/// <summary> /// 取得後台使用者 By 使用者Id No Lazy /// </summary> /// <param name="userId">使用者Id</param> /// <returns>後台使用者</returns> public LoginUserVO GetLoginUserByIdNoLazy(string userId) { LoginUserVO user = LoginUserDao.GetLoginUserById(userId); if (user != null) { NHibernateUtil.Initialize(user.LoginRoleList); if (user.LoginRoleList != null && user.LoginRoleList.Count > 0) { foreach (LoginRoleVO role in user.LoginRoleList) { NHibernateUtil.Initialize(role.MenuFuncList); if (role.MenuFuncList != null && role.MenuFuncList.Count > 0) { foreach (MenuFuncVO menufunc in role.MenuFuncList) { NHibernateUtil.Initialize(menufunc.FuncionPaths); } } } } } return(user); }
/// <summary> /// 取得屬於這個User的權限的功能清單 /// </summary> /// <returns>屬於這個User的權限的功能清單</returns> public IList <MenuFuncVO> GetTopMenuFunc(LoginUserVO user, IList <MenuFuncVO> allMenu, Dictionary <int, LoginRoleVO> roleDic) { IList <MenuFuncVO> authMenuList = new List <MenuFuncVO>(); foreach (MenuFuncVO menu in allMenu) { if (menu.SubFuncs.Count > 0) { int i = 1; //判斷是否第一次執行 MenuFuncVO parentMenu = new MenuFuncVO(); foreach (MenuFuncVO subFunc in menu.SubFuncs) { if (UserHasMenuRight(user, subFunc, roleDic)) { if (i == 1) { parentMenu = menu; authMenuList.Add(parentMenu); parentMenu.SubFuncs = new List <MenuFuncVO>(); } parentMenu.SubFuncs.Add(subFunc); i++; } } } } return(authMenuList); }
private void InitLoginRoleAndUser() { //建立後台角色 LoginRoleVO loginRoleVO = new LoginRoleVO("系統管理員"); loginRoleVO.MenuFuncList = m_AuthService.GetNotTopMenuFunc(); //角色功能權限 m_AuthService.CreateLoginRole(loginRoleVO); LoginRoleVO loginRoleVO2 = new LoginRoleVO("行銷人員"); loginRoleVO2.MenuFuncList = m_AuthService.GetNotTopMenuFunc().Where(m => !8.Equals(m.ParentMenu.MenuFuncId)).ToList(); //角色功能權限 m_AuthService.CreateLoginRole(loginRoleVO2); LoginUserVO loginUserVO = new LoginUserVO(); loginUserVO.UserId = "admin"; loginUserVO.Password = "******"; loginUserVO.FullNameInChinese = "系統管理者"; loginUserVO.FullNameInEnglish = "Administrator"; loginUserVO.LoginRoleList = new List <LoginRoleVO>(); loginUserVO.LoginRoleList.Add(loginRoleVO); loginUserVO.CreateDate = DateTime.Now; m_AuthService.CreateLoginUser(loginUserVO); LoginUserVO loginUserVO2 = new LoginUserVO(); loginUserVO2.UserId = "test"; loginUserVO2.Password = "******"; loginUserVO2.FullNameInChinese = "行銷人員"; loginUserVO2.FullNameInEnglish = "Administrator"; loginUserVO2.LoginRoleList = new List <LoginRoleVO>(); loginUserVO2.LoginRoleList.Add(loginRoleVO2); loginUserVO2.CreateDate = DateTime.Now; m_AuthService.CreateLoginUser(loginUserVO2); }
/// <summary> /// 加入 system log /// </summary> /// <param name="action">異動行為</param> public void AddSystemLog(MsgVO.Action action, object obj) { SessionHelper sHelper = new SessionHelper(); LoginUserVO userVO = sHelper.LoginUser; LogSystemVO logVO = sHelper.LogVO; if (!String.IsNullOrEmpty(logVO.Fucntion)) { if (userVO != null) { logVO.UpdateId = userVO.UserId; } logVO.UpdateDate = DateTime.Now; logVO.Action = action.ToString(); logVO.UpdateClassName = obj.GetType().ToString(); logVO.IpAddress = m_HttpHelper.GetUserIp(HttpContext.Current); m_LogService.CreateLogSystem(logVO); } else { // log.Debug("logVO.Function is null ,updateClassName "+obj.ToString()); } }
