public bool ValiddatePermission(AccountModel account, string controller, string action, string filePath)
{
DBContainer db = new DBContainer();
bool bResult = false;
string actionName = string.IsNullOrEmpty(ActionName) ? action : ActionName;
if (account != null)
{
List <permModel> perm = null;
//测试当前controller是否已赋权限值,如果没有从
//如果存在区域,Seesion保存(区域+控制器)
if (!string.IsNullOrEmpty(Area))
{
controller = Area + "/" + controller;
}
perm = (List <permModel>)HttpContext.Current.Session[filePath];
if (perm == null)
{
using (SysRightBLL userBLL = new SysRightBLL()
{
SysRightRepository = new SysRightRepository(db)
})
{
perm = userBLL.GetPermission(account.Id, controller); //获取当前用户的权限列表
HttpContext.Current.Session[filePath] = perm; //获取的劝降放入会话由Controller调用
}
}
//当用户访问index时,只要权限>0就可以访问
if (actionName.ToLower() == "index")
{
if (perm.Count > 0)
{
return(true);
}
}
//查询当前Action 是否有操作权限,大于0表示有,否则没有
int count = perm.Where(a => a.KeyCode.ToLower() == actionName.ToLower()).Count();
if (count > 0)
{
bResult = true;
}
else
{
bResult = false;
HttpContext.Current.Response.Write("你没有操作权限,请联系管理员!");
}
}
return(bResult);
}
public virtual void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
CurrentUser cuser;
UrlHelper Url = new UrlHelper(filterContext.RequestContext);
var request = filterContext.RequestContext.HttpContext.Request;
string url = string.Empty;
if (IsSignIn(request, out cuser))
{
IList <SysRight> allRightList = new SysRightBLL().GetAllSysRights();
ControllerBase c = filterContext.Controller;
c.ViewBag.cuser = cuser;
c.ViewBag.RightList = allRightList;
var userRightIDList = cuser.RightIDs.Split(',');
var UserRightList = allRightList.Where(ar => userRightIDList.Contains(ar.ID)).ToList();
c.ViewBag.UserRightList = UserRightList;
var pageRightList = UserRightList.Where(r => r.ParentID == CurrentActiveLeftMenuCode).ToList();
c.ViewBag.pageTopRightList = pageRightList.Where(r => r.Position == "ListTop").OrderBy(r => r.SortNo).ToList();
c.ViewBag.pageRightRightList = pageRightList.Where(r => r.Position == "ListRight").OrderBy(r => r.SortNo).ToList();
c.ViewBag.RightCode = RightCode;
c.ViewBag.CurrentActiveTopMenuCode = CurrentActiveTopMenuCode;
c.ViewBag.CurrentActiveLeftMenuCode = CurrentActiveLeftMenuCode;
PropertyInfo p = c.GetType().GetProperty("cuser");
p.SetValue(c, cuser);
if (string.IsNullOrEmpty(RightCode) || cuser == null || string.IsNullOrEmpty(cuser.RightIDs) || !cuser.RightIDs.Contains(RightCode))//若没有权限,重定向到一个无权限的说明页面
{
string no_permission_url = Url.Action("nopermission", "home", new { area = "" });
HttpContext.Current.Response.Redirect(no_permission_url, true);
return;
}
}
else
{
url = string.IsNullOrEmpty(url)? Url.Action("index", "signin", new { area = "", returnurl = request.Url.ToString() }):url;
HttpContext.Current.Response.Redirect(url, true);
return;
}
}
public JsonResult GetRightByRoleAndModule(GridPager pager, string roleId, string moduleId)
{
pager.rows = 100000;
var right = SysRightBLL.GetRightByRoleAndModule(roleId, moduleId);
var json = new
{
total = pager.totalRows,
rows = (from r in right
select new SysRightModelByRoleAndModuleModel()
{
Ids = r.RightId + r.KeyCode,
Name = r.Name,
KeyCode = r.KeyCode,
IsValid = r.isvalid,
RightId = r.RightId
}).ToArray()
};
return(Json(json));
}
public int UpdateRight(SysRightOperateModel model)
{
return(SysRightBLL.UpdateRight(model));
}