/// <summary> /// 增加页面操作配置 /// </summary> /// <param name="controllerName"></param> /// <param name="actionName"></param> /// <param name="areaName"></param> /// <param name="page"></param> /// <param name="isAjax"></param> private void InsertActionOperation(string controllerName, string actionName, string areaName, string page, bool isAjax) { Tright_Operation_Da da = new Tright_Operation_Da(); bool HasPage = da.Select.Where(s => s.Url.ToLower() == page.ToLower()).Count() > 0; if (HasPage) { return; } //获取功能归属哪个页面 Tright_Operation root = da.Where(s => s.Controller == controllerName && s.Type == (int)OpeartionType.页面访问).First(); Tright_Operation model = new Tright_Operation(); model.Action = actionName; model.Area = areaName; model.Code = Guid.NewGuid().ToString(); model.Controller = controllerName; model.Parent_Id = isAjax ? root.Id:0; model.Sortid = 0; model.Status = 0; model.Type = isAjax ? (int)OpeartionType.功能操作 : (int)OpeartionType.页面访问; model.Url = page; model.Name = PowerName; da.Insert(model); }
public IActionResult DelFunc(int id) { Tright_Operation_Da da = new Tright_Operation_Da(); if (da.Where(s => s.Id == id).AsTreeCte().ToDelete().ExecuteAffrows() > 0) { return(SuccessMessage()); } return(FailMessage()); }
public IActionResult UpdateFunc(Tright_Operation model) { if (string.IsNullOrEmpty(model.Name)) { return(FailMessage("权限名不能为空!")); } Tright_Operation_Da da = new Tright_Operation_Da(); da.Update(model); return(SuccessMessage("成功!")); }
public IActionResult AddFunc(Tright_Operation model) { if (string.IsNullOrEmpty(model.Name)) { return(FailMessage("权限名不能为空!")); } model.Code = Guid.NewGuid().ToString(); Tright_Operation_Da da = new Tright_Operation_Da(); da.Insert(model); return(SuccessMessage("成功!")); }
public IActionResult ListFunc() { Tright_Operation_Da da = new Tright_Operation_Da(); return(SuccessResultList(da.Select.ToTreeList())); }
public override void OnActionExecuting(ActionExecutingContext Context) { //先取出登录用户id int userid = int.Parse(Context.HttpContext.User.FindFirst("userId").Value); //根据配置文件决定是否给初次登录的用户 分配一个默认的登录角色 if (AppConfig.IsSetDefautlRole) { SetDefaultRole(userid); } //如果Ignore 为true 则表示不检查该操作,这里只给他初次登录分配 普通会员角色 if (Ignore) { return; } //获取路由地址 string areaName = string.Empty; string controllerName = string.Empty; string actionName = string.Empty; string page = GetPageUrl(Context, ref areaName, ref controllerName, ref actionName); //判断请求的是否是ajax 请求 var isAjax = Context.HttpContext.Request.Headers["X-Requested-With"] == "XMLHttpRequest"; //判断数据库是否存在该权限,不存则自动添加,无需手动配置,减少开发中的配置工作 InsertActionOperation(controllerName, actionName, areaName, page, isAjax); //如果全局配置忽略权限,则忽略检测 if (AppConfig.IgnoreAuthRight) { return; } Tright_Operation_Da da = new Tright_Operation_Da(); var list = da.ListByUserId(userid); //此处应该用Redis 缓存用户权限 if (list.Where(s => s.Url.ToLower() == page.ToLower()).ToList().Count() > 0) { return; //有权限 } //是否ajax请求,是ajax 则判定为 请求操作, 非ajax则判定为 访问页面 if (isAjax) { Context.Result = new JsonResult(new { Success = false, Code = 405, Message = "您没有该功能操作权限!" }); return; } //跳转指定的没有权限的页面 Context.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "System", action = "NoPermission" })); }