protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (CurrentUser.IsAdmin)
{
return(true);
}
try
{
CurrentUser user = CurrentUser.GetCurrentUser();
// 得所有配置的权限
var permissions = ActionPermission.GetAllPermission();
bool validating = true;
// 只有已配置的权限才是需要验证的权限,否则不验证
if (permissions.ExistsPermissions(areaName, controllerName, actionName))
{
validating = user.Permissions.ExistsPermissions(areaName, controllerName, actionName);
}
}
catch
{
return(false);
}
//return validating;
return(true);
}
public IViewComponentResult Invoke(string permissionId, bool enabled = true)
{
var dbRecord = _context.ApplicationAction_ApplicationPermission.Include(i => i.ApplicationAction).
Where(p => p.ApplicationPermissionId == permissionId).
Select(o => new ApplicationAction_ApplicationPermission
{
ApplicationAction = o.ApplicationAction,
AccessType = o.AccessType,
ApplicationActionId = o.ApplicationActionId
}).ToList();
var actionModels = _mapper.Map <List <ApplicationAction>, List <ApplicationActionModel> >(dbRecord.Select(p => p.ApplicationAction).ToList());
foreach (var item in actionModels)
{
item.AccessType = dbRecord.Where(c => c.ApplicationActionId == item.Id).Select(s => s.AccessType).FirstOrDefault();
}
ActionPermission actionPermission = new ActionPermission
{
PermissinId = permissionId,
Actions = actionModels
};
ViewData["enabled"] = enabled;
return(View(actionPermission));
}
public ActionResult ResetCache()
{
ActionPermission.ResetCache();
return(this.JsonFormat(new ExtResult {
success = true
}));
}
public ActionResult SaveModule(IMS_UP_MK module)
{
Func <ExtResult> saveFun = () =>
{
if (string.IsNullOrEmpty(module.QY))
{
module.URL = Url.Action(module.HDMC, module.KZMC);
}
else
{
module.URL = Url.Action(module.HDMC, module.KZMC, new { area = module.QY });
}
dalModule.SaveOrUpdate(module);
var parentModule = dalModule.GetEntityByModuleID(module.FMKID);
long pid = -1;
if (parentModule != null)
{
pid = parentModule.ID;
}
ActionPermission.ResetCache();
var ret = new ExtResult();
ret.success = true;
ret.id = pid;
ret.parentid = module.FMKID;
return(ret);
};
return(base.Save(saveFun));
}
private static void Method07()
{
var types = Assembly.Load("Mes.Demo.Web").GetTypes();
var result = new List<ActionPermission>();
foreach (var type in types)
{
// ReSharper disable once PossibleNullReferenceException
if (type.BaseType.Name == "AdminBaseController")//如果是Controller
{
var members = type.GetMethods();
foreach (var member in members)
{
if (member.ReturnType.Name == "ActionResult")//如果是Action
{
var ap = new ActionPermission();
ap.ActionName = member.Name;
Debug.Assert(member.DeclaringType != null, "member.DeclaringType != null");
ap.ControllerName = member.DeclaringType.Name.Substring(0, member.DeclaringType.Name.Length - 10); // 去掉“Controller”后缀
object[] attrs = member.GetCustomAttributes(typeof(System.ComponentModel.DescriptionAttribute), true);
if (attrs.Length > 0)
ap.Description = (attrs[0] as System.ComponentModel.DescriptionAttribute).Description;
result.Add(ap);
}
}
}
}
Console.ReadKey();
}
public Form2()
{
InitializeComponent();
User[] user = ReadXml();
ListViewItem item;
if (user != null)
{
for (int i = 0; i < user.Length; i++)
{
var ip = user[i].ip;
item = new ListViewItem(new string[] { Convert.ToString(i), ip });
var permissions = new ActionPermission();
permissions.value1 = user[i].rights[0];
permissions.value2 = user[i].rights[1];
permissions.value3 = user[i].rights[2];
permissions.value4 = user[i].rights[3];
permissions.value5 = user[i].rights[4];
permissions.value6 = user[i].rights[5];
permissions.value7 = user[i].rights[6];
permissions.value8 = user[i].rights[7];
Permissions.Add(ip, permissions);
item.Tag = permissions;
listView1.Items.Add(item);
}
}
}
public void addip(string ip)
{
var id = listView1.Items.Count;
ListViewItem item = new ListViewItem(new string[] { Convert.ToString(id), ip });
