コード例 #1
0
        public bool ValiddatePermission(AccountModel account, string controller, string action, string filePath)
        {
            DBContainer db         = new DBContainer();
            bool        bResult    = false;
            string      actionName = string.IsNullOrEmpty(ActionName) ? action : ActionName;

            if (account != null)
            {
                List <permModel> perm = null;
                //测试当前controller是否已赋权限值,如果没有从
                //如果存在区域,Seesion保存(区域+控制器)
                if (!string.IsNullOrEmpty(Area))
                {
                    controller = Area + "/" + controller;
                }
                perm = (List <permModel>)HttpContext.Current.Session[filePath];
                if (perm == null)
                {
                    using (SysRightBLL userBLL = new SysRightBLL()
                    {
                        SysRightRepository = new SysRightRepository(db)
                    })
                    {
                        perm = userBLL.GetPermission(account.Id, controller); //获取当前用户的权限列表
                        HttpContext.Current.Session[filePath] = perm;         //获取的劝降放入会话由Controller调用
                    }
                }
                //当用户访问index时,只要权限>0就可以访问
                if (actionName.ToLower() == "index")
                {
                    if (perm.Count > 0)
                    {
                        return(true);
                    }
                }
                //查询当前Action 是否有操作权限,大于0表示有,否则没有
                int count = perm.Where(a => a.KeyCode.ToLower() == actionName.ToLower()).Count();
                if (count > 0)
                {
                    bResult = true;
                }
                else
                {
                    bResult = false;
                    HttpContext.Current.Response.Write("你没有操作权限,请联系管理员!");
                }
            }
            return(bResult);
        }
コード例 #2
0
        public virtual void OnAuthorization(AuthorizationContext filterContext)
        {
            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }
            CurrentUser cuser;
            UrlHelper   Url     = new UrlHelper(filterContext.RequestContext);
            var         request = filterContext.RequestContext.HttpContext.Request;
            string      url     = string.Empty;

            if (IsSignIn(request, out cuser))
            {
                IList <SysRight> allRightList = new SysRightBLL().GetAllSysRights();
                ControllerBase   c            = filterContext.Controller;
                c.ViewBag.cuser     = cuser;
                c.ViewBag.RightList = allRightList;
                var userRightIDList = cuser.RightIDs.Split(',');

                var UserRightList = allRightList.Where(ar => userRightIDList.Contains(ar.ID)).ToList();
                c.ViewBag.UserRightList = UserRightList;
                var pageRightList = UserRightList.Where(r => r.ParentID == CurrentActiveLeftMenuCode).ToList();
                c.ViewBag.pageTopRightList   = pageRightList.Where(r => r.Position == "ListTop").OrderBy(r => r.SortNo).ToList();
                c.ViewBag.pageRightRightList = pageRightList.Where(r => r.Position == "ListRight").OrderBy(r => r.SortNo).ToList();

                c.ViewBag.RightCode = RightCode;
                c.ViewBag.CurrentActiveTopMenuCode  = CurrentActiveTopMenuCode;
                c.ViewBag.CurrentActiveLeftMenuCode = CurrentActiveLeftMenuCode;
                PropertyInfo p = c.GetType().GetProperty("cuser");
                p.SetValue(c, cuser);
                if (string.IsNullOrEmpty(RightCode) || cuser == null || string.IsNullOrEmpty(cuser.RightIDs) || !cuser.RightIDs.Contains(RightCode))//若没有权限,重定向到一个无权限的说明页面
                {
                    string no_permission_url = Url.Action("nopermission", "home", new { area = "" });
                    HttpContext.Current.Response.Redirect(no_permission_url, true);
                    return;
                }
            }
            else
            {
                url = string.IsNullOrEmpty(url)? Url.Action("index", "signin", new { area = "", returnurl = request.Url.ToString() }):url;
                HttpContext.Current.Response.Redirect(url, true);
                return;
            }
        }
コード例 #3
0
        public JsonResult GetRightByRoleAndModule(GridPager pager, string roleId, string moduleId)
        {
            pager.rows = 100000;
            var right = SysRightBLL.GetRightByRoleAndModule(roleId, moduleId);
            var json  = new
            {
                total = pager.totalRows,
                rows  = (from r in right
                         select new SysRightModelByRoleAndModuleModel()
                {
                    Ids = r.RightId + r.KeyCode,
                    Name = r.Name,
                    KeyCode = r.KeyCode,
                    IsValid = r.isvalid,
                    RightId = r.RightId
                }).ToArray()
            };

            return(Json(json));
        }
コード例 #4
0
 public int UpdateRight(SysRightOperateModel model)
 {
     return(SysRightBLL.UpdateRight(model));
 }