lxl
/
LIOT


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134
							using System.Web.Mvc;
using System.Web.Security;
using Bowin.Common;
using System.Collections.Generic;
using System.Web;
using System.Linq;
using Autofac;
using EMIS.Utility;
using EMIS.Utility.SSO;
using EMIS.ViewModel.Account;
using EMIS.Web.Controls;
using EMIS.CommonLogic.SystemServices;
using System.Web.Routing;
using EMIS.Web.Controllers;
using EMIS.CommonLogic.Students;

namespace System
{
    /// <summary>
    /// 表示需要用户登录才可以使用的特性
    /// 如果不需要处理用户登录，则请指定AllowAnonymousAttribute属性
    /// </summary>
    [AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = true)]
    public class AuthorizationAttribute : AuthorizeAttribute, IAuthorizationFilter
    {
        public void OnAuthorization(AuthorizationContext filterContext)
        {
            if (filterContext.HttpContext == null)
            {
                throw new Exception("此特性只适合于Web应用程序使用！");
            }
            else
            {
                var allowAnonymousType = filterContext.ActionDescriptor.GetCustomAttributes(typeof(AllowAnonymousAttribute), false).FirstOrDefault();
                if (allowAnonymousType != null)
                {
                    return;
                }
                FormsAuthenticationHelper fahelper = new FormsAuthenticationHelper();
                //var noSSOAttribute = filterContext.ActionDescriptor.GetCustomAttributes(typeof(NoSSOAttribute), false)
                //    .FirstOrDefault();

                var cookieName = EMIS.Utility.Const.LOCAL_SETTING_LOGIN_COOKIENAME;
                var sessionUser = filterContext.HttpContext.Session["Remote_Login_User"]; //filterContext.HttpContext.Session["Remote_Login_User"];
                if (filterContext.HttpContext.Request.Cookies[cookieName] == null && sessionUser != null)
                {
                    filterContext.Controller.LoginSureccessful(new LogOnModel { UserName = sessionUser.ToString() }, sessionUser.ToString());
                    //filterContext.HttpContext.Session.Remove("Remote_Login_User");
                }

                fahelper.AuthenticateRequest(HttpContext.Current, cookieName, Const.LOCAL_AUTH_EXCEPTURL);

                var userInfo = EMIS.Utility.FormValidate.CustomPrincipal.Current;
                if (userInfo != null && userInfo.NeedChangePwd == true
                    && !filterContext.HttpContext.Request.Path.Contains("/Home/MainChangePwd")
                    && !filterContext.HttpContext.Request.Path.Contains("/Account/ChangePassword")
                    && !filterContext.HttpContext.Request.Path.Contains("/Account/Login")
                    && !filterContext.HttpContext.Request.Path.Contains("/Account/LogOff"))
                {
                    filterContext.HttpContext.Response.RedirectPermanent("~/Home/MainChangePwd", true);
                    return;
                }
                if (userInfo != null && userInfo.IsStudent)
                {
                    using (var scope = AutofacHelper.Container.BeginLifetimeScope())
                    {
                        if (!filterContext.HttpContext.Request.Path.Contains("/Account/FinishInfomation")
                            && !filterContext.HttpContext.Request.Path.Contains("/Home/MainChangePwd")
                            && !filterContext.HttpContext.Request.Path.Contains("/Account/ChangePassword")
                            && !filterContext.HttpContext.Request.Path.Contains("/Home/Index")
                            && !filterContext.HttpContext.Request.Path.Contains("/Common/")
                            && !filterContext.HttpContext.Request.Path.Contains("/GetUserRoleDropdownList")
                            && filterContext.HttpContext.Request.Path != "/"
                            && !filterContext.HttpContext.Request.Path.Contains("/Account/LogOff"))
                        {
                            IStudentsServices studentsServices = scope.Resolve<IStudentsServices>();

                            if (!studentsServices.CheckNecessary(userInfo.UserID))
                            {
                                filterContext.HttpContext.Response.RedirectPermanent("~/Account/FinishInfomation", true);
                                return;
                            }
                        }

                        IControlItemServices controlItemServices = scope.Resolve<IControlItemServices>();
                        var menuNo = filterContext.HttpContext.Request["MNU"];
                        var needControlMenu = controlItemServices.GetNeedControlMenuNo();
                        if (needControlMenu.Any(x => x == menuNo))
                        {
                            try
                            {
                                controlItemServices.CheckControlItems(menuNo);
                            }
                            catch (Exception ex)
                            {
                                var currentRouteData = RouteTable.Routes.GetRouteData(filterContext.HttpContext);
                                var currentController = "";
                                var currentAction = "";
                                if (currentRouteData != null)
                                {
                                    if (currentRouteData.Values["controller"] != null &&
                                    !string.IsNullOrEmpty(currentRouteData.Values["controller"].ToString()))
                                    {
                                        currentController = currentRouteData.Values["controller"].ToString();
                                    }
                                    if (currentRouteData.Values["action"] != null &&
                                    !string.IsNullOrEmpty(currentRouteData.Values["action"].ToString()))
                                    {
                                        currentAction = currentRouteData.Values["action"].ToString();
                                    }
                                }
                                var controller = new CommonController();
                                var action = "MsgShow";
                                filterContext.HttpContext.ClearError();
                                filterContext.HttpContext.Response.Clear();
                                filterContext.HttpContext.Response.StatusCode = ex is HttpException ? ((HttpException)ex).GetHttpCode() : 500;
                                filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
                                controller.ViewData.Model = new HandleErrorInfo(ex, currentController, currentAction);
                                filterContext.HttpContext.Response.Redirect("~/Common/MsgShow?url=" + filterContext.HttpContext.Server.UrlEncode("about:blank") + "&msg=" + filterContext.HttpContext.Server.UrlEncode(ex.Message), true);
                                //((IController)controller).Execute(new RequestContext(filterContext.HttpContext, routeData));
                            }
                        }
                    }
                }
            }
        }

    }

    [AttributeUsage(AttributeTargets.Method, AllowMultiple = true)]
    public class NoSSOAttribute : Attribute
    {
    }
}