public async Task <ActionResult> Create(
[Bind(Include = "Id,Title,Url,Controller,Action,IconCls,ParentId")] Site_Menu site_Menu)
{
if (ModelState.IsValid)
{
site_Menu.Path = site_Menu.ParentId == null
? site_Menu.Id.ToString("N")
: string.Format("{0}-{1}", site_Menu.ParentId.Value.ToString("N"), site_Menu.Id.ToString("N"));
db.Site_Menus.Add(site_Menu);
await db.SaveChangesAsync();
return(RedirectToAction("Index"));
}
ViewBag.ParentId = new SelectList(db.Site_Menus.Where(p => p.ParentId == null).ToList(),
dataTextField: "Title", dataValueField: "Id", selectedValue: site_Menu.ParentId);
return(View(site_Menu));
}
public static void RegisterMagicodesFilter()
{
RoleMenuFilterBuilder
//创建实例
.Create()
//设置包含的程序集(仅会在此程序集扫描)
.WithContainAssemblyName("Magicodes.Shop")
//基于此基类查找
.WithControllerType(typeof(ControllerBase))
//添加日志记录器
.WithLogger(new NLogLogger("RoleMenuFilter"))
//添加初始化方法
.WithMenuInitialization((list) =>
{
List <AppRole> roles;
int orderIndex = 1;
#region 移除已有的代码菜单
using (var db = new AppDbContext())
{
roles = db.Roles.ToList();
if (db.Site_Menus.Any())
{
var toRemove = db.Site_Menus.Where(p => p.IsCreateByCode).ToList();
//db.Role_Menus.RemoveRange(
// db.Role_Menus.Where(p => db.Site_Menus.Any(p1 => (p1.Id == p.MenuId) && p1.IsCreateByCode)));
db.Site_Menus.RemoveRange(toRemove);
db.SaveChanges();
orderIndex = db.Site_Menus.Max(p => p.OrderNo) + 1;
}
}
#endregion
var siteMenus = new List <Site_Menu>();
var roleMenus = new List <Role_Menu>();
foreach (var roleMenuFilter in list)
{
#region 菜单数据
var siteMenu = new Site_Menu()
{
Action = roleMenuFilter.Action,
Controller = roleMenuFilter.Controller,
Title = roleMenuFilter.Title,
IconCls = roleMenuFilter.IconCls,
IsCreateByCode = true,
OrderNo = roleMenuFilter.OrderNo == null || roleMenuFilter.OrderNo == default(int) ? orderIndex : roleMenuFilter.Order,
Id = roleMenuFilter.Id,
ParentId = roleMenuFilter.ParentId,
Tag = string.IsNullOrEmpty(roleMenuFilter.Tag) ? "Tenant" : roleMenuFilter.Tag,
Url = roleMenuFilter.Url,
Path = roleMenuFilter.ParentId == null
? roleMenuFilter.Id.ToString("N")
: string.Format("{0:N}-{1:N}", roleMenuFilter.ParentId.Value, roleMenuFilter.Id),
};
#endregion
siteMenus.Add(siteMenu);
#region 角色菜单绑定数据
foreach (var roleName in roleMenuFilter.RoleNames.Split(','))
{
var role = roles.FirstOrDefault(p => p.Name == roleName);
if (role == null)
{
continue;
}
var roleMenu = new Role_Menu
{
MenuId = siteMenu.Id,
RoleId = role.Id
};
roleMenus.Add(roleMenu);
}
#endregion
orderIndex++;
}
using (var db = new AppDbContext())
{
db.Site_Menus.AddRange(siteMenus);
var currentRoleMenus = db.Role_Menus.ToList();
foreach (var item in roleMenus)
{
if (!currentRoleMenus.Any(p => p.RoleId == item.RoleId && p.MenuId == item.MenuId))
{
db.Role_Menus.Add(item);
}
}
db.SaveChanges();
}
})
//添加角色权限控制
.WithRoleControl()
//构造并启动
.Build();
//注册审计筛选器
AuditFilterBuilder
//创建Builder对象
.Create()
//设置审计数据处理函数
.UsingAuditDataAction((filter, httpcontext) =>
{
var logAudit = new Log_Audit()
{
BrowserInfo = filter.BrowserInfo,
ClientIpAddress = filter.ClientIpAddress,
ClientName = filter.ClientName,
Code = filter.Code,
CreateBy = WeiChatApplicationContext.Current.GetUserId(httpcontext),
CreateTime = DateTime.Now,
//??是左边为null取右边的
CustomData = (httpcontext.Items["CustomData"] ?? string.Empty).ToString(),
