public ActionResult EditSave(R_User_ActionInfo act) { if (R_User_ActionInfoService.Update(act)) { R_User_ActionInfoService.SaveChanges(); return(Content("ok")); } return(Content("修改失败了!")); }
public ActionResult Edit(string ids) { var id = int.Parse(ids); R_User_ActionInfo act = R_User_ActionInfoService.LoadEntities(u => u.ID == id).FirstOrDefault(); var result = new { model = act }; JsonResult str = Json(result, JsonRequestBehavior.AllowGet); return(Json(result, JsonRequestBehavior.AllowGet)); }
//去除特殊权限 public ActionResult RemoveUserAction(int UserInfoID, int ActionInfoID) { //R_User_ActionInfoService.Delete() var item = R_User_ActionInfoService.LoadEntities(r => r.UserInfoID == UserInfoID && r.ActionInfoID == ActionInfoID) .FirstOrDefault(); if (item != null) { item.DelFlag = (short)SS.Platform.OA.Model.Enum.DelFlagEnum.Deleted; R_User_ActionInfoService.SaveChanges(); } return(Content("ok")); }
//#region 设置角色 //public ActionResult GetRoleInfo(Guid SUser) //{ // var delNormal = (short)SS.Platform.OA.Model.Enum.DelFlagEnum.Normal; // UserInfo userInfo = UserInfoService.LoadEntities(u => u.ID == SUser && u.DelFlag == delNormal).FirstOrDefault(); // if (userInfo != null) // { // var allRoleInfo = RoleInfoService.LoadEntities(u => u.DelFlag == delNormal).ToList(); // var data = new // { // Rows = (from r in allRoleInfo // select // new { r.ID, r.Name, r.SubTime, r.SubBy, selected = userInfo.RoleInfo.Contains(r) }).ToList() // }; // return Json(data, JsonRequestBehavior.AllowGet); // } // else // { // return Content("选择的用户不存在!"); // } //} //[HttpPost] //public ActionResult SetUserRoleSave(string UserId, string RolesId) //{ // short delNormal = (short)Model.Enum.DelFlagEnum.Normal; // string[] idStrs = null; // //用户选择的角色 // List<RoleInfo> userRoleSelList = new List<RoleInfo>(); // Guid idUser = Guid.Parse(UserId); // if (RolesId != "") // { // idStrs = RolesId.Split(','); // } // UserInfo userInfo = UserInfoService.LoadEntities(u => u.ID == idUser && u.DelFlag == delNormal).FirstOrDefault(); // if (userInfo == null) // { // return Content("系统运行出错!"); // } // /**************************************************************/ // userInfo.RoleInfo.Clear(); // if (idStrs != null) // { // foreach (var idStr in idStrs) // { // Guid roleId = Guid.Parse(idStr); // RoleInfo roleInfo = RoleInfoService.LoadEntities(u => u.ID == roleId && u.DelFlag == delNormal).FirstOrDefault(); // userInfo.RoleInfo.Add(roleInfo); // } // } // if (UserInfoService.Savechanges() > 0) // { // return Content("ok"); // } // else // { // return Content("系统运行出错!"); // } /**************************************************************/ //给用户添加用户选择的角色 //if (idStrs != null) //{ // //添加已选 // foreach (var idStr in idStrs) // { // Guid roleId = Guid.Parse(idStr); // RoleInfo roleInfo = RoleInfoService.LoadEntities(u => u.ID == roleId && u.DelFlag == delNormal).FirstOrDefault(); // userRoleSelList.Add(roleInfo); // //只添加原来没有的角色 // if (!userInfo.RoleInfo.Contains(roleInfo)) // { // userInfo.RoleInfo.Add(roleInfo); // } // } // //已选权限 // var userRoleDelList = userInfo.RoleInfo.Except(userRoleSelList).ToList(); // foreach (var roleEx in userRoleDelList) // { // userInfo.RoleInfo.Remove(roleEx); // } //} //else //{ // userInfo.RoleInfo.Clear(); //} //if (UserInfoService.Savechanges() > 0) //{ // return Content("ok"); //} //else //{ // return Content("ok"); //} //} //#endregion #region 设置用户的特殊权限 public ActionResult SetAction(int id) { short delNormal = (short)SS.Platform.OA.Model.Enum.DelFlagEnum.Normal; ViewData.Model = UserInfoService.LoadEntities(u => u.ID == id).FirstOrDefault(); ViewBag.ExistUserActions = R_User_ActionInfoService.LoadEntities(r => r.DelFlag == delNormal && r.UserInfoID == id).ToList(); //后台往前天传递 所有的权限 ViewBag.AllActionInfos = ActionInfoService.LoadEntities(a => a.DelFlag == delNormal).ToList(); return(View()); }
