add hangfire dashboard white ip address options

5 years ago · cf827f8e1c
3 changed files with 37 additions and 29 deletions
--- a/aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/AbpMessageServiceHttpApiHostModule.cs
+++ b/aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/AbpMessageServiceHttpApiHostModule.cs
@ -216,11 +216,20 @@ namespace LINGYUN.Abp.MessageService
            Configure<HangfireDashboardRouteOptions>(options =>
            {
                if (configuration.GetSection("Hangfire:Dashboard:WhiteList").Exists())
                {
                    options.WithWhite(
                        configuration["Hangfire:Dashboard:WhiteList"]
                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
                            .Select(o => o.RemovePostFix("/"))
                                .ToArray());
                }
                options.WithOrigins(
                    configuration["App:CorsOrigins"]
-                                .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                                .Select(o => o.RemovePostFix("/"))
+                        .Select(o => o.RemovePostFix("/"))
-                                .ToArray()
+                        .ToArray()
                    );
            });
--- a/aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/Authorization/HangfireDashboardAuthorizationFilter.cs
+++ b/aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/Authorization/HangfireDashboardAuthorizationFilter.cs
@ -20,12 +20,6 @@ namespace LINGYUN.Abp.MessageService.Authorization
        public bool Authorize([NotNull] DashboardContext context)
        {
            // 本地请求
            if (LocalRequestOnlyAuthorize(context))
            {
                return true;
            }
            // 放行路径
            if (AllowGrantPath.Contains(context.Request.Path))
            {
@ -37,6 +31,12 @@ namespace LINGYUN.Abp.MessageService.Authorization
            if (options != null)
            {
                // 白名单检查
                if (!context.Request.RemoteIpAddress.IsNullOrWhiteSpace() 
                    && options.IpAllow(context.Request.RemoteIpAddress))
                {
                    return true;
                }
                // 请求路径对应的权限检查
                // TODO: 怎么来传递用户身份令牌?
                var permission = options.GetPermission(context.Request.Path);
@ -69,25 +69,5 @@ namespace LINGYUN.Abp.MessageService.Authorization
            }
            return base.Equals(obj);
        }
        protected virtual bool LocalRequestOnlyAuthorize(DashboardContext context)
        {
            if (string.IsNullOrEmpty(context.Request.RemoteIpAddress))
            {
                return false;
            }
            if (context.Request.RemoteIpAddress == "127.0.0.1" || context.Request.RemoteIpAddress == "::1")
            {
                return true;
            }
            if (context.Request.RemoteIpAddress == context.Request.LocalIpAddress)
            {
                return true;
            }
            return false;
        }
    }
 }
--- a/aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/Hangfire/HangfireDashboardRouteOptions.cs
+++ b/aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/Hangfire/HangfireDashboardRouteOptions.cs
@ -1,4 +1,5 @@
 using LINGYUN.Abp.MessageService.Permissions;
 using System;
 using System.Collections.Generic;
 using System.Linq;
@ -7,12 +8,30 @@ namespace Hangfire
    public class HangfireDashboardRouteOptions
    {
        public IList<string> AllowFrameOrigins { get; }
        /// <summary>
        /// 白名单
        /// 添加网关地址
        /// </summary>
        public IList<string> WhiteList { get; }
        public IDictionary<string, string> RoutePermissions { get; }
        public HangfireDashboardRouteOptions()
        {
            WhiteList = new List<string>();
            AllowFrameOrigins = new List<string>();
            RoutePermissions = new Dictionary<string, string>();
            InitDefaultRoutes();
            WithWhite("127.0.0.1");
            WithWhite("::1");
        }
        public bool IpAllow(string ipaddress)
        {
            return WhiteList.Any(ip => ip == ipaddress);
        }
        public void WithWhite(params string[] wgites)
        {
            WhiteList.AddIfNotContains(wgites);
        }
        public void WithOrigins(params string[] origins)