public void TestHasPerm()
{
try
{
PermissionService permService = new PermissionService();
string permName1 = Guid.NewGuid().ToString();
long permId1 = permService.AddPermission(permName1, permName1);
string permName2 = Guid.NewGuid().ToString();
long permId2 = permService.AddPermission(permName2, permName2);
RoleService roleService = new RoleService();
string roleName = Guid.NewGuid().ToString();
long roleId = roleService.AddNew(roleName);
string userPhone = "136138";
long userId = new AdminUserService().AddAdminUser("aaa", userPhone, "123", "*****@*****.**", null);
roleService.AddRoleIds(userId, new long[] { roleId });
permService.AddPermIds(roleId, new long[] { permId1 });
Assert.IsTrue(service.HasPermission(userId, permName1));
Assert.IsFalse(service.HasPermission(userId, permName2));
service.MarkDeleted(userId);
}
catch (DbEntityValidationException ex)
{
foreach (var item in ex.EntityValidationErrors.SelectMany(err => err.ValidationErrors))
{
Console.WriteLine(item.ErrorMessage);
}
}
}
public void TestUserRole()
{
//权限项1
string permName1 = Guid.NewGuid().ToString();
long permId1 = permissionService.AddPermission(permName1, permName1);
//权限项2
string permName2 = Guid.NewGuid().ToString();
long permId2 = permissionService.AddPermission(permName2, permName2);
//用户
string phoneNum = Guid.NewGuid().ToString().Substring(0, 11);
adminUserId = adminUserService.AddAdminUser("wangwu", phoneNum, "123", "*****@*****.**", null);
//角色1,2
string roleName1 = Guid.NewGuid().ToString();
string roleName2 = Guid.NewGuid().ToString();
long roleId1 = roleService.AddNew(roleName1);
long roleId2 = roleService.AddNew(roleName2);
//给角色1添加权限项1
permissionService.AddPermIds(roleId1, new long[] { permId1 });
//给角色2添加权限项2
permissionService.AddPermIds(roleId2, new long[] { permId2 });
//给用户adminuser添加角色1
roleService.AddRoleIds(adminUserId, new long[] { roleId1 });
Assert.IsTrue(adminUserService.HasPermission(adminUserId, permName1));
Assert.IsFalse(adminUserService.HasPermission(adminUserId, permName2));
roleService.UpdateRoleIds(adminUserId, new long[] { roleId2 });
Assert.IsFalse(adminUserService.HasPermission(adminUserId, permName1));
Assert.IsTrue(adminUserService.HasPermission(adminUserId, permName2));
CollectionAssert.AreEqual(roleService.GetByAdminUserId(adminUserId).Select(a => a.Id).ToArray(), new long[] { roleId2 });
}
public void TestUserRole()
{
string permName1 = Guid.NewGuid().ToString();
long permId1 = permService.AddPermission(permName1, permName1);
string permName2 = Guid.NewGuid().ToString();
long permId2 = permService.AddPermission(permName2, permName2);
string roleName1 = Guid.NewGuid().ToString();
long roleId1 = roleService.AddNew(roleName1);
string roleName2 = Guid.NewGuid().ToString();
long roleId2 = roleService.AddNew(roleName2);
string userPhone = "178158";
userId = userService.AddAdminUser("aaa", userPhone, "123", "*****@*****.**", null);
roleService.AddRoleIds(userId, new long[] { roleId1 });
permService.AddPermIds(roleId1, new long[] { permId1 });
Assert.IsTrue(userService.HasPermission(userId, permName1));
//Assert.IsFalse(userService.HasPermission(userId, permName2));
roleService.UpdateRoleIds(userId, new long[] { roleId2 });
Assert.IsFalse(userService.HasPermission(userId, permName1));
CollectionAssert.AreEqual(roleService.GetByAdminUserId(userId).Select(r => r.Id).ToArray(),
new long[] { roleId2 });
}
public void HasPermission()
{
PermissionService permissionService = new PermissionService();
//权限项1
string permName1 = Guid.NewGuid().ToString();
long permId1 = permissionService.AddPermission(permName1, permName1);
//权限项2
string permName2 = Guid.NewGuid().ToString();
long permId2 = permissionService.AddPermission(permName2, permName2);
//用户
string phoneNum = Guid.NewGuid().ToString().Substring(0, 11);
long adminUserId = adminUserService.AddAdminUser("李四", phoneNum, "123", "*****@*****.**", null);
//角色1,2
RoleService roleService = new RoleService();
string roleName1 = Guid.NewGuid().ToString();
string roleName2 = Guid.NewGuid().ToString();
long roleId1 = roleService.AddNew(roleName1);
long roleId2 = roleService.AddNew(roleName2);