public ActionResult GetUserAction(int SUser) { //拿到前台发送来的是当前页面和页的大小 short delNormal = (short)Model.Enum.DelFlagEnum.Normal; var userActionList = R_User_ActionInfoService.LoadEntities(u => u.UserInfoID == SUser && u.DelFlag == delNormal).ToList(); var data = new { Rows = (from u in userActionList select new{ ID = u.ID, Action = u.ActionInfo.Name, u.IsPass }).ToList() }; return(Json(data, JsonRequestBehavior.AllowGet)); }
public ActionResult Add(R_User_ActionInfo act) { if (act.UserInfoID == 0) { return(Content("请选择用户")); } if (act.ActionInfoID == 0) { return(Content("请选择权限")); } //查找已有权限 var userAction = R_User_ActionInfoService.LoadEntities(u => u.UserInfoID == act.UserInfoID && u.ActionInfoID == act.ActionInfoID).FirstOrDefault(); if (userAction != null) { if (userAction.DelFlag == (short)SS.Platform.OA.Model.Enum.DelFlagEnum.Deleted) { userAction.DelFlag = (short)SS.Platform.OA.Model.Enum.DelFlagEnum.Normal; if (R_User_ActionInfoService.Update(userAction)) { R_User_ActionInfoService.SaveChanges(); return(Content("ok")); } } else { return(Content("该用户权限已经存在,不允许重复添加!")); } } //查找用户编码 var user = UserInfoService.LoadEntities(u => u.ID == act.UserInfoID).FirstOrDefault(); //查找权限编码 var action = ActionInfoService.LoadEntities(u => u.ID == act.ActionInfoID).FirstOrDefault(); //#region 生成编码 act.Code = user.Code + "-" + action.Code; act.Name = user.Name + "-" + action.Name; act.DelFlag = (short)SS.Platform.OA.Model.Enum.DelFlagEnum.Normal; R_User_ActionInfoService.Add(act); if (R_User_ActionInfoService.SaveChanges() > 0) { return(Content("ok")); } return(Content("添加失败了")); }
//添加特殊权限 public ActionResult SetUserActionPasss(R_User_ActionInfo userAction) { var item = R_User_ActionInfoService.LoadEntities(r => r.UserInfoID == userAction.UserInfoID && r.ActionInfoID == userAction.ActionInfoID) .FirstOrDefault(); if (item == null)//如果没有那么直接添加 { R_User_ActionInfoService.Add(userAction); R_User_ActionInfoService.SaveChanges(); } else//如果有那么直接修改 { item.IsPass = userAction.IsPass; item.DelFlag = (short)SS.Platform.OA.Model.Enum.DelFlagEnum.Normal; R_User_ActionInfoService.SaveChanges(); } return(Content("ok")); }
public ActionResult DeleteIds(string ids) { if (string.IsNullOrEmpty(ids)) { return(Content("系统运行出现错误!")); } //ids: 1,3,4 string[] idStrs = ids.Split(','); List <int> idDelete = new List <int>(); foreach (var idStr in idStrs) { int deleteId = int.Parse(idStr); idDelete.Add(deleteId); } if (R_User_ActionInfoService.DeleteIds(idDelete.ToArray()) > 0) { return(Content("ok")); } return(Content("系统运行出现错误!")); }
