/// <summary> /// 重写Action开始执行时进行的操作 /// </summary> /// <param name="filterContext">ActionExecutingContext</param> public override void OnActionExecuting(ActionExecutingContext filterContext) { //检查检测开关,为0即为关闭,就不继续执行检测代码逻辑了 var pageExcuteLog = HugogoConfigHelper.GetInstance().GetConfigValue("PageExcuteLog", "PageExcuteLog"); if (pageExcuteLog != "1") { return; } var monitorpages = HugogoConfigHelper.GetInstance().GetConfig("PageMonitor"); /*没有需要监控的页面,直接返回*/ if (monitorpages == null || monitorpages.Count == 0) { return; } //如果此页面不需要监控,直接返回 string scontroller = ConvertHelper.ToString(filterContext.RouteData.Values["controller"]); string action = ConvertHelper.ToString(filterContext.RouteData.Values["action"]); string pageurl = string.Format("{0}/{1}", scontroller, action).ToLower(); if (monitorpages.All(t => t.ConfigurationValue.ToLower() != pageurl)) { return; } ControllerBase controller = filterContext.Controller; if (controller != null) { Stopwatch stopWatch = new Stopwatch(); //为当前执行controller建立一个计时对象 controller.ViewData[StopWatchName] = stopWatch; //启动计时 stopWatch.Start(); } }
/// <summary> /// 重写Controller的OnActionExecuting方法,拦截Action的执行,进行自定义处理 /// </summary> /// <param name="filterContext">上下文</param> protected override void OnActionExecuting(ActionExecutingContext filterContext) { var returnUri = filterContext.HttpContext.Request.Url.ToString(); bool isLoginPage = RouteData.Values["controller"].ToString().ToLower().Equals("account"); //如果不是登录页,尚未登录,跳转到登录页面 if (!isLoginPage && (CurrentUserInfo == null || CurrentUserInfo.UserId == 0)) { filterContext.Result = Redirect(FormsAuthentication.LoginUrl + "?returnUrl=" + HttpUtility.UrlEncode(ConvertHelper.ToString(filterContext.RequestContext.HttpContext.Request.Url))); return; } //判断此次的请求,该用户是否有此页面的权限 List <MenuModel> userMenu = CurrentUserInfo.UserMenu; if (userMenu == null || userMenu.Count <= 0) { filterContext.Controller.ViewData["ErrorMessage"] = "对不起,您没有此系统的任何权限!"; filterContext.Result = new ViewResult { ViewName = "IllegalCallError", ViewData = filterContext.Controller.ViewData, }; return; } //验证是否开启Action权限验证,默认是不开启 if (HugogoConfigHelper.GetInstance().GetConfigValue("AccountLogin", "ActionLegalize", false)) { //判断权限,通过比较Url和QueryString参数来实现,由于路由定义的关系,所以Url要忽略{id} var currURL = Url.Action(RouteData.Values["action"].ToString(), RouteData.Values["controller"].ToString(), new { id = "" }); var currRequest = new HttpRequest("", "http://" + Request.Url.Authority + currURL, Request.Url.Query.TrimStart('?')); if (!userMenu.Any(m => { var url = m.Url; if (string.IsNullOrWhiteSpace(url)) { return(false); } //每次Url修改的时候,则对UrlRequest重新赋值 if (!url.StartsWith("http://")) { //如果是相对路径,则处理成绝对路径 url = "http://" + Request.Url.Authority.Trim('/') + "/" + Request.ApplicationPath.Trim('/') + "/" + url.Trim('/'); } var objUri = new Uri(url); var urlRequest = new HttpRequest("", "http://" + objUri.Authority + objUri.LocalPath, objUri.Query.TrimStart('?')); //域名和端口要一致 if (urlRequest.Url.Authority != currRequest.Url.Authority) { return(false); } //Url地址要一致,原始地址和后来拼的都比较一次 if (urlRequest.Url.AbsolutePath.Trim('/') != Request.Url.AbsolutePath.Trim('/') && urlRequest.Url.AbsolutePath.Trim('/') != currRequest.Url.AbsolutePath.Trim('/')) { return(false); } //菜单Url如果不包含Get参数,则无需继续验证,算通过 if (urlRequest.QueryString.Count <= 0) { return(true); } //菜单Url包含的Get参数也要一致 return(urlRequest.QueryString.AllKeys.All(key => urlRequest.QueryString[key] == currRequest.QueryString[key])); })) { filterContext.Controller.ViewData["ErrorMessage"] = "对不起,您没有此页面的访问权限!!"; filterContext.Result = new ViewResult { ViewName = "Error", ViewData = filterContext.Controller.ViewData, }; return; } } //登录的用户信息 ViewBag.CurrentUser = CurrentUserInfo; ViewBag.IsOnLine = AppSettingsHelper.GetBool("IsOnLine"); }