/// <summary> /// 判断给定用户能否进行给定的操作 /// </summary> /// <param name="privilageJudge">给定的用户</param> /// <param name="privilege"> /// 为空字符串时表示只要登录就可以访问, /// 为null时表示允许匿名访问; /// 为字符串时表示权限; /// </param> /// <returns></returns> protected bool AllowAccess(IPrivilegeJudge privilageJudge, string privilege) { bool allowAnanymous = false, allowAnyone = false, allowOnlyAdmin = false; if (privilege == AuthenUtil.PRIVILEGE_ANYONE) { allowAnyone = true; } else if (privilege == AuthenUtil.PRIVILEGE_ANANYMOUS) { allowAnanymous = true; } else if (privilege == AuthenUtil.PRIVILEGE_ADMIN) { allowOnlyAdmin = true; } if (allowAnanymous) { return(true); } if (privilageJudge == null) { return(false); //不允许匿名访问; } if (allowAnyone && HasSameUsertype(privilageJudge)) { return(true); //允许同类型的任何人访问; } if (privilageJudge.IsAdministrator()) { return(true); // 管理员肯定可以访问 } else if (allowOnlyAdmin) { return(false); //需要是管理员,但传入不是管理员; } if (!HasSameUsertype(privilageJudge)) { return(false); //用户类型不一致,无权限访问 } if (string.IsNullOrEmpty(this.Privilege)) { return(true); //不需要权限; //只需要用户就可以了; } if (privilageJudge.HasPrivilege(this.Privilege)) { return(true); } return(false); }