public class CommonController : Controller
{
protected override void OnAuthorization(AuthorizationContext filterContext)
{
var controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
var actionName = filterContext.ActionDescriptor.ActionName;
if (this.GetUserAuthorize(this.HttpContext.User.Identity.Name, controllerName, actionName))
{
base.OnAuthorization(filterContext);
}
else
{
const string ViewName = "~/Views/Account/Login.cshtml";
var vr = new ViewResult { ViewName = ViewName };
filterContext.Result = vr;
}
}
private bool GetUserAuthorize(string userId,string controllerName,string actionName)
{
if (string.IsNullOrEmpty(userId))
{
return false;
}
//访问数据库中相关的用户、角色、功能权限等表看是否具有访问此action的权限
//有返回true,否则false
return true;
}