You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

LuPermissionMiddleware.cs 2.3KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253
  1. using System;
  2. using System.Reflection;
  3. using Luticate2.Auth.Attributes;
  4. using Luticate2.Auth.Interfaces.Permissions;
  5. using Luticate2.Auth.Interfaces.Users;
  6. using Luticate2.Utils.Controllers;
  7. using Luticate2.Utils.Dbo.Result;
  8. using Microsoft.AspNetCore.Mvc.Controllers;
  9. using Microsoft.AspNetCore.Mvc.Filters;
  10. using Microsoft.Extensions.DependencyInjection;
  11. namespace Luticate2.Auth.Middlewares
  12. {
  13. public class LuPermissionMiddleware : IActionFilter
  14. {
  15. private readonly IServiceProvider _serviceProvider;
  16. private readonly ILuPermissionsBusiness _luPermissionsBusiness;
  17. public LuPermissionMiddleware(IServiceProvider serviceProvider, ILuPermissionsBusiness luPermissionsBusiness)
  18. {
  19. _serviceProvider = serviceProvider;
  20. _luPermissionsBusiness = luPermissionsBusiness;
  21. }
  22. public void OnActionExecuting(ActionExecutingContext context)
  23. {
  24. var actionDescriptor = context.ActionDescriptor as ControllerActionDescriptor;
  25. if (actionDescriptor != null)
  26. {
  27. var attributes = actionDescriptor.MethodInfo.GetCustomAttributes<LuPermissionAttribute>();
  28. foreach (var attribute in attributes)
  29. {
  30. var srcAccessor = _serviceProvider.GetService(attribute.SrcEntityAccessor) as ILuAttrEntityAccessor;
  31. var dstAccessor = _serviceProvider.GetService(attribute.DstEntityAccessor) as ILuAttrEntityAccessor;
  32. var srcEntity = srcAccessor?.GetEntity(context, attribute.Id);
  33. var dstEntity = dstAccessor?.GetEntity(context, attribute.Id);
  34. var permissionValue = _luPermissionsBusiness.GetPermissionEffectiveValue(attribute.PermissionName,
  35. attribute.SrcEntityType, srcEntity, attribute.DstEntityType, dstEntity).ThrowIfNotSuccess();
  36. if (!permissionValue.Data)
  37. {
  38. var user = _serviceProvider.GetService<ILuLoggedUserAccessor>().GetLoggedUser();
  39. LuResult<object>.Error(LuStatus.PermissionError,$"user: {user?.Id} {user?.Username}",
  40. "Permission denied").Throw();
  41. }
  42. }
  43. }
  44. }
  45. public void OnActionExecuted(ActionExecutedContext context)
  46. {
  47. }
  48. }
  49. }