private void initLeftData() { LoginUserVO user = m_SessionHelper.LoginUser; if (user != null) { // lblUserId.Text = user.UserId; //快取載入 user = UserMenuFuncContainer.GetInstance().GetUser(user.UserId); //user = m_AuthService.GetLoginUserByIdNoLazy(user.UserId); IList <LoginRoleVO> roleList = user.LoginRoleList; List <string> roleStr = new List <string>(); if (roleList != null && roleList.Count > 0) { foreach (LoginRoleVO role in roleList) { roleStr.Add(role.RoleName); } } // lblRole.Text = String.Join(",", roleStr.ToArray()); } else { Response.Redirect(UIHelper.LOGIN_PAGE_MANAGER, false); return; } }
protected void GridView1_RowCommand(object sender, GridViewCommandEventArgs e) { lblMsg.Text = string.Empty; string userId = string.Empty; switch (e.CommandName) { case "MyEdit": userId = e.CommandArgument.ToString(); m_Log.Debug("get UserId=" + userId); LoadVoToUI(userId); ToUpdateMode(); break; case "MyDelete": userId = e.CommandArgument.ToString(); m_Log.Debug("get UserId=" + userId); LoginUserVO user = m_AuthService.GetLoginUserById(userId); m_AuthService.DeleteLoginUser(user); m_WebLogService.AddSystemLog(MsgVO.Action.刪除, user); lblMsg.Text = MsgVO.DELETE_OK; LoadDataToUI(); break; case "MySelect": Response.Redirect("~/admin/UC14/UserRoleSet.aspx?UserId=" + e.CommandArgument.ToString()); break; } }
/// <summary> /// 登入 /// </summary> /// <param name="userId">使用者Id</param> /// <param name="userId">使用者密碼</param> /// <returns>後台使用者</returns> public LoginUserVO Login(string userId, string password) { LoginUserVO loginUserVO = GetLoginUserById(userId); if (loginUserVO != null && loginUserVO.Password.Equals(password)) { return(loginUserVO); } else { return(null); } }
/// <summary> /// 判斷是否是admin /// </summary> /// <param name="loginUser"></param> /// <returns></returns> public bool IsAdmin(LoginUserVO user) { LoginUserVO loginUserVO = GetLoginUserById(user.UserId); IList <LoginRoleVO> loginRoleList = loginUserVO.LoginRoleList; foreach (LoginRoleVO role in loginRoleList) { if ("系統管理員".Equals(role.RoleName)) { return(true); } } return(false); }
/// <summary> /// 檢查密碼是否正確 /// </summary> /// <param name="pw"></param> /// <returns></returns> public static bool CheckPassoword(string pw) { SessionHelper shelper = new SessionHelper(); LoginUserVO user = shelper.LoginUser; if (user == null) { return(false); } else { return(user.Password.Equals(pw)); } }
/// <summary> /// 初始化左邊視窗 /// </summary> /// <param name="selectedUserId"></param> private void initRight(string selectedUserId) { LoginUserVO loginUser = m_AuthService.GetLoginUserByIdNoLazy(selectedUserId); IList <LoginRoleVO> roleList = loginUser.LoginRoleList; if (roleList != null) { foreach (LoginRoleVO role in roleList) { ListItem item = new ListItem(role.RoleName, role.RoleId.ToString()); lbxHadRole.Items.Add(item); } } lbxHadRole.DataBind(); }
