通过HttpModule控制功能权限与异常处理

using System;
using System.Web;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace basic
{
/// <summary>
/// 页面权限控制
/// </summary>
class RequestFilterModule : IHttpModule
{
#region IHttpModule Members

/// <summary>
/// Implementation of <see cref="IHttpModule"/>
/// </summary>
/// <remarks>
/// Currently empty.  Nothing to really do, as I have no member variables.
/// </remarks>
public void Dispose()
{
}

public void Init(HttpApplication context)
{
context.BeginRequest += FilterRequest;
}

#endregion

private static void FilterRequest(object sender, EventArgs e)
{
StaffInfo staffInfo=LoginStaff.Instance.getStaffInfo();
if(!string.IsNullOrEmpty(staffInfo.staffNo))//用户已登录时执行
{
var app = (HttpApplication)sender;
if ((app == null) || (app.Context == null) || (app.Context.Items == null))
{
return;
}
var request = app.Context.Request;
string url = request.Url.AbsolutePath;
if ((url.Contains(".aspx") || url.Contains(".ashx")) && !url.Contains("login.ashx") && !url.Contains("default.aspx"))
{
//记录日志
Log4NetHelper.Log(Log4NetService.MsgLevel.Info, url, request.Url.PathAndQuery, request.RequestType);

bool flag=false;//标识用户是否拥有权限
if (staffInfo.funList.Exists(t => t.url == url))//遍历用户权限
flag = true;

if (!flag)
{
app.Context.Response.Write("权限不足");
app.Context.Response.End();
return;
}
}

}
}
}
}

using System;
using System.Web;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace basic
{
/// <summary>
/// 系统异常处理
/// </summary>
class ExceptionModule : IHttpModule
{
#region IHttpModule Members

/// <summary>
/// Implementation of <see cref="IHttpModule"/>
/// </summary>
/// <remarks>
/// Currently empty.  Nothing to really do, as I have no member variables.
/// </remarks>
public void Dispose()
{
}

public void Init(HttpApplication context)
{
context.Error += new EventHandler(OnErrorRequest);
}

#endregion

/// <summary>
/// Called when error handling is requested.
/// </summary>
/// <param name="s">The object with the error</param>
/// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param>
public void OnErrorRequest(object s, EventArgs e)
{
try
{
if (HttpContext.Current == null)
{
return;
}

HttpContext contxt = HttpContext.Current;
HttpServerUtility srver = contxt.Server;
HttpRequest request = contxt.Request;

Exception lastException = srver.GetLastError();

//HttpExceptions are logged elsewhere
if (!(lastException is HttpException))
{
var lex = new Exception("Unhandled Error: ", srver.GetLastError());
try
{
//记录日志
Log4NetHelper.Log(Log4NetService.MsgLevel.Error,"", "",lastException.Message);
}
catch (Exception ex)
{
Log4NetHelper.Log(Log4NetService.MsgLevel.Error, "", "", ex.Message);
}
}
}
catch (Exception exc)
{
//it is possible when terminating the request for the context not to exist
//in this case we just want to exit since there is nothing else we can do
Log4NetHelper.Log(Log4NetService.MsgLevel.Error, "", "", exc.Message);
}
}
}
}

<modules runAllManagedModulesForAllRequests="true">
<add name="RequestFilter" type="basic.RequestFilterModule, basic" preCondition="managedHandler" />
<add name="Exception" type="basic.ExceptionModule, basic" preCondition="managedHandler" />
</modules>