Beispiel #1
0
        public ActionResult SetUserAction(int uId)
        {
            UserInfo userInfo = UserInfoBll.GetById(uId);

            ViewBag.UserInfo       = userInfo;
            ViewBag.UserActionInfo = userInfo.UserActionInfo.ToList();
            ViewData.Model         = ActionInfoBll.GetList(a => a.IsDeleted == 0, a => a.ActionTitle).ToList();
            return(View());
        }
Beispiel #2
0
        public ActionResult CheckExist(string aName)
        {
            string result = "no";
            var    temp   = ActionInfoBll.GetList <int>(a => (a.IsDeleted == 0) && (a.ActionTitle == aName)).FirstOrDefault();

            if (temp == null)
            {
                result = "ok";
            }
            return(Content(result));
        }
Beispiel #3
0
 public ActionResult SetRoleAction(int rId)
 {
     ViewBag.RoleInfo = RoleInfoBll.GetById(rId);
     ViewData.Model   = ActionInfoBll.GetList(a => a.IsDeleted == 0, a => a.ActionTitle).ToList();
     return(View());
 }
Beispiel #4
0
        //首页
        public ActionResult Index()
        {
            #region 查找待办事项信息并放在ViewData中
            List <QuickEntryViewModel> ltEntry = new List <QuickEntryViewModel>();
            ViewBag.CurrentUser = UserLogin.UserName;
            var aSteps     = WFStepBll.GetList(s => (s.NextId == UserLogin.UserId) && s.IsEnd == 0, s => s.StepId);
            var aInstances = from s in aSteps
                             select s.WFInstance;
            AddEntryViewToList(ltEntry, aInstances);
            var rInstances = WFInstanceBll.GetList(i => (i.SubBy == UserLogin.UserId) && (i.InstanceState == 1), i => i.InstanceId);
            AddEntryViewToList(ltEntry, rInstances);
            ViewData["Entry"] = ltEntry;
            #endregion

            #region 主菜单过滤
            //准备目标集合
            List <MenuViewModel> listMenu = new List <MenuViewModel>();
            //获取所有的桌面菜单
            List <ActionInfo> aList = ActionInfoBll.GetList(a => a.IsDeleted == 0 && a.IsMenu == 1, a => a.ActionTitle).ToList();
            //获取当前登录的用户的对象
            UserInfo userInfo = UserInfoBll.GetById(UserLogin.UserId);
            //遍历所有桌面菜单,逐个判断是否有权限
            foreach (var actionInfo in aList)
            {
                //根据当前数据,构造一个菜单对象
                MenuViewModel menu = new MenuViewModel()
                {
                    ActionTitle    = actionInfo.ActionTitle,
                    ControllerName = actionInfo.ControllerName,
                    ActionName     = actionInfo.ActionName,
                    MenuIcon       = actionInfo.MenuIcon
                };
                //查找否决中是否允许,如果允许,直接加入目标集合
                if (UserActionInfoBll.GetList <int>(ua =>
                                                    (ua.ActionId == actionInfo.ActionId) &&
                                                    (ua.UserId == UserLogin.UserId) &&
                                                    (ua.IsAllow == 1)).Count() > 0)
                {
                    listMenu.Add(menu);
                    continue;
                }

                //如果否决没有允许,则查找角色-权限过程
                var raList = from r in userInfo.RoleInfo
                             from a in r.ActionInfo
                             where a.ActionId == actionInfo.ActionId
                             select a;
                if (raList.Count() > 0)
                {
                    listMenu.Add(menu);
                }

                //排除拒绝的特殊权限
                var forbidList = from ua in userInfo.UserActionInfo
                                 where ua.ActionId == actionInfo.ActionId
                                 &&
                                 ua.IsAllow == 0
                                 select ua;
                if (forbidList.Count() > 0)
                {
                    listMenu.Remove(menu);
                }
            }
            #endregion

            return(View(listMenu));
        }
Beispiel #5
0
        //行为前过滤
        protected override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            base.OnActionExecuting(filterContext);
            #region 验证是否有访问权限
            ////留个后门,给管理方便,发布时删除
            //if (UserLogin.UserName.Equals("admin123"))
            //{
            //    return;
            //}

            //获取用户以及要访问的url
            UserInfo userInfo       = UserInfoBll.GetById(UserLogin.UserId);
            string   controllerName = RouteData.GetRequiredString("controller");
            string   actionName     = RouteData.GetRequiredString("action");
            if (actionName == "CheckExist" || actionName == "GetSelect" || actionName == "CheckPwdRight")
            {
                //默认所有人都有验证字段名是否存在、获取下拉列表数据和判断密码是否正确的权限
                return;
            }
            ActionInfo actionInfo = ActionInfoBll.GetList <int>(a =>
                                                                (a.ControllerName.ToLower().Equals(controllerName.ToLower()))
                                                                &&
                                                                (a.ActionName.ToLower().Equals(actionName.ToLower()))
                                                                &&
                                                                a.IsDeleted == 0)
                                    .FirstOrDefault();
            if (actionInfo == null)
            {
                //访问url有误
                filterContext.Result = new RedirectResult("/Error.html");
                return;
            }

            //查询否决,看有无数据
            UserActionInfo userActionInfo = UserActionInfoBll.GetList <int>(ua =>
                                                                            (ua.UserId == userInfo.UserId)
                                                                            &&
                                                                            (ua.ActionId == actionInfo.ActionId)).FirstOrDefault();
            if (userActionInfo != null)
            {
                //否决表中有数据
                if (userActionInfo.IsAllow == 1)
                {
                    //允许
                    return;
                }
                else
                {
                    //拒绝,跳转到无权限页面
                    filterContext.Result = new RedirectResult("/NoAccess.html");
                }
            }
            else
            {
                //否决表中无数据,则通过用户找角色,通过角色找权限
                var result = from r in userInfo.RoleInfo
                             from a in r.ActionInfo
                             where a.ActionId == actionInfo.ActionId
                             select a;
                if (result.Count() > 0)
                {
                    //有权限
                    return;
                }
                else
                {
                    //无权限,跳转到无权限页面
                    filterContext.Result = new RedirectResult("/NoAccess.html");
                }
            }
            #endregion
        }