From fd963a634442d11265a55d50ad284627795f7c8e Mon Sep 17 00:00:00 2001
From: chenhaozhe <cgz@hz-kingdee.com>
Date: 星期一, 30 三月 2026 09:14:26 +0800
Subject: [PATCH] JWT 鉴权方式修改 改为在 控制器或者Action上加标签控制 是否 启用鉴权
---
WebAPI/Service/JwtAuthorizeAttribute.cs | 68 ++++++++++++++++++++++++----------
1 files changed, 48 insertions(+), 20 deletions(-)
diff --git a/WebAPI/Service/JwtAuthorizeAttribute.cs b/WebAPI/Service/JwtAuthorizeAttribute.cs
index 816eae0..7e773e5 100644
--- a/WebAPI/Service/JwtAuthorizeAttribute.cs
+++ b/WebAPI/Service/JwtAuthorizeAttribute.cs
@@ -2,6 +2,7 @@
using System.Linq;
using System.Net;
using System.Net.Http;
+using System.Reflection;
using System.Security.Claims;
using System.Threading;
using System.Threading.Tasks;
@@ -52,28 +53,55 @@
return;
}
- // 楠岃瘉鏄惁鎷ユ湁璁块棶妯″潡鐨勬潈闄�
- // 鏈変袱绉嶅垽鏂柟寮� 涓�绉嶆槸閫氳繃瑙掕壊鍘诲垽鏂紝涓�绉嶆槸閫氳繃鐢ㄦ埛鍘诲垽鏂� 鐩墠鏆傛椂涓嶅仛鍖哄垎锛屽悗缁彲澧炲姞绯荤粺鍙傛暟鏉ヨ繘琛屽尯鍒�
- //string HModName = actionContext.Request.Headers.GetValues("x-hmodname")?.FirstOrDefault();
- // if (!string.IsNullOrWhiteSpace(HModName)) // 濡傛灉娌℃湁閰嶇疆妯$粍鍚嶅瓧娈碉紝鍒欓粯璁や负涓嶉渶瑕侀壌鏉�
- // {
- // //var operateAttr = actionContext.ActionDescriptor
- // //.GetCustomAttributes<ModOperateAttribute>()
- // //.FirstOrDefault();
- // //if(!string.IsNullOrWhiteSpace(operateAttr.Operate))
- // //{
- // //HModName += operateAttr.Operate;
- // //}
- // if (!DBUtility.ClsPub.Security_Log(HModName, 1, false, JWTHelper.getUserName(token)))
- // {
- // HandleForbidden(actionContext);
- // return;
- // }
- // }
-
-
// 璁剧疆鐢ㄦ埛
actionContext.RequestContext.Principal = principal;
+
+ // 楠岃瘉鏄惁鎷ユ湁璁块棶妯″潡鐨勬潈闄�
+ // 鏈変袱绉嶅垽鏂柟寮� 涓�绉嶆槸閫氳繃瑙掕壊鍘诲垽鏂紝涓�绉嶆槸閫氳繃鐢ㄦ埛鍘诲垽鏂� 鐩墠鏆傛椂涓嶅仛鍖哄垎锛屽悗缁彲澧炲姞绯荤粺鍙傛暟鏉ヨ繘琛屽尯鍒�
+ // 鑾峰彇鎺у埗鍣ㄦ弿杩板櫒
+ HttpControllerDescriptor controllerDescriptor = actionContext.ControllerContext.ControllerDescriptor;
+ // //鑾峰彇鎺у埗鍣ㄧ被鍨�
+ Type controllerType = controllerDescriptor.ControllerType;
+ // // 鑾峰彇鎺у埗鍣ㄧ骇鍒爣绛�
+ var controllerAttr = controllerType.GetCustomAttribute<PermissionAttribute>();
+ //
+ var actionAttr = actionContext.ActionDescriptor
+ .GetCustomAttributes<PermissionAttribute>()
+ .FirstOrDefault();
+
+ string PermissionStr = string.Empty;
+ // 鍒ゆ柇鎺у埗鍣ㄧ骇鍒笂鏄惁鍚敤浜嗛壌鏉冩爣绛�
+ if(controllerAttr != null && !string.IsNullOrWhiteSpace(controllerAttr.HModName))
+ {
+ PermissionStr += controllerAttr.HModName;
+
+ // 鏌ョ湅鏄惁闇�瑕佹洿缁嗙矑搴︾殑鎺у埗
+ if(actionAttr != null && !string.IsNullOrWhiteSpace(actionAttr.Operate))
+ {
+ // 璇ュ姩浣滃搴旂殑妯″潡鍚嶅拰鎺у埗鍣ㄥ悕鏄惁涓嶄竴鑷�
+ if (string.IsNullOrWhiteSpace(actionAttr.HModName))
+ {
+ PermissionStr = actionAttr.HModName + actionAttr.Operate;
+ }
+ else
+ {
+ PermissionStr += actionAttr.Operate;
+ }
+
+ }
+
+ if(!string.IsNullOrWhiteSpace(PermissionStr))
+ {
+ if (!DBUtility.ClsPub.Security_Log(PermissionStr, 1, false, JWTHelper.getUserName(token)))
+ {
+ HandleForbidden(actionContext);
+ return;
+ }
+ }
+
+ }
+
+
}
catch (Exception e)
{
--
Gitblit v1.9.1