/// <summary> /// 保存 /// </summary> /// <param name="theData">保存的数据</param> public ActionResult SaveData(Base_User theData, string Pwd, string RoleIdList) { if (!Pwd.IsNullOrEmpty()) { theData.Password = Pwd.ToMD5String(); } var roleIdList = RoleIdList.ToList <string>(); if (theData.Id.IsNullOrEmpty()) { theData.Id = Guid.NewGuid().ToSequentialGuid(); theData.UserId = Guid.NewGuid().ToSequentialGuid(); _base_UserBusiness.AddData(theData); } else { _base_UserBusiness.UpdateData(theData); } _base_UserBusiness.SetUserRole(theData.UserId, roleIdList); PermissionManage.UpdateUserPermissionCache(theData.UserId); return(Success()); }
/// <summary> /// 获取用户菜单 /// </summary> /// <returns></returns> public static List <Menu> GetOperatorMenu() { List <Menu> resList = GetAllSysMenu(); if (Operator.IsAdmin()) { return(resList); } var userPermissions = PermissionManage.GetUserPermissionValues(Operator.UserId); RemoteNoPermission(resList, userPermissions); return(resList); void RemoteNoPermission(List <Menu> menus, List <string> userPermissionValues) { for (int i = menus.Count - 1; i >= 0; i--) { var theMenu = menus[i]; if (!theMenu.Permission.IsNullOrEmpty() && !userPermissions.Contains(theMenu.Permission)) { menus.RemoveAt(i); } else if (theMenu.children?.Count > 0) { RemoteNoPermission(theMenu.children, userPermissions); if (theMenu.children.Count == 0 && theMenu.url.IsNullOrEmpty()) { menus.RemoveAt(i); } } } } }
/// <summary> /// 删除数据 /// </summary> /// <param name="theData">删除的数据</param> public ActionResult DeleteData(string ids) { _base_SysRoleBusiness.DeleteData(ids.ToList <string>()); PermissionManage.ClearUserPermissionCache(); return(Success("删除成功!")); }
/// <summary> /// 设置角色权限 /// </summary> /// <param name="roleId">角色Id</param> /// <param name="permissions">权限值</param> /// <returns></returns> public ActionResult SavePermission(string roleId, string permissions) { _base_SysRoleBusiness.SavePermission(roleId, permissions.ToList <string>()); PermissionManage.ClearUserPermissionCache(); return(Success()); }
/// <summary> /// Action执行之前执行 /// </summary> /// <param name="filterContext">过滤器上下文</param> public void OnActionExecuting(ActionExecutingContext filterContext) { //若为本地测试,则不需要校验 if (GlobalSwitch.RunModel == RunModel.LocalTest) { return; } AjaxResult res = new AjaxResult(); //判断是否需要校验 List <string> attrList = FilterHelper.GetFilterList(filterContext); bool needCheck = attrList.Contains(typeof(CheckAppIdPermissionAttribute).FullName) && !attrList.Contains(typeof(IgnoreAppIdPermissionAttribute).FullName); if (!needCheck) { return; } var allRequestParams = HttpHelper.GetAllRequestParams(filterContext.HttpContext); if (!allRequestParams.ContainsKey("appId")) { res.Success = false; res.Msg = "缺少appId参数!"; filterContext.Result = new ContentResult { Content = res.ToJson() }; } string appId = allRequestParams["appId"]?.ToString(); var allUrlPermissions = UrlPermissionManage.GetAllUrlPermissions(); string requestUrl = filterContext.HttpContext.Request.Path; var thePermission = allUrlPermissions.Where(x => requestUrl.Contains(x.Url.ToLower())).FirstOrDefault(); if (thePermission == null) { return; } string needPermission = thePermission.PermissionValue; bool hasPermission = PermissionManage.GetAppIdPermissionValues(appId).Any(x => x.ToLower() == needPermission.ToLower()); if (hasPermission) { return; } else { res.Success = false; res.Msg = "权限不足!访问失败!"; filterContext.Result = new ContentResult { Content = res.ToJson() }; } }
/// <summary> /// 获取用户菜单 /// </summary> /// <returns></returns> public static List <Menu> GetOperatorMenu() { List <Menu> resList = GetAllSysMenu(); if (Operator.IsAdmin()) { return(resList); } var userPermissions = PermissionManage.GetUserPermissionValues(Operator.UserId); SetSubMenuShow(resList, userPermissions, 1); return(resList); }
/// <summary> /// Action执行之前执行 /// </summary> /// <param name="filterContext">过滤器上下文</param> public void OnActionExecuting(ActionExecutingContext filterContext) { //若为本地测试,则不需要校验 if (GlobalSwitch.RunModel == RunModel.LocalTest) { return; } //判断是否需要校验 List <string> attrList = FilterHelper.GetFilterList(filterContext); bool needCheck = attrList.Contains(typeof(CheckUrlPermissionAttribute).FullName) && !attrList.Contains(typeof(IgnoreUrlPermissionAttribute).FullName); if (!needCheck) { return; } var allUrlPermissions = UrlPermissionManage.GetAllUrlPermissions(); string requestUrl = filterContext.HttpContext.Request.Path; var thePermission = allUrlPermissions.Where(x => requestUrl.Contains(x.Url.ToLower())).FirstOrDefault(); if (thePermission == null) { return; } string needPermission = thePermission.PermissionValue; bool hasPermission = PermissionManage.GetOperatorPermissionValues().Any(x => x.ToLower() == needPermission.ToLower()); if (hasPermission) { return; } else { AjaxResult res = new AjaxResult { Success = false, Msg = "权限不足!无法访问!" }; filterContext.Result = new ContentResult { Content = res.ToJson() }; } }
/// <summary> /// Action执行之前执行 /// </summary> /// <param name="filterContext">过滤器上下文</param> public void OnActionExecuting(ActionExecutingContext filterContext) { //若为本地测试,则不需要校验 if (GlobalSwitch.RunModel == RunModel.LocalTest) { return; } //判断是否需要校验 bool needCheck = filterContext.ContainsAttribute <CheckUrlPermissionAttribute>() && !filterContext.ContainsAttribute <IgnoreUrlPermissionAttribute>(); if (!needCheck) { return; } var allUrlPermissions = UrlPermissionManage.GetAllUrlPermissions(); string requestUrl = filterContext.HttpContext.Request.Url.ToString().ToLower(); var thePermission = allUrlPermissions.Where(x => requestUrl.Contains(x.Url.ToLower())).FirstOrDefault(); if (thePermission == null) { return; } string needPermission = thePermission.PermissionValue; bool hasPermission = PermissionManage.GetOperatorPermissionValues().Any(x => x.ToLower() == needPermission.ToLower()); if (hasPermission) { return; } else { AjaxResult res = new AjaxResult { Success = false, Msg = "权限不足!无法访问!" }; filterContext.Result = new ContentResult { Content = res.ToJson(), ContentEncoding = Encoding.UTF8 }; } }
/// <summary> /// 保存权限 /// </summary> /// <param name="userId">用户Id</param> /// <param name="permissions">权限</param> /// <returns></returns> public ActionResult SavePermission(string userId, string permissions) { PermissionManage.SetUserPermission(userId, permissions.ToList <string>()); return(Success()); }
public ActionResult SavePermission(string appId, string permissions) { PermissionManage.SetAppIdPermission(appId, permissions.ToList <string>()); return(Success()); }