void UserInRole_After(UserInRole sender, CommonEventArgs eventArgs)
{
RoleService roleService = new RoleService();
var role = roleService.Get(sender.RoleName);
if (role == null)
return;
NoticeService noticeService = Tunynet.DIContainer.Resolve<NoticeService>();
Notice notice = Notice.New();
notice.UserId = sender.UserId;
notice.TypeId = NoticeTypeIds.Instance().Hint();
notice.TemplateName = "RoleAdd";
notice.RelativeObjectName = role.FriendlyRoleName;
noticeService.Create(notice);
}
void UserInRole_BatchAfter(IEnumerable<UserInRole> sender, CommonEventArgs eventArgs)
{
if (sender == null || sender.Count() == 0)
return;
NoticeService noticeService = Tunynet.DIContainer.Resolve<NoticeService>();
RoleService roleService = new RoleService();
Notice notice = Notice.New();
notice.UserId = sender.First().UserId;
notice.TypeId = NoticeTypeIds.Instance().Hint();
notice.TemplateName = "RolesChanged";
List<Role> roles = new List<Role>();
foreach (var s in sender)
{
var role = roleService.Get(s.RoleName);
if (role == null)
continue;
roles.Add(role);
}
notice.RelativeObjectName = string.Join("、", roles.Select(n => n.FriendlyRoleName));
noticeService.Create(notice);
}
public ActionResult ManagePermissionItemsInUserRoles(string roleName)
{
//应用的权限项
IEnumerable<PermissionItem> permissionItems = null;
IEnumerable<PermissionItemInUserRole> permissionItemInUserRoles = null;
//查出所有应用
IEnumerable<ApplicationBase> applicationBases = appService.GetAll(true);
//根据应用ID获取出该应用的权限项
foreach (var applicationBase in applicationBases)
{
permissionItems = permissionService.GetPermissionItems(applicationBase.ApplicationId);
ViewData["permissionItem_" + applicationBase.ApplicationKey] = permissionItems;
}
//获取以权限key为键,一条记录为值的字典集合
Dictionary<string, PermissionItemInUserRole> dicPermissionItemInUserRoles = new Dictionary<string, PermissionItemInUserRole>();
//根据角色名称获取权限与角色对应表的相应记录
permissionItemInUserRoles = permissionService.GetPermissionItemsInUserRole(roleName);
foreach (var permissionItemInUserRole in permissionItemInUserRoles)
{
string key = permissionItemInUserRole.ItemKey;
dicPermissionItemInUserRoles[key] = permissionItemInUserRole;
}
ViewData["PermissionItemsInUserRoles"] = dicPermissionItemInUserRoles;
string friendlyRoleName = string.Empty;
var role = new RoleService().Get(roleName);
if (role != null)
friendlyRoleName = role.FriendlyRoleName;
else if (roleName == RoleNames.Instance().RegisteredUsers())
friendlyRoleName = "注册会员";
else if (roleName == RoleNames.Instance().ModeratedUser())
friendlyRoleName = "管制用户";
ViewData["FriendlyRoleName"] = friendlyRoleName;
pageResourceManager.InsertTitlePart("权限设置");
return View(applicationBases);
}
// This method must be thread-safe since it is called by the thread-safe OnCacheAuthorization() method.
protected virtual bool AuthorizeCore(AuthorizationContext filterContext)
{
IUser currentUser = UserContext.CurrentUser;
if (currentUser == null)
return false;
if (CheckCookie)
{
HttpCookie adminCookie = filterContext.HttpContext.Request.Cookies["SpacebuilderAdminCookie" + currentUser.UserId];
if (adminCookie != null)
{
bool isLoginMarked = false;
try
{
bool.TryParse(Utility.DecryptTokenForAdminCookie(adminCookie.Value), out isLoginMarked);
}
catch { }
if (!isLoginMarked)
return false;
}
else
{
return false;
}
}
RoleService roleService = new RoleService();
if (RequireSystemAdministrator)
{
if (roleService.IsUserInRoles(currentUser.UserId, RoleNames.Instance().SuperAdministrator()))
return true;
else
return false;
}
else
{
if (roleService.IsUserInRoles(currentUser.UserId, RoleNames.Instance().SuperAdministrator(), RoleNames.Instance().ContentAdministrator()))
return true;
}
if (checkApplication)
{
//是否为管理员
string applicationKey = GetAreaName(filterContext.RouteData);
var application = DIContainer.Resolve<ApplicationService>().Get(applicationKey);
var authorizer = DIContainer.Resolve<Authorizer>();
if (application != null && authorizer.IsAdministrator(application.ApplicationId))
return true;
string tenantTypeId = filterContext.RequestContext.GetParameterFromRouteDataOrQueryString("tenantTypeId");
if (!string.IsNullOrEmpty(tenantTypeId))
{
TenantType tenantType = DIContainer.Resolve<TenantTypeService>().Get(tenantTypeId);
if (tenantType != null)
{
if (authorizer.IsAdministrator(tenantType.ApplicationId))
return true;
}
}
}
else
{
return currentUser.IsAllowEntryControlPannel();
}
return false;
}
/// <summary>
/// 判断用户是否为超级管理员
/// </summary>
/// <param name="user"></param>
/// <param name="onlyPublic">是否仅获取对外公开的角色</param>
/// <returns></returns>
public static IEnumerable <string> UserRoleNames(this IUser user, bool onlyPublic = false)
{
RoleService roleService = DIContainer.Resolve <RoleService>();
return(roleService.GetRoleNamesOfUser(user.UserId, onlyPublic));
}
/// <summary>
/// 判断用户是否为超级管理员
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public static bool IsContentAdministrator(this IUser user)
{
RoleService roleService = DIContainer.Resolve <RoleService>();
return(roleService.IsUserInRoles(user.UserId, RoleNames.Instance().ContentAdministrator()));
}