private List <RightTree> GetChild(int parid, List <ARolePermissionRelation> rolepers, List <Module> listmodules)
{
List <RightTree> li = new List <RightTree>();
var mods = listmodules.Where(c => c.ParentId == parid);
var listpers = CacheAccess.GetPermissions(_permissionContract).Where(c => c.IsEnabled == true && c.IsDeleted == false).ToList();
foreach (var c in mods)
{
var tr = new RightTree()
{
id = c.Id + "",
text = c.ModuleName,
url = "",
children = GetPermiss(c.Id, rolepers, listpers),
_checked = false,
msg = c.Description
};
tr._checked = tr.children.Any(x => x._checked);
tr._isShow = tr.children.Any(x => x._isShow);
li.Add(tr);
}
return(li);
}
private List <RightTree> GetPermiss(int twoModId)
{
var pers = CacheAccess.GetPermissions(_permissionContract).Where(c => c.ModuleId == twoModId && c.IsEnabled == true && c.IsDeleted == false).ToList();
return(pers.Select(c => new RightTree()
{
id = "c" + c.Id,
text = c.PermissionName,
url = "",
msg = c.Description,
_checked = false,
_isShow = false,
_gtype = (int?)c.Gtype
}).ToList());
}
private List <int> GetVerifyAdminIds(int departmentId, params string[] onlyFlags)
{
var controller = RouteData.Values["controller"].ToString();
var module = CacheAccess.GetModules(_moduleContract)
.Where(c => !c.IsDeleted && c.IsEnabled)
.Where(c => c.PageController != null && c.PageAction != null)
.Where(c => c.PageController == controller)
.FirstOrDefault();
var permissionIds = CacheAccess.GetPermissions(_permisstionContract)
.Where(p => !p.IsDeleted && p.IsEnabled && p.ModuleId == module.Id)
.Where(p => onlyFlags.Contains(p.OnlyFlag))
.Select(p => p.Id).ToList();
var adminIds = _adminContract.Administrators.Where(a => !a.IsDeleted && a.IsEnabled)
.Where(a => a.JobPosition.Departments.Any(d => d.Id == departmentId))
.Where(a => a.Roles.Any(r => r.ARolePermissionRelations.Any(p => permissionIds.Contains(p.PermissionsId.Value))))
.Select(a => a.Id)
.ToList();
return(adminIds);
}
/// <summary>
/// 当前模块下所有的ActionName,权限所能控制到的方法
/// </summary>
/// <param name="moduleId"></param>
/// <returns></returns>
public List <string> CurrModuleAllActionName(int moduleId)
{
return(CacheAccess.GetPermissions(_permissionContract).Where(w => w.ModuleId == moduleId && !string.IsNullOrWhiteSpace(w.ActionName)).Select(s => s.ActionName).ToList());
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
bool resul = false;
// string area = httpContext.Request.RequestContext.RouteData.DataTokens["area"].ToString();
string control = httpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
string action = httpContext.Request.RequestContext.RouteData.Values["action"].ToString();
var permission = _permissionContract.Permissions.FirstOrDefault(c => c.ControllName == control && c.ActionName == action && c.IsEnabled && !c.IsDeleted);
/* 2016-4-20 yxk
* 如果当前权限对应的模块已经完成了权限的添加操作 则判断用户是否有该权限
* 如果当前权限对应的模块未完成权限的添加操作,不考虑用户是否具有该权限
*/
if (permission != null)
{
httpContext.Items.Add("_ruledes", permission.Description);
if (permission.Module.IsCompleteRule)
{
//当前用户的所有权限
List <Permission> currentUserPermi = CacheAccess.GetCurrentUserPermission(_administratorContract, _permissionContract);
//当前模块的所有权限
var currModulePermission = CacheAccess.GetPermissions(_permissionContract).Where(c => c.ModuleId == permission.ModuleId && c.IsEnabled && !c.IsDeleted).ToList();
//当前用户在当前模块具有的权限
var currUserPermiForCurrModule = currentUserPermi.Where(c => currModulePermission.Select(g => g.Id).Contains(c.Id)).ToList();
//当前用户在当前模块不具有的权限
var currUserNoPermiForCurrModule =
currModulePermission.Where(c => !(currentUserPermi.Select(g => g.Id).Contains(c.Id))).ToList();
var invali = currUserNoPermiForCurrModule.Where(c => !string.IsNullOrEmpty(c.OnlyFlag)).Select(c => c.OnlyFlag).ToList();
httpContext.Items.Remove("_inval_role");
httpContext.Items.Add("_inval_role", invali);
//具有该权限
resul = currentUserPermi.Any(c => c.Id == permission.Id);
}
else
{
//未完成权限添加
resul = true;
}
}
else
{//当前连接未加入权限控制
resul = true;
}
return(resul);
//var moduId = CacheAccess.GetModules(_moduleContract).Where(c => c.PageController.ToLower() == control.ToLower() && c.IsDeleted == false && c.IsEnabled == true).Select(c => c.Id).FirstOrDefault();
//if (moduId != 0)
//{
//List<Permission> perli = CacheAccess.GetPermissions(_permissionContract).Where(c => c.ControllName == control &&c.ActionName==action&& !c.IsDeleted && c.IsEnabled ).ToList();
//List<Permission> currentUserPermi = CacheAccess.GetCurrentUserPermission(_administratorContract);
//if (currentUserPermi != null)
//{
//当前用户的所有权限
// List<int> currperids = currentUserPermi.Select(c => c.Id).ToList();
//当前用户在当前模块所具有的权限
// List<Permission> curModulePer = perli.Where(c => currperids.Contains(c.Id)).ToList();
//当前用户在当前模块不具有的权限
//List<Permission> noperli = new List<Permission>();
//foreach (var curp in perli)
//{
// if (noperli.Count == 0)
// noperli = perli;
// noperli = noperli.Where(c => c.ModuleId != curp.ModuleId && c.ActionName != curp.ActionName).ToList();
//}
//List<Permission> curModuleNoPer = perli.Where(c => !currperids.Contains(c.Id)).ToList();
//List<Permission> curModuleNoPer = perli.Where(c => !currperids.Contains(c.Id)).ToList();
//var invali = curModuleNoPer.Where(c => !string.IsNullOrEmpty(c.OnlyFlag)).Select(c => c.OnlyFlag).ToList();
//httpContext.Items.Remove("_inval_role");
//httpContext.Items.Add("_inval_role", invali);
//var nopers = curModuleNoPer.Any(c => c.ModuleId == moduId && c.ActionName == action);
//if (!nopers)
//{
// resul = true;
//}
//test
//if (requrl.Contains("Products/Product/List"))
// resul = false;
// }
//}
}