/// <summary> /// 是否有权限 /// </summary> public bool IsLimits(string menucode) { if (Session["Manager"] != null) { IntFactoryEntity.Manage.M_Users model = (IntFactoryEntity.Manage.M_Users)Session["Manager"]; if (model.Menus.Where(m => m.MenuCode == menucode).Count() > 0) { return(true); } } return(false); }
/// <summary> /// 管理员登录 /// </summary> /// <param name="userName"></param> /// <param name="pwd"></param> /// <returns></returns> public JsonResult UserLogin(string userName, string pwd) { bool bl = false; string operateip = string.IsNullOrEmpty(Request.Headers.Get("X-Real-IP")) ? Request.UserHostAddress : Request.Headers["X-Real-IP"]; int result = 0; IntFactoryEntity.Manage.M_Users model = IntFactoryBusiness.M_UsersBusiness.GetM_UserByProUserName(userName, pwd, operateip, out result); if (model != null) { CurrentUser = model; Session["Manager"] = model; bl = true; } JsonDictionary.Add("result", bl); return(new JsonResult { Data = JsonDictionary, JsonRequestBehavior = JsonRequestBehavior.AllowGet }); }
public override void OnAuthorization(AuthorizationContext filterContext) { base.OnAuthorization(filterContext); if (filterContext.HttpContext.Response.StatusCode == 401) { filterContext.Result = new RedirectResult("/Home/Index"); return; } else { var controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName.ToLower(); var action = filterContext.ActionDescriptor.ActionName.ToLower(); var menu = CommonBusiness.ManageMenus.Where(m => m.Controller.ToLower() == controller && m.View.ToLower() == action).FirstOrDefault(); //需要判断权限 if (menu != null && menu.IsLimit == 1) { IntFactoryEntity.Manage.M_Users user = (IntFactoryEntity.Manage.M_Users)filterContext.HttpContext.Session["Manager"]; if (user.Menus.Where(m => m.MenuCode == menu.MenuCode).Count() <= 0) { if (filterContext.RequestContext.HttpContext.Request.IsAjaxRequest()) { Dictionary <string, string> result = new Dictionary <string, string>(); result.Add("result", "10001"); result.Add("ErrMsg", "你暂无权限操作,请联系管理员."); filterContext.Result = new JsonResult() { Data = result, JsonRequestBehavior = JsonRequestBehavior.AllowGet }; } else { filterContext.RequestContext.HttpContext.Response.Write("<script>alert('您没有权限访问此页面');history.back();</script>"); filterContext.RequestContext.HttpContext.Response.End(); } } } } }