/// <summary> /// 验证权限 /// </summary> /// <param name="admin"></param> /// <param name="permissionId"></param> /// <returns></returns> public static bool CheckPermission(Mng_User admin, int permissionId) { if (admin == null) { return(false); } if (IsSuperAdmin(admin.Id)) { return(true); } return(GetPermissionIds(admin)?.Contains(permissionId) ?? false); }
public Mng_User GetUserInfo() { Mng_User model = null; int adminId = 0; object adminInfo = null; //执行登录检测 if (Tools.Utility.Admin.GetAdminSession(ref adminId, ref adminInfo) && adminId > 0) { model = adminInfo as Mng_User; if (model == null) { model = BllMng_User.First(o => o.Id == adminId); Tools.Utility.Admin.SetSession(adminId, model); } } return(model); }
/// <summary> /// 获取用户所有权限Url /// </summary> /// <param name="admin"></param> /// <returns></returns> public static List <string> GetPermissionUrls(Mng_User admin) { lock (_lock) { if (admin != null && HttpContext.Current?.Session != null) { if (HttpContext.Current.Session[Permission_Urls] != null) { return(HttpContext.Current.Session[Permission_Urls] as List <string>); } else { var perUrls = OA.Bll.BllMng_User.GetPermissionUrls(admin); if (perUrls != null && perUrls.Count > 0) { HttpContext.Current.Session.Add(Permission_Urls, perUrls); return(perUrls); } } } return(null); } }
/// <summary> /// 验证核心 /// </summary> /// <param name="httpContext"></param> /// <returns></returns> protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext) { try { MyInfo = new AdminState(httpContext).GetUserInfo(); if (MyInfo == null || !(bool)MyInfo.InJob) { return(false); } //判断权限 if (PermissionId > 0) { return(PermissionManager.CheckPermission(MyInfo, PermissionId)); } else if (!string.IsNullOrEmpty(PermissionUrl)) { var urls = PermissionUrl.TrimEnd(',').ToLower().Split(','); foreach (var url in urls) { //有一个Url允许,则通过 if (PermissionManager.CheckPermission(MyInfo, url)) { return(true); } } } return(false); } catch (Exception ex) { Tools.Tool.LogHelper.WriteLog(typeof(PermissionFilterAttribute), ex, 0, ""); return(false); } }
public ActionResult Save(AdminInfoModel model) { bool showlayout = RequestBool("showlayout"); var mod = new Mng_User(); if (model.id == 0 && string.IsNullOrEmpty(model.password)) { if (showlayout) { return(MessageBoxAndReturn("请填写密码!")); } else { return(LayerAlertErrorAndReturn("请填写密码!")); } } if (!string.IsNullOrEmpty(model.password)) { mod.Password = Tools.Security.Md5Helper.GetMd5Hash(model.password); } if (model.departid == 0) { if (showlayout) { return(MessageBoxAndReturn("请选择部门!")); } else { return(LayerAlertErrorAndReturn("请选择部门!")); } } mod.UserName = model.username.Trim2(); mod.RealName = model.realname.Trim2(); mod.DepartId = model.departid; mod.DepartMentName = Bll.BllMng_DepartmentClass.Instance().GetClassName(model.departid); mod.GroupId = model.groupid; mod.ParUserId = model.paruserid; mod.Sex = model.sex; int result = 0; if (model.id > 0) { result = Bll.BllMng_User.UpdateInfo(mod, model.id); if (result > 0) { AdminData.Reload(); return(LayerAlertSuccessAndRefresh("保存成功!")); } } else { mod.LoginIp = "127.0.0.1"; mod.LoginTime = DateTime.Parse("1999-01-01"); mod.LoginTimes = 0; mod.Pic = ""; mod.InJob = true; result = Bll.BllMng_User.AddNoReturn(mod); if (result > 0) { if (showlayout) { AdminData.Reload(); return(MessageBoxAndJump("保存成功!", "/admin/adminmanage/add?layout=true")); } else { return(LayerAlertSuccessAndRefresh("保存成功!")); } } } if (result == -1) { if (showlayout) { return(MessageBoxAndReturn("用户名已存在!")); } else { return(LayerAlertErrorAndReturn("用户名已存在!")); } } else { if (showlayout) { return(MessageBoxAndReturn("保存失败!")); } else { return(LayerAlertErrorAndReturn("保存失败!")); } } }
public ActionResult SignIn() { string userName = RequestString("username"); string password = RequestString("password"); string checkCode = RequestString("checkcode").ToUpper(); if (userName == "" || password == "") { return(MessageBoxAndReturn("请把表单填写完整!")); } if (ShowCode()) { if (checkCode == "") { return(MessageBoxAndReturn("请把表单填写完整!")); } if (Session["ImageCode"] == null) { return(MessageBoxAndJump("验证码过期,请重新登录!", "/auth/login")); } if (Session["ImageCode"].ToString() != checkCode) { return(MessageBoxAndReturn("验证码出错!")); } } Mng_User model = Bll.BllMng_User.CheckLogin(userName, password, Request.UserHostAddress.ToString()); if (model == null || model.Id == 0) { //登录错误次数 if (Session[ErrorRate] == null) { Session.Add(ErrorRate, 1); } else { Session[ErrorRate] = (int)Session[ErrorRate] + 1; if ((int)Session[ErrorRate] == LimitTime) { return(Redirect("/auth/login")); } } return(MessageBoxAndReturn("用户名或密码出错!")); } else { Response.Cookies[sitePreName + "AdminName"].Value = userName; Response.Cookies[sitePreName + "AdminName"].Expires = DateTime.Now.AddDays(30); //设置Session信息 Tools.Utility.Admin.SetSession(model.Id, model); //清除权限缓存 PermissionManager.ClearPermissions(); //清除登录次数限制 if (Session[ErrorRate] != null) { Session.Remove(ErrorRate); } return(Redirect("/")); } }