public override void OnException(System.Web.Http.Filters.HttpActionExecutedContext actionExecutedContext)
{
HttpStatusCode statusCode = HttpStatusCode.BadRequest;
if (actionExecutedContext.ActionContext.Response != null)
{
statusCode = actionExecutedContext.ActionContext.Response.StatusCode;
}
base.OnException(actionExecutedContext);
ApiResultModel result = new ApiResultModel();
// 取得由 API 返回的状态代码
result.Status = statusCode;
result.Err = actionExecutedContext.Exception.FullMessage();
result.Content = new ApiResponse()
{
Code = -1,
Err = actionExecutedContext.Exception.FullMessage(),
StackTrace = actionExecutedContext.Exception.FullStackTrace()
};
MonitorLog MolLog = null;
if (actionExecutedContext.Request.Properties.ContainsKey(Constants.Custom_LogInfoKey))
{
MolLog = actionExecutedContext.Request.Properties[Constants.Custom_LogInfoKey] as MonitorLog;
}
if (null != MolLog)
{
LoggerHelper.Error(MolLog.GetLoginfo());
}
else
{
LoggerHelper.Error(actionExecutedContext.Exception.FullMessage());
}
actionExecutedContext.Response = actionExecutedContext.Request.CreateResponse(result.Status, result);
}
public override void OnActionExecuting(HttpActionContext actionContext)
{
try
{
//日志
IOwinContext ctx = (OwinContext)actionContext.Request.Properties["MS_OwinContext"];
if (ctx != null)
{
MonitorLog MonLog = new MonitorLog();
MonLog.StartTime = Convert.ToDateTime(DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss.fff"));
MonLog.Controller = actionContext.ActionDescriptor.ControllerDescriptor.ControllerName;
MonLog.Action = actionContext.ActionDescriptor.ActionName;
MonLog.Url = HttpUtility.UrlDecode(ctx.Request.Uri.AbsoluteUri);
MonLog.RequestBody = (string)actionContext.Request.Properties[Constants.Custom_RequestBodyString];
actionContext.Request.Properties.Add(Constants.Custom_LogInfoKey, MonLog);
}
base.OnActionExecuting(actionContext);
///检查模型合法性
if (actionContext.ModelState.IsValid == false)
{
actionContext.Response = actionContext.Request.CreateErrorResponse(
HttpStatusCode.BadRequest, actionContext.ModelState);
return;
}
if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any())
{
return;
}
//检查令牌
NameValueCollection nvc = HttpUtility.ParseQueryString(actionContext.Request.RequestUri.Query);
string accessToken = nvc[Constants.AccessToken];
if (string.IsNullOrEmpty(accessToken))
{
ApiResultModel result = new ApiResultModel();
result.Status = System.Net.HttpStatusCode.Unauthorized;
result.Err = "数据令牌不能为空";
actionContext.Response = actionContext.Request.CreateResponse(result.Status, result);
return;
}
//根据Token获取用户
var user = new TokenService().ValidToken(accessToken);
var funcAttr = actionContext.ActionDescriptor.GetCustomAttributes <FuncAttribute>().FirstOrDefault() ?? actionContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes <FuncAttribute>().FirstOrDefault();
if (null != funcAttr)//验证特性标记的权限
{
bool isCommon = actionContext.ActionDescriptor.ControllerDescriptor.ControllerType.IsSubclassOf(typeof(BaseController));
FuncService fs = new FuncService();
if (isCommon)//验证通用增删改查控制器的操作权限
{
string action = actionContext.ActionDescriptor.ActionName;
switch (action.ToLower())
{
case "get":
fs.ValidUserFunc(user.UserNo, funcAttr.FuncNo, "qry");
break;
case "post":
fs.ValidUserFunc(user.UserNo, funcAttr.FuncNo, "add");
break;
case "put":
case "modify":
fs.ValidUserFunc(user.UserNo, funcAttr.FuncNo, "mod");
break;
case "delete":
case "logicdelete":
fs.ValidUserFunc(user.UserNo, funcAttr.FuncNo, "del");
break;
default:
fs.ValidUserFunc(user.UserNo, funcAttr.FuncNo, funcAttr.Action);
break;
}
}
else
{
fs.ValidUserFunc(user.UserNo, funcAttr.FuncNo, funcAttr.Action);
}
}
else//未标记特性则验证管理员权限
{
if (!new UserService().IsInRole(user, "admin"))
{
throw new Exception("未获得授权");
}
}
}
catch (Exception e)
{
throw e;
}
}
public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext)
{
MonitorLog MonLog = null;
try
{
object content = null;
HttpStatusCode statusCode = HttpStatusCode.BadRequest;
if (actionExecutedContext.ActionContext.Response != null)
{
statusCode = actionExecutedContext.ActionContext.Response.StatusCode;
if (actionExecutedContext.ActionContext.Response.Content != null)
{
content = actionExecutedContext.ActionContext.Response.Content.ReadAsAsync <object>().Result;
}
}
MonLog = actionExecutedContext.Request.Properties[Constants.Custom_LogInfoKey] as MonitorLog;
if (null != MonLog)
{
MonLog.EndTime = DateTime.Now;
if (null != content)
{
MonLog.Response = JsonConvert.SerializeObject(content, new IsoDateTimeConverter()
{
DateTimeFormat = "yyyy-MM-dd HH:mm:ss"
});
}
LoggerHelper.Info(MonLog.GetLoginfo());
}
// 若发生例外则不在这边处理
if (actionExecutedContext.Exception != null)
{
return;
}
base.OnActionExecuted(actionExecutedContext);
ApiResultModel result = new ApiResultModel();
// 取得由 API 返回的状态代码
result.Status = statusCode;
if (statusCode != HttpStatusCode.OK)
{
HttpError error = content as HttpError;
if (error != null && error.Count > 0)
{
result.Err = error.Message;
}
}
// 取得由 API 返回的资料
result.Content = content;
// 重新封装回传格式
actionExecutedContext.Response = actionExecutedContext.Request.CreateResponse(result.Status, result);
}
catch (Exception e)
{
if (null != MonLog)
{
MonLog.Response = e.FullMessage();
actionExecutedContext.Request.Properties[Constants.Custom_LogInfoKey] = MonLog;
}
throw;
}
}