public ActionResult AddActionInfo(ActionInfo actionInfo) { if (!string.IsNullOrEmpty(actionInfo.ActionName) && !string.IsNullOrEmpty(actionInfo.Url) && !string.IsNullOrEmpty(Request["Sort"])) { int sort = 0; int.TryParse(Request["Sort"], out sort); short normal = (short)DelFlagEnum.Normal; actionInfo.Url = Request["Url"].ToLower(); actionInfo.Sort = sort; actionInfo.SubTime = DateTime.Now; actionInfo.ModfiedOn = DateTime.Now; actionInfo.DelFlag = normal; actionInfo.IsMenu = Request["isOrNo"] == "true" ? true : false; actionInfo.MenuIcon = Request["ImgSrc"]; ActionInfo action = ActionInfoService.Add(actionInfo); if (action != null) { return(Content("ok")); } } return(Content("no")); }
public ActionResult GetActionInfo() { short isActive = (short)EnumIsActive.ActiveLogical; int pageIndex = Request["page"] == null ? 1 : int.Parse(Request["page"]); int pageSize = Request["rows"] == null ? 5 : int.Parse(Request["rows"]); int total; var entities = ActionInfoService.LoadEntitiesByPage <int>(pageIndex, pageSize, out total, u => u.DelFlag == isActive, u => u.ID, true); var pageEntities = from u in entities select new { ID = u.ID, ActionInfoName = u.ActionInfoName, Remark = u.Remark, SubTime = u.SubTime, Url = u.Url, HttpMethod = u.HttpMethod, ActionTypeEnum = u.ActionTypeEnum, Sort = u.Sort }; return(Json(new { rows = pageEntities, total = total }, JsonRequestBehavior.AllowGet)); }
public ActionResult Delete(string ids) { if (string.IsNullOrEmpty(ids)) { return Content("异常的删除id提交"); } string[] strIds = ids.Split(','); List<int> idList = new List<int>(); foreach (var strId in strIds) { idList.Add(int.Parse(strId)); } // UserInfoService.DeleteList(idList); int res= ActionInfoService.DeleteList(idList); if (res > 0) { return Content("ok"); } else { return Content(""); } }
public ActionResult SetActionRoleInfo() { int RoleinfoId = int.Parse(Request["actionId"]); List <int> list = new List <int>(); string[] allkeys = Request.Form.AllKeys;//获取所有表单中Name属性的值 foreach (string key in allkeys) { if (key.StartsWith("cba_")) { string k = key.Replace("cba_", ""); list.Add(int.Parse(k)); } } if (ActionInfoService.SetActionRoleInfo(RoleinfoId, list)) { return(Content("ok")); } else { return(Content("no")); } }
public ActionResult AddActionInfo() { ActionInfo action = new ActionInfo(); action.ActionInfoName = Request["ActionInfoName"]; action.ActionTypeEnum = short.Parse(Request["ActionTypeEnum"]); action.Remark = Request["Remark"]; action.Sort = Request["Sort"]; action.MenuIcon = Request["MenuIcon"]; action.Url = Request["Url"]; action.HttpMethod = Request["HttpMethod"]; action.DelFlag = 0; action.SubTime = DateTime.Now; action.ModifiedOn = DateTime.Now.ToString(); if (ActionInfoService.AddEntity(action) != null) { return(Content("Y")); } else { return(Content("N")); } }
public ActionResult SetRole4Action() { int actionID = int.Parse(Request["ID"]); string[] roleIDS = Request.Form.AllKeys; List <int> roleIDList = new List <int>(); foreach (var item in roleIDS) { if (item.StartsWith("pe_")) { roleIDList.Add(int.Parse(item.Replace("pe_", ""))); } } if (ActionInfoService.SetRole4Action(actionID, roleIDList)) { return(Content("Y")); } else { return(Content("N")); } }
public ActionResult ShowEditInfo() { int id = int.Parse(Request["id"]); var roleInfo = ActionInfoService.LoadEntities(r => r.ID == id).FirstOrDefault(); Inventory_ActionInfo ai = new Inventory_ActionInfo(); ai.ActionInfoName = roleInfo.ActionInfoName; ai.Url = roleInfo.Url; ai.ID = roleInfo.ID; ai.HttpMethod = roleInfo.HttpMethod; ai.Sort = roleInfo.Sort; if (ai != null) { return(Content(Common.SerializerHelper.SerializeToString(new { serverData = ai, msg = "ok" }))); } else { return(Content(Common.SerializerHelper.SerializeToString(new { msg = "no" }))); } }
