public ActionResult SetAction(int id1) { ViewBag.RoleInfo = RoleInfoService.GetById(id1); ViewData.Model = ActionInfoService.GetList(a => a.IsDelete == false).ToList(); return(View()); }
public ActionResult SetAction(int id1) { UserInfo userInfo = UserInfoService.GetById(id1); ViewBag.UserInfo = userInfo; ViewData.Model = ActionInfoService.GetList(a => a.IsDelete == false).ToList(); ViewBag.UserAction = userInfo.UserAction.ToList(); return(View()); }
protected override void OnAuthorization(AuthorizationContext filterContext) { //return; //base.OnAuthorization(filterContext); //去session,使用分布式缓存完成登录 if (Session["UserLogin"] == null) { filterContext.Result = new RedirectResult(Url.Action("Index", "UserLogin")); return; } UserLogin = Session["UserLogin"] as UserInfoViewModel; // #region 登录验证 // //1、获取客户端标识 // if (Request.Cookies.Get("loginId") == null) // { // filterContext.Result = new RedirectResult(Url.Action("Index", "UserLogin")); // return; // } // string key=Request.Cookies.Get("loginId").Value; // //2、与分布式缓存进行通信,获取对象 // MmHelper helper=new MmHelper(); // UserLogin = helper.Get(key) as UserInfoViewModel; // //3、判断是否登录 // if (UserLogin == null) // { // filterContext.Result = new RedirectResult(Url.Action("Index", "UserLogin")); // return; // } // //4、设置超时滑动时间 // helper.Set(key, UserLogin, DateTime.Now.AddMinutes(20)); //#endregion #region 验证是否有访问权限 //留个后门,给管理方便,生产环境下不存在这句代码 if (UserLogin.UserName.ToLower().Equals("admin")) { return; } //1、准备工作,拿到用户,拿到权限信息 UserInfo userInfo = UserInfoService.GetById(UserLogin.UserId); string controllerName = RouteData.GetRequiredString("controller"); string actionName = RouteData.GetRequiredString("action"); ActionInfo actionInfo = ActionInfoService.GetList(a => (a.ControllerName.ToLower().Equals(controllerName.ToLower())) && (a.ActionName.ToLower().Equals(actionName.ToLower())) && a.IsDelete == false) .FirstOrDefault(); if (actionInfo == null) { filterContext.Result = new RedirectResult("/Error.html"); } //2、查询否决表,看有没有数据 UserAction userAction = UserActionService.GetList(ua => (ua.UserId == userInfo.UserId) && (ua.ActionId == actionInfo.ActionId)).FirstOrDefault(); if (userAction != null) { //2.1否决表中有数据 if (userAction.IsAllow) { //2.1.1允许 } else { //2.1.2拒绝 filterContext.Result = new RedirectResult("/NoAllow.html"); } } else { //2.2否决表中无数据,则通过用户找角色,通过角色找权限 var result = from r in userInfo.RoleInfo from a in r.ActionInfo where a.ActionId == actionInfo.ActionId select a; if (result.Count() > 0) { //2.2.1有权限 } else { //2.2.2无权限 filterContext.Result = new RedirectResult("/NoAllow.html"); } } #endregion }
public ActionResult Index() { //ViewData.Model = ActionInfoService // .GetList(a => (a.IsDelete == false) && (a.IsMenu == true)) // .Select(a => new MenuViewModel() // { // ActionTitle = a.ActionTitle, // ActionName = a.ActionName, // ControllerName = a.ControllerName, // MenuIcon = a.MenuIcon // }).ToList(); #region 主菜单过滤 //1准备目标集合 List <MenuViewModel> listMenu = new List <MenuViewModel>(); //1.1获取所有的桌面菜单 List <ActionInfo> list = ActionInfoService.GetList(a => a.IsDelete == false && a.IsMenu == true).ToList(); //1.2获取当前登录的用户的对象 UserInfo userInfo = UserInfoService.GetById(UserLogin.UserId); //1.3遍历所有桌面菜单,逐个判断是否有权限 foreach (var actionInfo in list) { //根据当前数据,构造一个菜单对象 MenuViewModel menu = new MenuViewModel() { ActionTitle = actionInfo.ActionTitle, ControllerName = actionInfo.ControllerName, ActionName = actionInfo.ActionName, MenuIcon = actionInfo.MenuIcon }; //如果当前用户是admin,则不需要判断直接进入 if (UserLogin.UserName.Equals("admin")) { listMenu.Add(menu); continue; } //2、查找否决中是否允许,如果允许,直接加入目标集合 if (UserActionService.GetList(ua => (ua.ActionId == actionInfo.ActionId) && (ua.UserId == UserLogin.UserId) && (ua.IsAllow == true)).Count() > 0) { listMenu.Add(menu); continue; } //3、如果特权没有允许,则查找角色-权限过程 var result1 = from r in userInfo.RoleInfo//from a in list<a> from a in r.ActionInfo where a.ActionId == actionInfo.ActionId select a; if (result1.Count() > 0) { listMenu.Add(menu); } //4、排除拒绝的特殊权限 var result2 = from ua in userInfo.UserAction where ua.ActionId == actionInfo.ActionId && ua.IsAllow == false select ua; if (result2.Count() > 0) { listMenu.Remove(menu); } } #endregion return(View(listMenu)); }