Mikel
来源: [转载]Asp.Net MVC 权限控制(二):Controller级别控制 – Jetlian – 博客园
由于直接在Controller上标记角色名有很大的局限性,所以本示例使用 ActionFilterAttribute 进行权限拦截。
首先创建三类标记:
1. 匿名访问标记(AnonymousAttribute)
2. 登录用户访问标记(LoginAllowViewAttribute)
3. 权限验证访问标记(PermissionPageAttribute)
最重要的一个权限拦截:AuthorizeFilter,包括三步验证:
1. 是否为匿名访问,如果是匿名访问直接通过;
2. 是否为权限验证,通过查询登录时保存的Cookie进行验证;
3. 是否已登录,如果登录直接通过;
<div class="container">
<div class="line number1 index0 alt2"><code class="csharp color1">/// <summary></code></div>
<div class="line number2 index1 alt1"><code class="csharp color1">/// 权限拦截</code></div>
<div class="line number3 index2 alt2"><code class="csharp color1">/// </summary></code></div>
<div class="line number4 index3 alt1"><code class="csharp plain">[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = </code><code class="csharp keyword">false</code><code class="csharp plain">)]</code></div>
<div class="line number5 index4 alt2"><code class="csharp keyword">public</code> <code class="csharp keyword">class</code> <code class="csharp plain">AuthorizeFilter : ActionFilterAttribute</code></div>
<div class="line number6 index5 alt1"><code class="csharp plain">{</code></div>
<div class="line number7 index6 alt2"><code class="csharp spaces"> </code><code class="csharp color1">/// <summary></code></div>
<div class="line number8 index7 alt1"><code class="csharp spaces"> </code><code class="csharp color1">/// 在执行操作方法之前由 ASP.NET MVC 框架调用。</code></div>
<div class="line number9 index8 alt2"><code class="csharp spaces"> </code><code class="csharp color1">/// </summary></code></div>
<div class="line number10 index9 alt1"><code class="csharp spaces"> </code><code class="csharp color1">/// <param name="filterContext"></param></code></div>
<div class="line number11 index10 alt2"><code class="csharp spaces"> </code><code class="csharp keyword">public</code> <code class="csharp keyword">override</code> <code class="csharp keyword">void</code> <code class="csharp plain">OnActionExecuting(ActionExecutingContext filterContext)</code></div>
<div class="line number12 index11 alt1"><code class="csharp spaces"> </code><code class="csharp plain">{</code></div>
<div class="line number13 index12 alt2"><code class="csharp spaces"> </code><code class="csharp comments">//根据验证判断进行处理</code></div>
<div class="line number14 index13 alt1"><code class="csharp spaces"> </code><code class="csharp keyword">if</code> <code class="csharp plain">(!</code><code class="csharp keyword">this</code><code class="csharp plain">.AuthorizeCore(filterContext))</code></div>
<div class="line number15 index14 alt2"><code class="csharp spaces"> </code><code class="csharp plain">{</code></div>
<div class="line number16 index15 alt1"><code class="csharp spaces"> </code><code class="csharp plain">filterContext.RequestContext.HttpContext.Response.Redirect(</code><code class="csharp string">"~/Account/Login"</code><code class="csharp plain">);</code></div>
<div class="line number17 index16 alt2"><code class="csharp spaces"> </code><code class="csharp plain">}</code></div>
<div class="line number18 index17 alt1"><code class="csharp spaces"> </code><code class="csharp plain">}</code></div>
<div class="line number19 index18 alt2"></div>
<div class="line number20 index19 alt1"></div>
<div class="line number21 index20 alt2"><code class="csharp spaces"> </code><code class="csharp color1">/// <summary></code></div>
<div class="line number22 index21 alt1"><code class="csharp spaces"> </code><code class="csharp color1">/// //权限判断业务逻辑</code></div>
<div class="line number23 index22 alt2"><code class="csharp spaces"> </code><code class="csharp color1">/// </summary></code></div>
<div class="line number24 index23 alt1"><code class="csharp spaces"> </code><code class="csharp color1">/// <param name="filterContext"></param></code></div>
<div class="line number25 index24 alt2"><code class="csharp spaces"> </code><code class="csharp color1">/// <param name="isViewPage">是否是页面</param></code></div>
<div class="line number26 index25 alt1"><code class="csharp spaces"> </code><code class="csharp color1">/// <returns></returns></code></div>
<div class="line number27 index26 alt2"><code class="csharp spaces"> </code><code class="csharp keyword">protected</code> <code class="csharp keyword">virtual</code> <code class="csharp keyword">bool</code> <code class="csharp plain">AuthorizeCore(ActionExecutingContext filterContext)</code></div>
<div class="line number28 index27 alt1"><code class="csharp spaces"> </code><code class="csharp plain">{</code></div>
<div class="line number29 index28 alt2"><code class="csharp spaces"> </code><code class="csharp keyword">object</code><code class="csharp plain">[] filter;</code></div>
<div class="line number30 index29 alt1"></div>
<div class="line number31 index30 alt2"><code class="csharp spaces"> </code><code class="csharp comments">// 验证当前Action是否是匿名访问Action</code></div>