var permisions = new ActionPermission();
item.Tag = permisions;
listView1.Items.Add(item);
this.Permissions.Add(ip, permisions);
showPermissions(permisions);
}
public virtual ActionResult GetPermissionFunction(string actionName)
{
//ViewContext.RouteData.DataTokens["area"].ToString().ToLower();
//ControllerContext.RouteData.DataTokens["area"]
var areaName = Convert.ToString(ControllerContext.RouteData.DataTokens["area"]);
var controllerName = this.RouteData.Values["controller"].ToString();
//var actionName = this.RouteData.Values["action"].ToString();
if (string.Equals(controllerName, "Account", StringComparison.CurrentCultureIgnoreCase))
{
return(JavaScript(""));
}
var user = CurrentUser.GetCurrentUser();
var userFunList = user.Permissions.GetFunctionList(areaName, controllerName, actionName);
if (userFunList == null)
{
userFunList = new List <Entities.TabelEntities.IMS_UP_MKGN>();
}
// 得所有配置的权限
var permissions = ActionPermission.GetAllPermission();
var allFunList = permissions.GetFunctionList(areaName, controllerName, actionName);
//var controlsDisabledDictionary = new Dictionary<string, bool>();
if (allFunList == null)
{
return(JavaScript(""));
}
StringBuilder scriptBuilder = new StringBuilder();
foreach (var fun in allFunList)
{
// 为true时禁用按钮。
var disabled = !userFunList.Exists(n => n.GNID == fun.GNID);
//controlsDisabledDictionary.Add(fun.KJID, disabled);
if (disabled)
{
scriptBuilder.AppendFormat("$('{0}').hide();\r\n", fun.KJID);
}
}
return(JavaScript(scriptBuilder.ToString()));
}
public void showPermissions(ActionPermission p)
{
checkBox1.Checked = p.value1;
checkBox2.Checked = p.value2;
checkBox3.Checked = p.value3;
checkBox4.Checked = p.value4;
checkBox5.Checked = p.value5;
checkBox6.Checked = p.value6;
checkBox7.Checked = p.value7;
checkBox8.Checked = p.value8;
}
public void VerifyPermission(ActionPermission actionPermission, User user)
{
try
{
if (user.Administrador)
{
return;
}
var function = user.UserFunctions.First(item => item.Controlador == controllerName);
switch (actionPermission)
{
case ActionPermission.Post:
{
if (!function.PermiteInserir)
{
throw new Exception();
}
break;
}
case ActionPermission.Put:
{
if (!function.PermiteEditar)
{
throw new Exception();
}
break;
}
case ActionPermission.Delete:
{
if (!function.PermiteExcluir)
{
throw new Exception();
}
break;
}
default: throw new Exception();
}
}
catch
{
throw new Exception("403 - Usuário não possui permissão para executar esta ação.");
}
}
public ActionResult SaveFunction(IMS_UP_MKGN module)
{
Func <ExtResult> saveFun = () =>
{
dalFunction.SaveOrUpdate(module);
ActionPermission.ResetCache();
ExtResult ret = new ExtResult();
ret.success = true;
return(ret);
};
return(base.Save(saveFun));
}
public async Task <IActionResult> AssociateAction(ActionPermission model)
{
foreach (var item in model.Actions.Where(m => m.Selected))
{
_context.Add(new ApplicationAction_ApplicationPermission
{
AccessType = Enums.AccessType.User,
ApplicationActionId = item.Id,
ApplicationPermissionId = model.PermissinId
});
}
await _context.SaveChangesAsync();
return(PartialView("_BootstrapModalAction", ActionPermissionModalAction(model.PermissinId)));
}
public IActionResult LookupActionRecord(string permissionId, string search = "")
{
var dbRecord = _context.ApplicationPermission.Include(p => p.ApplicationAction_ApplicationPermissions).SingleOrDefault(p => p.Id == permissionId);
ActionPermission model = new ActionPermission {
PermissinId = permissionId
};
if (dbRecord != null)
{
var listApplicationActions = dbRecord.ApplicationAction_ApplicationPermissions.Select(l => l.ApplicationActionId).ToList();
var actions = _context.ApplicationAction.Where(p => p.ApplicationAction_Id.Contains(search) && !listApplicationActions.Contains(p.Id)).ToList();
model.Actions = _mapper.Map <IList <ApplicationAction>, IList <ApplicationActionModel> >(actions).ToList();
