20231205特殊接口不验证

2023-12-05 15:50:31 +08:00 · 2023-12-05 15:50:31 +08:00 · 3e70e209d6
parent ec842ca27f
commit 3e70e209d6
1 changed files with 21 additions and 16 deletions
--- a/SGGL/WebAPI/Filter/TestPermissionAttribute.cs
+++ b/SGGL/WebAPI/Filter/TestPermissionAttribute.cs
@ -25,7 +25,7 @@ namespace WebAPI.Filter
            {
                isOk = true;
            }
-
+            bool isWithOut = false;
            if (!isOk && token != null)
            {
                using (Model.SGGLDB db = new Model.SGGLDB(BLL.Funs.ConnString))
@ -34,29 +34,34 @@ namespace WebAPI.Filter
                    if (getUser != null)
                    {
                        isOk = true;
+                        isWithOut = true;
                    }
                }
            }
            // base.OnActionExecuting(actionContext);
            if (isOk)
-            { // 在调用 Action 方法之前执行的代码，可获取请求的接口名称和参数
-                IDictionary<string, object> arguments = actionContext.ActionArguments; // 获取参数
-                foreach (KeyValuePair<string, object> item in arguments)
+            {
+                if (!isWithOut)
                {
-                    if (item.Key == "projectid" || item.Key == "ProjectId" || item.Key == "projectId" || item.Key == "Projectid")
+                    // 在调用 Action 方法之前执行的代码，可获取请求的接口名称和参数
+                    IDictionary<string, object> arguments = actionContext.ActionArguments; // 获取参数
+                    foreach (KeyValuePair<string, object> item in arguments)
                    {
-                        var ProjectItems = APIProjectService.geProjectsByUserId(token.FirstOrDefault());
-                        List<string> projects = new List<string>();
-                        if (ProjectItems.Count > 0)
-                        {
-                            projects = ProjectItems.Select(x => x.ProjectId).ToList();
-                        }
-                        if (item.Value != null && !projects.Contains(item.Value.ToString()))
+                        if (item.Key == "projectid" || item.Key == "ProjectId" || item.Key == "projectId" || item.Key == "Projectid")
                        {
+                            var ProjectItems = APIProjectService.geProjectsByUserId(token.FirstOrDefault());
+                            List<string> projects = new List<string>();
+                            if (ProjectItems.Count > 0)
+                            {
+                                projects = ProjectItems.Select(x => x.ProjectId).ToList();
+                            }
+                            if (item.Value != null && !projects.Contains(item.Value.ToString()))
+                            {

-                            actionContext.Response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.OK,
-                                new { code = "0", message = "您没有该项目权限！" }, actionContext.ControllerContext.Configuration.Formatters.JsonFormatter);
-                            return;
+                                actionContext.Response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.OK,
+                                    new { code = "0", message = "您没有该项目权限！" }, actionContext.ControllerContext.Configuration.Formatters.JsonFormatter);
+                                return;
+                            }
                        }
                    }
                }
@ -72,7 +77,7 @@ namespace WebAPI.Filter
        /// <summary>
        /// 
        /// </summary>
-        public static List<string> lists = new List<string> { "User*postLoginOn" };
+        public static List<string> lists = new List<string> { "User*postLoginOn", "HazardRegister*getHazardRegisterCount", "HazardRegister*getHazardRegisterByProjectIdStates" };

        /// <summary>
        ///