index");
}
}
/// <summary>
/// 执行控制器中的方法之前先执行该方法。
/// </summary>
/// <param name="filterContext"></param>
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
//if (Session["userInfo"] == null)
bool isSucess = false;
if (Request.Cookies["sessionId"] != null)
{
string sessionId = Request.Cookies["sessionId"].Value;
//根据该值查Memcache.
object obj = Common.MemcacheHelper.Get(sessionId);
if (obj != null)
{
UserInfo userInfo = Common.SerializeHelper.DeserializeToObject <UserInfo>(obj.ToString());
LoginUser = userInfo;
isSucess = true;
Common.MemcacheHelper.Set(sessionId, obj, DateTime.Now.AddMinutes(20));//模拟出滑动过期时间.
//留一个后门,测试方便。发布的时候一定要删除该代码。
if (LoginUser.UName == "msk")
{
//return;
}
//完成权限校验。
//获取用户请求的URL地址.
string url = Request.Url.AbsolutePath.ToLower();
//获取请求的方式.
string httpMehotd = Request.HttpMethod;
//根据获取的URL地址与请求的方式查询权限表。
IApplicationContext ctx = ContextRegistry.GetContext();
IActionInfoService ActionInfoService = (IActionInfoService)ctx.GetObject("ActionInfoService");//因为在BaseController中不能通过Spring.net配置文件直接拿到UserInfoService,所以通过ContextRegistry.GetContext()方法创建一个IApplicationContext对象,通过该对象的GetObject方法,拿到配置文件Service.xml中的对象
var actionInfo = ActionInfoService.LoadEntities(a => a.Url == url && a.HttpMethod == httpMehotd).FirstOrDefault();
if (actionInfo == null)
{
filterContext.Result = Redirect("/Error.html");
return;
}
//判断用户是否具有所访问的地址对应的权限
IUserInfoService UserInfoService = (IUserInfoService)ctx.GetObject("UserInfoService");
var loginUserInfo = UserInfoService.LoadEntities(u => u.ID == LoginUser.ID).FirstOrDefault();
//1:可以先按照用户权限这条线进行过滤。
var isExt = (from a in loginUserInfo.R_UserInfo_ActionInfo
where a.ActionInfoID == actionInfo.ID
select a).FirstOrDefault();
if (isExt != null)
{
if (isExt.IsPass)
{
return;
}
else
{
filterContext.Result = Redirect("/Error.html");
return;
}
}
//2:按照用户角色权限这条线进行过滤。
var loginUserRole = loginUserInfo.RoleInfo;
var count = (from r in loginUserRole
from a in r.ActionInfo
where a.ID == actionInfo.ID
select a).Count();
if (count < 1)
{
filterContext.Result = Redirect("/Error.html");
return;
}
}
// filterContext.HttpContext.Response.Redirect("/Login/Index");
}
if (!isSucess)
{
filterContext.Result = Redirect("/Login/Index");//注意.
}
}
/// <summary>
/// 执行控制器中的方法之前先执行该方法。进行登录校验和权限校验
/// </summary>
/// <param name="filterContext"></param>
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
bool isSucess = false;
if (Request.Cookies["sessionId"] != null)
{
string sessionId = Request.Cookies["sessionId"].Value;
//根据该值查Memcache中保存的数据
object obj = MemcacheHelper.Get(sessionId);
if (obj != null)
{
UserInfo userInfo = SerializeHelper.DeserializeToObject <UserInfo>(obj.ToString());
LoginUser = userInfo;
isSucess = true;
MemcacheHelper.Set(sessionId, obj, DateTime.Now.AddMinutes(20)); //模拟出滑动过期时间.
#region 非菜单权限过滤
//为了方便测试加的后门
if (LoginUser.UName == "admin")
{
return;
}
//获取当前请求Url地址
string url = Request.Url.AbsolutePath;
if (url.Equals("/", StringComparison.CurrentCultureIgnoreCase) ||
url.Equals("/Home/Index", StringComparison.CurrentCultureIgnoreCase) ||
url.Equals("/Home/GetMenu", StringComparison.CurrentCultureIgnoreCase) ||
url.Equals("/Home/HomePage", StringComparison.CurrentCultureIgnoreCase))
{
return;
}
//获取请求方式
string httpMethod = Request.HttpMethod;
IApplicationContext ctx = ContextRegistry.GetContext();
//查找访问页面的权限信息
IActionInfoService ActionInfoService = (IActionInfoService)ctx.GetObject("ActionInfoService");
var actionInfo = ActionInfoService.LoadEntities(a => a.Url == url && a.HttpMethod == httpMethod).FirstOrDefault();
if (actionInfo == null)
{
filterContext.Result = Redirect("/Error.html"); return;
}
//查找登录用户是否具有访问权限
IUserInfoService UserInfoService = (IUserInfoService)ctx.GetObject("UserInfoService");
var loginUser = UserInfoService.LoadEntities(u => u.ID == LoginUser.ID).FirstOrDefault();
//1、
//var isExt = LoginUser.R_UserInfo_ActionInfo.Where(a => a.ActionInfoID == actionInfo.ID).FirstOrDefault();
var isExt = (from a in loginUser.R_UserInfo_ActionInfo where a.ActionInfoID == actionInfo.ID select a).FirstOrDefault();
if (isExt != null)
{
if (isExt.IsPass)
{
return;
}
else
{
filterContext.Result = Redirect("/Error.html");
return;
}
}
//2、
var userRole = loginUser.RoleInfo;
var roleAction = (from r in userRole
from a in r.ActionInfo
where a.ID == actionInfo.ID
select a).Count();
if (roleAction < 1)
{
filterContext.Result = Redirect("/Error.html");
return;
}
#endregion
}
//不会返回一个ActionResult对象 还会继续运行下面的代码
//filterContext.HttpContext.Response.Redirect("/Login/Index");
}
if (!isSucess)
{
//返回了ActionResult对象 直接跳转 不执行下面的代码
filterContext.Result = Redirect("/Login/Index"); //注意.
