Пример #1
0
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {

            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }
            string path = filterContext.HttpContext.Request.Path.ToLower();
            if (path == "/" || path == "/Login/Index".ToLower() || path == "/Login/Login".ToLower()
                || path == "/Login/GetValidateCode".ToLower()||path=="/Home/Index".ToLower()
                || path == "/Home/GetResource".ToLower())
            {
                return; //忽略权限判定
            }           
            if (!CheckLogin(filterContext))
            {
                string rawUrl = filterContext.HttpContext.Request.RawUrl;
                string allUrl = filterContext.HttpContext.Request.Url.ToString();
                int index = allUrl.IndexOf(rawUrl);
                string url = allUrl.Substring(0, index);
                if (filterContext.HttpContext.Request.IsAjaxRequest())
                {
                    filterContext.HttpContext.Response.StatusCode = 499; //尽量不要与现有的Http状态码冲突

                }

                filterContext.Result = new ContentResult
                {
                    Content =
                        "<script language =\"javascript\" type =\"text/javascript\" >alert(\"登录超时!\");window.top.location.href = \"" +
                        url + "/Login/Index\";</script>"
                };
            }
            else
            {
                //return;
                UserInfo userInfo = ((UserInfo)filterContext.HttpContext.Session["UserInfo"]);
                if (userInfo.UserRole.Count > 0)
                {
                    IResourceRoleManager iResourceRoleDao = new ResourceRoleManager();
                    IResourceManager iResourceDao = new ResourceManager();
                    var s = from li in userInfo.UserRole select li.RID;
                    IList<Guid> sb = iResourceRoleDao.SearchFor(r => s.Contains(r.RlID)).Select(r => r.ReID).ToList();
                    IList<Resource> reResult =
                        iResourceDao.SearchFor(
                            m =>
                                sb.Contains(m.ResourceID) && m.URL.Equals(path)).ToList();
                    if (reResult.Count > 0)
                    {

                    }
                    else
                    {
                        string rawUrl = filterContext.HttpContext.Request.RawUrl;
                        string allUrl = filterContext.HttpContext.Request.Url.ToString();
                        int index = allUrl.IndexOf(rawUrl);
                        string url = allUrl.Substring(0, index);
                        if (filterContext.HttpContext.Request.IsAjaxRequest())
                        {
                            filterContext.HttpContext.Response.StatusCode = 499; //尽量不要与现有的Http状态码冲突

                        }
                        filterContext.Result = new ContentResult
                        {
                            Content =
                                "<script language =\"javascript\" type =\"text/javascript\" >alert(\"无权访问此页!\");window.top.location.href = \"" +
                                url + "/Login/Index\";</script>"
                        };
                    }
                }
            }           
        }