using System.Web.Mvc;
using System.Web.Security;
using Bowin.Common;
using System.Collections.Generic;
using System.Web;
using System.Linq;
using Autofac;
using EMIS.Utility;
using EMIS.Utility.SSO;
using EMIS.ViewModel.Account;
using EMIS.Web.Controls;
using EMIS.CommonLogic.SystemServices;
using System.Web.Routing;
using EMIS.Web.Controllers;
using EMIS.CommonLogic.Students;
namespace System
{
///
/// 表示需要用户登录才可以使用的特性
/// 如果不需要处理用户登录,则请指定AllowAnonymousAttribute属性
///
[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = true)]
public class AuthorizationAttribute : AuthorizeAttribute, IAuthorizationFilter
{
public void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.HttpContext == null)
{
throw new Exception("此特性只适合于Web应用程序使用!");
}
else
{
var allowAnonymousType = filterContext.ActionDescriptor.GetCustomAttributes(typeof(AllowAnonymousAttribute), false).FirstOrDefault();
if (allowAnonymousType != null)
{
return;
}
FormsAuthenticationHelper fahelper = new FormsAuthenticationHelper();
//var noSSOAttribute = filterContext.ActionDescriptor.GetCustomAttributes(typeof(NoSSOAttribute), false)
// .FirstOrDefault();
var cookieName = EMIS.Utility.Const.LOCAL_SETTING_LOGIN_COOKIENAME;
var sessionUser = filterContext.HttpContext.Session["Remote_Login_User"]; //filterContext.HttpContext.Session["Remote_Login_User"];
if (filterContext.HttpContext.Request.Cookies[cookieName] == null && sessionUser != null)
{
filterContext.Controller.LoginSureccessful(new LogOnModel { UserName = sessionUser.ToString() }, sessionUser.ToString());
//filterContext.HttpContext.Session.Remove("Remote_Login_User");
}
fahelper.AuthenticateRequest(HttpContext.Current, cookieName, Const.LOCAL_AUTH_EXCEPTURL);
var userInfo = EMIS.Utility.FormValidate.CustomPrincipal.Current;
if (userInfo != null && userInfo.IsStudent)
{
using (var scope = AutofacHelper.Container.BeginLifetimeScope())
{
if (!filterContext.HttpContext.Request.Path.Contains("/Account/FinishInfomation")
&& !filterContext.HttpContext.Request.Path.Contains("/Home/Index")
&& !filterContext.HttpContext.Request.Path.Contains("/Common/")
&& !filterContext.HttpContext.Request.Path.Contains("/GetUserRoleDropdownList")
&& filterContext.HttpContext.Request.Path != "/"
&& !filterContext.HttpContext.Request.Path.Contains("/Account/LogOff"))
{
IStudentsServices studentsServices = scope.Resolve();
if (!studentsServices.CheckNecessary(userInfo.UserID))
{
filterContext.HttpContext.Response.RedirectPermanent("~/Account/FinishInfomation", true);
return;
}
}
IControlItemServices controlItemServices = scope.Resolve();
var menuNo = filterContext.HttpContext.Request["MNU"];
var needControlMenu = controlItemServices.GetNeedControlMenuNo();
if (needControlMenu.Any(x => x == menuNo))
{
try
{
controlItemServices.CheckControlItems(menuNo);
}
catch (Exception ex)
{
var currentRouteData = RouteTable.Routes.GetRouteData(filterContext.HttpContext);
var currentController = "";
var currentAction = "";
if (currentRouteData != null)
{
if (currentRouteData.Values["controller"] != null &&
!string.IsNullOrEmpty(currentRouteData.Values["controller"].ToString()))
{
currentController = currentRouteData.Values["controller"].ToString();
}
if (currentRouteData.Values["action"] != null &&
!string.IsNullOrEmpty(currentRouteData.Values["action"].ToString()))
{
currentAction = currentRouteData.Values["action"].ToString();
}
}
var controller = new CommonController();
var action = "MsgShow";
filterContext.HttpContext.ClearError();
filterContext.HttpContext.Response.Clear();
filterContext.HttpContext.Response.StatusCode = ex is HttpException ? ((HttpException)ex).GetHttpCode() : 500;
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
controller.ViewData.Model = new HandleErrorInfo(ex, currentController, currentAction);
filterContext.HttpContext.Response.Redirect("~/Common/MsgShow?url=" + filterContext.HttpContext.Server.UrlEncode("about:blank") + "&msg=" + filterContext.HttpContext.Server.UrlEncode(ex.Message), true);
//((IController)controller).Execute(new RequestContext(filterContext.HttpContext, routeData));
}
}
}
}
}
}
}
[AttributeUsage(AttributeTargets.Method, AllowMultiple = true)]
public class NoSSOAttribute : Attribute
{
}
}