/// <summary>
/// 获取URL对应的Function
/// </summary>
/// <param name="location">地址</param>
/// <param name="method">提交方法</param>
/// <returns>Function实体</returns>
public virtual AppFunction GetFunctionByLocation(string location, WebMethod method = WebMethod.GET)
{
AppFunction function = FunctionManager.GetAll()
.FirstOrDefault(f => f.MatchLocation(location) &&
f.Method == method);
return(function);
}
/// <summary>
/// 判断用户是否有某个资源的访问权限
/// </summary>
/// <param name="userName">用户名</param>
/// <param name="location">资源定位标识</param>
/// <returns>是/否</returns>
public virtual bool HasRight(string userName, string location, WebMethod method = WebMethod.GET)
{
AppFunction function = FunctionManager.GetAll()
.FirstOrDefault(f => f.MatchLocation(location) &&
f.Method == method);
// if (function == null) return false; //在没初始化功能集合时,只要用户登录了就能访问所有功能
return(function == null || HasRightIdCore(userName, function.Id));
}
/// <summary>
/// 获取当前用户无权限的功能ID列表
/// </summary>
/// <param name="userName">用户名</param>
/// <returns>功能ID列表</returns>
internal IEnumerable <string> GetForbiddenIds(string userName)
{
return(FunctionManager.GetAll()
.Where(func => func.AuthType == JAuthType.NeedAuth)
.Select(func => func.Id)
.Except(GetRightIds(userName))
.Union(FunctionManager.GetAll()
.Where(func => func.AuthType == JAuthType.Forbidden)
.Select(func => func.Id)));
}
