1. Checkbox transfer value: Get the item data selected by the user through the Name attribute value, and it will be serialized into an array and passed
Background code:
Two, MVC5 permission verification AuthorizeAttribute
using Microsoft.Ajax.Utilities;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Helpers;
using System.Web.Management;
using System.Web.Mvc;
namespace RM_MVC._2020._10._21.Models
{
/// <summary>
/// 指定空明知其或Action的访问只限于满足授权的用户
/// </summary>
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)]
public class UserInfoAuthorizationAttribute : AuthorizeAttribute
{
public string loginUri {
get; set; }
//不同项目的登录Action 可能不一样
public UserInfoAuthorizationAttribute(string loginUrl = "~/UserInfo/Index")
{
this.loginUri = loginUrl;
}
/// <summary>
/// 认证校验
/// </summary>
/// <param name="filterContext"></param>
public override void OnAuthorization(AuthorizationContext filterContext)
{
//判断是否跳过授权过滤器
if (filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true)
|| filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true))
{
return;
}
else
{
if (filterContext.HttpContext.Session["CurrentUseInfo"] == null || !(filterContext.HttpContext.Session["CurrentUseInfo"] is Userinfo))
{
//如果是Ajax请求 返回Json数据
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
//filterContext.Result = new ContentResult() { Content = "NO-请登录" };
//返回son字符串
filterContext.Result = new JsonResult() {
JsonRequestBehavior = JsonRequestBehavior.AllowGet, Data = new {
msg = "请登录", code = 0 } };
}
//记住用户请求的URL,登陆成功以后自动跳转至该页面
filterContext.HttpContext.Session["FirstUrl"] = filterContext.HttpContext.Request.Url.AbsoluteUri;
//如果不是Ajax,就直接获取或设置由Action返回的结果(跳转页面)
filterContext.Result = new RedirectResult(this.loginUri);
}
else
{
//已有登录 略过不处理(日志。。)
return;
}
}
//base.OnAuthorization(filterContext);
}
}
}
Usage: class action Global:
1. Login (Login) controller or Action does not require authentication, use the AllowAnonymous feature to ignore authentication
2. It is not enough to just mark the feature label. You need to add judgment when you authenticate.
3. In this way, the user will not cause an endless loop (infinite redirection) when requesting the login page,
Three, Error custom global filter:
Usage: class action global:
△: What exception information can be captured by the custom exception handler?
1. Action is abnormal and not caught
2. Action calls Servicec service exception (abnormal throw transfer)
3. Action is normal, View view is abnormal
4. Permission verification is abnormal (Authorization)
△: What exception information can't be captured by the custom exception handler?
1. The controller constructor exception cannot be caught. (Filter is only available after the controller is constructed)
2. Name error when accessing Action (related to Route, not related to MVC handler)
△: How to solve these missing fish? To achieve a combination that can fully capture exceptions?
Register the Application_Error() event in the Global file-global exception handling event function
Four, Action filter:
Extension: Action filters can also be implemented using the Controller base class
Five, filter (execution order) and change method
If an Action is applied with Action filtering, Class filtering, and global filtering at the same time, the
default execution order is from outside to inside -> from inside to outside.
Change the order ----> Use the higher the Order attribute value to trigger the filtering event first
[ActionFilterAttribute(order = 15 )]
[ControllerFilterAttribute(order = 50 )]
[OverallFilterAttribute(order = 5 )]
Six, Action (execution order) abnormal capture picture
