public bool ValiddatePermission(AccountModel account, string controller, string action, string filePath) { DBContainer db = new DBContainer(); bool bResult = false; string actionName = string.IsNullOrEmpty(ActionName) ? action : ActionName; if (account != null) { List <permModel> perm = null; //测试当前controller是否已赋权限值,如果没有从 //如果存在区域,Seesion保存(区域+控制器) if (!string.IsNullOrEmpty(Area)) { controller = Area + "/" + controller; } perm = (List <permModel>)HttpContext.Current.Session[filePath]; if (perm == null) { using (SysRightBLL userBLL = new SysRightBLL() { SysRightRepository = new SysRightRepository(db) }) { perm = userBLL.GetPermission(account.Id, controller); //获取当前用户的权限列表 HttpContext.Current.Session[filePath] = perm; //获取的劝降放入会话由Controller调用 } } //当用户访问index时,只要权限>0就可以访问 if (actionName.ToLower() == "index") { if (perm.Count > 0) { return(true); } } //查询当前Action 是否有操作权限,大于0表示有,否则没有 int count = perm.Where(a => a.KeyCode.ToLower() == actionName.ToLower()).Count(); if (count > 0) { bResult = true; } else { bResult = false; HttpContext.Current.Response.Write("你没有操作权限,请联系管理员!"); } } return(bResult); }
public virtual void OnAuthorization(AuthorizationContext filterContext) { if (filterContext == null) { throw new ArgumentNullException("filterContext"); } CurrentUser cuser; UrlHelper Url = new UrlHelper(filterContext.RequestContext); var request = filterContext.RequestContext.HttpContext.Request; string url = string.Empty; if (IsSignIn(request, out cuser)) { IList <SysRight> allRightList = new SysRightBLL().GetAllSysRights(); ControllerBase c = filterContext.Controller; c.ViewBag.cuser = cuser; c.ViewBag.RightList = allRightList; var userRightIDList = cuser.RightIDs.Split(','); var UserRightList = allRightList.Where(ar => userRightIDList.Contains(ar.ID)).ToList(); c.ViewBag.UserRightList = UserRightList; var pageRightList = UserRightList.Where(r => r.ParentID == CurrentActiveLeftMenuCode).ToList(); c.ViewBag.pageTopRightList = pageRightList.Where(r => r.Position == "ListTop").OrderBy(r => r.SortNo).ToList(); c.ViewBag.pageRightRightList = pageRightList.Where(r => r.Position == "ListRight").OrderBy(r => r.SortNo).ToList(); c.ViewBag.RightCode = RightCode; c.ViewBag.CurrentActiveTopMenuCode = CurrentActiveTopMenuCode; c.ViewBag.CurrentActiveLeftMenuCode = CurrentActiveLeftMenuCode; PropertyInfo p = c.GetType().GetProperty("cuser"); p.SetValue(c, cuser); if (string.IsNullOrEmpty(RightCode) || cuser == null || string.IsNullOrEmpty(cuser.RightIDs) || !cuser.RightIDs.Contains(RightCode))//若没有权限,重定向到一个无权限的说明页面 { string no_permission_url = Url.Action("nopermission", "home", new { area = "" }); HttpContext.Current.Response.Redirect(no_permission_url, true); return; } } else { url = string.IsNullOrEmpty(url)? Url.Action("index", "signin", new { area = "", returnurl = request.Url.ToString() }):url; HttpContext.Current.Response.Redirect(url, true); return; } }
public JsonResult GetRightByRoleAndModule(GridPager pager, string roleId, string moduleId) { pager.rows = 100000; var right = SysRightBLL.GetRightByRoleAndModule(roleId, moduleId); var json = new { total = pager.totalRows, rows = (from r in right select new SysRightModelByRoleAndModuleModel() { Ids = r.RightId + r.KeyCode, Name = r.Name, KeyCode = r.KeyCode, IsValid = r.isvalid, RightId = r.RightId }).ToArray() }; return(Json(json)); }
public int UpdateRight(SysRightOperateModel model) { return(SysRightBLL.UpdateRight(model)); }