using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc.Filters; using Microsoft.AspNetCore.Mvc.Controllers; using System.Linq; using VolPro.Core.Controllers.Basic; using VolPro.Core.Filters; using VolPro.Core.UserManager; using VolPro.Entity.DomainModels; using VolPro.Core.ManageUser; using VolPro.Core.Enums; using VolPro.Core.Utilities; using Microsoft.AspNetCore.Mvc.Authorization; using System.Reflection; using VolPro.Core.Extensions; namespace VolPro.Core.Generic { [JWTAuthorize, ApiController] public class GenericBaseController : VolController { public GenericBaseController() { } public override void OnActionExecuting(ActionExecutingContext context) { GenericTableAsyncLocal.Clear(); string TableName = null; if (context.ActionArguments?.Count > 0) { foreach (var argument in context.ActionArguments.Values.Where(argument => argument != null)) { var argumentType = argument.GetType(); if (argumentType == typeof(PageDataOptions)|| argumentType == typeof(SaveModel)) { var tableNameProperty = argumentType.GetProperty("TableName"); if (tableNameProperty != null) { TableName = tableNameProperty.GetValue(argument)?.ToString(); } } } } WebResponseContent webResponse = new(); if (string.IsNullOrEmpty(TableName)) { TableName = HttpContext.Request.Query["tableName"]; } if (string.IsNullOrEmpty(TableName)) { context.Result = GetResult(context, "缺少参数table,请检查代码生成器生器Sys_TableInfo、Sys_TableColumn是否有当前表配置,或菜单设置的表名是否正确"); return; } var list = TableColumnContext.TableInfo .Where(x => x.TableName == TableName).ToList(); if (list.Count == 0) { context.Result = GetResult(context, $"未找到表【{TableName}】 配置信息,请检查代码生成器配置是否存在当前表"); context.Result = Json(webResponse); return; } if (list.Count > 1) { context.Result = GetResult(context, $"表【{TableName}】 存在多个配置信息,请检查代码生成器配置是否重复"); return; } GenericTableAsyncLocal.CurrentTableName = TableName; if (context.Filters.Any(item => item is IAllowAnonymousFilter)) { base.OnActionExecuting(context); return; } if (UserContext.Current.IsSuperAdmin) { base.OnActionExecuting(context); return; } string[] currentActionPermissionNames = []; if (!(context.ActionDescriptor is ControllerActionDescriptor controllerActionDescriptor)) { base.OnActionExecuting(context); return; } CustomAttributeData attrData = controllerActionDescriptor.MethodInfo .CustomAttributes .FirstOrDefault(a => a.AttributeType == typeof(ApiActionPermissionAttribute)) ?? controllerActionDescriptor.ControllerTypeInfo .CustomAttributes .FirstOrDefault(a => a.AttributeType == typeof(ApiActionPermissionAttribute)); if (attrData == null) { base.OnActionExecuting(context); return; } ActionPermissionOptions currentActionPermission = default; foreach (var arg in attrData.ConstructorArguments) { if (arg.ArgumentType == typeof(ActionPermissionOptions) && arg.Value != null) { currentActionPermission = (ActionPermissionOptions)arg.Value; break; } } if (Equals(currentActionPermission, default(ActionPermissionOptions))) { base.OnActionExecuting(context); return; } //ActionPermissionFilter.cs中统一验证权限 //var names = new List(); //foreach (ActionPermissionOptions option in Enum.GetValues(typeof(ActionPermissionOptions))) //{ // if (option == 0) continue; // if (currentActionPermission.HasFlag(option)) // { // names.Add(option.ToString()); // } //} //currentActionPermissionNames = names.ToArray(); //var hasActionAuth = UserContext.Current.Permissions // .Where(x => x.TableName == TableName.ToLower()) // .Any(c => c.UserAuthArr != null && currentActionPermissionNames.Any(action => c.UserAuthArr.Contains(action))); //if (!hasActionAuth) //{ // context.Result = GetResult(context, "没有权限操作"); // return; //} base.OnActionExecuting(context); } private IActionResult GetResult(ActionExecutingContext context, string message) { return Json(new { status = false, message }); } } }