public override void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.RouteData.Values["controller"].Equals("Account"))
{
return;
}
MyAuthorizeDBContent = new MyCMSDBContent();
string userName = WebSecurity.CurrentUserName;
var isAllowed = false;
if (userName.Length > 0)//用户已经登录
{
var controller = filterContext.RouteData.Values["controller"].ToString();
var action = filterContext.RouteData.Values["action"].ToString();
isAllowed = this.IsAllowed(userName, controller, action);
}
else
{
filterContext.HttpContext.Response.Redirect(new UrlHelper(filterContext.RequestContext).Action("Login", "Account"), true);
filterContext.RequestContext.HttpContext.Response.End();
//filterContext.Result = new EmptyResult();
return;
}
if (!isAllowed)
{
filterContext.RequestContext.HttpContext.Response.Write("无权访问");
filterContext.RequestContext.HttpContext.Response.End();
}
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
if(filterContext.RouteData.Values["controller"].Equals("Account"))
{
return;
}
MyAuthorizeDBContent = new MyCMSDBContent();
string userName = WebSecurity.CurrentUserName;
var isAllowed = false;
if (userName.Length > 0)//用户已经登录
{
var controller = filterContext.RouteData.Values["controller"].ToString();
var action = filterContext.RouteData.Values["action"].ToString();
isAllowed = this.IsAllowed(userName, controller, action);
}
else
{
filterContext.HttpContext.Response.Redirect(new UrlHelper(filterContext.RequestContext).Action("Login", "Account"),true);
filterContext.RequestContext.HttpContext.Response.End();
//filterContext.Result = new EmptyResult();
return;
}
if (!isAllowed)
{
filterContext.RequestContext.HttpContext.Response.Write("无权访问");
filterContext.RequestContext.HttpContext.Response.End();
}
}
