// ------------------------------------------------------- // 查询 // ------------------------------------------------------- #region 函数:FindOne(string authorizationObjectType, string authorizationObjectId) /// <summary>查询某条授权对象信息</summary> /// <param name="authorizationObjectType">授权对象类型</param> /// <param name="authorizationObjectId">授权对象标识</param> /// <returns>返回一个<see cref="IAuthorizationObject"/>实例的详细信息</returns> public IAuthorizationObject FindOne(string authorizationObjectType, string authorizationObjectId) { IAuthorizationObject authorizationObject = null; switch (authorizationObjectType.ToLower()) { case "account": authorizationObject = MembershipManagement.Instance.AccountService[authorizationObjectId]; break; case "role": authorizationObject = MembershipManagement.Instance.RoleService[authorizationObjectId]; break; case "organization": authorizationObject = MembershipManagement.Instance.OrganizationUnitService[authorizationObjectId]; break; case "group": authorizationObject = MembershipManagement.Instance.GroupService[authorizationObjectId]; break; case "generalrole": authorizationObject = MembershipManagement.Instance.GeneralRoleService[authorizationObjectId]; break; case "standardorganization": authorizationObject = MembershipManagement.Instance.StandardOrganizationUnitService[authorizationObjectId]; break; case "standardrole": authorizationObject = MembershipManagement.Instance.StandardRoleService[authorizationObjectId]; break; default: throw new Exception(string.Format("未找到相关的授权对象类型:{0}。", authorizationObjectType)); } return(authorizationObject); }
/// <summary>检测用户是否拥有权限</summary> /// <param name="account"></param> /// <param name="roles"></param> /// <returns></returns> public static bool Check(IAccountInfo account, IAuthorizationScope[] authorizationScopes) { bool authenticated = false; foreach (IAuthorizationScope authorizationScope in authorizationScopes) { IAuthorizationObject authorizationObject = authorizationScope.AuthorizationObject; // 空对象: 未找到相关值.. if (authorizationObject == null) { continue; } switch (authorizationObject.Type) { case "account": if (account.Id == authorizationObject.Id) { authenticated = true; } break; case "role": foreach (IAccountRoleRelationInfo relation in account.RoleRelations) { if (relation.RoleId == authorizationObject.Id) { authenticated = true; break; } } break; case "organization": foreach (IAccountOrganizationUnitRelationInfo relation in account.OrganizationUnitRelations) { if (relation.OrganizationUnitId == authorizationObject.Id) { authenticated = true; break; } } break; // [未实现] //case "generalrole": // foreach (IAuthorizationObject organization.role in account.Roles) // { // if (organization.Id == authorizationObject.Id) // { // authenticated = true; // break; // } // } // break; default: break; } if (authenticated) { break; } } return(authenticated); }
/// <summary></summary> public MembershipAuthorizationScope(EntityClass entity, AuthorityInfo authority, IAuthorizationObject authorizationObject) { this.EntityClass = entity; this.Authority = authority; this.AuthorizationObject = authorizationObject; }