越权修改
he
parent
e0eef44c8f
commit
92d1bbcb1a
|
|
@ -266,7 +266,7 @@ namespace IRaCIS.Api.Controllers
|
|||
|
||||
if (!await _userRepository.AnyAsync(t => t.Id == Guid.Parse(userId) && t.EmailToken == token && t.IsFirstAdd))
|
||||
{
|
||||
decodeUrl = errorUrl+ $"?ErrorMessage={System.Web.HttpUtility.UrlEncode("您的初始化链接已过期")} ";
|
||||
decodeUrl = errorUrl+ $"?ErrorMessage={System.Web.HttpUtility.UrlEncode("Error!The initialization link has expired. Return")} ";
|
||||
}
|
||||
|
||||
return Redirect(decodeUrl);
|
||||
|
|
|
|||
|
|
@ -175,6 +175,7 @@
|
|||
</ItemGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<Folder Include="Middleware\" />
|
||||
<Folder Include="Properties\PublishProfiles\" />
|
||||
</ItemGroup>
|
||||
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@ using IRaCIS.Core.Infra.EFCore.Common;
|
|||
using Invio.Extensions.Authentication.JwtBearer;
|
||||
using Microsoft.AspNetCore.SignalR;
|
||||
using IRaCIS.Core.Domain.Share;
|
||||
using IRaCIS.Core.API.Middleware;
|
||||
|
||||
namespace IRaCIS.Core.API
|
||||
{
|
||||
|
|
@ -45,6 +46,10 @@ namespace IRaCIS.Core.API
|
|||
{
|
||||
containerBuilder.RegisterModule<AutofacModuleSetup>();
|
||||
|
||||
|
||||
|
||||
|
||||
//containerBuilder.RegisterType<AuthenticationMiddleware>().AsSelf().InstancePerLifetimeScope();
|
||||
#region Test
|
||||
//containerBuilder.RegisterType<ClinicalDataService>().PropertiesAutowired().InstancePerLifetimeScope();//×¢²á²Ö´¢
|
||||
|
||||
|
|
@ -215,6 +220,8 @@ namespace IRaCIS.Core.API
|
|||
app.UseAuthentication();
|
||||
app.UseAuthorization();
|
||||
|
||||
app.UseMiddleware<AuthenticationMiddleware>();
|
||||
|
||||
app.UseEndpoints(endpoints =>
|
||||
{
|
||||
|
||||
|
|
|
|||
|
|
@ -15,6 +15,8 @@ using MediatR;
|
|||
using IRaCIS.Application.Services;
|
||||
using IRaCIS.Application.Interfaces;
|
||||
using AutoMapper;
|
||||
using Microsoft.AspNetCore.Builder.Extensions;
|
||||
using IRaCIS.Core.API.Middleware;
|
||||
|
||||
namespace IRaCIS.Core.API
|
||||
{
|
||||
|
|
@ -43,9 +45,9 @@ namespace IRaCIS.Core.API
|
|||
//获取所有控制器类型并使用属性注入
|
||||
containerBuilder.RegisterAssemblyTypes(typeof(BaseService).Assembly)
|
||||
.Where(type => typeof(IDynamicWebApi).IsAssignableFrom(type))
|
||||
.PropertiesAutowired();
|
||||
|
||||
.PropertiesAutowired();
|
||||
|
||||
//containerBuilder.RegisterType<AuthenticationMiddleware>().AsSelf().InstancePerLifetimeScope();
|
||||
|
||||
#endregion
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,79 @@
|
|||
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using System.Threading.Tasks;
|
||||
using IRaCIS.Core.Domain.Share;
|
||||
using IRaCIS.Application.Contracts;
|
||||
using Dicom.IO;
|
||||
using IRaCIS.Core.Infrastructure;
|
||||
using Newtonsoft.Json;
|
||||
|
||||
namespace IRaCIS.Core.API.Middleware
|
||||
{
|
||||
public class AuthenticationMiddleware
|
||||
{
|
||||
private readonly RequestDelegate _next;
|
||||
|
||||
private readonly IRepository<UserTypeMenu> _userTypeMenuRepository;
|
||||
|
||||
private readonly IUserInfo _userInfo;
|
||||
|
||||
public AuthenticationMiddleware(RequestDelegate next,
|
||||
IRepository<UserTypeMenu> userTypeMenuTypeRepository,
|
||||
IUserInfo userInfo)
|
||||
{
|
||||
_next = next;
|
||||
_userTypeMenuRepository = userTypeMenuTypeRepository;
|
||||
_userInfo = userInfo;
|
||||
|
||||
}
|
||||
|
||||
public async Task InvokeAsync(HttpContext context)
|
||||
{
|
||||
if (!await IsValidRequest(context))
|
||||
{
|
||||
context.Response.StatusCode = StatusCodes.Status409Conflict; ;
|
||||
context.Response.ContentType = "application/json";
|
||||
var msg = JsonConvert.SerializeObject(ResponseOutput.NotOk("You do not have permission"));
|
||||
Console.WriteLine(msg);
|
||||
await context.Response.WriteAsync(msg);
|
||||
await context.Response.Body.FlushAsync();
|
||||
context.Response.Body.Close();
|
||||
}
|
||||
else
|
||||
{
|
||||
await _next(context);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
private async Task<bool> IsValidRequest(HttpContext context)
|
||||
{
|
||||
var apiPathList =await _userTypeMenuRepository.Where(x => x.Menu.ApiPath != null && x.Menu.ApiPath != string.Empty)
|
||||
.Select(x => new MenuApi()
|
||||
{
|
||||
|
||||
UserTypeEnum = (int)x.UserType.UserTypeEnum,
|
||||
ApiPath = x.Menu.ApiPath,
|
||||
|
||||
}).ToListAsync();
|
||||
|
||||
apiPathList = apiPathList.Select(x => new MenuApi()
|
||||
{
|
||||
UserTypeEnum = x.UserTypeEnum,
|
||||
ApiPath = x.ApiPath.ToLower(),
|
||||
}).ToList();
|
||||
|
||||
if (_userInfo.UserTypeEnumInt != 0)
|
||||
{
|
||||
var url = _userInfo.RequestUrl.ToLower(); ;
|
||||
if (apiPathList.Any(x => x.ApiPath.Contains(url)) && !apiPathList.Any(x => x.ApiPath.Contains(url) && x.UserTypeEnum == _userInfo.UserTypeEnumInt))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -1,4 +1,6 @@
|
|||
namespace IRaCIS.Application.Contracts
|
||||
using IRaCIS.Core.Domain.Share;
|
||||
|
||||
namespace IRaCIS.Application.Contracts
|
||||
{
|
||||
public class MenuCommand
|
||||
{
|
||||
|
|
@ -99,4 +101,12 @@
|
|||
public bool IsSelect { get; set; }
|
||||
}
|
||||
|
||||
|
||||
public class MenuApi
|
||||
{
|
||||
public int UserTypeEnum { get; set; }
|
||||
|
||||
public string ApiPath { get; set; }
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue