public virtual void UpdateRank(SiteRank rank)
{
rank.update();
}
public virtual void InsertRank(SiteRank rank)
{
rank.insert();
}
private static Boolean hasAction(ISecurity objSecurity, MvcContext ctx)
{
// 未提供权限配置的页面通过
if (objSecurity == null)
{
return(true);
}
SecurityTool securityTool = ForumSecurityService.GetSecurityTool(objSecurity, ctx); // objSecurity.SecurityTool;
// 不需要权限管理的页面通过
if (securityTool.IsForbiddenAction(ctx.route.getControllerAndActionPath()) == false)
{
return(true);
}
// 空页面通过
String currentPath = ctx.url.Path;
if (strUtil.IsNullOrEmpty(currentPath))
{
return(true);
}
// 【规则】只要系统角色,或论坛角色之一具有权限,则用户具有权限(当用户具有多重身份之时)
// 1、获取用户的角色
//系统角色
SiteRole role = ((User)ctx.viewer.obj).Role;
IList actions = securityTool.GetActionsByRole(role);
if (hasAction_private(actions, ctx))
{
return(true);
}
// 2、获取用户在特定owner中的角色
if (ctx.owner.obj.GetType() != typeof(Site))
{
IRole roleInOwner = ctx.owner.obj.GetUserRole(ctx.viewer.obj);
IList ownerRoleActions = securityTool.GetActionsByRole(roleInOwner);
if (hasAction_private(ownerRoleActions, ctx))
{
return(true);
}
}
// 3、获取用户的等级
SiteRank rank = ((User)ctx.viewer.obj).Rank;
if (rank.Id > 0)
{
actions = securityTool.GetActionsByRole(rank);
if (hasAction_private(actions, ctx))
{
return(true);
}
}
// 4、是否在论坛担任角色
if (objSecurity is ForumBoard)
{
ModeratorService moderatorService = new ModeratorService();
if (moderatorService.IsModerator(objSecurity as ForumBoard, (User)ctx.viewer.obj))
{
IList moderatorActions = securityTool.GetActionsByRole(ForumRole.Moderator);
if (hasAction_private(moderatorActions, ctx))
{
return(true);
}
}
}
return(false);
}
public virtual void DeleteRank(SiteRank rank)
{
rank.delete();
}
private String getRankString(User user)
{
SiteRank rank = SiteRank.GetById(user.RankId);
return(rank == null ? "" : rank.Name);
}