public async Task <IActionResult> Update(string id) { IdentityRole role = await _roleManager.FindByIdAsync(id); List <AppUser> members = new List <AppUser>(); List <AppUser> nonMembers = new List <AppUser>(); AppUser loggedInUser = await _userManager.FindByIdAsync(HttpContext.Session.GetString("userid")); TempData["IsNotSuperAdmin"] = (!_userManager.IsInRoleAsync(loggedInUser, _config[new Role().SA]).Result) ? true : false; foreach (AppUser user in _userManager.Users) { var list = await _userManager.IsInRoleAsync(user, role.Name) ? members : nonMembers; list.Add(user); } RoleMembers item = new RoleMembers { Role = role, Members = members, NonMembers = nonMembers }; // Ensure that SuperAdmins have full access and that Admins can only set LimitedAdmin roles: if (_userManager.IsInRoleAsync(loggedInUser, _config[new Role().SA]).Result || (_userManager.IsInRoleAsync(loggedInUser, _config[new Role().A]).Result&& role.Name.Equals(_config[new Role().LA]))) { return(View(item)); } else { return(RedirectToAction("AccessDenied", "Account")); } }
private void Application_AuthenticateRequest(object sender, EventArgs e) { FormsAuthenticationTicket ticket = null; HttpApplication application = (HttpApplication)sender; HttpContext context = application.Context; if ((context.Request.Url.ToString().IndexOf("/Install/Default.aspx", StringComparison.OrdinalIgnoreCase) < 0) && (context.Request.Url.ToString().IndexOf("/Install/Upgrade.aspx", StringComparison.OrdinalIgnoreCase) < 0)) { //获取用于存储 Forms 身份验证票证的 Cookie 名称 string name = FormsAuthentication.FormsCookieName + "AdminCookie"; ticket = ExtractTicketFromCookie(context, name); if (ticket != null) { SlidingExpiration(context, ticket, name); AdminPrincipal principal = AdminPrincipal.CreatePrincipal(ticket); if (principal.Identity.IsAuthenticated) { principal.AdministratorInfo = Administrators.GetAdministratorByAdminName(principal.AdminName); //在这里获取管理员的权限列表 principal.Roles = RoleMembers.GetRoleIdListByAdminId(principal.AdministratorInfo.AdminId); PEContext.Current.Admin = principal; } } } }
protected void BtnConfirm_Click(object sender, EventArgs e) { if (this.Page.IsValid) { int roleId = BasePage.RequestInt32("RoleId"); string str = BasePage.RequestString("RoleName"); RoleMembers.AddMembersToRole(this.HdnBelongToRole.Value, roleId); AdminPage.WriteSuccessMsg("<li>成功保存了" + str + "角色的成员!</li>", "RoleManage.aspx"); } }
public async Task <IActionResult> RemoveFromRole(string id) { RoleMembers members = await UsersByRole(id); return(View(new EditUsersRole() { Users = members.Memebrs, Role = members.Role })); }
public async Task <IActionResult> AddToRole(string id) { RoleMembers nonMembers = await UsersByRole(id); return(View(new EditUsersRole() { Users = nonMembers.NonMembers, Role = nonMembers.Role })); }
private void ModifyAdmin() { AdministratorInfo administratorByAdminId = Administrators.GetAdministratorByAdminId(BasePage.RequestInt32("AdminId")); if (string.IsNullOrEmpty(this.TxtPassword.Text.Trim())) { administratorByAdminId.AdminPassword = this.ViewState["Password"].ToString(); } else { administratorByAdminId.AdminPassword = StringHelper.MD5(this.TxtPassword.Text); } if ((!administratorByAdminId.EnableModifyPassword && (administratorByAdminId.AdminPassword != this.ViewState["Password"].ToString())) && !PEContext.Current.Admin.IsSuperAdmin) { AdminPage.WriteErrMsg("没有修改密码的权限!"); } if (administratorByAdminId.AdminPassword != this.ViewState["Password"].ToString()) { administratorByAdminId.LastModifyPasswordTime = new DateTime?