public ActionResult Delete(string ids)
{
if (string.IsNullOrEmpty(ids))
{
return(Content("请选中要删除的数据!"));
}
//拆分接收过来的ids
string[] strids = ids.Split(',');
//完成删除
//1.清除该权限所关联的角色
foreach (var strid in strids)
{
int delActionId = int.Parse(strid);
var actionInfo = actionInfoService.GetEntity(u => u.ID == delActionId).FirstOrDefault();
if (actionInfo != null)
{
actionInfo.RoleInfo.Clear();//清除掉原有的角色
}
}
//2.执行删除
List <int> idList = strids.Select(int.Parse).ToList();
int result = actionInfoService.DeleteList(idList);
if (result <= 0)
{
return(Content("error"));
}
return(Content("ok"));
//-------------------------
//List<int> idList = strids.Select(int.Parse).ToList();
//int result = actionInfoService.DeleteList(idList);
//if (result <= 0)
//{
// return Content("删除失败!");
//}
//return Content("ok");
}
public ActionResult SetAction(int id)
{
var user = userInfoService.GetEntity(u => u.ID == id).FirstOrDefault();
ViewBag.userInfo = user;
//查出当前权限表里有哪些权限
var allActions = actionInfoService.GetEntity(u => u.DelFlag == NoDel);
ViewData.Model = allActions;
//关联表
//ViewBag.ActionUserInfo= iRUserActionService.GetEntity(u => u.UserInfoID == id);
return(View());
}
//Controller提供用于响应MVC网站进行的Http请求的方法 Controller本身也是一个控制器
//在当前控制器所有代码执行之前执行此方法
//以后想做登录校验的控制器,直接继承此基类
protected override void OnActionExecuted(ActionExecutedContext filterContext)
{
base.OnActionExecuted(filterContext);
if (IsCheck)
{
//单机
if (filterContext.HttpContext.Session["loginUser"] == null)
{
filterContext.HttpContext.Response.Redirect("/UserLogin/Index");
}
else
{
//将其转化为类
UserInfo userInfo = filterContext.HttpContext.Session["loginUser"] as UserInfo;
this.CurrentLoginUserInfo = userInfo;
//权限过滤 权限校验
//1.看是否直接拒绝或则直接允许
//2.根据角色授权
if (userInfo != null && userInfo.Name == "admin")
{
return;//默认不为admin用户做权限校验,admin用户可以畅通无阻
}
if (Request.Url != null)
{
var url = Request.Url.AbsolutePath.ToLower();
var httpMethod = Request.HttpMethod.ToLower();
//查看当前登录用户的Action表是否包含当前请求的url
var actionInfo = ActionInfoService.GetEntity(u => u.Url == url && u.HttpMethod == httpMethod).FirstOrDefault();
if (actionInfo == null)
{
//权限表无此数据 跳转错误页
Response.Redirect("/ErrorPage.html");
}
//1.先看特殊权限表
var rUsers = RUserActionInfoService.GetEntity(u => u.UserInfoID == userInfo.ID);
var item = (from r in rUsers
where r.ActionInfoID == actionInfo.ID
select r).FirstOrDefault();
if (item != null && item.HasPerssion == true)
{
return;
}
else
{
//2.根据当前登录用户查看
var currentUserInfo = UserInfoService.GetEntity(u => u.ID == userInfo.ID).FirstOrDefault();
if (currentUserInfo != null)
{
var action = from r in currentUserInfo.RoleInfo
from a in r.ActionInfo
select a;
var temp = (from info in action
where actionInfo != null && info.ID == actionInfo.ID
select info).Count();
if (temp <= 0)
{
Response.Redirect("/ErrorPage.html");
}
else
{
return;
}
}
//Response.Redirect("/ErrorPage.html");
//return;
}
}
}
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
if (IsCheckUserLogin)
{
string cookie = Utils.GetCookie("userLoginId");
if (string.IsNullOrEmpty(cookie))
{
if (IsAdmin)
{
filterContext.HttpContext.Response.Redirect("/UserLogin/AdminLogin");
return;
}
filterContext.HttpContext.Response.Redirect("/UserLogin/Login");
return;
}
string userGuid = cookie;
UserInfo userInfo = Common.Cache.CacheHelper.GetCache <UserInfo>(userGuid);
if (userInfo == null)
{
if (IsAdmin)
{
filterContext.HttpContext.Response.Redirect("/UserLogin/AdminLogin");
return;
}
filterContext.HttpContext.Response.Redirect("/Content/bigdatalogin/bigdatalogin.html");
return;
}
//滑动窗口机制
Common.Cache.CacheHelper.SetCache(userGuid, userInfo, DateTime.Now.AddMinutes(20));
if (IsRoleAction)
{
string url = HttpContext.Current.Request.Url.AbsolutePath.ToLower();
string[] str = url.Split('/');
string URL = "/" + str[1] + "/" + str[2];
string httpMethod = HttpContext.Current.Request.HttpMethod.ToLower();
IApplicationContext ctx = ContextRegistry.GetContext();
IActionInfoService ActionInfoService = ctx.GetObject("ActionInfoService") as IActionInfoService;
IUserActionInfoService UserActionInfoService = ctx.GetObject("UserActionInfoService") as IUserActionInfoService;
