//----------------------------------------------------------------------
public static IList GetTopicAdminCmds(User user, ForumBoard board, MvcContext ctx)
{
IList results = new ArrayList();
// 1、获取用户的角色
SecurityTool tool = ForumSecurityService.GetSecurityTool(board, ctx);
IList actions = tool.GetActionsByRole(user.Role);
addAdminActionsToResults(actions, results);
// 2、获取用户的等级
if (user.RankId > 0)
{
actions = tool.GetActionsByRole(user.Rank);
addAdminActionsToResults(actions, results);
}
// 3、owner的角色
if (ctx.owner.obj.GetType() != typeof(Site))
{
IRole roleInOwner = ctx.owner.obj.GetUserRole(user);
actions = tool.GetActionsByRole(roleInOwner);
addAdminActionsToResults(actions, results);
}
// 3、版主
ModeratorService moderatorService = new ModeratorService();
if (moderatorService.IsModerator(board, user))
{
IList moderatorActions = tool.GetActionsByRole(ForumRole.Moderator);
addAdminActionsToResults(moderatorActions, results);
}
return(results);
}
private static Boolean hasAction(ISecurity objSecurity, MvcContext ctx)
{
// 未提供权限配置的页面通过
if (objSecurity == null)
{
return(true);
}
SecurityTool securityTool = ForumSecurityService.GetSecurityTool(objSecurity, ctx); // objSecurity.SecurityTool;
// 不需要权限管理的页面通过
if (securityTool.IsForbiddenAction(ctx.route.getControllerAndActionPath()) == false)
{
return(true);
}
// 空页面——通过
String currentPath = ctx.url.Path;
if (strUtil.IsNullOrEmpty(currentPath))
{
return(true);
}
// 编辑权限例外:用户可以编辑自己的帖子
// 只要系统角色,或论坛角色之一具有权限,则用户具有权限(当用户具有多重身份之时)
// 1、获取用户的角色
//系统角色
SiteRole role = ((User)ctx.viewer.obj).Role;
IList actions = securityTool.GetActionsByRole(role);
if (hasAction_private(actions, ctx))
{
return(true);
}
// 2、获取用户在特定owner中的角色
if (ctx.owner.obj.GetType() != typeof(Site))
{
IRole roleInOwner = ctx.owner.obj.GetUserRole(ctx.viewer.obj);
IList ownerRoleActions = securityTool.GetActionsByRole(roleInOwner);
if (hasAction_private(ownerRoleActions, ctx))
{
return(true);
}
}
// 3、获取用户的等级
SiteRank rank = ((User)ctx.viewer.obj).Rank;
if (rank.Id > 0)
{
actions = securityTool.GetActionsByRole(rank);
if (hasAction_private(actions, ctx))
{
return(true);
}
}
// 4、是否在论坛担任角色
if (objSecurity is ForumBoard)
{
ModeratorService moderatorService = new ModeratorService();
if (moderatorService.IsModerator(objSecurity as ForumBoard, (User)ctx.viewer.obj))
{
IList moderatorActions = securityTool.GetActionsByRole(ForumRole.Moderator);
if (hasAction_private(moderatorActions, ctx))
{
return(true);
}
}
}
return(false);
}