private string[] GetRolesBarList(MasterMember entity, SiteEntities siteEntities) { IList <string> list = new List <string>(); foreach (SiteOperations operation in Enum.GetValues(typeof(SiteOperations))) { if (operation == SiteOperations.None) { continue; } if (ACUtility.CheckAuthorization(entity, (int)siteEntities, (int)operation)) { list.Add(((int)operation).ToString()); } } if (list.Count > 0) { return(list.ToArray()); } else { return(new string[] { }); } }
public override void OnActionExecuting(ActionExecutingContext context) { SessionHelper sessionHelper = new SessionHelper(); if (sessionHelper.LoginUser != null) { context.Controller.ViewData["AllowRead"] = ACUtility.CheckAuthorization(sessionHelper.LoginUser, AppFunction, SiteOperations.Read); context.Controller.ViewData["AllowCreate"] = ACUtility.CheckAuthorization(sessionHelper.LoginUser, AppFunction, SiteOperations.Create); context.Controller.ViewData["AllowEdit"] = ACUtility.CheckAuthorization(sessionHelper.LoginUser, AppFunction, SiteOperations.Edit); context.Controller.ViewData["AllowDelete"] = ACUtility.CheckAuthorization(sessionHelper.LoginUser, AppFunction, SiteOperations.Delete); } context.Controller.ViewData["ControllerName"] = ControllerName; }
/// <summary> /// 覆寫AuthorizeAttribute類別的AuthorizeCore方法 /// </summary> /// <param name="httpContext"></param> /// <returns></returns> protected override bool AuthorizeCore(HttpContextBase httpContext) { SessionHelper sessionHelper = new SessionHelper(); if (!httpContext.Request.IsAuthenticated) { return(false); } if (sessionHelper.LoginUser == null) { return(false); } //// 必須通過功能權限檢核 //// 從Sigleton機制取LoginUser,防止後台更新權限後,已登入使用的人不會異動到權限 return(ACUtility.CheckAuthorization(LoginUserContainer.GetInstance().GetUser(sessionHelper.LoginUser.Account), (int)AppFunction, (int)Operation)); }
public void Test_MasterMember() { //新增 MasterMember masterMember = m_FTISService.MakeMasterMember(); masterMember.Account = "dadaTest"; masterMember.Password = "******"; masterMember.RegDate = DateTime.Now; masterMember.Memo = "memo"; masterMember.Status = "1"; masterMember.Tel = "12345678"; masterMember.Email = "*****@*****.**"; masterMember.Name = "dada12345"; foreach (AdminRole role in masterMember.AdminRoles) { int adminValue = 15; ////預設全部權限 ////特別幾個功能給不一樣的權限 if (role.AdminBar.AdminBarId.Equals((int)SiteEntities.AboutUs)) { adminValue = (int)SiteOperations.Read; } if (role.AdminBar.AdminBarId.Equals((int)SiteEntities.Activity)) { adminValue = (int)SiteOperations.Create; } if (role.AdminBar.AdminBarId.Equals((int)SiteEntities.Application)) { adminValue = (int)SiteOperations.Edit; } if (role.AdminBar.AdminBarId.Equals((int)SiteEntities.Download)) { adminValue = (int)SiteOperations.Delete; } role.AdminValue = adminValue; } m_FTISService.CreateMasterMember(masterMember); //查詢 IDictionary <string, string> conditions = new Dictionary <string, string>(); IList <MasterMember> adminList = m_FTISService.GetMasterMemberListNoLazy(conditions); Assert.AreEqual(9, adminList.Count); foreach (MasterMember admin in adminList) { foreach (AdminRole role in admin.AdminRoles) { int value = role.AdminValue; } } //檢查權限 try { Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.AboutUs, (int)SiteOperations.Read)); Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.AboutUs, (int)SiteOperations.Create)); Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.AboutUs, (int)SiteOperations.Edit)); Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.AboutUs, (int)SiteOperations.Delete)); Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Activity, (int)SiteOperations.Read)); Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Activity, (int)SiteOperations.Create)); Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Activity, (int)SiteOperations.Edit)); Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Activity, (int)SiteOperations.Delete)); Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Application, (int)SiteOperations.Read)); Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Application, (int)SiteOperations.Create)); Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Application, (int)SiteOperations.Edit)); Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Application, (int)SiteOperations.Delete)); Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Download, (int)SiteOperations.Read)); Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Download, (int)SiteOperations.Create)); Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Download, (int)SiteOperations.Edit)); Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Download, (int)SiteOperations.Delete)); Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Grade, (int)SiteOperations.Read)); Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.News, (int)SiteOperations.Create)); Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Question, (int)SiteOperations.Edit)); Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Season, (int)SiteOperations.Delete)); } catch (Exception ex) { Console.WriteLine(ex); } //刪除 m_FTISService.DeleteMasterMember(masterMember); }