public void Decide(IPrincipalToken principal, object cntext) { if (!principal.GetGrandedPermission().Contains(cntext as PermissionInfo)) { AccessException ex = new AccessException("无权限") { CheckObject = cntext }; throw ex; } }
public virtual void Decide(IPrincipalToken principal, object check, out bool result, bool throwException = true) { result = true; PermissionInfoCollection pc = principal.GetGrandedPermission(); if (ConfuseElect != null) pc.ElectVisitor = ConfuseElect; if (check is PermissionInfo) { CheckPermission(pc, (PermissionInfo)check, check, out result, throwException); } else { //资源上没有配置当前权限点指定的权限,则不允许任何人访问 PermissionPoint[] point = GetPoint(check); if (point == null || point.Length == 0) return;//程序没有定义权限点,不做任何权限控制! bool isThrow = true; try { foreach (PermissionPoint p in point) {//在当前对象上定义了多个权限点,每一个都需要进行权限检测 PermissionInfo checkPermission = p.NewPermission(); CheckPermission(pc, checkPermission, check, out result, throwException); } if (result) isThrow = false; } finally { if (isThrow) { //权限检查抛出异常则执行事件,执行此事件但异常继续抛出 OnAccessException(principal, check); } } } }