(DateTime.Now); } if (string.Compare(this.TxtUserName.Text.Trim(), this.ViewState["UserName"].ToString(), StringComparison.OrdinalIgnoreCase) != 0) { UserInfo usersByUserName = Users.GetUsersByUserName(this.TxtUserName.Text.Trim()); if (usersByUserName.IsNull) { AdminPage.WriteErrMsg("此前台用户名不存在!"); } if (!Administrators.GetAdministratorByUserName(usersByUserName.UserName).IsNull) { AdminPage.WriteErrMsg("此前台用户已经被添加为管理员了!"); } } administratorByAdminId.UserName = this.TxtUserName.Text.Trim(); administratorByAdminId.IsLock = this.ChkIsLock.Checked; administratorByAdminId.EnableModifyPassword = this.ChkEnableModifyPassword.Checked; administratorByAdminId.EnableMultiLogOn = this.ChkEnableMultiLogin.Checked; if (Administrators.Update(administratorByAdminId)) { if (this.RadPurview1.Checked) { RoleMembers.AddMemberToRoles(administratorByAdminId.AdminId, "0"); } else { RoleMembers.AddMemberToRoles(administratorByAdminId.AdminId, this.HdnBelongToRole.Value); } AdminPage.WriteSuccessMsg("修改管理员成功!", "AdministratorManage.aspx"); } else { AdminPage.WriteErrMsg("修改管理员失败!"); } }
public void NotBelongRoleDataBind(ListControl dropName, int roleId) { IList <AdministratorInfo> memberListNotInRole = RoleMembers.GetMemberListNotInRole(roleId); if (memberListNotInRole.Count > 0) { dropName.Items.Clear(); dropName.DataSource = memberListNotInRole; dropName.DataBind(); } else { dropName.Items.Clear(); } }
protected void BelongToRole(ListControl dropName, int roleId) { IList <AdministratorInfo> memberListByRoleId = RoleMembers.GetMemberListByRoleId(roleId); if (memberListByRoleId.Count > 0) { dropName.Items.Clear(); dropName.DataSource = memberListByRoleId; dropName.DataBind(); } else { dropName.Items.Clear(); } }
private void AddAdmin() { UserInfo usersByUserName = Users.GetUsersByUserName(this.TxtUserName.Text.Trim()); if (usersByUserName.IsNull) { AdminPage.WriteErrMsg("此前台用户名不存在!"); } AdministratorInfo adminInfo = new AdministratorInfo(); adminInfo.AdminName = this.TxtAdminName.Text.Trim(); adminInfo.UserName = this.TxtUserName.Text.Trim(); adminInfo.IsLock = this.ChkIsLock.Checked; adminInfo.EnableModifyPassword = this.ChkEnableModifyPassword.Checked; if (string.IsNullOrEmpty(this.TxtPassword.Text.Trim())) { AdminPage.WriteErrMsg("管理员密码不能为空"); } else { adminInfo.AdminPassword = StringHelper.MD5(this.TxtPassword.Text); } adminInfo.EnableMultiLogOn = this.ChkEnableMultiLogin.Checked; if (Administrators.IsExist(adminInfo.AdminName)) { AdminPage.WriteErrMsg("已经存在同样的管理员名!"); } if (!Administrators.GetAdministratorByUserName(usersByUserName.UserName).IsNull) { AdminPage.WriteErrMsg("此前台用户已经被添加为管理员了!"); } if (Administrators.Add(adminInfo)) { if (this.RadPurview1.Checked) { RoleMembers.AddMemberToRoles(adminInfo.AdminId, "0"); } else { RoleMembers.AddMemberToRoles(adminInfo.AdminId, this.HdnBelongToRole.Value); } AdminPage.WriteSuccessMsg("添加管理员成功!", "AdministratorManage.aspx"); } else { AdminPage.WriteErrMsg("添加管理员失败!"); } }
