Пример #1
0
 private void InitializeComponent()
 {
     if (!this.Page.IsPostBack)
     {
         if (!this.Context.User.Identity.IsAuthenticated)
         {
             string valueByCache = ConfigSystem.GetValueByCache("DefaultLoginAdmin");
             FormsAuthentication.SignOut();
             base.Session.Clear();
             base.Session.Abandon();
             base.Response.Clear();
             base.Response.Write(@"<script defer>window.alert('You do not have permission to access this page or session expired!\n Please login again or contact your administrator!');parent.location='" + valueByCache + "';</script>");
             base.Response.End();
         }
         else if (base.Session[Globals.SESSIONKEY_ADMIN] != null)
         {
             AccountsPrincipal principal = new AccountsPrincipal(((User) base.Session[Globals.SESSIONKEY_ADMIN]).UserName);
             if ((this.PermissionID != -1) && !principal.HasPermissionID(this.PermissionID))
             {
                 base.Response.Clear();
                 base.Response.Write(@"<script defer>window.alert('You do not have permission to access this page!\n Please login again or contact your administrator');history.back();</script>");
                 base.Response.End();
             }
         }
     }
 }
Пример #2
0
        private void InitializeComponent()
        {
            if (!Page.IsPostBack)
            {
                if (Context.User.Identity.IsAuthenticated)
                {
                    AccountsPrincipal user = new AccountsPrincipal(Context.User.Identity.Name);
                    if (Session["UserInfo"] == null)
                    {
                        Maticsoft.Accounts.Bus.User currentUser = new Maticsoft.Accounts.Bus.User(user);
                        Session["UserInfo"] = currentUser;
                        Session["Style"] = currentUser.Style;
                        Response.Write("<script defer>location.reload();</script>");
                    }
                    if ((PermissionID != -1) && (!user.HasPermissionID(PermissionID)))
                    {
                        Response.Clear();
                        Response.Write("<script defer>window.alert('You do not have permission to access this page!\\n Please login again or contact your administrator');history.back();</script>");
                        Response.End();
                    }
                }
                else
                {
                    string defaullogin = Maticsoft.Common.ConfigHelper.GetConfigString("defaulloginadmin");
                    FormsAuthentication.SignOut();
                    Session.Clear();
                    Session.Abandon();
                    Response.Clear();
                    Response.Write("<script defer>window.alert('You do not have permission to access this page or session expired!\\n Please login again or contact your administrator!');parent.location='" + defaullogin + "';</script>");
                    Response.End();
                }

            }
        }
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            AccountsPrincipal principal;
            AccountType requiredType = this.RequiredType;
            int permissionId = this.PermissionId;
            if (httpContext == null)
            {
                throw new ArgumentNullException("httpContext");
            }
            if (!httpContext.User.Identity.IsAuthenticated)
            {
                httpContext.Response.StatusCode = 0x321;
                return false;
            }
            if (!Enum.IsDefined(typeof(AccountType), requiredType))
            {
                httpContext.Response.StatusCode = 0x326;
                return false;
            }
            try
            {
                principal = new AccountsPrincipal(httpContext.User.Identity.Name);
            }
            catch (IdentityNotMappedException)
            {
                FormsAuthentication.SignOut();
                if (httpContext.Session != null)
                {
                    httpContext.Session.Remove(Globals.SESSIONKEY_USER);
                    httpContext.Session.Clear();
                    httpContext.Session.Abandon();
                }
                httpContext.Response.StatusCode = 0x321;
                return false;
            }
            User user = null;
            if (httpContext.Session[Globals.SESSIONKEY_USER] == null)
            {
                user = new User(principal);
                httpContext.Session[Globals.SESSIONKEY_USER] = user;
            }
            else
            {
                user = (User) httpContext.Session[Globals.SESSIONKEY_USER];
            }
            if (requiredType != -1)
            {
                switch (user.UserType)
                {
                    case "UU":
                        if (requiredType != AccountType.User)
                        {
                            httpContext.Response.StatusCode = 0x323;
                            return false;
                        }
                        goto Label_01CA;

                    case "AA":
                        if (requiredType != AccountType.Admin)
                        {
                            httpContext.Response.StatusCode = 0x323;
                            return false;
                        }
                        goto Label_01CA;

                    case "EE":
                        if (requiredType != AccountType.Enterprise)
                        {
                            httpContext.Response.StatusCode = 0x323;
                            return false;
                        }
                        goto Label_01CA;

                    case "AG":
                        if (requiredType != AccountType.Agent)
                        {
                            httpContext.Response.StatusCode = 0x323;
                            return false;
                        }
                        goto Label_01CA;
                }
                httpContext.Response.StatusCode = 0x326;
                return false;
            }
        Label_01CA:
            if ((permissionId != -1) && !principal.HasPermissionID(permissionId))
            {
                httpContext.Response.StatusCode = 0x323;
                return false;
            }
            return true;
        }
Пример #4
0
        private void InitializeComponent()
        {
            //if (!Page.IsPostBack)
            {

                if (Context.User.Identity.IsAuthenticated)
                {
                    userPrincipal = new AccountsPrincipal(Context.User.Identity.Name);

                    if ((PermissionID != -1) && (!userPrincipal.HasPermissionID(PermissionID)))
                    {
                        Response.Clear();
                        Response.Write("<script defer>window.alert('" + Resources.Site.TooltipNoPermission + "');history.back();</script>");
                        Response.End();
                    }

                    if (Session["UserInfo"] == null)
                    {
                        currentUser = new Maticsoft.Accounts.Bus.User(userPrincipal);
                        Session["UserInfo"] = currentUser;
                        Session["Style"] = currentUser.Style;

                        ////Response.Write("<script defer>location.reload();</script>");
                        ////跳转到 session 超时页面,提示用户重新登录

                        //Response.Clear();
                        //Response.Write("<script defer>window.alert('" + Resources.Site.TooltipSessionExpired + "');parent.location='" + defaullogin + "';</script>");
                        //Response.End();

                    }
                    else
                    {
                        currentUser = (Maticsoft.Accounts.Bus.User)Session["UserInfo"];
                        Session["Style"] = currentUser.Style;
                    }

                }
                else
                {
                    FormsAuthentication.SignOut();
                    Session.Clear();
                    Session.Abandon();
                    Response.Clear();
                    Response.Write("<script defer>window.alert('" + Resources.Site.TooltipNoAuthenticated + "');parent.location='" + defaullogin + "';</script>");
                    Response.End();
                }

            }
        }