}
return(PartialView("_ActionRecord", model));
}
public ActionResult RemoveModule(long id)
{
try
{
dalModule.Delete(id);
ActionPermission.ResetCache();
return(this.JsonFormat(new { success = true }));
}
catch (Exception ex)
{
return(this.JsonFormat(new ExtResult {
success = false, msg = ex.Message
}));
}
}
public void TestGetResourceId_ToString()
{
var argumentName = "id";
var resourceType = "type";
var permissionName = "name";
var actionPermission = new ActionPermission
{
ArgumentName = argumentName,
ResourceType = resourceType,
PermissionName = permissionName
};
var expectedString = String.Format("Permission Name: [{0}], Resource Type: [{1}], Action Argument: [{2}]", permissionName, resourceType, argumentName);
Assert.AreEqual(expectedString, actionPermission.ToString());
}
public ActionResult RemoveFunction(long id)
{
try
{
dalFunction.Delete(id);
ActionPermission.ResetCache();
return(Json(new ExtResult {
success = true
}));
}
catch (Exception ex)
{
return(Json(new ExtResult {
success = false, msg = ex.Message
}));
}
}
private IEnumerable <ActionPermission> GetAllActionByAssembly()
{
var result = new List <ActionPermission>();
var types = Assembly.Load("MvcApp").GetTypes();
foreach (var type in types)
{
if (type.BaseType == null)
{
continue;
}
if (!type.IsGenericType && type.BaseType.Name.Contains("BaseController"))//如果是Controller
{
var members = type.GetMethods();
foreach (var member in members)
{
if (member.ReturnType.Name == "ActionResult")//如果是Action
{
var ap = new ActionPermission();
ap.actionName = member.Name;
ap.controllerName = member.DeclaringType.Name.Substring(0, member.DeclaringType.Name.Length - 10); // 去掉“Controller”后缀
object[] attrs = member.GetCustomAttributes(typeof(System.ComponentModel.DescriptionAttribute), true);
if (attrs.Length > 0)
{
ap.description = (attrs[0] as System.ComponentModel.DescriptionAttribute).Description;
}
else
{
ap.description = "默认权限";
}
result.Add(ap);
}
}
}
}
return(result);
}
public void TestGetResourceId()
{
var value = 1;
var argumentName = "id";
var resourceType = "type";
var permissionName = "name";
var actionPermission = new ActionPermission
{
ArgumentName = argumentName,
ResourceType = resourceType,
PermissionName = permissionName
};
var dictionary = new Dictionary <string, object>
{
{ argumentName, value }
};
Assert.AreEqual(value, actionPermission.GetResourceId(dictionary));
}
public void TestGetResourceId_ValueIsNotAnInt()
{
var value = "S";
var argumentName = "id";
var resourceType = "type";
var permissionName = "name";
var actionPermission = new ActionPermission
{
ArgumentName = argumentName,
ResourceType = resourceType,
PermissionName = permissionName
};
var dictionary = new Dictionary <string, object>
{
{ argumentName, value }
};
actionPermission.Invoking(x => x.GetResourceId(dictionary))
.ShouldThrow <NotSupportedException>()
.WithMessage("The action argument must be an integer.");
}
public void TestGetResourceId_ActionArgumentIsInDictionary()
{
var value = 1;
var argumentName = "id";
var resourceType = "type";
var permissionName = "name";
var actionPermission = new ActionPermission
{
ArgumentName = argumentName,
ResourceType = resourceType,
PermissionName = permissionName
};
var dictionary = new Dictionary <string, object>
{
{ "abc", value }
};
var message = "The argument named [{0}] was not found in the given action arguments. "
+ "If you did not specify an argument name then the default argument name [{1}] is assumed. Either specify an argument name or refactor the argument name to the default.";
var expectedExceptionMessage = String.Format(message, argumentName, ResourceAuthorizeAttribute.DEFAULT_ID_ARGUMENT_NAME);
actionPermission.Invoking(x => x.GetResourceId(dictionary)).ShouldThrow <NotSupportedException>().WithMessage(expectedExceptionMessage);
}
public static List <ActionPermission> GetActionPermission()
{
List <ActionPermission> aps;