//因为控制器本身也是一个ActionFilter,所以重写一下基类中的OnActionExcuting方法就可以实现,所有的Action执行前先校验用户是否登录了 // GET: Base protected override void OnActionExecuted(ActionExecutedContext filterContext) { //test return; base.OnActionExecuted(filterContext); #region 校验用户是否登录 LoginUserInfo = Session["LoginUser"] as Model.UserInfo; if (LoginUserInfo == null) { //没有登录 //filterContext.HttpContext.Response.Redirect("/Error.html"); //this.Response.Clear();//这里是关键,清除在返回前已经设置好的标头信息,这样后面的跳转才不会报错 //this.Response.BufferOutput = true;//设置输出缓冲 //if (!this.Response.IsRequestBeingRedirected)//在跳转之前做判断,防止重复 // { // this.Response.Redirect("/Login/CheckUser", true); // } //filterContext.HttpContext.Response.Redirect("/Login/CheckUser"); //filterContext.Result = new RedirectResult("/Login/CheckUser"); Response.Redirect("/Login/CheckUser"); return; } #endregion //给自己留后门 if (LoginUserInfo != null) { if (LoginUserInfo.UserName == "abc") { return; } } #region 过滤权限 //校验用户是否拥有访问此动作的权限 string str = filterContext.HttpContext.Request.RawUrl; //UserInfo/Index string httpMethod = filterContext.HttpContext.Request.HttpMethod.ToLower(); //如果没有关联当前用户的话,那么直接跳转错页面 ActionInfoService actionInfoService = new ActionInfoService(); var currentUrlAction =//拿到当前请求地址和Method对应的权限 actionInfoService.LoadTs(a => a.Url == str && a.HttpMethod.ToLower() == httpMethod) .FirstOrDefault(); //第一个:如果没有当前权限数据跟当前的url地址对应 if (currentUrlAction == null) { Common.LogHelper.WriteLog(string.Format("用户:{0}在时间:{1}请求{2}请求类型{3}出现了没有权限的问题,对方的IP地址是{4}", LoginUserInfo.Id, DateTime.Now, str, httpMethod, filterContext.HttpContext.Request.UserHostAddress)); //filterContext.Result = new RedirectResult("/Error.html"); Response.Redirect("/Error.html"); //filterContext.HttpContext.Response.Redirect("/Error.html"); return; } //第二:看当前用户有没有和当前权限关联在一块 //1、校验用户特殊权限 short delNormal = (short)Model.Enum.DelFlagEnum.Normal; R_User_ActionInfoService rUserActionInfoService = new R_User_ActionInfoService(); var tempUserAction = (from a in rUserActionInfoService.LoadTs(u => u.DelFlag == delNormal) where (a.ActionInfoId == currentUrlAction.Id && a.UserInfoId == LoginUserInfo.Id) select a).FirstOrDefault(); if (tempUserAction != null) { if (tempUserAction.IsPass) { return;//直接允许请求 } else { Common.LogHelper.WriteLog(string.Format("用户:{0}在时间:{1}请求{2}请求类型{3}出现了没有权限的问题,对方的IP地址是{4}", LoginUserInfo.Id, DateTime.Now, str, httpMethod, filterContext.HttpContext.Request.UserHostAddress)); //filterContext.Result = new RedirectResult("/Error.html"); Response.Redirect("/Error.html"); //filterContext.HttpContext.Response.Redirect("/Error.html"); return; } } //2、首先拿到当前用户的所有角色 IBLL.IUserInfoService userInfoService = new UserInfoService(); var user = userInfoService.LoadTs(u => u.Id == LoginUserInfo.Id).FirstOrDefault(); var tempRoleActions = (from r in user.Role from a in r.ActionInfo where a.Id == currentUrlAction.Id select a).Count(); if (tempRoleActions <= 0) { Common.LogHelper.WriteLog(string.Format("用户:{0}在时间:{1}请求{2}请求类型{3}出现了没有权限的问题,对方的IP地址是{4}", LoginUserInfo.Id, DateTime.Now, str, httpMethod, filterContext.HttpContext.Request.UserHostAddress)); //filterContext.Result = new RedirectResult("/Error.html"); //filterContext.HttpContext.Response.Redirect("/Error.html"); Response.Redirect("/Error.html"); return; } else { return; } //3、拿到部门的所有角色 var tempDepRoleActions = (from d in user.Department from r in d.Role from a in r.ActionInfo where a.Id == currentUrlAction.Id select a).Count(); if (tempDepRoleActions <= 0) { Common.LogHelper.WriteLog(string.Format("用户:{0}在时间:{1}请求{2}请求类型{3}出现了没有权限的问题,对方的IP地址是{4}", LoginUserInfo.Id, DateTime.Now, str, httpMethod, filterContext.HttpContext.Request.UserHostAddress)); //filterContext.Result = new RedirectResult("/Error.html"); filterContext.HttpContext.Response.Redirect("/Error.html"); return; } else { return; } #endregion }