public override void OnActionExecuting(ActionExecutingContext context)
{
bool isNoPermissionRequired = false;
//获取请求进来的控制器与方法
var controllerActionDescriptor = context.ActionDescriptor as ControllerActionDescriptor;
if (controllerActionDescriptor != null)
{
//判断请求的控制器有没有NoPermissionRequiredAttribute(不需要权限判断)
isNoPermissionRequired = controllerActionDescriptor.ControllerTypeInfo.IsDefined(typeof(NoPermissionRequiredAttribute), true);
if (!isNoPermissionRequired)
{
//判断请求的方法有没有NoPermissionRequiredAttribute
isNoPermissionRequired = controllerActionDescriptor.MethodInfo.IsDefined(typeof(NoPermissionRequiredAttribute), true);
}
}
//需要权限
if (isNoPermissionRequired)
{
return;
}
//auth success,do other things
base.OnActionExecuting(context);
}
public class NoPermissionRequiredAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext context)
{
base.OnActionExecuting(context);
}
}