public static SecurityTool GetSecurityTool(ISecurity f, MvcContext ctx) { IList forumRoles = ForumRole.GetAll(); IList ownerRoles; if (ctx.owner.obj.GetType() != typeof(Site)) { ownerRoles = ctx.owner.obj.GetRoles(); } else { ownerRoles = new ArrayList(); } IList siteRoles = new SiteRoleService().GetRoleAndRank(); IList allRoles = new RoleMerger() .Add(forumRoles) .Add(ownerRoles) .Add(siteRoles) .GetResults(); SecurityTool tool = new SecurityTool(f, new SecurityAction(), allRoles); return(tool); }
private SecurityTool getSecurityTool() { // TODO 注入 apps 动态权限 SecurityTool tool = new SecurityTool(this, new SiteAdminOperation(), new SiteRoleService().GetAdminRoles()); return(tool); }
private void bindRoleActions(ISecurity f) { IBlock sblock = getBlock("sysroles"); SecurityTool tool = SecurityHelper.GetSecurityTool(f, ctx); IList actionList = tool.GetActionAll(); bindList("actions", "a", actionList); IList allRoles = tool.GetRoles(); String lastRoleType = null; foreach (IRole role in allRoles) { sblock.Set("role.Name", role.Name); bindCheckBoxList(tool, sblock, role); if (role.Role.GetType().FullName.Equals(lastRoleType) == false) { sblock.Set("seperator", "<tr><td colspan=" + (actionList.Count + 1) + "> </td></tr>"); lastRoleType = role.Role.GetType().FullName; } else { sblock.Set("seperator", ""); } sblock.Next(); } }
public async Task <DataResultDto <UserDto> > CheckUser(UserDto userDto) { DataResultDto <UserDto> dataResultDto = new DataResultDto <UserDto>(); User user = null; string sql = "select UserId,LoginName,UserName,Password,Status,IsAdmin from `user` where LoginName=@LoginName and IsDelete=0 "; using (var connect = CreateConnection()) { user = await connect.QueryFirstOrDefaultAsync <User>(sql, new { LoginName = userDto.LoginName }); } if (user == null) { dataResultDto.Code = 1; dataResultDto.Msg = "登陆失败,用户名不正确!"; } else { if (user.Status == 0) { string pwd = $"{userDto.Password}{this._webStaticConfig.MD5Code}"; string spwd = SecurityTool.MD5Hash(pwd); if (spwd.ToUpper() == user.Password.ToUpper()) { UserDto quserDto = new UserDto(); quserDto = Mapper.Map <User, UserDto>(user); dataResultDto.Code = 0; dataResultDto.Msg = "登陆成功!"; dataResultDto.DataList = quserDto; } else { dataResultDto.Code = 1; dataResultDto.Msg = "登陆失败,用户名或者密码不对!"; } } else if (user.Status == 1) { dataResultDto.Code = 1; dataResultDto.Msg = "登陆失败,用户正在审核中!"; } else if (user.Status == 2) { dataResultDto.Code = 1; dataResultDto.Msg = "登陆失败,用户已冻结,请联系管理员!"; } else if (user.Status == 3) { dataResultDto.Code = 1; dataResultDto.Msg = "登陆失败,用户已禁用,请联系管理员!"; } else { dataResultDto.Code = 1; dataResultDto.Msg = "登陆失败,用户名或者密码错误!"; } } return(dataResultDto); }
//--------------------------------------------------------- public void PermissionAdmin() { target(SavePermissionAdminAll); SecurityTool tool = getSecurityTool(); IList sysRoles = tool.GetRoles(); bindRoleActions(sysRoles, tool); }
private ToolManager() { AssignmentTool = new AssignmentTool(); CircleTool = new CircleTool(); ConditionTool = new ConditionTool(); InitializeTool = new InitializeTool(); InvokeTool = new InvokeTool(); ReturnTool = new ReturnTool(); SecurityTool = new SecurityTool(); }
private void bindRoleActions(IList sysRoles, SecurityTool tool) { IBlock sblock = getBlock("sysroles"); foreach (IRole role in sysRoles) { String actions = tool.GetActionStringAll(role); sblock.Set("role.Name", role.Name); sblock.Set("actions", actions); sblock.Next(); } }
