public void Login(string username, string password) { Func<RolePrivilege, bool> predicate = null; UserSessionModel userInfo = null; using (TransactionScope scope = new TransactionScope()) { string pwd = StringHelper.EncodePassword(username, password); using (var reps = PrivilegeContextProvider.GetRepository()) { //var reps = reps.Use<Privilege>(); // var userRoleReps = ConfigManager.PrivilegeProvider.GetRepository(); //var roleReps = ConfigManager.PrivilegeProvider.GetRepository(); //var rolePrivilegeReps = ConfigManager.PrivilegeProvider.GetRolePrivilegeRepository(); //var privilegeReps = ConfigManager.PrivilegeProvider.GetRepository(); User user = reps.Use<User>().Get(x => x.Username == username && x.Password == pwd); if (user == null) { throw new ApplicationException("用户名或密码错误"); } if (user.Status == BaseStatuses.Invalid) { throw new ApplicationException("用户已被禁用"); } userInfo = new UserSessionModel { Id = user.Id, Username = user.Username }; IList<UserRole> list = reps.Use<UserRole>().GetList(x => x.UserId == user.Id); foreach (UserRole role in list) { int roleId = role.RoleId; Role role2 = reps.Use<Role>().Get(x => x.Id == role.RoleId); if (role2.Status == BaseStatuses.Invalid) { throw new ApplicationException("用户所拥有的角色[" + role2.Name + "]被禁用,无法登录"); } userInfo.Roles.Add(roleId, Mapper.Map<Role, Role>(role2)); IList<RolePrivilege> source = reps.Use<RolePrivilege>().GetList(x => x.RoleId == roleId); if (predicate == null) { predicate = x => !userInfo.Privileges.ContainsKey(x.PrivilegeId); } foreach (RolePrivilege privilege in source.Where<RolePrivilege>(predicate)) { int privilegeId = privilege.PrivilegeId; Privilege privilege2 = reps.Use<Privilege>().Get(x => x.Id == privilegeId); userInfo.Privileges.Add(privilegeId, Mapper.Map<Privilege, Privilege>(privilege2)); } } } } HttpContext.Current.Session["UserInfo"] = userInfo; }
public bool CheckPrivilege(int privilege) { this._userInfo = (UserSessionModel)this._httpContext.Session["UserInfo"]; if (privilege == -1) { return true; } if (privilege == 0) { if (this._userInfo == null) { return false; } return true; } if (this._httpContext.Session["UserInfo"] == null) { return false; } if (_userInfo.Roles.Values.Count<Role>(x => (x.Name == this.PrivilegeContextProvider.SystemRoleName)) > 0) { return true; } return _userInfo.Privileges.ContainsKey(privilege); }