/// <summary>
/// The check right info.
/// </summary>
/// <param name="action">
/// The action.
/// </param>
/// <param name="controller">
/// The controller.
/// </param>
/// <param name="requestMethod">
/// The request method.
/// </param>
/// <returns>
/// The <see cref="bool"/>.
/// </returns>
public bool CheckRightInfo(string action, string controller, string requestMethod,string sessionId)
{
this.systemRightsService = new SystemRightsService();
var key = this.systemRightsService.BuildResourceKey(controller, action, requestMethod);
var permissions = this.SystemUserSession.Permissions
?? MongoDBHelper.GetSystemUserSession(sessionId).Permissions;
return this.systemRightsService.ValidateRight(key, permissions);
}
/// <summary>
/// 获取操作权限信息
/// </summary>
/// <param name="action">
/// The action.
/// </param>
/// <param name="controller">
/// The controller.
/// </param>
/// <param name="requestMethod">
/// 请求类型:Get或Post
/// </param>
/// <returns>
/// The <see cref="ActionResult"/>.
/// </returns>
public ActionResult GetRightInfo(string action, string controller, string requestMethod)
{
this.systemRightsService = new SystemRightsService();
var key = this.systemRightsService.BuildResourceKey(controller, action, requestMethod);
var permissions = this.SystemUserSession.Permissions;
var response = new AjaxResponse(this.systemRightsService.ValidateRight(key, permissions) ? 0 : -403);
return this.Json(response, JsonRequestBehavior.AllowGet);
}
/// <summary>
/// The on action executed.
/// </summary>
/// <param name="filterContext">
/// The filter context.
/// </param>
protected override void OnActionExecuted(ActionExecutedContext filterContext)
{
if (systemUserSession == null)
{
LogUtils.Log("未登录", "OnActionExecuted");
}
else
{
string resourceKey = GetResourceKey(filterContext);
string resourceDescription = new SystemRightsService().GetResourceDescriptionByKey(resourceKey);
LogUtils.Log(
"用户“" + systemUserSession.Name + "”,操作完毕:" + resourceDescription,
"OnActionExecuted",
Category.Info,
this.systemUserSession.SessionID,
this.systemUserSession.SystemUserID,
"Enter");
}
base.OnActionExecuted(filterContext);
}
/// <summary>
/// 获取左边菜单列表
/// </summary>
/// <param name="userID">
/// The user ID.
/// </param>
/// <returns>
/// 左边菜单列表
/// </returns>
public List<System_Menu> GetUserLeftMenus(string userRights)
{
var systemRightService = new SystemRightsService();
if (this.SystemMenus == null)
{
return new List<System_Menu>();
}
var leftMenus = new List<System_Menu>();
foreach (var systemMenu in this.SystemMenus)
{
if (systemMenu.ParentID != 0)
{
var resourceKey =
systemRightService.BuildResourceKey(
this.systemMenus.Find(m => m.ID == systemMenu.ParentID).URL.ToLower(),
systemMenu.URL.ToLower(),
"get");
if (systemRightService.ValidateRight(resourceKey, userRights))
{
leftMenus.Add(systemMenu);
}
}
}
return leftMenus;
}
/// <summary>
/// 获取用户顶层菜单
/// </summary>
/// <param name="userID">
/// The user ID.
/// </param>
/// <returns>
/// 返回顶层菜单
/// </returns>
public List<System_Menu> GetUserTopMenus(string userRights)
{
var systemRightService = new SystemRightsService();
if (this.SystemMenus == null)
{
return new List<System_Menu>();
}
var topMenus = new List<System_Menu>();
foreach (var systemMenu in this.SystemMenus)
{
if (systemMenu.ParentID == 0)
{
var resourceKey =
systemRightService.BuildResourceKey(
systemMenu.URL.ToLower(),
"index",
"get");
if (systemRightService.ValidateRight(resourceKey, userRights))
{
topMenus.Add(systemMenu);
}
}
}
return topMenus;
}
public int ModifyRights(int roleId, int userId, string permissions)
{
this.systemRightsService = new SystemRightsService();
return this.systemRightsService.ModifyRights(roleId, userId, permissions);
}
/// <summary>
/// The query user right.