private static void bindCheckBoxList(SecurityTool tool, IBlock sblock, IRole role) { IBlock cbBlock = sblock.GetBlock("checkboxs"); IList checkValues = tool.GetCheckBoxList(role); foreach (ActionVo av in checkValues) { cbBlock.Set("a.Name", av.Name); cbBlock.Set("a.Value", av.Value); cbBlock.Set("a.Checked", av.Checked); cbBlock.Next(); } }
/// <summary> /// 添加用户 /// </summary> /// <param name="userDto"></param> /// <returns></returns> public async Task <bool> AddUserAsync(UserDto userDto) { string pwd = $"{userDto.Password}{this._webStaticConfig.MD5Code}"; string spwd = SecurityTool.MD5Hash(pwd); userDto.Password = spwd; userDto.UserHeadImaUrl = "/upload/user-head/default.jpg"; string sql = "insert into `user`(LoginName,UserName,`Password`) VALUES(@LoginName,@UserName,@Password) "; using (var connect = CreateConnection()) { return(await connect.ExecuteAsync(sql, new { LoginName = userDto.LoginName, UserName = userDto.UserName, Password = userDto.Password }) > 0); } }
public virtual void SavePermissionAll() { string[] actionIds = ctx.web.postValuesByKey(typeof(SecurityAction).Name); ForumApp f = ctx.app.obj as ForumApp; SecurityTool tool = SecurityHelper.GetSecurityTool(f, ctx); tool.SaveActionAll(actionIds); if ("true".Equals(ctx.Get("applyAll"))) { boardService.UpdateSecurityAll(ctx.app.obj as ForumApp); } echoRedirectPart(lang("opok")); }
public virtual void SaveBoardPermissionAll(long id) { ForumBoard board = boardService.GetById(id, ctx.owner.obj); if (board == null) { echoRedirect(alang("exBoardNotFound")); return; } string[] actionIds = ctx.web.postValuesByKey(typeof(SecurityAction).Name); SecurityTool tool = SecurityHelper.GetSecurityTool(board, ctx); tool.SaveActionAll(actionIds); echoRedirectPart(lang("opok")); }
//---------------------------------------------------------------------- public static Boolean HasAction(User user, ISecurity objSecurity, ISecurityAction action, MvcContext ctx) { SecurityTool securityTool = ForumSecurityService.GetSecurityTool(objSecurity, ctx); Boolean hasAction = securityTool.HasAction(user.Role, action); if (hasAction) { return(true); } hasAction = securityTool.HasAction(user.Rank, action); if (hasAction) { return(true); } if (ctx.owner.obj.GetType() != typeof(Site)) { IRole roleInOwner = ctx.owner.obj.GetUserRole(user); hasAction = securityTool.HasAction(roleInOwner, action); if (hasAction) { return(true); } } if (new ModeratorService().IsModerator(objSecurity as ForumBoard, user)) { hasAction = securityTool.HasAction(ForumRole.Moderator, action); if (hasAction) { return(true); } } return(false); }
//---------------------------------------------------------------------- public static IList GetTopicAdminCmds(User user, ForumBoard board, MvcContext ctx) { IList results = new ArrayList(); // 1、获取用户的角色 SecurityTool tool = ForumSecurityService.GetSecurityTool(board, ctx); IList actions = tool.GetActionsByRole(user.Role); addAdminActionsToResults(actions, results); // 2、获取用户的等级 if (user.RankId > 0) { actions = tool.GetActionsByRole(user.Rank); addAdminActionsToResults(actions, results); } // 3、owner的角色 if (ctx.owner.obj.GetType() != typeof(Site)) { IRole roleInOwner = ctx.owner.obj.GetUserRole(user); actions = tool.GetActionsByRole(roleInOwner); addAdminActionsToResults(actions, results); } // 3、版主 ModeratorService moderatorService = new ModeratorService(); if (moderatorService.IsModerator(board, user)) { IList moderatorActions = tool.GetActionsByRole(ForumRole.Moderator); addAdminActionsToResults(moderatorActions, results); } return(results); }