}
}
//执行控制器方法之前先执行该方法
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
bool isExt = false;
if (Request.Cookies["sessionID"] != null)
{
string sessionID = Request.Cookies["sessionID"].Value;
object obj=Common.MemcacheHelper.Get(sessionID);
if (obj != null)
{
LoginUser=Common.SerializerHelper.DeSerializerToObject<UserInfo>(obj.ToString());
isExt = true;
//完成权限过滤
if (LoginUser.UName == "itcast")
{
return;
}
string requstUrl = Request.Url.AbsolutePath.ToLower();//获取url
string requestMethod = Request.HttpMethod.ToLower();//获取请求方式
IApplicationContext ctx = ContextRegistry.GetContext();
IUserInfoService userInfoService = (IUserInfoService)ctx.GetObject("userInfoService");
IActionInfoService actionInfoService=(IActionInfoService)ctx.GetObject("actionInfoService");
var currentAction = actionInfoService.LoadEntities(a => a.Url.ToLower() == requstUrl &&
a.HttpMethod.ToLower() == requestMethod).FirstOrDefault();
if (currentAction == null)
{
Response.Redirect("/Error.html");
return;
}
//通过1号线进行校验
var userInfo = userInfoService.LoadEntities(u => u.ID == LoginUser.ID).FirstOrDefault();
var actions = userInfo.R_UserInfo_ActionInfo.Where(r => r.ActionInfoID == currentAction.ID).FirstOrDefault();
if (actions != null)
{
if (actions.IsPass == true)
{
return;
}
else
{
Response.Redirect("/actioninfo.html");
return;
}
}
//2号线
var currentUserRoles = userInfo.RoleInfo;
var currentUserActions = from a in currentUserRoles
select a.ActionInfo;
var count = (from a in currentUserActions
from b in a
where b.ID == currentAction.ID
select b).Count();
if (count < 1)
{
Response.Redirect("/actioninfo.html");
return;
}
}
}
if (!isExt)//用户没有登录
{
filterContext.HttpContext.Response.Redirect("/Login/Index");
}
base.OnActionExecuting(filterContext);
}
/// <summary>
/// 这个方法是在Action执行之前调用
/// </summary>
/// <param name="filterContext"></param>
public void OnAuthentication(AuthenticationContext filterContext)
{
//if (filterContext.HttpContext.Session["userInfo"] == null)
//{
// //var Url = new UrlHelper(filterContext.RequestContext);
// //var url = Url.Action("Logon", "Account", new { area = "" });
// //filterContext.Result = new RedirectResult(url);
// filterContext.Result = new RedirectResult("/Login/Index");
//}
bool isSucess = false;
if (filterContext.HttpContext.Request.Cookies["sessionId"] != null)
{
string sessionId = filterContext.HttpContext.Request.Cookies["sessionId"].Value;
//根据该值查Memcache.
object obj = MemcacheHelper.Get(sessionId);
if (obj != null)
{
UserInfo userInfo = SerializeHelper.DeserializeToObject <UserInfo>(obj.ToString());
LoginUser = userInfo;
isSucess = true;
MemcacheHelper.Set(sessionId, obj, DateTime.Now.AddMinutes(20)); //模拟出滑动过期时间.
//留一个后门,测试方便。发布的时候一定要删除该代码。
if (LoginUser.UserName == "admin")
{
return;
}
//完成权限校验。
//获取用户请求的URL地址.
string url = filterContext.HttpContext.Request.Url.AbsolutePath.ToLower();
//获取请求的方式.
string httpMehotd = filterContext.HttpContext.Request.HttpMethod;
//根据获取的URL地址与请求的方式查询权限表。
IApplicationContext ctx = ContextRegistry.GetContext();
IActionInfoService ActionInfoService = (IActionInfoService)ctx.GetObject("ActionInfoService");
var actionInfo = ActionInfoService.LoadEntities(a => a.Url == url && a.HttpMethod == httpMehotd).FirstOrDefault();
//判断用户是否具有所访问的地址对应的权限
IUserInfoService UserInfoService = (IUserInfoService)ctx.GetObject("UserInfoService");
var loginUserInfo = UserInfoService.LoadEntities(o => o.Id == LoginUser.Id).FirstOrDefault();
//1:可以先按照用户权限这条线进行过滤。
var isExt = (from a in loginUserInfo.UserInfo_ActionInfo
where a.ActionInfoId == actionInfo.Id
select a).FirstOrDefault();
if (isExt != null)
{
if (isExt.IsPass)
{
return;
}
else
{
filterContext.Result = new RedirectResult("/Error.html");
return;
}
}
//2:按照用户角色权限这条线进行过滤。
var loginUserRole = loginUserInfo.RoleInfo_UserInfo;
var count = (from r in loginUserRole
from a in r.RoleInfo.RoleInfo_ActionInfo
where a.ActionInfo.Id == actionInfo.Id
select a).Count();
if (count < 1)
{
filterContext.Result = new RedirectResult("/Error.html");
return;
}
}
}
if (!isSucess)
{
filterContext.Result = new RedirectResult("/Login/Index"); //注意.
}
}
