protected override void OnActionExecuting(ActionExecutingContext filterContext) { base.OnActionExecuting(filterContext); if (!filterContext.HttpContext.Request.IsAjaxRequest()) { CurrentDb.SysPageAccessRecord.Add(new SysPageAccessRecord() { UserId = User.Identity.GetUserId <int>(), AccessTime = DateTime.Now, PageUrl = filterContext.HttpContext.Request.Url.AbsolutePath, Ip = CommonUtils.GetIP() }); CurrentDb.SaveChanges(); } ILog log = LogManager.GetLogger(CommonSetting.LoggerAccessWeb); log.Info(FormatUtils.AccessWeb(User.Identity.GetUserId <int>(), User.Identity.GetUserName())); bool skipAuthorization = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true); if (!skipAuthorization) { if (filterContext.HttpContext.Request.Url.AbsolutePath.IndexOf(ManagerUtils.GetLoginPage()) == -1) { if (Request.IsAuthenticated) { var userId = User.Identity.GetUserId <int>(); var user = CurrentDb.SysStaffUser.Where(m => m.Id == userId).FirstOrDefault(); if (user == null) { Response.Redirect(ManagerUtils.GetLoginPage() + "?out=0"); } } } } }
public override void OnAuthorization(AuthorizationContext filterContext) { base.OnAuthorization(filterContext); bool skipAuthorization = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true); if (skipAuthorization) { return; } #region 判断是否有该权限 if (permissions != null) { MessageBoxModel messageBox = new MessageBoxModel(); messageBox.No = Guid.NewGuid().ToString(); messageBox.Type = MessageBoxTip.Exception; messageBox.Title = "You do not have permission to access the possible link timeout "; if (!filterContext.HttpContext.Request.IsAuthenticated) { messageBox.Content = "Please re <a href=\"javascript:void(0)\" onclick=\"window.top.location.href='" + ManagerUtils.GetLoginPage() + "'\">sigin</a>"; } bool IsHasPermission = HttpContext.Current.User.Identity.IsInPermission(permissions); if (!IsHasPermission) { bool isAjaxRequest = filterContext.RequestContext.HttpContext.Request.IsAjaxRequest(); if (isAjaxRequest) { CustomJsonResult jsonResult = new CustomJsonResult(ResultType.Exception, messageBox.No, messageBox.Title, messageBox); jsonResult.JsonRequestBehavior = JsonRequestBehavior.AllowGet; filterContext.Result = jsonResult; filterContext.Result.ExecuteResult(filterContext); filterContext.HttpContext.Response.End(); return; } else { string masterName = "_LayoutHome"; if (filterContext.HttpContext.Request.QueryString["dialogtitle"] != null) { masterName = "_Layout"; } filterContext.Result = new ViewResult { ViewName = "MessageBox", MasterName = masterName, ViewData = new ViewDataDictionary { Model = messageBox } }; return; } } } #endregion }
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) { base.HandleUnauthorizedRequest(filterContext); filterContext.Result = new RedirectResult(ManagerUtils.GetLoginPage()); }