Пример #1
0
        /// <summary>
        /// 判断当前控制器下用户是否有对应的权限
        /// <para>True : 有</para>
        /// <para>False : 没有</para>
        /// </summary>
        /// <param name="RouteData">当前目录信息</param>
        /// <param name="permission">要判断的权限点</param>
        /// <returns></returns>
        public static bool CheckRole(this RouteData RouteData, AdminLTE.Enum.PermissionType permission)
        {
            var loginInfo = LoginInfoHelper.Current();

            if (loginInfo.IsAdmin)
            {
                return(true);
            }

            //var areaName = RouteData.DataTokens["area"] + "";
            var    controllerName = RouteData.Values["controller"].ToString().ToLower() + "";
            var    menuCache      = MvcBase.Unity.Get <AdminLTE.Domain.Services.IMenuService>().ListCache();
            string menuID         = string.Empty;

            foreach (var menu in menuCache)
            {
                menuID = menu.Children.SingleAndInit(m => m.Url.ToLower().Contains(controllerName)).ID;
                if (!string.IsNullOrEmpty(menuID))
                {
                    break;
                }
            }

            if (loginInfo.MenuIDs.Contains(menuID))
            {
                return(((int)permission).IntPare(loginInfo.Permissions[menuID]));
            }
            return(false);
        }
Пример #2
0
 public ArticleController(IMainDBTool dbTool, IArticleService articleService, IArticleClassifyService articleClassifyService)
 {
     this._dbTool                 = dbTool;
     this._articleService         = articleService;
     this._articleClassifyService = articleClassifyService;
     this._loginInfo              = LoginInfoHelper.Current();
 }
Пример #3
0
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            //不是Get方法过来的请求,都不能跨站操作。防止管理员登录本站后去访问一些带有攻击本站代码的网站
            if (httpContext.Request.HttpMethod.ToUpper() != "GET")
            {
                if (httpContext.Request.Url.Authority != httpContext.Request.UrlReferrer.Authority)
                {
                    //throw new Exception("不允许跨站操作");
                    return(false);
                }
            }


            if (LoginInfoHelper.Current() != null)
            {
                return(true);
            }
            return(false);
        }
Пример #4
0
        private List <MenuCacheModel> CurrentMenu()
        {
            var loginInfo = LoginInfoHelper.Current();
            List <MenuCacheModel> result = new List <MenuCacheModel>();
            var menus = _menuService.ListCache();

            if (loginInfo.IsAdmin)
            {
                return(menus);
            }
            foreach (var rootMenu in menus)
            {
                if (loginInfo.MenuIDs.Contains(rootMenu.ID))
                {
                    MenuCacheModel root = new MenuCacheModel()
                    {
                        Name     = rootMenu.Name,
                        Url      = rootMenu.Url,
                        ID       = rootMenu.ID,
                        Children = new List <MenuCacheModel>()
                    };
                    foreach (var menu in rootMenu.Children)
                    {
                        if (loginInfo.MenuIDs.Contains(menu.ID))
                        {
                            MenuCacheModel child = new MenuCacheModel()
                            {
                                Name        = menu.Name,
                                ID          = menu.ID,
                                Url         = menu.Url,
                                Permissions = loginInfo.Permissions[menu.ID]
                            };
                            root.Children.Add(child);
                        }
                    }
                    result.Add(root);
                }
            }
            return(result);
        }