XCKJ
/
510k
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

越权修改

master
he 2024-12-06 16:12:18 +08:00
parent e0eef44c8f
commit 92d1bbcb1a
6 changed files with 103 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
IRaCIS.Core.API/Controllers/ExtraController.cs
View File

@ -266,7 +266,7 @@ namespace IRaCIS.Api.Controllers
if (!await _userRepository.AnyAsync(t => t.Id == Guid.Parse(userId) && t.EmailToken == token && t.IsFirstAdd)) if (!await _userRepository.AnyAsync(t => t.Id == Guid.Parse(userId) && t.EmailToken == token && t.IsFirstAdd))
{ {
decodeUrl = errorUrl+ $"?ErrorMessage={System.Web.HttpUtility.UrlEncode("")} "; decodeUrl = errorUrl+ $"?ErrorMessage={System.Web.HttpUtility.UrlEncode("ErrorThe initialization link has expired. Return")} ";
} }
return Redirect(decodeUrl); return Redirect(decodeUrl);

1
IRaCIS.Core.API/IRaCIS.Core.API.csproj
View File

@ -175,6 +175,7 @@
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<Folder Include="Middleware\" />
<Folder Include="Properties\PublishProfiles\" /> <Folder Include="Properties\PublishProfiles\" />
</ItemGroup> </ItemGroup>

7
IRaCIS.Core.API/Startup.cs
View File

@ -23,6 +23,7 @@ using IRaCIS.Core.Infra.EFCore.Common;
using Invio.Extensions.Authentication.JwtBearer; using Invio.Extensions.Authentication.JwtBearer;
using Microsoft.AspNetCore.SignalR; using Microsoft.AspNetCore.SignalR;
using IRaCIS.Core.Domain.Share; using IRaCIS.Core.Domain.Share;
using IRaCIS.Core.API.Middleware;
namespace IRaCIS.Core.API namespace IRaCIS.Core.API
{ {
@ -45,6 +46,10 @@ namespace IRaCIS.Core.API
{ {
containerBuilder.RegisterModule<AutofacModuleSetup>(); containerBuilder.RegisterModule<AutofacModuleSetup>();
//containerBuilder.RegisterType<AuthenticationMiddleware>().AsSelf().InstancePerLifetimeScope();
#region Test #region Test
//containerBuilder.RegisterType<ClinicalDataService>().PropertiesAutowired().InstancePerLifetimeScope();//×¢²á²Ö´¢ //containerBuilder.RegisterType<ClinicalDataService>().PropertiesAutowired().InstancePerLifetimeScope();//×¢²á²Ö´¢
@ -215,6 +220,8 @@ namespace IRaCIS.Core.API
app.UseAuthentication(); app.UseAuthentication();
app.UseAuthorization(); app.UseAuthorization();
app.UseMiddleware<AuthenticationMiddleware>();
app.UseEndpoints(endpoints => app.UseEndpoints(endpoints =>
{ {

6
IRaCIS.Core.API/_ServiceExtensions/AutofacModuleSetup.cs
View File

@ -15,6 +15,8 @@ using MediatR;
using IRaCIS.Application.Services; using IRaCIS.Application.Services;
using IRaCIS.Application.Interfaces; using IRaCIS.Application.Interfaces;
using AutoMapper; using AutoMapper;
using Microsoft.AspNetCore.Builder.Extensions;
using IRaCIS.Core.API.Middleware;
namespace IRaCIS.Core.API namespace IRaCIS.Core.API
{ {
@ -43,9 +45,9 @@ namespace IRaCIS.Core.API
//获取所有控制器类型并使用属性注入 //获取所有控制器类型并使用属性注入
containerBuilder.RegisterAssemblyTypes(typeof(BaseService).Assembly) containerBuilder.RegisterAssemblyTypes(typeof(BaseService).Assembly)
.Where(type => typeof(IDynamicWebApi).IsAssignableFrom(type)) .Where(type => typeof(IDynamicWebApi).IsAssignableFrom(type))
.PropertiesAutowired(); .PropertiesAutowired();
//containerBuilder.RegisterType<AuthenticationMiddleware>().AsSelf().InstancePerLifetimeScope();
#endregion #endregion

79
IRaCIS.Core.Application/Middleware/AuthenticationMiddleware.cs Normal file
View File

@ -0,0 +1,79 @@

using Microsoft.AspNetCore.Http;
using System.Threading.Tasks;
using IRaCIS.Core.Domain.Share;
using IRaCIS.Application.Contracts;
using Dicom.IO;
using IRaCIS.Core.Infrastructure;
using Newtonsoft.Json;
namespace IRaCIS.Core.API.Middleware
{
public class AuthenticationMiddleware
{
private readonly RequestDelegate _next;
private readonly IRepository<UserTypeMenu> _userTypeMenuRepository;
private readonly IUserInfo _userInfo;
public AuthenticationMiddleware(RequestDelegate next,
IRepository<UserTypeMenu> userTypeMenuTypeRepository,
IUserInfo userInfo)
{
_next = next;
_userTypeMenuRepository = userTypeMenuTypeRepository;
_userInfo = userInfo;
}
public async Task InvokeAsync(HttpContext context)
{
if (!await IsValidRequest(context))
{
context.Response.StatusCode = StatusCodes.Status409Conflict; ;
context.Response.ContentType = "application/json";
var msg = JsonConvert.SerializeObject(ResponseOutput.NotOk("You do not have permission"));
Console.WriteLine(msg);
await context.Response.WriteAsync(msg);
await context.Response.Body.FlushAsync();
context.Response.Body.Close();
}
else
{
await _next(context);
}
}
private async Task<bool> IsValidRequest(HttpContext context)
{
var apiPathList =await _userTypeMenuRepository.Where(x => x.Menu.ApiPath != null && x.Menu.ApiPath != string.Empty)
.Select(x => new MenuApi()
{
UserTypeEnum = (int)x.UserType.UserTypeEnum,
ApiPath = x.Menu.ApiPath,
}).ToListAsync();
apiPathList = apiPathList.Select(x => new MenuApi()
{
UserTypeEnum = x.UserTypeEnum,
ApiPath = x.ApiPath.ToLower(),
}).ToList();
if (_userInfo.UserTypeEnumInt != 0)
{
var url = _userInfo.RequestUrl.ToLower(); ;
if (apiPathList.Any(x => x.ApiPath.Contains(url)) && !apiPathList.Any(x => x.ApiPath.Contains(url) && x.UserTypeEnum == _userInfo.UserTypeEnumInt))
{
return false;
}
}
return true;
}
}
}

12
IRaCIS.Core.Application/Service/Management/DTO/MenuModel.cs
View File

@ -1,4 +1,6 @@
namespace IRaCIS.Application.Contracts using IRaCIS.Core.Domain.Share;
namespace IRaCIS.Application.Contracts
{ {
public class MenuCommand public class MenuCommand
{ {
@ -99,4 +101,12 @@
public bool IsSelect { get; set; } public bool IsSelect { get; set; }
} }
public class MenuApi
{
public int UserTypeEnum { get; set; }
public string ApiPath { get; set; }
}
} }