/// <summary>
/// 验证权限
/// </summary>
/// <param name="admin"></param>
/// <param name="permissionId"></param>
/// <returns></returns>
public static bool CheckPermission(Mng_User admin, int permissionId)
{
if (admin == null)
{
return(false);
}
if (IsSuperAdmin(admin.Id))
{
return(true);
}
return(GetPermissionIds(admin)?.Contains(permissionId) ?? false);
}
public Mng_User GetUserInfo()
{
Mng_User model = null;
int adminId = 0;
object adminInfo = null;
//执行登录检测
if (Tools.Utility.Admin.GetAdminSession(ref adminId, ref adminInfo) && adminId > 0)
{
model = adminInfo as Mng_User;
if (model == null)
{
model = BllMng_User.First(o => o.Id == adminId);
Tools.Utility.Admin.SetSession(adminId, model);
}
}
return(model);
}
/// <summary>
/// 获取用户所有权限Url
/// </summary>
/// <param name="admin"></param>
/// <returns></returns>
public static List <string> GetPermissionUrls(Mng_User admin)
{
lock (_lock)
{
if (admin != null && HttpContext.Current?.Session != null)
{
if (HttpContext.Current.Session[Permission_Urls] != null)
{
return(HttpContext.Current.Session[Permission_Urls] as List <string>);
}
else
{
var perUrls = OA.Bll.BllMng_User.GetPermissionUrls(admin);
if (perUrls != null && perUrls.Count > 0)
{
HttpContext.Current.Session.Add(Permission_Urls, perUrls);
return(perUrls);
}
}
}
return(null);
}
}
/// <summary>
/// 验证核心
/// </summary>
/// <param name="httpContext"></param>
/// <returns></returns>
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
{
try
{
MyInfo = new AdminState(httpContext).GetUserInfo();
if (MyInfo == null || !(bool)MyInfo.InJob)
{
return(false);
}
//判断权限
if (PermissionId > 0)
{
return(PermissionManager.CheckPermission(MyInfo, PermissionId));
}
else if (!string.IsNullOrEmpty(PermissionUrl))
{
var urls = PermissionUrl.TrimEnd(',').ToLower().Split(',');
foreach (var url in urls)
{
//有一个Url允许,则通过
if (PermissionManager.CheckPermission(MyInfo, url))
{
return(true);
}
}
}
return(false);
}
catch (Exception ex)
{
Tools.Tool.LogHelper.WriteLog(typeof(PermissionFilterAttribute), ex, 0, "");
return(false);
}
}
public ActionResult Save(AdminInfoModel model)
{
bool showlayout = RequestBool("showlayout");
var mod = new Mng_User();
if (model.id == 0 && string.IsNullOrEmpty(model.password))
{
if (showlayout)
{
return(MessageBoxAndReturn("请填写密码!"));
}
else
{
return(LayerAlertErrorAndReturn("请填写密码!"));
}
}
if (!string.IsNullOrEmpty(model.password))
{
mod.Password = Tools.Security.Md5Helper.GetMd5Hash(model.password);
}
if (model.departid == 0)
{
if (showlayout)
{
return(MessageBoxAndReturn("请选择部门!"));
}
else
{
return(LayerAlertErrorAndReturn("请选择部门!"));
}
}
mod.UserName = model.username.Trim2();
mod.RealName = model.realname.Trim2();
mod.DepartId = model.departid;
mod.DepartMentName = Bll.BllMng_DepartmentClass.Instance().GetClassName(model.departid);
mod.GroupId = model.groupid;
mod.ParUserId = model.paruserid;
mod.Sex = model.sex;
int result = 0;
if (model.id > 0)
{
result = Bll.BllMng_User.UpdateInfo(mod, model.id);
if (result > 0)
{
AdminData.Reload();
return(LayerAlertSuccessAndRefresh("保存成功!"));
}
}
else
{
mod.LoginIp = "127.0.0.1";
mod.LoginTime = DateTime.Parse("1999-01-01");
mod.LoginTimes = 0;
mod.Pic = "";
mod.InJob = true;
result = Bll.BllMng_User.AddNoReturn(mod);
if (result > 0)
{
if (showlayout)
{
AdminData.Reload();
return(MessageBoxAndJump("保存成功!", "/admin/adminmanage/add?layout=true"));
}
else
{
return(LayerAlertSuccessAndRefresh("保存成功!"));
}
}
}
if (result == -1)
{
if (showlayout)
{
return(MessageBoxAndReturn("用户名已存在!"));
}
else
{
return(LayerAlertErrorAndReturn("用户名已存在!"));
}
}
else
{
if (showlayout)
{
return(MessageBoxAndReturn("保存失败!"));
}
else
{
return(LayerAlertErrorAndReturn("保存失败!"));
}
}
}
public ActionResult SignIn()
{
string userName = RequestString("username");
string password = RequestString("password");
string checkCode = RequestString("checkcode").ToUpper();
if (userName == "" || password == "")
{
return(MessageBoxAndReturn("请把表单填写完整!"));
}
if (ShowCode())
{
if (checkCode == "")
{
return(MessageBoxAndReturn("请把表单填写完整!"));
}
if (Session["ImageCode"] == null)
{
return(MessageBoxAndJump("验证码过期,请重新登录!", "/auth/login"));
}
if (Session["ImageCode"].ToString() != checkCode)
{
return(MessageBoxAndReturn("验证码出错!"));
}
}
Mng_User model = Bll.BllMng_User.CheckLogin(userName, password, Request.UserHostAddress.ToString());
if (model == null || model.Id == 0)
{
//登录错误次数
if (Session[ErrorRate] == null)
{
Session.Add(ErrorRate, 1);
}
else
{
Session[ErrorRate] = (int)Session[ErrorRate] + 1;
if ((int)Session[ErrorRate] == LimitTime)
{
return(Redirect("/auth/login"));
}
}
return(MessageBoxAndReturn("用户名或密码出错!"));
}
else
{
Response.Cookies[sitePreName + "AdminName"].Value = userName;
Response.Cookies[sitePreName + "AdminName"].Expires = DateTime.Now.AddDays(30);
//设置Session信息
Tools.Utility.Admin.SetSession(model.Id, model);
//清除权限缓存
PermissionManager.ClearPermissions();
//清除登录次数限制
if (Session[ErrorRate] != null)
{
Session.Remove(ErrorRate);
}
return(Redirect("/"));
}
}
