//重写Authorization
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
//获取当前页面地址
url = new PageUrl();
url.Controller = filterContext.RouteData.Values["controller"] as string;
url.Action = filterContext.RouteData.Values["action"] as string;
//判断用户是否登录
// string Token=Caching.Get("adminLogin-key").ToString();//缓存
Model.adminlogin loginModel = HttpContext.Current.Session[CMSKeys.SESSION_ADMIN_INFO] as Model.adminlogin;
//NHibernate.CMS.RedisFramework.RedisHelper.Single_Get_Itme<Model.adminlogin>(RedisKeys.REDIS_KEY_ADMINLOGIN + Token);
if (loginModel == null)
{
// 未登录,跳转至登录页面
filterContext.Result = new RedirectResult("/Home/Login");
return;
}
else
{
if (!AuthorizeCore(filterContext.HttpContext))
{
filterContext.Result = new RedirectResult("/Home/Error/premission");
//filterContext.HttpContext.Response.Write("");
}
//redirect to login page
}
}
/// <summary>
/// 重写AuthorizeAttribute的AuthorizeCore方法
/// </summary>
/// <param name="httpContext"></param>
/// <returns></returns>
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
bool result = false;
//string Token = Caching.Get("adminLogin-key").ToString();//缓存
Model.adminlogin loginModel = HttpContext.Current.Session[CMSKeys.SESSION_ADMIN_INFO] as Model.adminlogin;
//NHibernate.CMS.RedisFramework.RedisHelper.Single_Get_Itme<Model.adminlogin>(RedisKeys.REDIS_KEY_ADMINLOGIN + Token);
//获取登陆标示
if (loginModel != null)
{
//进行权限校验
//if(。。。。。)
string action = url.Action;
string controller = url.Controller;
//如果是admin 拥有所有权限
if (loginModel.UserName == "admin")
{
return(true);
}
Isys_actionService action_bll = new sys_actionService(); //模块功能信息表
Isys_acl_userService acl_user_bll = new sys_acl_userService(); //用户权限控制信息表
Isys_acl_groupService acl_group_bll = new sys_acl_groupService(); //分组权限控制信息表
Isys_group_userService group_user_bll = new sys_group_userService(); //用户与用户组信息表
//1.根据当前 action 、controller查询sys_action 找出actionID
var actionModel = action_bll.GetSingleModel(o => o.actionKey == action && o.moduleKey == controller);
if (actionModel == null)
{
return(false); //表示没找到 action
}
//2.根据当前 ueserid 、actionID查询sys_acl_user 存在数据就返回 access
var acl_userModel = acl_user_bll.GetSingleModel(w => w.actionID == actionModel.actionID && w.userID == loginModel.UserID);
if (acl_userModel != null)
{
return(true); //表示有该权限
}
//3.根据当前 groupid 、actionID查询sys_acl_group 存在数据就返回 access 没有就表示没权限
var group_userModel = group_user_bll.GetSingleModel(k => k.userID == loginModel.UserID);
var acl_groupModel = acl_group_bll.GetSingleModel(o => o.groupID == group_userModel.groupID && o.actionID == actionModel.actionID);
if (acl_groupModel != null)
{
result = acl_groupModel.access;
}
}
return(result);
}
//[Authorize(Roles="")]
public ActionResult Login(string username, string password, string verifycode)
{
if (!isCheckVerifyCode(verifycode))
{
ModelState.AddModelError("error", "验证码错误");
return(View());
}
if (string.IsNullOrWhiteSpace(username))
{
ModelState.AddModelError("error", "请输入用户名");
return(View());
}
if (string.IsNullOrWhiteSpace(password))
{
ModelState.AddModelError("error", "请输入密码");
return(View());
}
password = Encrypt.MD5(Encrypt.Encode(password));
NHibernate.CMS.IBusiness.Isys_userService bll = new NHibernate.CMS.Business.sys_userService();
var loginInfo = bll.GetSingleModel(o => o.userAccount == username && o.userPasswd == password && o.status == true);
if (loginInfo != null)
{
Model.adminlogin model = new Model.adminlogin();
model.UserID = loginInfo.userID;
model.UserName = loginInfo.userAccount;
model.Token = Guid.NewGuid();
model.LoginDate = DateTime.Now;
Session[CMSKeys.SESSION_ADMIN_INFO] = model;
//Caching.Set("adminLogin-key", model.Token,10);
//NHibernate.CMS.RedisFramework.RedisHelper.Single_Set_Itme<Model.adminlogin>(RedisKeys.REDIS_KEY_ADMINLOGIN + model.Token, model);
return(RedirectToAction("Index", "Auth", new { Area = "Account" }));
}
else
{
ModelState.AddModelError("error", "用户名或密码错误");
return(View());
}
}
/// <summary>
/// 加载所有启用菜单
/// </summary>
/// <returns></returns>
public static List <sys_module> loadModule()
{
Model.adminlogin loginModel = LoginInfo;
if (loginModel == null)
{
string url = HttpContext.Current.Request.Url.Host + "/Home/Login";
HttpContext.Current.Response.Redirect(url);
return(null);
}
List <sys_module> list = new List <sys_module>();
////如果缓存中找到了就直接返回
object cahingList = Caching.Get("loadModule");
if (cahingList != null)
{
return(cahingList as List <sys_module>);
}
////1.如果是超级管理员直接返回所有
var groupUser = groupUserBll.GetSingleModel(m => m.userID == loginModel.UserID);
var adminRoles = groupBll.GetSingleModel(m => m.groupID == groupUser.groupID);
//2.找出显示的所有菜单
// var asys_actionList = actBll.LoadEntities(m => m.actionKey == "Show");
//3.找出当前登陆权限
if (adminRoles.groupName == "超级管理组")
{
var userModelacl = actBll.LoadEntities(w => w.actionKey == "Show");//一级菜单
foreach (var item in userModelacl)
{
var sys_modules = moduleBll.GetSingleModel(m => m.moduleKey == item.moduleKey && m.class_layer == 1);
if (sys_modules != null)
{
list.Add(sys_modules);
}
}
Caching.Set("loadModule", list);
return(list);
}
//获取用户自己独立权限
var sys_acl_userList = acluserBll.LoadEntities(m => m.userID == loginModel.UserID);
foreach (var item in sys_acl_userList)
{
var userModelacl = actBll.GetSingleModel(w => w.actionKey == "Show" && w.actionID == item.actionID);
var sys_modules = moduleBll.GetSingleModel(m => m.moduleKey == userModelacl.moduleKey && m.class_layer == 1);
if (sys_modules != null)
{
list.Add(sys_modules);
}
}
////获取用户角色组权限
if (groupUser != null)
{
var aclGroupList = aclgroupBll.LoadEntities(w => w.groupID == groupUser.groupID);
foreach (var item in aclGroupList)
{
var GroupModelacl = actBll.GetSingleModel(w => w.actionID == item.actionID);
var sys_modules = moduleBll.GetSingleModel(m => m.moduleKey == GroupModelacl.moduleKey && m.class_layer == 1);
if (sys_modules != null)
{
list.Add(sys_modules);
}
}
}
Caching.Set("loadModule", list);
return(list);
}