/// <summary> /// 載入user的資料 /// </summary> /// <param name="userId"></param> private void loadUser(string userId) { m_UserDic = m_UserMenuFunc.m_UserDic; AuthFactory authFactory = new AuthFactory(); IAuthService authService = authFactory.GetAuthService(); LoginUserVO user = authService.GetLoginUserByIdNoLazy(userId); m_Log.Debug("lock UserMenuFuncContainer loadUser"); lock (typeof(UserMenuFuncContainer)) { m_UserDic.Remove(userId); m_UserDic.Add(userId, user); } }
public async Task <ActionResult> Login(LoginUserVO loginUser) { if (!ModelState.IsValid) { return(BadRequest(ModelState.Values.SelectMany(e => e.Errors))); } var result = await _signInMaganer.PasswordSignInAsync(loginUser.Email, loginUser.Password, false, false); if (result.Succeeded) { return(Ok(await _authService.GetJwt(loginUser.Email))); } return(BadRequest("usuário ou senha invalidos")); }
private void LoadVoToUI(string userId) { LoginUserVO user = m_AuthService.GetLoginUserById(userId); txtId.Text = user.UserId; txtFullNameInChinese.Text = user.FullNameInChinese; txtFullNameInEnglish.Text = user.FullNameInEnglish; hdnVersion.Value = user.Version.ToString(); rdbIsValidAccount.SelectedValue = user.IsAlive.ToString(); rdbShowInSalesStatistics.SelectedValue = user.ShowInSalesStatistics.ToString(); txtMobile.Text = user.Mobile; txtSSID.Text = user.SSID; txtEmail.Text = user.Email; txtAddress.Text = user.ContactAddress; }
/// <summary> /// 初始化右邊視窗 /// </summary> /// <param name="selectedUserId"></param> private void initLeft(string selectedUserId) { IList <LoginRoleVO> allRoleList = m_AuthService.GetAllLoginRoleList(); LoginUserVO loginUser = m_AuthService.GetLoginUserByIdNoLazy(selectedUserId); foreach (LoginRoleVO role in allRoleList) { if (loginUser.LoginRoleList == null || !loginUser.LoginRoleList.Contains(role)) { ListItem item = new ListItem(role.RoleName, role.RoleId.ToString()); lblxToBeRole.Items.Add(item); } } lblxToBeRole.DataBind(); }
protected void btnChangePassword_Click(object sender, EventArgs e) { LoginUserVO user = m_AuthService.GetLoginUserById(m_SessionHelper.LoginUser.UserId); if (txtOldPassword.Text != user.Password) { ScriptManager.RegisterClientScriptBlock(Page, Page.GetType(), "js", JavascriptUtil.AlertJS(MsgVO.PASSWORD_WRONG), false); return; } else//txtOldPassword.Text == sHelper.LoginUser.Password { user.Password = txtNewPassword.Text; m_AuthService.UpdateLoginUser(user); m_WebLogService.AddSystemLog(MsgVO.Action.修改, user); ScriptManager.RegisterClientScriptBlock(Page, Page.GetType(), "js", JavascriptUtil.AlertJS(MsgVO.UPDATE_OK), false); } }
/// <summary> /// 檢查使用者是否有此單一清單的權限 /// </summary> /// <param name="user"></param> /// <param name="subFunc"></param> /// <returns></returns> private bool UserHasMenuRight(LoginUserVO user, MenuFuncVO subFunc, Dictionary <int, LoginRoleVO> roleDic) { if (user.LoginRoleList != null && user.LoginRoleList.Count > 0) { foreach (LoginRoleVO role in user.LoginRoleList) { LoginRoleVO cacheRole = roleDic[role.RoleId]; if (RoleHasMenuRight(cacheRole, subFunc)) { return(true); } } } return(false); }
