Initial_commit_SecMPS_v2

2026-05-15 23:22:48 +08:00
commit 23ea4fe05f
13830 changed files with 298675 additions and 0 deletions
--- a/api_sqlsugar/VolPro.Core/Generic/GenericBaseController.cs
+++ b/api_sqlsugar/VolPro.Core/Generic/GenericBaseController.cs
@@ -0,0 +1,138 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+using Microsoft.AspNetCore.Mvc.Controllers;
+using System.Linq;
+using VolPro.Core.Controllers.Basic;
+using VolPro.Core.Filters;
+using VolPro.Core.UserManager;
+using VolPro.Entity.DomainModels;
+using VolPro.Core.ManageUser;
+using VolPro.Core.Enums;
+using VolPro.Core.Utilities;
+using Microsoft.AspNetCore.Mvc.Authorization;
+using System.Reflection;
+using VolPro.Core.Extensions;
+
+namespace VolPro.Core.Generic
+{
+    [JWTAuthorize, ApiController]
+    public class GenericBaseController : VolController
+    {
+        public GenericBaseController() { }
+        public override void OnActionExecuting(ActionExecutingContext context)
+        {
+            GenericTableAsyncLocal.Clear();
+            string TableName = null;
+            if (context.ActionArguments?.Count > 0)
+            {
+                foreach (var argument in context.ActionArguments.Values.Where(argument => argument != null))
+                {
+
+                    var argumentType = argument.GetType();
+                    if (argumentType == typeof(PageDataOptions)|| argumentType == typeof(SaveModel))
+                    {
+                        var tableNameProperty = argumentType.GetProperty("TableName");
+                        if (tableNameProperty != null)
+                        {
+                            TableName = tableNameProperty.GetValue(argument)?.ToString();
+                        }
+                    }
+                }
+            }
+
+            WebResponseContent webResponse = new();
+            if (string.IsNullOrEmpty(TableName))
+            {
+                TableName = HttpContext.Request.Query["tableName"];
+            }
+            if (string.IsNullOrEmpty(TableName))
+            {
+                context.Result = GetResult(context, "缺少参数table,请检查代码生成器生器Sys_TableInfo、Sys_TableColumn是否有当前表配置，或菜单设置的表名是否正确");
+                return;
+            }
+            var list = TableColumnContext.TableInfo
+            .Where(x => x.TableName == TableName).ToList();
+            if (list.Count == 0)
+            {
+                context.Result = GetResult(context, $"未找到表【{TableName}】 配置信息,请检查代码生成器配置是否存在当前表");
+                context.Result = Json(webResponse);
+                return;
+            }
+            if (list.Count > 1)
+            {
+                context.Result = GetResult(context, $"表【{TableName}】 存在多个配置信息,请检查代码生成器配置是否重复");
+                return;
+            }
+
+            GenericTableAsyncLocal.CurrentTableName = TableName;
+            if (context.Filters.Any(item => item is IAllowAnonymousFilter))
+            {
+                base.OnActionExecuting(context);
+                return;
+            }
+            if (UserContext.Current.IsSuperAdmin)
+            {
+                base.OnActionExecuting(context);
+                return;
+            }
+
+            string[] currentActionPermissionNames = [];
+            if (!(context.ActionDescriptor is ControllerActionDescriptor controllerActionDescriptor))
+            {
+                base.OnActionExecuting(context);
+                return;
+            }
+            CustomAttributeData attrData = controllerActionDescriptor.MethodInfo
+                    .CustomAttributes
+                    .FirstOrDefault(a => a.AttributeType == typeof(ApiActionPermissionAttribute))
+                ?? controllerActionDescriptor.ControllerTypeInfo
+                    .CustomAttributes
+                    .FirstOrDefault(a => a.AttributeType == typeof(ApiActionPermissionAttribute));
+
+            if (attrData == null)
+            {
+                base.OnActionExecuting(context);
+                return;
+            }
+            ActionPermissionOptions currentActionPermission = default;
+            foreach (var arg in attrData.ConstructorArguments)
+            {
+                if (arg.ArgumentType == typeof(ActionPermissionOptions) && arg.Value != null)
+                {
+                    currentActionPermission = (ActionPermissionOptions)arg.Value;
+                    break;
+                }
+            }
+            if (Equals(currentActionPermission, default(ActionPermissionOptions)))
+            {
+                base.OnActionExecuting(context);
+                return;
+            }
+            //ActionPermissionFilter.cs中统一验证权限
+            //var names = new List<string>();
+            //foreach (ActionPermissionOptions option in Enum.GetValues(typeof(ActionPermissionOptions)))
+            //{
+            //    if (option == 0) continue;
+            //    if (currentActionPermission.HasFlag(option))
+            //    {
+            //        names.Add(option.ToString());
+            //    }
+            //}
+            //currentActionPermissionNames = names.ToArray();
+            //var hasActionAuth = UserContext.Current.Permissions
+            //    .Where(x => x.TableName == TableName.ToLower())
+            //    .Any(c => c.UserAuthArr != null && currentActionPermissionNames.Any(action => c.UserAuthArr.Contains(action)));
+
+            //if (!hasActionAuth)
+            //{
+            //    context.Result = GetResult(context, "没有权限操作");
+            //    return;
+            //}
+            base.OnActionExecuting(context);
+        }
+        private IActionResult GetResult(ActionExecutingContext context, string message)
+        {
+            return Json(new { status = false, message });
+        }
+    }
+}