/// <summary>
/// 保存
/// </summary>
/// <param name="theData">保存的数据</param>
public ActionResult SaveData(Base_User theData, string Pwd, string RoleIdList)
{
if (!Pwd.IsNullOrEmpty())
{
theData.Password = Pwd.ToMD5String();
}
var roleIdList = RoleIdList.ToList <string>();
if (theData.Id.IsNullOrEmpty())
{
theData.Id = Guid.NewGuid().ToSequentialGuid();
theData.UserId = Guid.NewGuid().ToSequentialGuid();
_base_UserBusiness.AddData(theData);
}
else
{
_base_UserBusiness.UpdateData(theData);
}
_base_UserBusiness.SetUserRole(theData.UserId, roleIdList);
PermissionManage.UpdateUserPermissionCache(theData.UserId);
return(Success());
}
/// <summary>
/// 获取用户菜单
/// </summary>
/// <returns></returns>
public static List <Menu> GetOperatorMenu()
{
List <Menu> resList = GetAllSysMenu();
if (Operator.IsAdmin())
{
return(resList);
}
var userPermissions = PermissionManage.GetUserPermissionValues(Operator.UserId);
RemoteNoPermission(resList, userPermissions);
return(resList);
void RemoteNoPermission(List <Menu> menus, List <string> userPermissionValues)
{
for (int i = menus.Count - 1; i >= 0; i--)
{
var theMenu = menus[i];
if (!theMenu.Permission.IsNullOrEmpty() && !userPermissions.Contains(theMenu.Permission))
{
menus.RemoveAt(i);
}
else if (theMenu.children?.Count > 0)
{
RemoteNoPermission(theMenu.children, userPermissions);
if (theMenu.children.Count == 0 && theMenu.url.IsNullOrEmpty())
{
menus.RemoveAt(i);
}
}
}
}
}
/// <summary>
/// 删除数据
/// </summary>
/// <param name="theData">删除的数据</param>
public ActionResult DeleteData(string ids)
{
_base_SysRoleBusiness.DeleteData(ids.ToList <string>());
PermissionManage.ClearUserPermissionCache();
return(Success("删除成功!"));
}
/// <summary>
/// 设置角色权限
/// </summary>
/// <param name="roleId">角色Id</param>
/// <param name="permissions">权限值</param>
/// <returns></returns>
public ActionResult SavePermission(string roleId, string permissions)
{
_base_SysRoleBusiness.SavePermission(roleId, permissions.ToList <string>());
PermissionManage.ClearUserPermissionCache();
return(Success());
}
/// <summary>
/// Action执行之前执行
/// </summary>
/// <param name="filterContext">过滤器上下文</param>
public void OnActionExecuting(ActionExecutingContext filterContext)
{
//若为本地测试,则不需要校验
if (GlobalSwitch.RunModel == RunModel.LocalTest)
{
return;
}
AjaxResult res = new AjaxResult();
//判断是否需要校验
List <string> attrList = FilterHelper.GetFilterList(filterContext);
bool needCheck = attrList.Contains(typeof(CheckAppIdPermissionAttribute).FullName) && !attrList.Contains(typeof(IgnoreAppIdPermissionAttribute).FullName);
if (!needCheck)
{
return;
}
var allRequestParams = HttpHelper.GetAllRequestParams(filterContext.HttpContext);
if (!allRequestParams.ContainsKey("appId"))
{
res.Success = false;
res.Msg = "缺少appId参数!";
filterContext.Result = new ContentResult {
Content = res.ToJson()
};
}
string appId = allRequestParams["appId"]?.ToString();
var allUrlPermissions = UrlPermissionManage.GetAllUrlPermissions();
string requestUrl = filterContext.HttpContext.Request.Path;
var thePermission = allUrlPermissions.Where(x => requestUrl.Contains(x.Url.ToLower())).FirstOrDefault();
if (thePermission == null)
{
return;
}
string needPermission = thePermission.PermissionValue;
bool hasPermission = PermissionManage.GetAppIdPermissionValues(appId).Any(x => x.ToLower() == needPermission.ToLower());