private static Boolean hasAction(ISecurity objSecurity, MvcContext ctx) { // 未提供权限配置的页面通过 if (objSecurity == null) { return(true); } SecurityTool securityTool = ForumSecurityService.GetSecurityTool(objSecurity, ctx); // objSecurity.SecurityTool; // 不需要权限管理的页面通过 if (securityTool.IsForbiddenAction(ctx.route.getControllerAndActionPath()) == false) { return(true); } // 空页面——通过 String currentPath = ctx.url.Path; if (strUtil.IsNullOrEmpty(currentPath)) { return(true); } // 编辑权限例外:用户可以编辑自己的帖子 // 只要系统角色,或论坛角色之一具有权限,则用户具有权限(当用户具有多重身份之时) // 1、获取用户的角色 //系统角色 SiteRole role = ((User)ctx.viewer.obj).Role; IList actions = securityTool.GetActionsByRole(role); if (hasAction_private(actions, ctx)) { return(true); } // 2、获取用户在特定owner中的角色 if (ctx.owner.obj.GetType() != typeof(Site)) { IRole roleInOwner = ctx.owner.obj.GetUserRole(ctx.viewer.obj); IList ownerRoleActions = securityTool.GetActionsByRole(roleInOwner); if (hasAction_private(ownerRoleActions, ctx)) { return(true); } } // 3、获取用户的等级 SiteRank rank = ((User)ctx.viewer.obj).Rank; if (rank.Id > 0) { actions = securityTool.GetActionsByRole(rank); if (hasAction_private(actions, ctx)) { return(true); } } // 4、是否在论坛担任角色 if (objSecurity is ForumBoard) { ModeratorService moderatorService = new ModeratorService(); if (moderatorService.IsModerator(objSecurity as ForumBoard, (User)ctx.viewer.obj)) { IList moderatorActions = securityTool.GetActionsByRole(ForumRole.Moderator); if (hasAction_private(moderatorActions, ctx)) { return(true); } } } return(false); }
private void sb_ok_Click(object sender, EventArgs e) { //数据校验 string s_uc002 = txtedit_uc002.Text; string s_uc003 = txtedit_uc003.Text; string s_uc004 = txtedit_pwd.Text; string s_uc004_2 = txtedit_pwd2.Text; if (String.IsNullOrEmpty(s_uc002)) { txtedit_uc002.ErrorImageOptions.Alignment = ErrorIconAlignment.MiddleRight; txtedit_uc002.ErrorText = "用户登录代码必须输入!"; txtedit_uc002.Focus(); return; } if (String.IsNullOrEmpty(s_uc003)) { txtedit_uc003.ErrorImageOptions.Alignment = ErrorIconAlignment.MiddleRight; txtedit_uc003.ErrorText = "用户姓名必须输入!"; txtedit_uc003.Focus(); return; } if (action == "add") { if (String.IsNullOrEmpty(s_uc004)) { txtedit_pwd.ErrorImageOptions.Alignment = ErrorIconAlignment.MiddleRight; txtedit_pwd.ErrorText = "密码必须输入!"; txtedit_pwd.Focus(); return; } else if (!String.Equals(s_uc004, s_uc004_2)) { txtedit_pwd2.ErrorImageOptions.Alignment = ErrorIconAlignment.MiddleRight; txtedit_pwd2.ErrorText = "密码不一致!"; txtedit_pwd2.Focus(); return; } } /////////// 保存过程 //////// if (action == "add") { uc01 = new UC01(unitOfWork1); uc01.UC001 = MiscAction.GetEntityPK("UC01"); uc01.STATUS = '1'; uc01.UC004 = SecurityTool.EncryptWithMD5(s_uc004); } uc01.UC002 = s_uc002; uc01.UC003 = s_uc003; try { ///unitOfWork1.BeginTransaction(); uc01.Save(); SqlHelper.ExecuteNonQuery("delete from ur_mapper where uc001 = :uc001", new string[] { "uc001" }, new string[] { uc01.UC001 }); foreach (RO01 r in clbx_roles.CheckedItems) { UR_MAPPER mapper = new UR_MAPPER(unitOfWork1); mapper.UM001 = MiscAction.GetEntityPK("MAPPER"); mapper.UC001 = uc01.UC001; mapper.RO001 = r.RO001; mapper.Save(); } unitOfWork1.CommitChanges(); XtraMessageBox.Show("保存成功!", "提示", MessageBoxButtons.OK, MessageBoxIcon.Information); this.DialogResult = DialogResult.OK; this.Close(); } catch (Exception ee) { unitOfWork1.RollbackTransaction(); LogUtils.Error(ee.Message); XtraMessageBox.Show(ee.ToString(), "错误", MessageBoxButtons.OK, MessageBoxIcon.Error); } }
private static SecurityTool getSecurityTool() { SecurityTool tool = new SecurityTool(SiteAdminOperationConfig.Instance, new SiteAdminOperation(), new SiteRoleService().GetAdminRoles()); return(tool); }