private bool PathHasRight(LoginUserVO loginUser, Uri uri, Dictionary <string, List <int> > pathFunc) { string url = uri.ToString(); foreach (string path in pathFunc.Keys) { if (url.IndexOf(path) != -1) { m_Log.Fatal(path.IndexOf(url)); IList <int> funIdList = pathFunc[path]; //判斷是否有此功能權限 if (loginUser.LoginRoleList != null && loginUser.LoginRoleList.Count > 0) { foreach (LoginRoleVO role in loginUser.LoginRoleList) { if (role.MenuFuncList != null && role.MenuFuncList.Count > 0) { foreach (MenuFuncVO roleMenuFunc in role.MenuFuncList) { foreach (int id in funIdList) { if (id == roleMenuFunc.MenuFuncId) { return(true); } } } } } //若未有權限 則丟回false return(false); } else { return(false); } } } return(true); }
/// <summary> /// 判斷路徑是否有權限 /// </summary> /// <param name="loginUserVO">後台使用者</param> /// <param name="uri">路徑</param> /// <returns>路徑是否有權限 </returns> public bool PathHasAuth(LoginUserVO user, Uri uri) { string path = uri.ToString(); LoginUserVO loginUserVO = LoginUserDao.GetLoginUserById(user.UserId); IList <LoginRoleVO> loginRoleList = loginUserVO.LoginRoleList; HashSet <string> pathRightSet = new HashSet <string>(); foreach (LoginRoleVO role in loginRoleList) { IList <MenuFuncVO> menuFuncList = role.MenuFuncList; foreach (MenuFuncVO menuFunc in menuFuncList) { pathRightSet.Add(menuFunc.MainPath); if (menuFunc.FuncionPaths != null && menuFunc.FuncionPaths.Count > 0) { foreach (FunctionPathVO fpth in menuFunc.FuncionPaths) { if (!string.IsNullOrEmpty(fpth.Path)) { pathRightSet.Add(fpth.Path); } } } } } pathRightSet.Add("admin/index.aspx"); if (pathRightSet.Count > 0) { foreach (string rightPath in pathRightSet.ToArray <string>()) { if (path.IndexOf(rightPath) != -1) { return(true); } } } return(false); }
protected void btnAdd_Click(object sender, ImageClickEventArgs e) { lblMsg.Text = string.Empty; //轉成小寫 string id = txtId.Text.Trim().ToLower(); string nameInChinese = txtFullNameInChinese.Text.Trim(); string nameInEnglish = txtFullNameInEnglish.Text.Trim(); int IsAlive = int.Parse(rdbIsValidAccount.SelectedValue); int ShowInSalesStatistics = int.Parse(rdbShowInSalesStatistics.SelectedValue); string mobie = txtMobile.Text.Trim(); string ssid = txtSSID.Text.Trim(); string email = txtEmail.Text.Trim(); string address = txtAddress.Text.Trim(); LoginUserVO user = m_AuthService.GetLoginUserById(id); if (user != null) { lblMsg.Text = MsgVO.USER_ALREADY_EXIST; return; } else { LoginUserVO newUser = new LoginUserVO(); newUser.UserId = id; newUser.FullNameInChinese = nameInChinese; newUser.FullNameInEnglish = nameInEnglish; newUser.IsAlive = IsAlive; newUser.ShowInSalesStatistics = ShowInSalesStatistics; newUser.Mobile = mobie; newUser.SSID = ssid; newUser.Email = email; newUser.ContactAddress = address; newUser.Password = "******"; newUser.CreateDate = DateTime.Now; m_AuthService.CreateLoginUser(newUser); m_WebLogService.AddSystemLog(MsgVO.Action.新增, newUser); lblMsg.Text = MsgVO.INSERT_OK; clearInput(); LoadDataToUI(); } }