//设置权限角色 public ActionResult SetActionRole() { int actionId = Request["actionInfoId"] == null?0:int.Parse(Request["actionInfoId"]); string [] allKeys = Request.Form.AllKeys; List <int> roleIdlist = new List <int>(); foreach (var Key in allKeys) { if (Key.StartsWith("CKB_")) { roleIdlist.Add(int.Parse(Request[Key])); } } if (ActionInfoService.SetActionRoleInfo(actionId, roleIdlist)) { return(Content("ok")); } else { return(Content("no")); } }
public ActionResult Edit(ActionInfo actionInfo) { string result = "no"; //完成初始值 actionInfo.IsDelete = false; actionInfo.SubBy = 1; actionInfo.SubTime = DateTime.Now; if (actionInfo.Remark == null) { actionInfo.Remark = ""; } if (!actionInfo.IsMenu) { actionInfo.MenuIcon = ""; } if (ActionInfoService.Edit(actionInfo)) { result = "ok"; } return(Content(result)); }
public ActionResult GetActionInfo() { int pageIndex = Request["page"] != null?int.Parse(Request["page"]) : 1; int pageSize = Request["rows"] != null?int.Parse(Request["rows"]) : 5; int totalCount; short delFlag = (short)DelFlagEnum.Normarl; var actioninfolist = ActionInfoService.LoadPageEntities <string>(pageIndex, pageSize, out totalCount, a => a.DelFlag == delFlag, a => a.Url, true); var temp = from a in actioninfolist select new { ID = a.ID, ActionInfoName = a.ActionInfoName, Sort = a.Sort, Remark = a.Remark, Url = a.Url, HttpMethod = a.HttpMethod, ActionTypeEnum = a.ActionTypeEnum, SubTime = a.SubTime }; return(Json(new { rows = temp, total = totalCount }, JsonRequestBehavior.AllowGet)); }
public ActionResult SetAction(int id) { ViewBag.User = UserInfoService.GetEntities(u => u.Id == id).FirstOrDefault(); ViewData.Model = ActionInfoService.GetEntities(a => a.DelFlag == delflagNormal).ToList(); return(View()); }
public ActionResult Edit(int id1) { ViewData.Model = ActionInfoService.GetById(id1); return(View()); }
public ActionResult Index() { //ViewData.Model = ActionInfoService // .GetList(a => (a.IsDelete == false) && (a.IsMenu == true)) // .Select(a => new MenuViewModel() // { // ActionTitle = a.ActionTitle, // ActionName = a.ActionName, // ControllerName = a.ControllerName, // MenuIcon = a.MenuIcon // }).ToList(); #region 主菜单过滤 //1准备目标集合 List <MenuViewModel> listMenu = new List <MenuViewModel>(); //1.1获取所有的桌面菜单 List <ActionInfo> list = ActionInfoService.GetList(a => a.IsDelete == false && a.IsMenu == true).ToList(); //1.2获取当前登录的用户的对象 UserInfo userInfo = UserInfoService.GetById(UserLogin.UserId); //1.3遍历所有桌面菜单,逐个判断是否有权限 foreach (var actionInfo in list) { //根据当前数据,构造一个菜单对象 MenuViewModel menu = new MenuViewModel() { ActionTitle = actionInfo.ActionTitle, ControllerName = actionInfo.ControllerName, ActionName = actionInfo.ActionName, MenuIcon = actionInfo.MenuIcon }; //如果当前用户是admin,则不需要判断直接进入 if (UserLogin.UserName.Equals("admin")) { listMenu.Add(menu); continue; } //2、查找否决中是否允许,如果允许,直接加入目标集合 if (UserActionService.GetList(ua => (ua.ActionId == actionInfo.ActionId) && (ua.UserId == UserLogin.UserId) && (ua.IsAllow == true)).Count() > 0) { listMenu.Add(menu); continue; } //3、如果特权没有允许,则查找角色-权限过程 var result1 = from r in userInfo.RoleInfo//from a in list<a> from a in r.ActionInfo where a.ActionId == actionInfo.ActionId select a; if (result1.Count() > 0) { listMenu.Add(menu); } //4、排除拒绝的特殊权限 var result2 = from ua in userInfo.UserAction where ua.ActionId == actionInfo.ActionId && ua.IsAllow == false select ua; if (result2.Count() > 0) { listMenu.Remove(menu); } } #endregion return(View(listMenu)); }
