protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken)
{
int matchHeaderCount = request.Headers.Count((item) =>
{
if ("keyword".Equals(item.Key))
{
foreach (var str in item.Value)
{
if ("SxSh".Equals(str))
{
return(true);
}
}
}
return(false);
});
if (matchHeaderCount > 0)
{
return(base.SendAsync(request, cancellationToken));
}
else
{
if (!Model_SYS_USER.IsLogin())
{
AjaxMsgModel amm = new AjaxMsgModel
{
BackUrl = "/Home/Login?msg=noLogin",
Data = null,
Msg = Message.NotLogin,
Statu = AjaxStatu.nologin
};
var response = request.CreateResponse(System.Net.HttpStatusCode.OK, amm);
//var response = new HttpResponseMessage(System.Net.HttpStatusCode.Forbidden);
var task = new TaskCompletionSource <HttpResponseMessage>();
task.SetResult(response);
return(task.Task);
}
return(base.SendAsync(request, cancellationToken));
}
}
//
// 摘要:
// 在过程请求授权时调用。
//
// 参数:
// filterContext:
// 筛选器上下文,它封装有关使用 System.Web.Mvc.AuthorizeAttribute 的信息。
//
// 异常:
// System.ArgumentNullException:
// filterContext 参数为 null。
public override void OnAuthorization(AuthorizationContext filterContext)
{
/**
* 如果请求的区域包含area并且area的名称等于SYSs
* 那么就进行权限验证
* */
if (filterContext.RouteData.DataTokens.Keys.Contains("area") &&
(filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "sys" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "gate" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "gis" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "job" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "material" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "rule" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "scripts" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "rain" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "tool" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "rail" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "car" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "repair"
))
{
///**
// * 验证用户是否登录
// * */
if (!Model_SYS_USER.IsLogin())
{ ///如果没有登录那么就跳转到登录页面
filterContext.Result = new BaseController().Redirect("/Home/Login?msg=noLogin", filterContext.ActionDescriptor, AjaxStatu.nologin);
}
else
{
if (!AuthorizeIs(filterContext.HttpContext))
{
filterContext.Result = new BaseController().Redirect("/Home/Login?msg=noLogin", filterContext.ActionDescriptor, AjaxStatu.none);
}
else
{
/**
* Action方法本身及它所属控制器都没有定义Skip特性
* 那么就可以进行权限验证
* */
if (!filterContext.ActionDescriptor.AttributeExists <Common.Attributes.SkipAttribute>(false) &&
!filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(Common.Attributes.SkipAttribute), false))
{
//验证该登录用户是否有访问该页面的权限
string strAreaName = filterContext.RouteData.DataTokens["area"].ToString().ToLower();
string strControllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName.ToLower();
string strActionName = filterContext.ActionDescriptor.ActionName.ToLower();
if (strActionName == "index")
{
string[] url = filterContext.HttpContext.Request.FilePath.Split('/');
if (url.Length > 4)
{
for (int i = 4; i < url.Length; i++)
{
strActionName = strActionName + "/" + url[i];
}
}
}
string strHttpMethod = filterContext.HttpContext.Request.HttpMethod;
HttpMethod httpMethod = strHttpMethod.ToLower().Equals("get") ? HttpMethod.Get
: strHttpMethod.ToLower().Equals("post") ? HttpMethod.Post : HttpMethod.HEAD;
if (!Model_SYS_MENU.HasPermission(strAreaName, strControllerName, strActionName, httpMethod))
{
filterContext.Result = new BaseController().Redirect("/Home/Login?msg=noPermission", filterContext.ActionDescriptor, AjaxStatu.noperm);
}
else
{
if (strActionName.ToLower() == "list" && filterContext.HttpContext.Request["page"] != null && filterContext.HttpContext.Request["rows"] != null)
{
string pageIndex = filterContext.HttpContext.Request["page"].ToString();
string pageSize = filterContext.HttpContext.Request["rows"].ToString();
if (pageIndex == "0" && pageSize == "0")
{
filterContext.Result = ObjToJson.GetToJson(null, 0, true);
}
}
}
}
}
}
}
}