Type[] types;
aps = new List <ActionPermission>();
types = Assembly.Load("OnlineLearningSystem").GetTypes();
foreach (var type in types)
{
if (type.BaseType.Name == "OLSController")//如果是Controller
{
var members = type.GetMethods();
foreach (var member in members)
{
if (member.ReturnType.Name == "ActionResult" ||
member.ReturnType.Name == "JsonResult") //如果是Action
{
var ap = new ActionPermission();
ap.ActionName = member.Name;
ap.ControllerName = member.DeclaringType.Name.Substring(0, member.DeclaringType.Name.Length - 10); // 去掉“Controller”后缀
object[] attrs = member.GetCustomAttributes(typeof(System.ComponentModel.DescriptionAttribute), true);
if (attrs.Length > 0)
{
ap.Description = (attrs[0] as System.ComponentModel.DescriptionAttribute).Description;
aps.Add(ap);
}
}
}
}
}
return(aps);
}
public PartialViewResult _MenuPartial()
{
var menuList = new List <IMS_UP_MK>();
var rootModuleList = dalModule.GetRootModule();
if (rootModuleList == null)
{
return(PartialView(null));
}
var rootMenus = rootModuleList.OrderBy(n => n.PXID);
PermissionViewModule permissionModule = null;
if (CurrentUser.IsAdmin)
{
//dalPermission.GetAllEntites
permissionModule = ActionPermission.GetAllPermission();
}
else
{
if (!User.Identity.IsAuthenticated)
{
permissionModule = null;
}
else
{
var user = CurrentUser.GetCurrentUser();
permissionModule = user.Permissions;
}
}
if (permissionModule == null)
{
return(PartialView(menuList));
}
foreach (var m in rootMenus)
{
var perList = permissionModule.Modules.Where(n => n.FMKID == m.MKID).OrderBy(n => n.PXID);
//var userPermissionList = user.Permissions.Modules.Where(n => n.ParentID == m.ModuleID);
// 有子项菜单才需要显示
if (perList.Count() > 0)
{
menuList.Add(m);
menuList.AddRange(perList);
//foreach (var p in perList)
// menuList.Add(p);
}
//var x = dalModule.GetChildModuleList(m.ModuleID);
//menuList.AddRange(x);
}
foreach (var m in menuList)
{
// 根节点不需要url地址
if (m.FMKID == -1)
{
continue;
}
if (string.IsNullOrEmpty(m.QY))
{
m.URL = Url.Action(m.HDMC, m.KZMC);
}
else
{
m.URL = Url.Action(m.HDMC, m.KZMC, new { area = m.QY });
}
}
return(PartialView(menuList));
}
public bool CheckOwnership(ISecured secured, ActionPermission permission)
{
using (new TransactionScope(TransactionScopeOption.Suppress))
{
var c = new XODBC(ApplicationConnectionString,null);
var verified = new System.Data.Objects.ObjectParameter("verified", typeof(byte));
c.X_SP_GetSecuredRight(secured.OwnerContactID, secured.OwnerApplicationID, secured.OwnerTableType, secured.OwnerReferenceID, secured.OwnerField,
secured.CanRead || ((ActionPermission.Read & permission) == ActionPermission.Read)
, secured.CanCreate || ((ActionPermission.Create & permission) == ActionPermission.Create)
, secured.CanUpdate || ((ActionPermission.Update & permission) == ActionPermission.Update)
, secured.CanDelete || ((ActionPermission.Delete & permission) == ActionPermission.Delete)
, verified);
return (bool)verified.Value;
}
}
private static void Method07()
{
var types = Assembly.Load("Mes.Demo.Web").GetTypes();
var result = new List<ActionPermission>();
foreach (var type in types)
{
// ReSharper disable once PossibleNullReferenceException
if (type.BaseType.Name == "AdminBaseController")//如果是Controller
{
var members = type.GetMethods();
foreach (var member in members)
{
if (member.ReturnType.Name == "ActionResult")//如果是Action
{
var ap = new ActionPermission();
ap.ActionName = member.Name;
Debug.Assert(member.DeclaringType != null, "member.DeclaringType != null");
ap.ControllerName = member.DeclaringType.Name.Substring(0, member.DeclaringType.Name.Length - 10); // 去掉“Controller”后缀
object[] attrs = member.GetCustomAttributes(typeof(System.ComponentModel.DescriptionAttribute), true);
if (attrs.Length > 0)
ap.Description = (attrs[0] as System.ComponentModel.DescriptionAttribute).Description;
result.Add(ap);
}
}
}
}
Console.ReadKey();
}
