/// <summary> /// The check right info. /// </summary> /// <param name="action"> /// The action. /// </param> /// <param name="controller"> /// The controller. /// </param> /// <param name="requestMethod"> /// The request method. /// </param> /// <returns> /// The <see cref="bool"/>. /// </returns> public bool CheckRightInfo(string action, string controller, string requestMethod,string sessionId) { this.systemRightsService = new SystemRightsService(); var key = this.systemRightsService.BuildResourceKey(controller, action, requestMethod); var permissions = this.SystemUserSession.Permissions ?? MongoDBHelper.GetSystemUserSession(sessionId).Permissions; return this.systemRightsService.ValidateRight(key, permissions); }
/// <summary> /// 获取操作权限信息 /// </summary> /// <param name="action"> /// The action. /// </param> /// <param name="controller"> /// The controller. /// </param> /// <param name="requestMethod"> /// 请求类型:Get或Post /// </param> /// <returns> /// The <see cref="ActionResult"/>. /// </returns> public ActionResult GetRightInfo(string action, string controller, string requestMethod) { this.systemRightsService = new SystemRightsService(); var key = this.systemRightsService.BuildResourceKey(controller, action, requestMethod); var permissions = this.SystemUserSession.Permissions; var response = new AjaxResponse(this.systemRightsService.ValidateRight(key, permissions) ? 0 : -403); return this.Json(response, JsonRequestBehavior.AllowGet); }
/// <summary> /// The on action executed. /// </summary> /// <param name="filterContext"> /// The filter context. /// </param> protected override void OnActionExecuted(ActionExecutedContext filterContext) { if (systemUserSession == null) { LogUtils.Log("未登录", "OnActionExecuted"); } else { string resourceKey = GetResourceKey(filterContext); string resourceDescription = new SystemRightsService().GetResourceDescriptionByKey(resourceKey); LogUtils.Log( "用户“" + systemUserSession.Name + "”,操作完毕:" + resourceDescription, "OnActionExecuted", Category.Info, this.systemUserSession.SessionID, this.systemUserSession.SystemUserID, "Enter"); } base.OnActionExecuted(filterContext); }
/// <summary> /// 获取左边菜单列表 /// </summary> /// <param name="userID"> /// The user ID. /// </param> /// <returns> /// 左边菜单列表 /// </returns> public List<System_Menu> GetUserLeftMenus(string userRights) { var systemRightService = new SystemRightsService(); if (this.SystemMenus == null) { return new List<System_Menu>(); } var leftMenus = new List<System_Menu>(); foreach (var systemMenu in this.SystemMenus) { if (systemMenu.ParentID != 0) { var resourceKey = systemRightService.BuildResourceKey( this.systemMenus.Find(m => m.ID == systemMenu.ParentID).URL.ToLower(), systemMenu.URL.ToLower(), "get"); if (systemRightService.ValidateRight(resourceKey, userRights)) { leftMenus.Add(systemMenu); } } } return leftMenus; }
/// <summary> /// 获取用户顶层菜单 /// </summary> /// <param name="userID"> /// The user ID. /// </param> /// <returns> /// 返回顶层菜单 /// </returns> public List<System_Menu> GetUserTopMenus(string userRights) { var systemRightService = new SystemRightsService(); if (this.SystemMenus == null) { return new List<System_Menu>(); } var topMenus = new List<System_Menu>(); foreach (var systemMenu in this.SystemMenus) { if (systemMenu.ParentID == 0) { var resourceKey = systemRightService.BuildResourceKey( systemMenu.URL.ToLower(), "index", "get"); if (systemRightService.ValidateRight(resourceKey, userRights)) { topMenus.Add(systemMenu); } } } return topMenus; }
public int ModifyRights(int roleId, int userId, string permissions) { this.systemRightsService = new SystemRightsService(); return this.systemRightsService.ModifyRights(roleId, userId, permissions); }
/// <summary> /// The query user right. /// </summary> /// <param name="userID"> /// The user id. /// </param> /// <returns> /// The <see cref="System_Rights"/>. /// </returns> public string QueryUserRight(int userId) { this.systemRightsService = new SystemRightsService(); return this.systemRightsService.QueryUserRight(userId); }
/// <summary> /// The query role right. /// </summary> /// <param name="userID"> /// The user id. /// </param> /// <returns> /// The <see cref="System_Rights"/>. /// </returns> public string QueryRoleRight(int roleId) { this.systemRightsService = new SystemRightsService(); return this.systemRightsService.QueryRoleRight(roleId); }
/// <summary> /// The setup session. /// </summary> /// <param name="user"> /// The user. /// </param> private void SetupSession(System_User user) { var topMenus = new List<MenuModel>(); var leftMenus = new List<MenuModel>(); var userRights = new SystemRightsService().QueryUserRight(user.ID); var systemMenuService = new SystemMenuService(); var userTopMenus = systemMenuService.GetUserTopMenus(userRights); foreach (var systemMenu in userTopMenus) { topMenus.Add(DataTransfer.Transfer<MenuModel>(systemMenu, typeof(System_Menu))); } var userLeftMenus = systemMenuService.GetUserLeftMenus(userRights); foreach (var systemMenu in userLeftMenus) { leftMenus.Add(DataTransfer.Transfer<MenuModel>(systemMenu, typeof(System_Menu))); } var systemUserSession = new SystemUserSession { SessionID = this.Session.SessionID, SystemUserID = user.ID, // EmployeeID = user.ID, //暂时将EmployeeID设置为SystemUserId,未来将修改数据表,将EmployeeId改为SystemUserID Name = user.Name, LoginName = user.LoginName, RoleID = user.RoleID, TopMenus = topMenus, LeftMenus = leftMenus, Permissions = userRights, LastVisitTime = DateTime.Now }; MongoDBHelper.RefreshSystemUserSession(systemUserSession); }
/// <summary> /// The on action executing. /// </summary> /// <param name="filterContext"> /// The filter context. /// </param> protected override void OnActionExecuting(ActionExecutingContext filterContext) { string resourceKey = string.Empty; string resourceDescription = string.Empty; var mongoDbStore = new MongoDbStore<SystemUserSession>("SystemUserSessions"); systemUserSession = mongoDbStore.Single(item => item.SessionID == Session.SessionID); if (systemUserSession == null) { HandleSessionLost(filterContext); } else { // todo: 会话失效判断 //this.HandleSessionState(filterContext, mongoDbStore); var systemRightService = new SystemRightsService(); resourceKey = this.GetResourceKey(filterContext); resourceDescription = systemRightService.GetResourceDescriptionByKey(resourceKey); if (!systemRightService.ValidateRight(resourceKey, this.systemUserSession.Permissions)) { if (!this.ValidateAjaxRequest(filterContext)) { filterContext.Result = this.Content("<script type='text/javascript'>alert('对不起,您没有此操作权限!');</script>"); } else { Response.StatusCode = 610; filterContext.Result = this.Json(new AjaxResponse(-403, "无操作权限"), JsonRequestBehavior.AllowGet); } LogUtils.Log( "无操作权限" + resourceDescription, "OnActionExecuting", Category.Info, systemUserSession.SessionID, systemUserSession.SystemUserID, "Enter"); } } if (systemUserSession == null) { LogUtils.Log("未登录", "OnActionExecuting"); } else { LogUtils.Log( "用户“" + systemUserSession.Name + "”,正在操作:" + resourceDescription, "OnActionExecuting", Category.Info, systemUserSession.SessionID, systemUserSession.SystemUserID, "Enter"); } base.OnActionExecuting(filterContext); }