//重写Authorization public override void OnAuthorization(AuthorizationContext filterContext) { if (filterContext == null) { throw new ArgumentNullException("filterContext"); } //获取当前页面地址 url = new PageUrl(); url.Controller = filterContext.RouteData.Values["controller"] as string; url.Action = filterContext.RouteData.Values["action"] as string; //判断用户是否登录 // string Token=Caching.Get("adminLogin-key").ToString();//缓存 Model.adminlogin loginModel = HttpContext.Current.Session[CMSKeys.SESSION_ADMIN_INFO] as Model.adminlogin; //NHibernate.CMS.RedisFramework.RedisHelper.Single_Get_Itme<Model.adminlogin>(RedisKeys.REDIS_KEY_ADMINLOGIN + Token); if (loginModel == null) { // 未登录,跳转至登录页面 filterContext.Result = new RedirectResult("/Home/Login"); return; } else { if (!AuthorizeCore(filterContext.HttpContext)) { filterContext.Result = new RedirectResult("/Home/Error/premission"); //filterContext.HttpContext.Response.Write(""); } //redirect to login page } }
/// <summary> /// 重写AuthorizeAttribute的AuthorizeCore方法 /// </summary> /// <param name="httpContext"></param> /// <returns></returns> protected override bool AuthorizeCore(HttpContextBase httpContext) { bool result = false; //string Token = Caching.Get("adminLogin-key").ToString();//缓存 Model.adminlogin loginModel = HttpContext.Current.Session[CMSKeys.SESSION_ADMIN_INFO] as Model.adminlogin; //NHibernate.CMS.RedisFramework.RedisHelper.Single_Get_Itme<Model.adminlogin>(RedisKeys.REDIS_KEY_ADMINLOGIN + Token); //获取登陆标示 if (loginModel != null) { //进行权限校验 //if(。。。。。) string action = url.Action; string controller = url.Controller; //如果是admin 拥有所有权限 if (loginModel.UserName == "admin") { return(true); } Isys_actionService action_bll = new sys_actionService(); //模块功能信息表 Isys_acl_userService acl_user_bll = new sys_acl_userService(); //用户权限控制信息表 Isys_acl_groupService acl_group_bll = new sys_acl_groupService(); //分组权限控制信息表 Isys_group_userService group_user_bll = new sys_group_userService(); //用户与用户组信息表 //1.根据当前 action 、controller查询sys_action 找出actionID var actionModel = action_bll.GetSingleModel(o => o.actionKey == action && o.moduleKey == controller); if (actionModel == null) { return(false); //表示没找到 action } //2.根据当前 ueserid 、actionID查询sys_acl_user 存在数据就返回 access var acl_userModel = acl_user_bll.GetSingleModel(w => w.actionID == actionModel.actionID && w.userID == loginModel.UserID); if (acl_userModel != null) { return(true); //表示有该权限 } //3.根据当前 groupid 、actionID查询sys_acl_group 存在数据就返回 access 没有就表示没权限 var group_userModel = group_user_bll.GetSingleModel(k => k.userID == loginModel.UserID); var acl_groupModel = acl_group_bll.GetSingleModel(o => o.groupID == group_userModel.groupID && o.actionID == actionModel.actionID); if (acl_groupModel != null) { result = acl_groupModel.access; } } return(result); }
//[Authorize(Roles="")] public ActionResult Login(string username, string password, string verifycode) { if (!isCheckVerifyCode(verifycode)) { ModelState.AddModelError("error", "验证码错误"); return(View()); } if (string.IsNullOrWhiteSpace(username)) { ModelState.AddModelError("error", "请输入用户名"); return(View()); } if (string.IsNullOrWhiteSpace(password)) { ModelState.AddModelError("error", "请输入密码"); return(View()); } password = Encrypt.MD5(Encrypt.Encode(password)); NHibernate.CMS.IBusiness.Isys_userService bll = new NHibernate.CMS.Business.sys_userService(); var loginInfo = bll.GetSingleModel(o => o.userAccount == username && o.userPasswd == password && o.status == true); if (loginInfo != null) { Model.adminlogin model = new Model.adminlogin(); model.UserID = loginInfo.userID; model.UserName = loginInfo.userAccount; model.Token = Guid.NewGuid(); model.LoginDate = DateTime.Now; Session[CMSKeys.SESSION_ADMIN_INFO] = model; //Caching.Set("adminLogin-key", model.Token,10); //NHibernate.CMS.RedisFramework.RedisHelper.Single_Set_Itme<Model.adminlogin>(RedisKeys.REDIS_KEY_ADMINLOGIN + model.Token, model); return(RedirectToAction("Index", "Auth", new { Area = "Account" })); } else { ModelState.AddModelError("error", "用户名或密码错误"); return(View()); } }
/// <summary> /// 加载所有启用菜单 /// </summary> /// <returns></returns> public static List <sys_module> loadModule() { Model.adminlogin loginModel = LoginInfo; if (loginModel == null) { string url = HttpContext.Current.Request.Url.Host + "/Home/Login"; HttpContext.Current.Response.Redirect(url); return(null); } List <sys_module> list = new List <sys_module>(); ////如果缓存中找到了就直接返回 object cahingList = Caching.Get("loadModule"); if (cahingList != null) { return(cahingList as List <sys_module>); } ////1.如果是超级管理员直接返回所有 var groupUser = groupUserBll.GetSingleModel(m => m.userID == loginModel.UserID); var adminRoles = groupBll.GetSingleModel(m => m.groupID == groupUser.groupID); //2.找出显示的所有菜单 // var asys_actionList = actBll.LoadEntities(m => m.actionKey == "Show"); //3.找出当前登陆权限 if (adminRoles.groupName == "超级管理组") { var userModelacl = actBll.LoadEntities(w => w.actionKey == "Show");//一级菜单 foreach (var item in userModelacl) { var sys_modules = moduleBll.GetSingleModel(m => m.moduleKey == item.moduleKey && m.class_layer == 1); if (sys_modules != null) { list.Add(sys_modules); } } Caching.Set("loadModule", list); return(list); } //获取用户自己独立权限 var sys_acl_userList = acluserBll.LoadEntities(m => m.userID == loginModel.UserID); foreach (var item in sys_acl_userList) { var userModelacl = actBll.GetSingleModel(w => w.actionKey == "Show" && w.actionID == item.actionID); var sys_modules = moduleBll.GetSingleModel(m => m.moduleKey == userModelacl.moduleKey && m.class_layer == 1); if (sys_modules != null) { list.Add(sys_modules); } } ////获取用户角色组权限 if (groupUser != null) { var aclGroupList = aclgroupBll.LoadEntities(w => w.groupID == groupUser.groupID); foreach (var item in aclGroupList) { var GroupModelacl = actBll.GetSingleModel(w => w.actionID == item.actionID); var sys_modules = moduleBll.GetSingleModel(m => m.moduleKey == GroupModelacl.moduleKey && m.class_layer == 1); if (sys_modules != null) { list.Add(sys_modules); } } } Caching.Set("loadModule", list); return(list); }