//给角色1添加权限项1
permissionService.AddPermIds(roleId1, new long[] { permId1 });
//给用户adminuser添加角色1
roleService.AddRoleIds(adminUserId, new long[] { roleId1 });
Assert.IsTrue(adminUserService.HasPermission(adminUserId, permName1));
Assert.IsFalse(adminUserService.HasPermission(adminUserId, permName2));
}
public void TestHasPermission()
{
AdminUserService auService = new AdminUserService();
bool has = auService.HasPermission(11, "9ffbb0a8-566f-4449-a7ed-0a85d64d1c2c");
Assert.IsTrue(has);
bool has2 = auService.HasPermission(11, "3e1e8ff9-3c94-4b06-ad73-bdb3cbd447b2");
Assert.IsTrue(has2);
bool has3 = auService.HasPermission(11, "460abdd7-46be-463d-891a-998b47d95505");
Assert.IsFalse(has3);
}
public void PermissionTest()
{
PermissionService permService = new PermissionService();
AdminUserService userService = new AdminUserService();
RoleService roleService = new RoleService();
string roleName1 = Guid.NewGuid().ToString();
string permName1 = Guid.NewGuid().ToString();
long roleId1 = roleService.AddNew(roleName1);
long permId = permService.AddPermission(permName1, permName1);
string userPhone = "139138";
long userId = userService.AddAdminUser("Aaa", userPhone, "mima", "email", null);
roleService.AddRoleIds(userId, new long[] { roleId1 });
permService.AddPermIds(roleId1, new long[] { permId });
Assert.IsTrue(userService.HasPermission(userId, permName1));
Assert.IsFalse(userService.HasPermission(userId, "1"));
userService.MarkDeleted(userId);
}
public void TestHasPermission()
{
string permName1 = Guid.NewGuid().ToString();
long permId1 = psService.AddNew(permName1, permName1);
string permName2 = Guid.NewGuid().ToString();
long permId2= psService.AddNew(permName2, permName2);
string roleName = Guid.NewGuid().ToString();
long roleId = roleService.AddNew(roleName);
string phone = CommonHelper.GetCaptcha(11);
long uid = userService.AddAdminUser("abc", phone, "123456", "*****@*****.**", null);
roleService.AddRoleIds(uid, new long[] { roleId });
psService.AddPermissionIds(roleId, new long[] { permId1 });
psService.GetByRoleId(5);
psService.UpdatePermissionIds(roleId, new long[] { permId2 });
Assert.IsFalse(userService.HasPermission(uid, permName1));
Assert.IsTrue(userService.HasPermission(uid, permName2));
}
//public IAdminUserService userService { get; set; }
public void OnAuthorization(AuthorizationContext filterContext)
{
//获得当前要执行的Action上标注的CheckPermissionAttribute实例对象
CheckPermissionAttribute[] permAtts = (CheckPermissionAttribute[])filterContext.ActionDescriptor
.GetCustomAttributes(typeof(CheckPermissionAttribute), false);
if (permAtts.Length <= 0)//没有标注任何的CheckPermissionAttribute,因此也就不需要检查是否登录
{
return;//登录等这些不要求有用户登录的功能
}
//得到当前登录用户的id
long?userId = (long?)filterContext.HttpContext.Session["userid"];
if (userId == null)//连登录都没有,就不能访问
{
// filterContext.HttpContext.Response.Write("没有登录");
//filterContext.HttpContext.Response.Redirect();
//根据不同的请求,给予不同的返回格式。确保ajax请求,浏览器端也能收到json格式
//if (filterContext.HttpContext.Request.IsAjaxRequest())
//{
// AjaxResult ajaxResult = new AjaxResult();
// ajaxResult.Status = "redirect";
// ajaxResult.Data = "/User/Login";
// ajaxResult.ErrorMsg = "没有登录";
// filterContext.Result = new JsonNetResult { Data = ajaxResult };
//}
//else
//{
//}
filterContext.Result = new RedirectResult("~/User/Login");
//filterContext.Result = new ContentResult() { Content= "没有登录" };
return;
}
//由于ZSZAuthorizeFilter不是被autofac创建,因此不会自动进行属性的注入
//需要手动获取Service对象
AdminUserService userService = new AdminUserService();
//检查是否有权限
foreach (var permAtt in permAtts)
{
//判断当前登录用户是否具有permAtt.Permission权限
//(long)userId userId.Value
if (!userService.HasPermission(userId.Value, permAtt.Permission))
{
//只要碰到任何一个没有的权限,就禁止访问
//在IAuthorizationFilter里面,只要修改filterContext.Result
//那么真正的Action方法就不会执行了
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
AjaxResult ajaxResult = new AjaxResult();
ajaxResult.Status = "error";
ajaxResult.ErrorMsg = "没有权限" + permAtt.Permission;
filterContext.Result = new JsonNetResult {
Data = ajaxResult
};
}
else
{
filterContext.Result
= new ContentResult {
Content = "没有" + permAtt.Permission + "这个权限"
};
}
return;
}
}
}