/// <summary>
 /// 拦截
 /// </summary>
 /// <param name="basicReturn">基本返回</param>
 /// <param name="invocation">拦截参数</param>
 /// <param name="attr">特性</param>
 /// <param name="isExecProceeded">是否已执行</param>
 protected override void Intercept(BasicReturnInfo basicReturn, IInvocation invocation, AuthAttribute attr, out bool isExecProceeded)
 {
     isExecProceeded = false;
     if (UserTool.CurrUser == null)
     {
         basicReturn.SetCodeMsg(403, "您还未授权,无权限访问");
     }
 }
        /// <summary>
        /// 无权限处理
        /// </summary>
        /// <param name="context">http上下文</param>
        /// <returns>任务</returns>
        protected virtual async Task NotPermissionHandle(HttpContext context)
        {
            var basicReturn = new BasicReturnInfo();

            basicReturn.SetCodeMsg(CommonCodeDefine.NOT_PERMISSION, localize.Get(CommonCodeDefine.NOT_PERMISSION_CULTURE_KEY, "对不起,您没有权限"));

            await WriteContent(context, basicReturn);
        }
        public BasicReturnInfo Test()
        {
            var re = new BasicReturnInfo();

            re.SetCodeMsg(1, "fds", "des");

            return(re);
        }
示例#4
0
        /// <summary>
        /// 执行
        /// </summary>
        /// <param name="context">http上下文</param>
        /// <returns>任务</returns>
        public async Task InvokeAsync(HttpContext context)
        {
            var path = context.Request.Path.Value.ToLower();

            if (path.StartsWith(options.PfxApiPath))
            {
                try
                {
                    await next(context);
                }
                catch (BusinessException ex) // 业务异常不记录日志
                {
                    var re = new BasicReturnInfo();
                    re.SetCodeMsg(ex.Code, ex.Msg, ex.Desc);

                    await WriteReturnInfo(context, options, re);
                }
                catch (Exception ex)
                {
                    var    routeValue = context.Request.RouteValues;
                    var    routes = routeValue.GetControllerAction();
                    var    msg = new StringBuilder($"请求:{path} method:{context.Request.Method} ");
                    string controller = null, action = null;
                    if (routes != null && routes.Length == 2)
                    {
                        controller = routes[0];
                        action     = routes[1];
                        msg.AppendFormat("controller:{0},action:{1}.", controller, action);
                    }
                    msg.Append("发生异常." + ex.Message);
                    _ = log.ErrorAsync(msg.ToString(), ex, "ApiExceptionHandleMiddleware", path, controller, action);

                    var returnInfo = new BasicReturnInfo()
                    {
                        Code = options.ExceptionCode,
                        Msg  = options.ExceptionMsg,
                    };
                    if (options.IsDevelopment)
                    {
                        returnInfo.Ex   = ex;
                        returnInfo.Desc = ex.ToString();
                    }
                    else
                    {
                        returnInfo.Desc = ex.Message;
                    }

                    await WriteReturnInfo(context, options, returnInfo);
                }
            }
            else
            {
                await next(context);
            }
        }
示例#5
0
        /// <summary>
        /// 拦截
        /// </summary>
        /// <param name="basicReturn">基本返回</param>
        /// <param name="invocation">拦截参数</param>
        /// <param name="attr">特性</param>
        /// <param name="isExecProceeded">是否已执行</param>
        protected override void Intercept(BasicReturnInfo basicReturn, IInvocation invocation, AuthAttribute attr, out bool isExecProceeded)
        {
            isExecProceeded = false;
            var currUser = attr.CurrUserParamIndex == -1 ? null : invocation.Arguments[attr.CurrUserParamIndex];
            var user     = UserTool.GetCurrUser(currUser as BasicUserInfo);

            if (user == null)
            {
                basicReturn.SetCodeMsg(403, "您还未授权,无权限访问");
            }
        }
示例#6
0
        /// <summary>
        /// 拦截
        /// </summary>
        /// <param name="basicReturn">基本返回</param>
        /// <param name="invocation">拦截参数</param>
        /// <param name="attr">特性</param>
        /// <param name="isExecProceeded">是否已执行</param>
        protected override void Intercept(BasicReturnInfo basicReturn, IInvocation invocation, FunctionAttribute attr, out bool isExecProceeded)
        {
            isExecProceeded = false;
            var ignorePerAttr = invocation.Method.GetAttribute <IgnorePermissionAttribute>();

            if (ignorePerAttr != null)
            {
                return;
            }
            if (attr.Codes.IsNullOrCount0())
            {
                basicReturn.SetFailureMsg("功能编码不能为空");
                return;
            }
            MenuAttribute menuAttr = invocation.TargetType.GetAttribute <MenuAttribute>();

            if (menuAttr == null)
            {
                return;
            }
            if (string.IsNullOrWhiteSpace(menuAttr.Code))
            {
                basicReturn.SetFailureMsg("菜单编码不能为空");
                return;
            }

            // 这里执行权限验证
            IUserService userService = AutofacTool.Resolve <IUserService>();

            if (userService == null)
            {
                basicReturn.SetFailureMsg("找不到用户服务");
                return;
            }
            ReturnInfo <bool> perReInfo = userService.IsCurrUserPermission(menuAttr.Code, attr.Codes);

            if (perReInfo.Failure())
            {
                basicReturn.FromBasic(perReInfo);
                return;
            }
            if (perReInfo.Data)
            {
                return;
            }
            else
            {
                basicReturn.SetCodeMsg(ErrCodeDefine.NOT_PERMISSION, "Sorry,您没有访问此功能权限");
            }
        }