public ActionResult Get() { try { string controller = Request["Id"]; if (!string.IsNullOrEmpty(controller)) { var data = service.Get(t => t.Controller == controller).OrderBy(t => t.Action).ToList(); this.Total = data.Count(); this.Rows = data; this.Data = DataGridData; } } catch (Exception ex) { Success = false; Message = ex.Message; } return(EasyUIResult()); }
/// <summary> /// 设置给用户添加特殊权限在页面上面显示 /// </summary> /// <param name="ID"></param> /// <returns></returns> public ActionResult AddUserActionInfo(int ID) { //首先根据用户ID查询到所有的信息 var userCurrent = _adminInfoService.Get(c => c.ID == ID).FirstOrDefault(); //封装成一个强类型传递给前台 ViewData.Model = userCurrent; //查询出所有的权限信息显示前台信息 var allActions = _actionInfo.Get(c => true).ToList(); ViewBag.AllActions = allActions; //查询出关联表的信息 ViewBag.Exists = (from r in userCurrent.R_AdminInfo_ActionInfo select r.ActionInfoID).ToList(); return(View()); }
//定义一个基类的AdminInfo对象 public override void OnActionExecuting(ActionExecutingContext filterContext) { AdminInfo currentUserInfo = filterContext.HttpContext.Session == null ? new AdminInfo() : filterContext.HttpContext.Session["AdminInfo"] as AdminInfo; //先将当前的请求,到权限表里面去找对应的数据 //拿到当前请求的URL地址 string requestUrl = filterContext.HttpContext.Request.Path; //拿到当前请求的类型 string requestType = filterContext.HttpContext.Request.RequestType.ToLower().Equals("get") ? "HttpGet" : "HttpPost"; //然后和权限表进行对比,如果取出来则通过请求,否则不通过 //取出当前权限的数据 var currentAction = _actioninfoService.Get(c => c.RequestUrl.Equals(requestUrl, StringComparison.InvariantCultureIgnoreCase) && c.RequestHttpType.Equals(requestType)).FirstOrDefault(); //如果没有权限对应当前请求的话,直接干掉 if (currentAction == null) { NoPermission(filterContext); return; } //想去用户权限表里面查询有没有数据 //分析第一条线路 AdminInfo->R_UserInfo_ActionInfo->ActionInfo //拿到当前的用户信息 var userCurrent = _adminInfoService.Get(u => u.ID == currentUserInfo.ID).FirstOrDefault(); var temp = (from r in userCurrent.R_AdminInfo_ActionInfo where r.ActionInfoID == currentAction.ID select r).FirstOrDefault(); if (temp != null) { if (temp.HasPermation) { return; } else { NoPermission(filterContext); return; } } //分析第二条线路 AdminInfo->ActionGroup->ActionInfo //拿到当前用户所有的组 var groups = from n in userCurrent.ActionGroup select n; //根据组信息遍历出权限信息 bool isPass = (from g in groups from a in g.ActionInfo select a.ID).Contains(currentAction.ID); if (isPass) //11,23,34不包含4 { return; } //分析第三条线路 分为两个 //1)AdminInfo->R_UserInfo_Role->Role->ActionInfo //先拿到用户对应的所有的角色 var userRoles = from r in userCurrent.R_AdminInfo_Role select r.Role; //拿到角色对应的所有权限 var rolesaction = (from r in userRoles from a in r.ActionInfo select a.ID); if (rolesaction.Contains(currentAction.ID)) { return; } //2)AdminInfo->R_UserInfo_Role->Role->ActionGroup->ActionInfo //拿到组信息 var roleGroupActions = from r in userRoles from g in r.ActionGroup select g; //拿到所有的组信息 var groupActions = from r in roleGroupActions from g in r.ActionInfo select g.ID; if (groupActions.Contains(currentAction.ID)) { return; } }
/// <summary> /// 绑定用户权限问题 /// </summary> /// <param name="ID"></param> /// <returns></returns> public ActionResult BindActionInfo(int ID) { var jsonData = _actioninfoService.Get(c => c.ID == ID).FirstOrDefault(); return(Json(jsonData, JsonRequestBehavior.AllowGet)); }