/// </summary>
/// <param name="userID">
/// The user id.
/// </param>
/// <returns>
/// The <see cref="System_Rights"/>.
/// </returns>
public string QueryUserRight(int userId)
{
this.systemRightsService = new SystemRightsService();
return this.systemRightsService.QueryUserRight(userId);
}
/// <summary>
/// The query role right.
/// </summary>
/// <param name="userID">
/// The user id.
/// </param>
/// <returns>
/// The <see cref="System_Rights"/>.
/// </returns>
public string QueryRoleRight(int roleId)
{
this.systemRightsService = new SystemRightsService();
return this.systemRightsService.QueryRoleRight(roleId);
}
/// <summary>
/// The setup session.
/// </summary>
/// <param name="user">
/// The user.
/// </param>
private void SetupSession(System_User user)
{
var topMenus = new List<MenuModel>();
var leftMenus = new List<MenuModel>();
var userRights = new SystemRightsService().QueryUserRight(user.ID);
var systemMenuService = new SystemMenuService();
var userTopMenus = systemMenuService.GetUserTopMenus(userRights);
foreach (var systemMenu in userTopMenus)
{
topMenus.Add(DataTransfer.Transfer<MenuModel>(systemMenu, typeof(System_Menu)));
}
var userLeftMenus = systemMenuService.GetUserLeftMenus(userRights);
foreach (var systemMenu in userLeftMenus)
{
leftMenus.Add(DataTransfer.Transfer<MenuModel>(systemMenu, typeof(System_Menu)));
}
var systemUserSession = new SystemUserSession
{
SessionID = this.Session.SessionID,
SystemUserID = user.ID,
// EmployeeID = user.ID, //暂时将EmployeeID设置为SystemUserId,未来将修改数据表,将EmployeeId改为SystemUserID
Name = user.Name,
LoginName = user.LoginName,
RoleID = user.RoleID,
TopMenus = topMenus,
LeftMenus = leftMenus,
Permissions = userRights,
LastVisitTime = DateTime.Now
};
MongoDBHelper.RefreshSystemUserSession(systemUserSession);
}
/// <summary>
/// The on action executing.
/// </summary>
/// <param name="filterContext">
/// The filter context.
/// </param>
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
string resourceKey = string.Empty;
string resourceDescription = string.Empty;
var mongoDbStore = new MongoDbStore<SystemUserSession>("SystemUserSessions");
systemUserSession = mongoDbStore.Single(item => item.SessionID == Session.SessionID);
if (systemUserSession == null)
{
HandleSessionLost(filterContext);
}
else
{
// todo: 会话失效判断
//this.HandleSessionState(filterContext, mongoDbStore);
var systemRightService = new SystemRightsService();
resourceKey = this.GetResourceKey(filterContext);
resourceDescription = systemRightService.GetResourceDescriptionByKey(resourceKey);
if (!systemRightService.ValidateRight(resourceKey, this.systemUserSession.Permissions))
{
if (!this.ValidateAjaxRequest(filterContext))
{
filterContext.Result =
this.Content("<script type='text/javascript'>alert('对不起,您没有此操作权限!');</script>");
}
else
{
Response.StatusCode = 610;
filterContext.Result = this.Json(new AjaxResponse(-403, "无操作权限"), JsonRequestBehavior.AllowGet);
}
LogUtils.Log(
"无操作权限" + resourceDescription,
"OnActionExecuting",
Category.Info,
systemUserSession.SessionID,
systemUserSession.SystemUserID,
"Enter");
}
}
if (systemUserSession == null)
{
LogUtils.Log("未登录", "OnActionExecuting");
}
else
{
LogUtils.Log(
"用户“" + systemUserSession.Name + "”,正在操作:" + resourceDescription,
"OnActionExecuting",
Category.Info,
systemUserSession.SessionID,
systemUserSession.SystemUserID,
"Enter");
}
base.OnActionExecuting(filterContext);
}
