/// <summary> /// 控制器权限验证 /// </summary> /// <param name="AdminID">管理员编号</param> /// <param name="ControllerName">控制器名称</param> /// <param name="ActionName">Action名称</param> /// <param name="ResultInfo">返回信息</param> /// <returns></returns> public static bool ControllerAction(int? AdminID, string ControllerName, string ActionName, ref string ResultInfo) { var Result = false; //取控制器配置 using (var data = new DAL.YCOT_DataEntities()) { var acaModel = data.Auth_ControllerActions.FirstOrDefault(c => c.Name == ActionName && c.ControllerName == ControllerName && c.IsController == false); if (acaModel == null) { acaModel = data.Auth_ControllerActions.FirstOrDefault(c => c.Name == ControllerName && c.IsController == true); if (acaModel == null) { ResultInfo = "当前Action不受权限系统管理."; return true; } } if (acaModel.IsAllowedNoneRoles.Value) { ResultInfo = "当前Action允许匿名用户访问."; return true; } if (!AdminID.HasValue) { ResultInfo = "当前Action不允许匿名用户访问."; return false; } if (acaModel.IsAllowedAllRoles.Value) { ResultInfo = "当前Action允许所有用户访问."; return true; } //开始接口权限 //1.1 检查拒绝权限 if (acaModel.Auth_AdminControllerAction.Any(c => c.AdminID == AdminID && c.IsRefuse == true)) { ResultInfo = "当前Action拒绝该用户访问."; return false; } //1.2 检查组拒绝权限 // 得到用户所属组 //var aarList = data.Auth_AdminRole.Where(c=>c.AdminID == AdminID); var acarList = from aar in data.Auth_AdminRole join acar in data.Auth_ControllerActionRole on aar.RoleID equals acar.RoleID where aar.AdminID == AdminID && acar.ControllerActionID == acaModel.ID select acar; if (acarList.Any(c => c.IsRefuse.Value == false)) { ResultInfo = "当前Action拒绝该用户组访问."; return false; } //1.3 允许组 if (acarList.Any(c => c.IsRefuse.Value == true)) { ResultInfo = "当前Action允许该用户组访问."; return true; } //1.4 允许用户 if (acaModel.Auth_AdminControllerAction.Any(c => c.AdminID == AdminID && c.IsRefuse == false)) { ResultInfo = "当前Action允许该用户访问."; return true; } } ResultInfo = "当前Action没有该用户的权限设置"; return Result; }
public static bool ControllerActionByUserName(string UserName, string ControllerName, string ActionName, ref string ResultInfo) { var Result = false; if (string.IsNullOrWhiteSpace(UserName)) { Result = ControllerAction(null, ControllerName, ActionName, ref ResultInfo); } else { using (var data = new DAL.YCOT_DataEntities()) { var userModel = data.Admins.FirstOrDefault(c => c.UserName == UserName); if (userModel != null) { return ControllerAction(userModel.id, ControllerName, ActionName, ref ResultInfo); } else { ResultInfo = "当前用户不存在."; } } } return Result; }