public ActionResult DistributeUserAction(int uid, int aid, bool ispass) { return(ActionInfoService.DistributeUserAction(uid, aid, ispass) ?Content("ok"):Content("no")); }
//搜索框功能 public ActionResult Find() { int pageIndex = Request["page"] != null?int.Parse(Request["page"]) : 1; int pageSize = Request["rows"] != null?int.Parse(Request["rows"]) : 20; int totalCount; var value = Request["value"]; var name = Request["name"]; var temp = ActionInfoService.LoadEntities(a => a.ID > 0).DefaultIfEmpty(); if (name == "RequestUrl") { List <ActionInfo> list = new List <ActionInfo>(); foreach (var a in temp) { if (a.Url.IndexOf(value) != -1) { list.Add(a); } else { continue; } } var rtmp = from a in list select new { ID = a.ID, ActionInfoName = a.ActionInfoName, Sort = a.Sort, Remark = a.Remark, Url = a.Url, HttpMethod = a.HttpMethod, ActionTypeEnum = a.ActionTypeEnum, SubTime = a.SubTime }; totalCount = rtmp.Count(); return(Json(new { total = totalCount, rows = rtmp }, JsonRequestBehavior.AllowGet)); } else { List <ActionInfo> list = new List <ActionInfo>(); foreach (var a in temp) { if (a.ActionInfoName.IndexOf(value) != -1) { list.Add(a); } else { continue; } } var rtmp = from a in list select new { ID = a.ID, ActionInfoName = a.ActionInfoName, Sort = a.Sort, Remark = a.Remark, Url = a.Url, HttpMethod = a.HttpMethod, ActionTypeEnum = a.ActionTypeEnum, SubTime = a.SubTime }; totalCount = rtmp.Count(); return(Json(new { total = totalCount, rows = rtmp }, JsonRequestBehavior.AllowGet)); } }
public ActionResult ShowActionInfo(int id) { ActionInfo actionInfo = ActionInfoService.LoadEntities(u => u.ID == id).FirstOrDefault(); return(Content(WebCommon.GetJson(actionInfo))); }
public ActionResult CancelUserAction(int aid) { return(ActionInfoService.DistributeUserAction(aid) ? Content("ok") : Content("no")); }
//因为控制器本身也是一个ActionFilter,所以重写一下基类中的OnActionExcuting方法就可以实现,所有的Action执行前先校验用户是否登录了 // GET: Base protected override void OnActionExecuted(ActionExecutedContext filterContext) { //test return; base.OnActionExecuted(filterContext); #region 校验用户是否登录 LoginUserInfo = Session["LoginUser"] as Model.UserInfo; if (LoginUserInfo == null) { //没有登录 //filterContext.HttpContext.Response.Redirect("/Error.html"); //this.Response.Clear();//这里是关键,清除在返回前已经设置好的标头信息,这样后面的跳转才不会报错 //this.Response.BufferOutput = true;//设置输出缓冲 //if (!this.Response.IsRequestBeingRedirected)//在跳转之前做判断,防止重复 // { // this.Response.Redirect("/Login/CheckUser", true); // } //filterContext.HttpContext.Response.Redirect("/Login/CheckUser"); //filterContext.Result = new RedirectResult("/Login/CheckUser"); Response.Redirect("/Login/CheckUser"); return; } #endregion //给自己留后门 if (LoginUserInfo != null) { if (LoginUserInfo.UserName == "abc") { return; } } #region 过滤权限 //校验用户是否拥有访问此动作的权限 string str = filterContext.HttpContext.Request.RawUrl; //UserInfo/Index string httpMethod = filterContext.HttpContext.Request.HttpMethod.ToLower(); //如果没有关联当前用户的话,那么直接跳转错页面 ActionInfoService actionInfoService = new ActionInfoService(); var currentUrlAction =//拿到当前请求地址和Method对应的权限 actionInfoService.LoadTs(a => a.Url == str && a.HttpMethod.ToLower() == httpMethod) .FirstOrDefault(); //第一个:如果没有当前权限数据跟当前的url地址对应 if (currentUrlAction == null) { Common.LogHelper.WriteLog(string.Format("用户:{0}在时间:{1}请求{2}请求类型{3}出现了没有权限的问题,对方的IP地址是{4}", LoginUserInfo.Id, DateTime.Now, str, httpMethod, filterContext.HttpContext.Request.UserHostAddress)); //filterContext.Result = new RedirectResult("/Error.html"); Response.Redirect("/Error.html"); //filterContext.HttpContext.Response.Redirect("/Error.html"); return; } //第二:看当前用户有没有和当前权限关联在一块 //1、校验用户特殊权限 short delNormal = (short)Model.Enum.DelFlagEnum.Normal; R_User_ActionInfoService rUserActionInfoService = new R_User_ActionInfoService(); var tempUserAction = (from a in rUserActionInfoService.LoadTs(u => u.DelFlag == delNormal) where (a.ActionInfoId == currentUrlAction.Id && a.UserInfoId == LoginUserInfo.Id) select a).FirstOrDefault(); if (tempUserAction != null) { if (tempUserAction.IsPass) { return;//直接允许请求 } else { Common.LogHelper.WriteLog(string.Format("用户:{0}在时间:{1}请求{2}请求类型{3}出现了没有权限的问题,对方的IP地址是{4}", LoginUserInfo.Id, DateTime.Now, str, httpMethod, filterContext.HttpContext.Request.UserHostAddress)); //filterContext.Result = new RedirectResult("/Error.html"); Response.Redirect("/Error.html"); //filterContext.HttpContext.Response.Redirect("/Error.html"); return; } } //2、首先拿到当前用户的所有角色 IBLL.IUserInfoService userInfoService = new UserInfoService(); var user = userInfoService.LoadTs(u => u.Id == LoginUserInfo.Id).FirstOrDefault(); var tempRoleActions = (from r in user.Role from a in r.ActionInfo where a.Id == currentUrlAction.Id select a).Count(); if (tempRoleActions <= 0) { Common.LogHelper.WriteLog(string.Format("用户:{0}在时间:{1}请求{2}请求类型{3}出现了没有权限的问题,对方的IP地址是{4}", LoginUserInfo.Id, DateTime.Now, str, httpMethod, filterContext.HttpContext.Request.UserHostAddress)); //filterContext.Result = new RedirectResult("/Error.html"); //filterContext.HttpContext.Response.Redirect("/Error.html"); Response.Redirect("/Error.html"); return; } else { return; } //3、拿到部门的所有角色 var tempDepRoleActions = (from d in user.Department from r in d.Role from a in r.ActionInfo where a.Id == currentUrlAction.Id select a).Count(); if (tempDepRoleActions <= 0) { Common.LogHelper.WriteLog(string.Format("用户:{0}在时间:{1}请求{2}请求类型{3}出现了没有权限的问题,对方的IP地址是{4}", LoginUserInfo.Id, DateTime.Now, str, httpMethod, filterContext.HttpContext.Request.UserHostAddress)); //filterContext.Result = new RedirectResult("/Error.html"); filterContext.HttpContext.Response.Redirect("/Error.html"); return; } else { return; } #endregion }
protected override void OnActionExecuting(ActionExecutingContext filterContext) { base.OnActionExecuting(filterContext); //var items = filterContext.RouteData.Values; if (isCheckUserLogin) { #region 验证用户登录 if (Request.Cookies["userLoginId"] == null) { filterContext.HttpContext.Response.Redirect("/UserLogin/Index"); return; } else { string userGuid = Request.Cookies["userLoginId"].Value; LoginUser = CacheHelper.GetCache(userGuid) as UserInfo; if (LoginUser == null) { filterContext.HttpContext.Response.Redirect("/UserLogin/Index"); return; } CacheHelper.SetCache(userGuid, LoginUser, DateTime.Now.AddMinutes(20)); } #endregion if (LoginUser.UName == "admin") { return; } #region 校验权限 string url = Request.Url.AbsolutePath.ToLower(); string httpMethod = Request.HttpMethod.ToLower(); //通过容器创建一个对象; IActionInfoService actionInfoService = new ActionInfoService(); IR_UserInfo_ActionInfoService rUseActionService = new R_UserInfo_ActionInfoService(); IUserInfoService userInfoService = new UserInfoService(); ActionInfo actionInfo = actionInfoService.GetEntities(a => url.Contains(a.Url.ToLower()) && a.HttpMethd.ToLower() == httpMethod) .FirstOrDefault(); if (actionInfo == null) { Response.Redirect("/Error.html"); return; } //一号线 IEnumerable <R_UserInfo_ActionInfo> rUserActions = rUseActionService.GetEntities(u => u.UserInfoID == LoginUser.ID); var item = (from a in rUserActions where a.ActionInfoID == actionInfo.ID select a).FirstOrDefault(); if (item != null) { if (item.HasPermission) { return; } else { Response.Redirect("/Error.html"); return; } } //2号线 var user = userInfoService.GetEntities(u => u.ID == LoginUser.ID).FirstOrDefault(); var allRoles = from r in user.RoleInfo select r; var actions = from r in allRoles from a in r.ActionInfo select a; var temp = (from a in actions where a.ID == actionInfo.ID select a).Count(); if (temp <= 0) { Response.Redirect("/Error.html"); } #endregion } }
public ActionResult Edit(ActionInfo userInfo) { ActionInfoService.Update(userInfo); return(Content("ok")); }
public ActionResult Edit(int id) { ViewData.Model = ActionInfoService.GetEntities(u => u.DelFlag == DeleteFlag.DelflagNormal && u.ID == id).FirstOrDefault(); return(View()); }
public ActionResult Edit(int id) { ViewData.Model = ActionInfoService.GetEntities(u => u.Id == id).FirstOrDefault(); return(View()); }
public ActionResult Index() { ViewData.Model = ActionInfoService.GetEntites(a => a.DelFlag == delflagNormal).ToList(); return View(); }
protected override void OnAuthorization(AuthorizationContext filterContext) { //return; //base.OnAuthorization(filterContext); //去session,使用分布式缓存完成登录 if (Session["UserLogin"] == null) { filterContext.Result = new RedirectResult(Url.Action("Index", "UserLogin")); return; } UserLogin = Session["UserLogin"] as UserInfoViewModel; // #region 登录验证 // //1、获取客户端标识 // if (Request.Cookies.Get("loginId") == null) // { // filterContext.Result = new RedirectResult(Url.Action("Index", "UserLogin")); // return; // } // string key=Request.Cookies.Get("loginId").Value; // //2、与分布式缓存进行通信,获取对象 // MmHelper helper=new MmHelper(); // UserLogin = helper.Get(key) as UserInfoViewModel; // //3、判断是否登录 // if (UserLogin == null) // { // filterContext.Result = new RedirectResult(Url.Action("Index", "UserLogin")); // return; // } // //4、设置超时滑动时间 // helper.Set(key, UserLogin, DateTime.Now.AddMinutes(20)); //#endregion #region 验证是否有访问权限 //留个后门,给管理方便,生产环境下不存在这句代码 if (UserLogin.UserName.ToLower().Equals("admin")) { return; } //1、准备工作,拿到用户,拿到权限信息 UserInfo userInfo = UserInfoService.GetById(UserLogin.UserId); string controllerName = RouteData.GetRequiredString("controller"); string actionName = RouteData.GetRequiredString("action"); ActionInfo actionInfo = ActionInfoService.GetList(a => (a.ControllerName.ToLower().Equals(controllerName.ToLower())) && (a.ActionName.ToLower().Equals(actionName.ToLower())) && a.IsDelete == false) .FirstOrDefault(); if (actionInfo == null) { filterContext.Result = new RedirectResult("/Error.html"); } //2、查询否决表,看有没有数据 UserAction userAction = UserActionService.GetList(ua => (ua.UserId == userInfo.UserId) && (ua.ActionId == actionInfo.ActionId)).FirstOrDefault(); if (userAction != null) { //2.1否决表中有数据 if (userAction.IsAllow) { //2.1.1允许 } else { //2.1.2拒绝 filterContext.Result = new RedirectResult("/NoAllow.html"); } } else { //2.2否决表中无数据,则通过用户找角色,通过角色找权限 var result = from r in userInfo.RoleInfo from a in r.ActionInfo where a.ActionId == actionInfo.ActionId select a; if (result.Count() > 0) { //2.2.1有权限 } else { //2.2.2无权限 filterContext.Result = new RedirectResult("/NoAllow.html"); } } #endregion }
public ActionResult GetCount() { int total=0; List<ActionInfo> list = ActionInfoService.GetEntitesByPage(1, 10, out total, u => u.Id == u.Id, u => u.Id, true).ToList(); return Json(total,JsonRequestBehavior.AllowGet); }