private void initMenu() { LoginUserVO user = m_SessionHelper.LoginUser; //快取載入 UserMenuFuncContainer userContainer = UserMenuFuncContainer.GetInstance(); if (user == null) { Response.Redirect(UIHelper.LOGIN_PAGE_MANAGER, false); return; } user = userContainer.GetUser(user.UserId); //TreeveiwService tvService = new TreeveiwService(); IList <MenuFuncVO> menuFuncList = m_AuthService.GetTopMenuFunc(user, userContainer.AllMenu, userContainer.RoleDic); foreach (MenuFuncVO menu in menuFuncList) { TreeNode treeNode = new TreeNode(menu.MenuFuncName, menu.MenuFuncId.ToString(), "", "welcome.aspx", "mainfrm"); if (menu.SubFuncs.Count > 0) { foreach (MenuFuncVO subMenu in menu.SubFuncs) { if (string.IsNullOrEmpty(subMenu.Note) || subMenu.Note.ToLower().IndexOf("_sub") == -1) { TreeNode subTreeNode = new TreeNode(subMenu.MenuFuncName, null, null, "~/" + subMenu.MainPath, "mainfrm"); treeNode.ChildNodes.Add(subTreeNode); } } } tvMenu.Nodes.Add(treeNode); } if (tvMenu.Nodes != null && tvMenu.Nodes.Count > 0) { tvMenu.Nodes[0].Expand(); tvMenu.DataBind(); } }
protected void btnUpdate_Click(object sender, ImageClickEventArgs e) { string id = txtId.Text; string nameInChinese = txtFullNameInChinese.Text.Trim(); string nameInEnglish = txtFullNameInEnglish.Text.Trim(); string version = hdnVersion.Value; int isAlive = int.Parse(rdbIsValidAccount.SelectedValue); int showInSalesStatistics = int.Parse(rdbShowInSalesStatistics.SelectedValue); string mobie = txtMobile.Text.Trim(); string ssid = txtSSID.Text.Trim(); string email = txtEmail.Text.Trim(); string address = txtAddress.Text.Trim(); LoginUserVO user = m_AuthService.GetLoginUserById(id); user.FullNameInChinese = nameInChinese; user.FullNameInEnglish = nameInEnglish; user.Version = Int32.Parse(version); user.IsAlive = isAlive; user.ShowInSalesStatistics = showInSalesStatistics; user.Mobile = mobie; user.SSID = ssid; user.Email = email; try { m_AuthService.UpdateLoginUser(user); m_WebLogService.AddSystemLog(MsgVO.Action.修改, user); lblMsg.Text = MsgVO.UPDATE_OK; clearInput(); ToInsertMode(); GridView1.DataBind(); } catch (StaleObjectStateException ex) { m_Log.Info(ex); lblMsg.Text = MsgVO.STALE_EXCEPTION_MSG; clearInput(); } }
protected void Button3_Click(object sender, ImageClickEventArgs e) { string userId = ddlUser.SelectedValue; LoginUserVO user = m_AuthService.GetLoginUserByIdNoLazy(userId); List <LoginRoleVO> loginRoleList = new List <LoginRoleVO>(); foreach (ListItem item in lbxHadRole.Items) { loginRoleList.Add(m_AuthService.GetLoginRoleById(int.Parse(item.Value))); } user.LoginRoleList = loginRoleList; m_AuthService.UpdateLoginUser(user); m_WebLogService.AddSystemLog(MsgVO.Action.修改, user); //更新快取 UserMenuFuncContainer.GetInstance().ResetAll(); lblMsg.Text = MsgVO.UPDATE_OK; }
/// <summary> /// 加入 system log /// </summary> /// <param name="action">異動行為</param> public void AddSystemLog(MsgVO.Action action, object obj, string function, string note) { SessionHelper sHelper = new SessionHelper(); LoginUserVO userVO = sHelper.LoginUser; LogSystemVO logVO = new LogSystemVO(); if (userVO != null) { logVO.UpdateId = userVO.UserId; } logVO.UpdateDate = DateTime.Now; logVO.Action = action.ToString(); logVO.UpdateClassName = obj.GetType().ToString(); logVO.Fucntion = function; logVO.SubFucntion = logVO.SubFucntion; logVO.Note = note; logVO.IpAddress = m_HttpHelper.GetUserIp(HttpContext.Current); m_LogService.CreateLogSystem(logVO); }