if (hasPermission)
{
return;
}
else
{
res.Success = false;
res.Msg = "权限不足!访问失败!";
filterContext.Result = new ContentResult {
Content = res.ToJson()
};
}
}
/// <summary>
/// 获取用户菜单
/// </summary>
/// <returns></returns>
public static List <Menu> GetOperatorMenu()
{
List <Menu> resList = GetAllSysMenu();
if (Operator.IsAdmin())
{
return(resList);
}
var userPermissions = PermissionManage.GetUserPermissionValues(Operator.UserId);
SetSubMenuShow(resList, userPermissions, 1);
return(resList);
}
/// <summary>
/// Action执行之前执行
/// </summary>
/// <param name="filterContext">过滤器上下文</param>
public void OnActionExecuting(ActionExecutingContext filterContext)
{
//若为本地测试,则不需要校验
if (GlobalSwitch.RunModel == RunModel.LocalTest)
{
return;
}
//判断是否需要校验
List <string> attrList = FilterHelper.GetFilterList(filterContext);
bool needCheck = attrList.Contains(typeof(CheckUrlPermissionAttribute).FullName) && !attrList.Contains(typeof(IgnoreUrlPermissionAttribute).FullName);
if (!needCheck)
{
return;
}
var allUrlPermissions = UrlPermissionManage.GetAllUrlPermissions();
string requestUrl = filterContext.HttpContext.Request.Path;
var thePermission = allUrlPermissions.Where(x => requestUrl.Contains(x.Url.ToLower())).FirstOrDefault();
if (thePermission == null)
{
return;
}
string needPermission = thePermission.PermissionValue;
bool hasPermission = PermissionManage.GetOperatorPermissionValues().Any(x => x.ToLower() == needPermission.ToLower());
if (hasPermission)
{
return;
}
else
{
AjaxResult res = new AjaxResult
{
Success = false,
Msg = "权限不足!无法访问!"
};
filterContext.Result = new ContentResult {
Content = res.ToJson()
};
}
}
/// <summary>
/// Action执行之前执行
/// </summary>
/// <param name="filterContext">过滤器上下文</param>
public void OnActionExecuting(ActionExecutingContext filterContext)
{
//若为本地测试,则不需要校验
if (GlobalSwitch.RunModel == RunModel.LocalTest)
{
return;
}
//判断是否需要校验
bool needCheck = filterContext.ContainsAttribute <CheckUrlPermissionAttribute>() && !filterContext.ContainsAttribute <IgnoreUrlPermissionAttribute>();
if (!needCheck)
{
return;
}
var allUrlPermissions = UrlPermissionManage.GetAllUrlPermissions();
string requestUrl = filterContext.HttpContext.Request.Url.ToString().ToLower();
var thePermission = allUrlPermissions.Where(x => requestUrl.Contains(x.Url.ToLower())).FirstOrDefault();
if (thePermission == null)
{
return;
}
string needPermission = thePermission.PermissionValue;
bool hasPermission = PermissionManage.GetOperatorPermissionValues().Any(x => x.ToLower() == needPermission.ToLower());
if (hasPermission)
{
return;
}
else
{
AjaxResult res = new AjaxResult
{
Success = false,
Msg = "权限不足!无法访问!"
};
filterContext.Result = new ContentResult {
Content = res.ToJson(), ContentEncoding = Encoding.UTF8
};
}
}
/// <summary>
/// 保存权限
/// </summary>
/// <param name="userId">用户Id</param>
/// <param name="permissions">权限</param>
/// <returns></returns>
public ActionResult SavePermission(string userId, string permissions)
{
PermissionManage.SetUserPermission(userId, permissions.ToList <string>());
return(Success());
}
public ActionResult SavePermission(string appId, string permissions)
{
PermissionManage.SetAppIdPermission(appId, permissions.ToList <string>());
return(Success());
}
