protected override void Initialize(HttpControllerContext controllerContext) { //初始化请求上下文 base.Initialize(controllerContext); try { new SortedDictionary <string, string>(); string username = string.Empty; HttpRequestHeaders headers = controllerContext.Request.Headers; if (headers.Contains("e")) { text = (headers.GetValues("e").FirstOrDefault <string>().ToString() ?? string.Empty); text = System.Web.HttpUtility.UrlDecode(username); } UserInfoEntity userInfo = new LoginBll().GetUserInfo(username); this.loginid = userInfo.LoginID; this.loginname = userInfo.LoginName; List <UserAuthorityEntity> tempList = userInfo.UserRole.UserAuthority; //不存在安全问题 后续文章有权限验证 if (tempList.Where(c => c.AuthorityName == "权限名称").ToList().Count > 0) { //调用一个有权限的bll层 this.baseBll = new SeniorBll(); } else { //调用一个没有权限的bll层 this.baseBll = new OrdinaryBll(); } } catch (Exception ex) { LogHelper.WriteErrorLog("Initialize", ex); } }