/// <summary> /// 傳回whomak /// </summary> /// <returns></returns> public static string GetWhoMake() { SessionHelper shelper = new SessionHelper(); LoginUserVO user = shelper.LoginUser; if (user == null) { return(""); } else { if (user.UserId.Length > 10) { return(user.UserId.Substring(0, 10)); } else { return(user.UserId); } } }
/// <summary> /// 檢查權限 /// </summary> /// <param name="application"></param> /// <param name="uri"></param> /// <param name="rawUrl"></param> private void CheckAuth(HttpApplication application, Uri uri, string rawUrl) { SessionHelper sHelper = new SessionHelper(); LoginUserVO loginUser = sHelper.LoginUser; string applicationPath = application.Request.ApplicationPath; string mamagePath = String.IsNullOrEmpty(applicationPath) ? "/admin" : applicationPath + "/admin"; mamagePath = mamagePath.Replace("//", "/"); if (rawUrl.StartsWith(mamagePath) == true) { AuthFactory authFactory = new AuthFactory(); IAuthService authService = authFactory.GetAuthService(); if (loginUser == null) { toLoginPage(application.Response); return; } string userId = loginUser.UserId; //判斷只有主路徑是否有權限 //if (!PathHasRight(UserMenuFuncContainer.GetInstance().GetUser(userId), uri, UserMenuFuncContainer.GetInstance().PathFunc)) //{ // toLoginNoAuthPage(application.Response); //} //判斷所有路徑是否有權限 if (!authService.PathHasAuth(UserMenuFuncContainer.GetInstance().GetUser(userId), uri)) { toLoginNoAuthPage(application.Response); } } }
private void doLogin(string id, string pw) { //帳號皆改為小寫 if (!string.IsNullOrEmpty(id)) { id = id.ToLower(); } LoginUserVO loginUser = m_AuthService.Login(id, pw); if (loginUser != null) { SessionHelper sHelper = new SessionHelper(); sHelper.LoginUser = loginUser; sHelper.IsAdmin = m_AuthService.IsAdmin(loginUser); //sHelper.LoginUserBelongToBranchNo = loginUser.BelongToBranch[0].BranchNo; //加入log webLogService.AddSystemLogLogin(loginUser.UserId); //NHibernateUtil.Initialize(loginUser.BelongRoles); //清除快取 UserMenuFuncContainer.GetInstance().ReloadAllMenu(); //HttpHelper httpHelper = new HttpHelper(); //string referer = httpHelper.GetReferer(HttpContext.Current); Response.Redirect("~/admin/index.aspx", false); return; } else { ScriptManager.RegisterClientScriptBlock(Page, Page.GetType(), "js", JavascriptUtil.AlertJSAndRedirect(MsgVO.LOGIN_ERROR, "Login.aspx"), false); } }
public void Test_IsAdmin() { LoginUserVO user = m_AuthService.GetLoginUserById("petechen"); Assert.IsTrue(m_AuthService.IsAdmin(user)); }
/// <summary> /// 新增後台使用者 /// </summary> /// <param name="loginUserVO">被新增的後台使用者</param> /// <returns>新增後的後台使用者</returns> public LoginUserVO CreateLoginUser(LoginUserVO loginUserVO) { return(LoginUserDao.CreateLoginUser(loginUserVO)); }
/// <summary> /// 刪除後台使用者 /// </summary> /// <param name="loginUserVO">被刪除的後台使用者</param> public void DeleteLoginUser(LoginUserVO loginUserVO) { LoginUserDao.DeleteLoginUser(loginUserVO); }
/// <summary> /// 更新後台使用者 /// </summary> /// <param name="loginUserVO">被更新的後台使用者</param> /// <returns>更新後的後台使用者</returns> public LoginUserVO UpdateLoginUser(LoginUserVO loginUserVO) { return(LoginUserDao.UpdateLoginUser(loginUserVO)); }