[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
public class ManageAuthorizeAttribute : ActionFilterAttribute, IAuthorizationFilter
{
public void OnAuthorization(AuthorizationFilterContext context)
{
//先验证是否登录
//if (!IsLogin(context))
//{
// if (context.HttpContext.Request.IsAjaxRequest())
// {
// context.Result = new JsonResult() { Data = "您必须先以管理员身份登录下后台,才能继续操作" };
// return;
// }
// else
// {
// context.Result = new ContentResult() { Content = "<script type=\"text/javascript\">parent.location.href='" + siteConfig.weburl + "/User/Login?returnUrl='+encodeURIComponent(parent.window.location.href);</script>" };
// return;
// }
//}
//此处应该封装成一个方法,test为登录用户名 ,db不能直接写,调用方法可以
//var u = db.Users.Include(x => x.Roles).ThenInclude(x => x.Permissions).Where(x => x.LoginName == "test").FirstOrDefault();
//if (u != null)
//{
// List<Permission> plist = new List<Permission>();
// foreach (var item in u.Roles)
// {
// plist.AddRange(item.Permissions);
// }
// var controllerName = context.RouteData.Values["controller"].ToString();
// var actionName = context.RouteData.Values["action"].ToString();
// bool HasPermission = plist.Any(p => p.ControllerName.ToLower().Equals(controllerName, StringComparison.CurrentCultureIgnoreCase)
// && p.ActionName.ToLower().Equals(actionName, StringComparison.CurrentCultureIgnoreCase));
// if (!HasPermission)
// {
// context.Result = Unauthorized();
// return;
// }
}
protected virtual bool IsLogin(AuthorizationFilterContext filterContext)
{
if (filterContext.HttpContext.User.Identity.IsAuthenticated)
{
return true;
}
return false;
}
}简单的权限验证-备忘
戎码一生
2023-05-12
本文约2340 字
阅读大约需要 6 分钟
快来抢沙发吧😊😊😊😊
Mr.Seaning
无实而享大名者必有奇祸