private void InitModify() { int adminId = BasePage.RequestInt32("AdminId"); AdministratorInfo administratorByAdminId = Administrators.GetAdministratorByAdminId(adminId); if (administratorByAdminId.IsNull) { AdminPage.WriteErrMsg("不存在此管理员"); } if (string.CompareOrdinal("," + RoleMembers.GetRoleIdListByAdminId(adminId) + ",", ",0,") == 0) { this.RadPurview1.Checked = true; this.RadPurview2.Checked = false; this.RolePurview.Style.Add("display", "none"); } this.TxtAdminName.Text = administratorByAdminId.AdminName; this.TxtUserName.Text = administratorByAdminId.UserName; this.ChkEnableMultiLogin.Checked = administratorByAdminId.EnableMultiLogOn; this.ViewState["AdminName"] = administratorByAdminId.AdminName; this.ViewState["UserName"] = administratorByAdminId.UserName; this.ChkEnableModifyPassword.Checked = administratorByAdminId.EnableModifyPassword; this.ChkIsLock.Checked = administratorByAdminId.IsLock; if (PEContext.Current.Admin.AdministratorInfo.AdminId == adminId) { this.ChkIsLock.Enabled = false; } this.TxtAdminName.Enabled = false; this.ViewState["Password"] = administratorByAdminId.AdminPassword; this.ValrUserPassword.Enabled = false; this.CompareValidator1.Enabled = false; this.TrPassword.Style.Add("display", "none"); this.LabTip.Text = "<font color=red>不修改密码请保持为空!</font>"; if (!administratorByAdminId.EnableModifyPassword && !PEContext.Current.Admin.IsSuperAdmin) { this.TxtPassword.Enabled = false; this.TxtPassword2.Enabled = false; this.LabTip.Visible = false; this.ChkEnableModifyPassword.Enabled = false; } }
protected void Egv_RowDataBound(object sender, GridViewRowEventArgs e) { if (e.Row.RowType == DataControlRowType.DataRow) { AdministratorInfo dataItem = (AdministratorInfo)e.Row.DataItem; Label label = (Label)e.Row.FindControl("LabEnableMultiLogin"); Label label2 = (Label)e.Row.FindControl("LabLastLoginTime"); Label label3 = (Label)e.Row.FindControl("LabIsLock"); LinkButton button = (LinkButton)e.Row.FindControl("LnkLock"); HyperLink link = (HyperLink)e.Row.FindControl("HypUserName"); Label label4 = (Label)e.Row.FindControl("LabRoleList"); ExtendedHyperLink link2 = (ExtendedHyperLink)e.Row.FindControl("LnkManageName"); Label label5 = (Label)e.Row.FindControl("LabLastModifyPasswordTime"); Label label6 = (Label)e.Row.FindControl("LabLastLoginIp"); Literal literal = (Literal)e.Row.FindControl("LtrRoleList"); label6.Text = dataItem.LastLogOnIP; if (!dataItem.LastModifyPasswordTime.HasValue) { label5.Text = "未修改过"; } else { label5.Text = dataItem.LastModifyPasswordTime.Value.ToString("yyyy-MM-dd HH:mm:ss"); } if (string.CompareOrdinal("," + RoleMembers.GetRoleIdListByAdminId(dataItem.AdminId) + ",", ",0,") == 0) { link2.Text = dataItem.AdminName; link2.NavigateUrl = "Administrator.aspx?Action=Modify&AdminId=" + dataItem.AdminId; link2.BeginTag = "<strong><font color=\"blue\">"; link2.EndTag = "</font></strong>"; } else { link2.Text = dataItem.AdminName; link2.NavigateUrl = "Administrator.aspx?Action=Modify&AdminId=" + dataItem.AdminId; } string[] strArray = dataItem.RoleList.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries); if (strArray.Length > 1) { label4.Text = strArray[0]; literal.Text = ",<span style=\"cursor:pointer;\" Title='" + dataItem.RoleList.Replace(strArray[0] + ",", "") + "' >[更多]</span>"; } else { label4.Text = dataItem.RoleList; } link.Text = dataItem.UserName; link.NavigateUrl = "UserShow.aspx?UserName="******"允许"; } else { label.Text = "<font color=\"red\">不允许</font>"; } if (dataItem.IsLock) { label3.Text = "<font color=\"red\">已锁定</font>"; button.Text = "解锁"; } else { label3.Text = "<font color=\"blue\">正常</font>"; button.Text = "锁定"; } if (dataItem.LastLogOnTime.HasValue) { label2.Text = dataItem.LastLogOnTime.Value.ToString("yyyy-MM-dd HH:mm:ss"); } if (PEContext.Current.Admin.AdministratorInfo.AdminId == dataItem.AdminId) { ((LinkButton)e.Row.FindControl("LnkLock")).Enabled = false; ((LinkButton)e.Row.FindControl("LnkDelete")).Enabled = false; } } }