/// <summary>
/// 初始化
/// </summary>
/// <param name="requestContext"/>
protected override void Initialize(RequestContext requestContext)
{
this.CurrentUser = ChildSysUserHelper.GetCurrentUser();
if (CurrentUser != null)
{
requestContext.HttpContext.User = (IPrincipal)this.CurrentUser;
this.CurrentUserFullInfo = (UserBackFullInfo)(requestContext.HttpContext.Session[this.CurrentUser.LoginName]);
}
base.Initialize(requestContext);
}
/// <summary>
/// 用户是否有Controller和Action对应功能的权限
/// </summary>
/// <param name="loginName"></param>
/// <param name="controllerName"></param>
/// <param name="actionName"></param>
/// <returns></returns>
//public static bool HasFeatureAuthority(string loginName, string controllerName, string actionName)
//{
// OrgUserDal dal = new OrgUserDal();
// return dal.HasFeatureAuthority(loginName, controllerName, actionName);
//}
/// <summary>
/// 验证用户功能权限
/// 先对用户的登录状态进行验证,如果未登录则重定向到系统配置中配置的登录页面,并且终止当前请求Action的执行。
/// 如果已登录,则继续进行功能项权限验证,如果用户没有所请求Action的权限则重定向到权限验证失败页面,并且终止当前请求Action的执行。
/// 如果权限验证通过则继续执行所请求的Action
/// </summary>
public static bool ValidateUserFeatureAuthority(ActionExecutingContext actionExecutingContext, PrincipalUser currentUser)
{
IgnoreAuthorityAttribute authorityAttribute = ChildSysUserHelper.GetIgnoreAuthorityAttribute(actionExecutingContext);
if (authorityAttribute != null && authorityAttribute.IgnoreType == IgnoreType.IgnoreLogin) //是否有验证特性
{
return(true);
}
if (currentUser == null)
{
//页面跳转
return(false);
}
if (currentUser.IsManager) //管理员
{
return(true);
}
string logonName = currentUser.LoginName;
WriteUserTokenCookie(logonName);
string controllerName = actionExecutingContext.ActionDescriptor.ControllerDescriptor.ControllerType.FullName;
string actionName = actionExecutingContext.ActionDescriptor.ActionName;
if (authorityAttribute != null)
{
if (authorityAttribute.IgnoreType == IgnoreType.IgnoreFeature)
{
return(true);
}
if (authorityAttribute.IgnoreType == IgnoreType.SameAs)
{
if (string.IsNullOrEmpty(authorityAttribute.SameActionName)) //如果没有复制SameActionName,则用当前ActionName
{
authorityAttribute.SameActionName = actionName;
}
actionName = authorityAttribute.SameActionName;
if (!string.IsNullOrEmpty(authorityAttribute.SameControllerName))
{
controllerName = authorityAttribute.SameControllerName;
}
var userinfo = (UserBackFullInfo)(actionExecutingContext.HttpContext.Session[currentUser.LoginName]);
var FeatureCheck = userinfo.UserFeatureInfoList.Where(p => p.FeatureControllerName == controllerName && p.FeatureActionName == actionName).ToList();
if (FeatureCheck.Count == 1)
{
return(true);
}
else
{
throw new InvalidOperationException(string.Format("Controller:{0}上的Action:{1}配置异常,请检查配置!", (object)controllerName, (object)actionName));
}
}
}
return(true);
}
/// <summary>
/// Action开始执行
/// 验证用户功能项权限
/// </summary>
/// <param name="filterContext"/>
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (this.CurrentUser == null)
{
//为空处理. 比如记录日志,跳转登录页等等
//这个要和前台约定返回数据
}
else
{
ChildSysUserHelper.ValidateUserFeatureAuthority(filterContext, this.CurrentUser);
base.OnActionExecuting(filterContext);
}
}