Exception = (filter.Exception == null ? null : filter.Exception.ToString()),
ExecutionDuration = filter.ExecutionDuration,
FormData = filter.ActionData,
IsSuccess = filter.Exception == null,
Remark = filter.Remark,
RequestUrl = filter.RequestUrl,
Title = filter.Title,
TenantId = WeiChatApplicationContext.Current.GetTenantId(httpcontext)
};
using (var db = new AppDbContext())
{
db.Log_Audits.Add(logAudit);
db.SaveChanges();
}
})
//构造执行(必须)
.Build();
//注册访问筛选器
AccessFilterBuilder
.Create()
.WithExcludeUrlPrefixs("/Account")
.UsingAccessDataAction((filter, httpcontext) =>
{
var tenantId = WeiChatApplicationContext.Current.GetTenantId(httpcontext);
if (tenantId == default(int))
{
return;
}
var log = new Log_MemberAccess()
{
BrowserInfo = filter.BrowserInfo,
ClientIpAddress = filter.ClientIpAddress,
//CreateBy = WeiChatApplicationContext.Current.GetUserId(httpcontext),
CreateTime = DateTime.Now,
ExecutionDuration = filter.ExecutionDuration,
//FormData = filter.ActionData,
RequestUrl = filter.RequestUrl,
TenantId = tenantId,
OpenId = WeiChatApplicationContext.Current.GetOpenId(context: httpcontext, tenantId: tenantId)
};
using (var db = new AppDbContext())
{
db.Log_MemberAccess.Add(log);
db.SaveChanges();
}
})
//权限验证
.OnAuthorization((filter, context) =>
{
var httpContextBase = context.HttpContext;
var request = httpContextBase.Request;
var action = context.ActionDescriptor.ActionName;
var controller = context.ActionDescriptor.ControllerDescriptor.ControllerName;
var url = request.Url.AbsolutePath.ToString().ToLower();
if (url.StartsWith("/api/") ||
url.StartsWith("/app/") ||
url.StartsWith("/account/login") ||
controller == "Modules" ||
controller == "Unity" ||
controller == "WeiChat" ||
controller == "WeiChat_KeyWordTextContent" ||
url.StartsWith("/bmspay/wxpaynotify") ||
url.StartsWith("/bmspay/alipaynotify") ||
url.StartsWith("/account/register") ||
url.StartsWith("/account/logoff") ||
url.StartsWith("/product_attribute/createattribute") ||
url.StartsWith("/product_style/createattribute") ||
url.StartsWith("/systemadmin/login") ||
url.StartsWith("/account/validatecode") ||
url.StartsWith("/account/nopermission") ||
url.StartsWith("/ueditor") ||
url.StartsWith("/site_article/indexlist") ||
url.StartsWith("/site_article/detailcontent")
)
{
return;
}
var userId = WeiChatApplicationContext.Current.GetUserId(httpContextBase);
if (string.IsNullOrEmpty(userId) && !url.StartsWith("/account/login"))
{
context.Result = new RedirectResult("/Account/Login");
return;
}
//var tenantId = WeiChatApplicationContext.Current.GetTenantId(httpContextBase);
//菜单权限
var siteMenus = httpContextBase.Session["Menus"] as List <Site_Menu>;
if (siteMenus == null)
{
using (var db = new AppDbContext())
{
var appUser = db.Users.Include(p => p.Roles).FirstOrDefault(p => p.Id == userId);
if (appUser != null)
{
var roles = appUser.Roles.Select(p => p.RoleId).ToArray();
var menus =
db.Site_Menus.Where(
p => db.Role_Menus.Any(p1 => (p1.MenuId == p.Id) && roles.Any(p2 => p2 == p1.RoleId)))
.ToList().Distinct().ToList();
siteMenus = menus;
httpContextBase.Session["Menus"] = siteMenus;
}
else
{
context.Result = new RedirectResult("/Account/Login");
return;
}
}
}
//现在只判断控制器级别权限
if (!siteMenus.Any(p => p.Controller.Equals(controller, StringComparison.CurrentCultureIgnoreCase)))
{
//throw new Exception("您没权限访问该页面!");
}
})
.Build();
}
