zoukankan      html  css  js  c++  java
  • MVC权限验证过滤器

    Action属性,权限设定属性  
      [AttributeUsage(AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
        public class PurviewEnumAttribute : Attribute
        {
            public string PurviewString { get; set; }
     
            public PurviewEnumAttribute(string purview)
            {
                this.PurviewString = purview;
            }
        }

    Action属性,权限验证属性
     
      [AttributeUsage(AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
        public class SuperICAuthorizeAttribute : AuthorizeAttribute
        {
            public string[] ActionPowers { get; set; }
     
            public override void OnAuthorization(System.Web.Mvc.AuthorizationContext filterContext)
            {
                string controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
                string actionName = filterContext.ActionDescriptor.ActionName;
                object[] attributes = filterContext.ActionDescriptor.GetCustomAttributes(typeof(PurviewEnumAttribute), true);
                if (attributes != null && attributes.Count() > 0)
                {
                    string power = (attributes[0] as PurviewEnumAttribute).PurviewString;
                    this.ActionPowers = power.Split(new string[] { "," }, StringSplitOptions.RemoveEmptyEntries);
                }
                base.OnAuthorization(filterContext);
            }
     
            protected override bool AuthorizeCore(HttpContextBase httpContext)
            {
                if (httpContext == null)
                {
                    return false;
                }
                if (ActionPowers == null)
                {
                    return true;
                }
                if (ActionPowers.Length == 0)
                {
                    return true;
                }
                // if (ActionPowers.Any(httpContext.User.IsInRole))  
                if (ActionPowers.Any((new string[]{"1","2","3","4"}).Contains))
                {
                    return true;
                }
                else
                {
                    return false;
                }
            }
        } 

    使用:Index需要权限为2的才能够进入,SuperICAuthorize过滤器中验证是否具有2的权限
    [PurviewEnum("2")]
    [SuperICAuthorize]
    public ActionResult Index() 
  • 相关阅读:
    mysql 需要掌握的重点
    Java基础知识之常见关键字以及概念总结
    abstract类中method
    java异常继承何类,运行时异常与一般异常的区别
    Java关键字final、static使用总结
    JAVA读取XML文件
    关于ApplicationContext的初始化
    web.xml配置详解
    maven javaProject打包发布成服务
    Spring Boot Actuator 配置和应用
  • 原文地址:https://www.cnblogs.com/shi2310/p/7405923.html
Copyright © 2011-2022 走看看