private string[] GetRolesBarList(MasterMember entity, SiteEntities siteEntities)
{
IList <string> list = new List <string>();
foreach (SiteOperations operation in Enum.GetValues(typeof(SiteOperations)))
{
if (operation == SiteOperations.None)
{
continue;
}
if (ACUtility.CheckAuthorization(entity, (int)siteEntities, (int)operation))
{
list.Add(((int)operation).ToString());
}
}
if (list.Count > 0)
{
return(list.ToArray());
}
else
{
return(new string[] { });
}
}
public override void OnActionExecuting(ActionExecutingContext context)
{
SessionHelper sessionHelper = new SessionHelper();
if (sessionHelper.LoginUser != null)
{
context.Controller.ViewData["AllowRead"] = ACUtility.CheckAuthorization(sessionHelper.LoginUser, AppFunction, SiteOperations.Read);
context.Controller.ViewData["AllowCreate"] = ACUtility.CheckAuthorization(sessionHelper.LoginUser, AppFunction, SiteOperations.Create);
context.Controller.ViewData["AllowEdit"] = ACUtility.CheckAuthorization(sessionHelper.LoginUser, AppFunction, SiteOperations.Edit);
context.Controller.ViewData["AllowDelete"] = ACUtility.CheckAuthorization(sessionHelper.LoginUser, AppFunction, SiteOperations.Delete);
}
context.Controller.ViewData["ControllerName"] = ControllerName;
}
/// <summary>
/// 覆寫AuthorizeAttribute類別的AuthorizeCore方法
/// </summary>
/// <param name="httpContext"></param>
/// <returns></returns>
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
SessionHelper sessionHelper = new SessionHelper();
if (!httpContext.Request.IsAuthenticated)
{
return(false);
}
if (sessionHelper.LoginUser == null)
{
return(false);
}
//// 必須通過功能權限檢核
//// 從Sigleton機制取LoginUser,防止後台更新權限後,已登入使用的人不會異動到權限
return(ACUtility.CheckAuthorization(LoginUserContainer.GetInstance().GetUser(sessionHelper.LoginUser.Account), (int)AppFunction, (int)Operation));
}
public void Test_MasterMember()
{
//新增
MasterMember masterMember = m_FTISService.MakeMasterMember();
masterMember.Account = "dadaTest";
masterMember.Password = "******";
masterMember.RegDate = DateTime.Now;
masterMember.Memo = "memo";
masterMember.Status = "1";
masterMember.Tel = "12345678";
masterMember.Email = "*****@*****.**";
masterMember.Name = "dada12345";
foreach (AdminRole role in masterMember.AdminRoles)
{
int adminValue = 15; ////預設全部權限
////特別幾個功能給不一樣的權限
if (role.AdminBar.AdminBarId.Equals((int)SiteEntities.AboutUs))
{
adminValue = (int)SiteOperations.Read;
}
if (role.AdminBar.AdminBarId.Equals((int)SiteEntities.Activity))
{
adminValue = (int)SiteOperations.Create;
}
if (role.AdminBar.AdminBarId.Equals((int)SiteEntities.Application))
{
adminValue = (int)SiteOperations.Edit;
}
if (role.AdminBar.AdminBarId.Equals((int)SiteEntities.Download))
{
adminValue = (int)SiteOperations.Delete;
}
role.AdminValue = adminValue;
}
m_FTISService.CreateMasterMember(masterMember);
//查詢
IDictionary <string, string> conditions = new Dictionary <string, string>();
IList <MasterMember> adminList = m_FTISService.GetMasterMemberListNoLazy(conditions);
Assert.AreEqual(9, adminList.Count);
foreach (MasterMember admin in adminList)
{
foreach (AdminRole role in admin.AdminRoles)
{
int value = role.AdminValue;
}
}
//檢查權限
try
{
Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.AboutUs, (int)SiteOperations.Read));
Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.AboutUs, (int)SiteOperations.Create));
Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.AboutUs, (int)SiteOperations.Edit));
Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.AboutUs, (int)SiteOperations.Delete));
Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Activity, (int)SiteOperations.Read));
Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Activity, (int)SiteOperations.Create));
Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Activity, (int)SiteOperations.Edit));
Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Activity, (int)SiteOperations.Delete));
Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Application, (int)SiteOperations.Read));
Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Application, (int)SiteOperations.Create));
Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Application, (int)SiteOperations.Edit));
Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Application, (int)SiteOperations.Delete));
Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Download, (int)SiteOperations.Read));
Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Download, (int)SiteOperations.Create));
Assert.IsFalse(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Download, (int)SiteOperations.Edit));
Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Download, (int)SiteOperations.Delete));
Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Grade, (int)SiteOperations.Read));
Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.News, (int)SiteOperations.Create));
Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Question, (int)SiteOperations.Edit));
Assert.IsTrue(ACUtility.CheckAuthorization(masterMember, (int)SiteEntities.Season, (int)SiteOperations.Delete));
}
catch (Exception ex)
{
Console.WriteLine(ex);
}
//刪除
m_FTISService.DeleteMasterMember(masterMember);
}