<div class="line number32 index31 alt1"><code class="csharp spaces"> </code><code class="csharp plain">filter = filterContext.Controller.GetType().GetCustomAttributes(</code><code class="csharp keyword">typeof</code><code class="csharp plain">(AnonymousAttribute), </code><code class="csharp keyword">true</code><code class="csharp plain">);</code></div>
<div class="line number33 index32 alt2"><code class="csharp spaces"> </code><code class="csharp keyword">if</code> <code class="csharp plain">(filter.Length == 1)</code></div>
<div class="line number34 index33 alt1"><code class="csharp spaces"> </code><code class="csharp plain">{</code></div>
<div class="line number35 index34 alt2"><code class="csharp spaces"> </code><code class="csharp keyword">return</code> <code class="csharp keyword">true</code><code class="csharp plain">;</code></div>
<div class="line number36 index35 alt1"><code class="csharp spaces"> </code><code class="csharp plain">}</code></div>
<div class="line number37 index36 alt2"></div>
<div class="line number38 index37 alt1"><code class="csharp spaces"> </code><code class="csharp comments">// 验证当前Action是否是权限控制页面Action</code></div>
<div class="line number39 index38 alt2"><code class="csharp spaces"> </code><code class="csharp plain">filter = filterContext.Controller.GetType().GetCustomAttributes(</code><code class="csharp keyword">typeof</code><code class="csharp plain">(PermissionPageAttribute), </code><code class="csharp keyword">true</code><code class="csharp plain">);</code></div>
<div class="line number40 index39 alt1"><code class="csharp spaces"> </code><code class="csharp keyword">if</code> <code class="csharp plain">(filter.Length == 1)</code></div>
<div class="line number41 index40 alt2"><code class="csharp spaces"> </code><code class="csharp plain">{</code></div>
<div class="line number42 index41 alt1"><code class="csharp spaces"> </code><code class="csharp comments">//获取 controllerName 名称</code></div>
<div class="line number43 index42 alt2"><code class="csharp spaces"> </code><code class="csharp keyword">var</code> <code class="csharp plain">controllerName = filterContext.RouteData.Values[</code><code class="csharp string">"controller"</code><code class="csharp plain">].ToString();</code></div>
<div class="line number44 index43 alt1"><code class="csharp spaces"> </code><code class="csharp comments">//获取ACTION 名称</code></div>
<div class="line number45 index44 alt2"><code class="csharp spaces"> </code><code class="csharp keyword">var</code> <code class="csharp plain">actionName = filterContext.RouteData.Values[</code><code class="csharp string">"action"</code><code class="csharp plain">].ToString();</code></div>
<div class="line number46 index45 alt1"></div>
<div class="line number47 index46 alt2"><code class="csharp spaces"> </code><code class="csharp keyword">var</code> <code class="csharp plain">validateAuthorize = </code><code class="csharp keyword">new</code> <code class="csharp plain">ValidateAuthorize();</code></div>
<div class="line number48 index47 alt1"><code class="csharp spaces"> </code><code class="csharp keyword">return</code> <code class="csharp plain">validateAuthorize.validate(controllerName);</code></div>
<div class="line number49 index48 alt2"><code class="csharp spaces"> </code><code class="csharp plain">}</code></div>
<div class="line number50 index49 alt1"></div>
<div class="line number51 index50 alt2"><code class="csharp spaces"> </code><code class="csharp comments">// 验证当前Action是否是登录用户Action</code></div>
<div class="line number52 index51 alt1"><code class="csharp spaces"> </code><code class="csharp plain">filter = filterContext.Controller.GetType().GetCustomAttributes(</code><code class="csharp keyword">typeof</code><code class="csharp plain">(LoginAllowViewAttribute), </code><code class="csharp keyword">true</code><code class="csharp plain">);</code></div>
<div class="line number53 index52 alt2"><code class="csharp spaces"> </code><code class="csharp keyword">if</code> <code class="csharp plain">(filter.Length == 1)</code></div>
<div class="line number54 index53 alt1"><code class="csharp spaces"> </code><code class="csharp plain">{</code></div>
<div class="line number55 index54 alt2"><code class="csharp spaces"> </code><code class="csharp keyword">return</code> <code class="csharp plain">HttpContext.Current.User.Identity.IsAuthenticated;</code></div>
<div class="line number56 index55 alt1"><code class="csharp spaces"> </code><code class="csharp plain">}</code></div>
<div class="line number57 index56 alt2"></div>
<div class="line number58 index57 alt1"><code class="csharp spaces"> </code><code class="csharp keyword">throw</code> <code class="csharp keyword">new</code> <code class="csharp plain">Exception(</code><code class="csharp string">"用户验证出错!"</code><code class="csharp plain">);</code></div>
<div class="line number59 index58 alt2"><code class="csharp spaces"> </code><code class="csharp plain">}</code></div>
<div class="line number60 index59 alt1"><code class="csharp plain">}</code></div>
<div class="line number60 index59 alt1">