IRoleInfoService RoleInfoService = ctx.GetObject("RoleInfoService") as IRoleInfoService;
IUserInfoService UserInfoService = ctx.GetObject("UserInfoService") as IUserInfoService;
var actionInfo = ActionInfoService.GetEntity(a => a.Url.ToLower() == URL && a.HttpMethd.ToLower() == httpMethod).FirstOrDefault();
if (actionInfo == null)
{
actionInfo = ActionInfoService.Add(URL, httpMethod);
//HttpContext.Current.Response.Redirect("/Error.html");
}
if (userInfo.UserName == "admin")
{
return;
}
var rUAs = UserActionInfoService.GetEntity(u => u.UserInfoID == userInfo.ID);
var item = (from a in rUAs
where a.ActionInfoID == actionInfo.ID
select a).FirstOrDefault();
if (item != null)
{
if (item.HasPermissin == 1 && item.DelFlag == true)
{
return;
}
else
{
HttpContext.Current.Response.Redirect("/Error.html");
}
}
var user = UserInfoService.GetEntity(u => u.ID == userInfo.ID).FirstOrDefault();
var allRoles = from r in user.RoleInfo
select r;
var actions = from r in allRoles
from a in r.ActionInfo
select a;
var temp = (from a in actions
where a.ID == actionInfo.ID
select a).Count();
if (temp <= 0)
{
HttpContext.Current.Response.Redirect("/Error.html");
}
}
}
}
public ActionResult Index()
{
/*
* 权限管理在此输出link[]
*
* var links = [
* { icon: '/images/Home/3DSMAX.png', title: '用户列表', url: '/UserInfo/Index' },
* { icon: '/images/Home/Xp-G5 006.png', title: '角色列表', url: '/RoleInfo/Index' },
* { icon: '/images/Home/Alien Folder.png', title: '权限列表', url: '/ActionInfo/Index' },
* { icon: '/images/Home/Program Files Folder.png', title: '填写周报', url: '/RoleInfo/Index' },
* { icon: '/images/Home/Xp-G5 006.png', title: '订单管理', url: '/RoleInfo/Index' }
* ];
*/
if (Session["loginUser"] != null)
{
UserInfo user = Session["loginUser"] as UserInfo;
ViewBag.userName = user == null ? "未登录" : user.Name;
//再执行查询
if (user != null)
{
#region 升级版本前代码
////1.根据当前登录用户Id 拿到当前登录用户的实体
//var current = userInfoService.GetEntity(u => u.ID == user.ID).FirstOrDefault();
////2.拿到该用户所有的角色
//if (current != null)
//{
// var allRoles = current.RoleInfo;
// //3.用linq查询 拿到该该角色下所有的权限信息
// var allActions = from roleInfo in allRoles
// from action in roleInfo.ActionInfo
// select action;
// //4.过滤并将其转化为List
// var allActionsList = allActions.Where(u => u.IsMenu==true).ToList();
// //5.设置给ViewBag 前端做拼接
// ViewBag.AllActionList = allActionsList;
//}
#endregion
#region 老马 加上特殊权限 升级后代码
//1.根据当前登录用户Id 拿到当前登录用户的实体
var current1 = userInfoService.GetEntity(u => u.ID == user.ID).FirstOrDefault();
//2.拿到该用户所有的角色
if (current1 != null)
{
var allRoles1 = current1.RoleInfo;
//3.用linq查询 拿到该该角色下所有的权限信息
var allActions = (from roleInfo in allRoles1
from action in roleInfo.ActionInfo
select action.ID).ToList();
//4.拿到特殊权限中拒绝的权限集合
var allRejectActions = (from r in current1.R_User_Action
where r.HasPerssion == false
select r.ActionInfoID).ToList();
//5.两个集合做交集
//var actionId = allActions.Where(u=>!allRejectActions.Contains(u)).ToList();
var actionId = allActions.Where(u => !allRejectActions.Contains(u)).ToList();
//6.查出特殊权限表赋予用户的权限
var allActionId = (from r in current1.R_User_Action
where r.HasPerssion == true
select r.ActionInfoID).ToList();
//7.将5和6做并集 并且再去重
allActionId.AddRange(actionId.AsEnumerable());
//7.1 去重
var allActionId1 = allActionId.Distinct();
//8.actionInfoService 中
ViewBag.AllActionList = actionInfoService.GetEntity(u => allActionId1.Contains(u.ID) && u.DelFlag == NoDel && u.IsMenu == true).ToList();
}
#endregion
#region shit 代码
////处理多对多的关系 先根据用户ID查出来用户的角色 再根据角色查出来对应的权限
//var userId = user.ID;
//var roles = userInfoService.GetEntity(u => u.ID == userId);
//ShowLinkInfo showLink = new ShowLinkInfo();
//foreach (var userInfo in roles)
//{
// //
// var actionInfos = (from r in userInfo.RoleInfo select r.ActionInfo);
// foreach (var actionInfo in actionInfos)
// {
// var oneActionInfo = actionInfo.FirstOrDefault();
// if (oneActionInfo != null)
// {
// showLink.icon = oneActionInfo.IsIcon;
// showLink.title = oneActionInfo.ActionName;
// showLink.url = oneActionInfo.Url;
// listLinkInfos.Add(showLink);
// }
// }
//}
//var b = JsonConvert.SerializeObject(listLinkInfos);
////返回权限过滤后的数据
//ViewBag.LinksInfo = b;
#endregion
}
}
return(View());
}
