protected void Page_Load(object sender, EventArgs e) { if (!Page.IsPostBack) { int groupID = RequestHelper.GetQueryString <int>("ID"); if (groupID != int.MinValue) { CheckAdminPower("ReadAdminGroup", PowerCheckType.Single); AdminGroupInfo adminGroup = AdminGroupBLL.Read(groupID); Name.Text = adminGroup.Name; Note.Text = adminGroup.Note; power = adminGroup.Power; } if (groupID == 1) { //如果是超级管理员组则不能修改权限 //SubmitButton.Visible = false; } } //绑定权限列表 XmlHelper xh = new XmlHelper(ServerHelper.MapPath("~/Config/AdminPower.Config")); XmlNode xn = xh.ReadNode("Config"); foreach (XmlNode temp in xn.ChildNodes) { PowerInfo power = new PowerInfo(); power.Text = temp.Attributes["Text"].Value; power.Key = temp.Attributes["Key"].Value; power.XML = temp.InnerXml; channelPowerList.Add(power); } }
protected void SubmitButton_Click(object sender, EventArgs E) { AdminGroupInfo adminGroup = new AdminGroupInfo(); adminGroup.Id = RequestHelper.GetQueryString <int>("ID"); adminGroup.Name = Name.Text; adminGroup.Power = RequestHelper.GetForm <string>("Rights").Replace(",", "|"); adminGroup.Note = Note.Text; if (adminGroup.Power != string.Empty) { adminGroup.Power = "|" + adminGroup.Power + "|"; } string alertMessage = ShopLanguage.ReadLanguage("UpdateOK"); if (adminGroup.Id == int.MinValue) { CheckAdminPower("AddAdminGroup", PowerCheckType.Single); int id = AdminGroupBLL.Add(adminGroup); AdminLogBLL.Add(ShopLanguage.ReadLanguage("AddRecord"), ShopLanguage.ReadLanguage("AdminGroup"), id); } else { CheckAdminPower("UpdateAdminGroup", PowerCheckType.Single); AdminGroupInfo tmpAdminGroup = AdminGroupBLL.Read(adminGroup.Id); adminGroup.AdminCount = tmpAdminGroup.AdminCount; adminGroup.AddDate = tmpAdminGroup.AddDate; adminGroup.IP = tmpAdminGroup.IP; AdminGroupBLL.Update(adminGroup); AdminLogBLL.Add(ShopLanguage.ReadLanguage("UpdateRecord"), ShopLanguage.ReadLanguage("AdminGroup"), adminGroup.Id); alertMessage = ShopLanguage.ReadLanguage("UpdateOK"); } ScriptHelper.Alert(alertMessage, RequestHelper.RawUrl); }
///<summary> ///检查用户权限 ///</summary> ///<param name="powerKey">权限的前缀</param> ///<param name="powerString">要检查的权限值</param> ///<param name="checktype">检查类型</param> ///<returns></returns> private void CheckAdminPower(string powerKey, string powerString, PowerCheckType powerCheckType, ref int adminID) { string power = AdminGroupBLL.Read(Cookies.Admin.GetGroupID(false)).Power; //检查权限 bool checkPower = false; switch (powerCheckType) { case PowerCheckType.Single: if (power.IndexOf("|" + powerKey + powerString + "|") > -1) { checkPower = true; } break; case PowerCheckType.OR: foreach (string TempPowerString in powerString.Split(',')) { if (power.IndexOf("|" + powerKey + TempPowerString + "|") > -1) { checkPower = true; break; } } break; case PowerCheckType.AND: checkPower = true; foreach (string TempPowerString in powerString.Split(',')) { if (power.IndexOf("|" + powerKey + TempPowerString + "|") == -1) { checkPower = false; break; } } break; default: break; } if (checkPower) { //是否需要检查具有操作别人的权限 bool needOther = false; Hashtable ht = ReadAllNeedOther(); foreach (DictionaryEntry dic in ht) { if (dic.Key.ToString() == powerString) { needOther = Convert.ToBoolean(dic.Value); if (!needOther) { break; } } } // 检查是否具有操作别人的权限 if (needOther) { if (power.IndexOf("|" + powerKey + "ManageOther|") > -1) { adminID = int.MinValue; } else { adminID = Cookies.Admin.GetAdminID(false); } } else { adminID = int.MinValue; } } else { adminID = -1; } if (adminID == -1) { ScriptHelper.AlertFront(ShopLanguage.ReadLanguage("NoPower")); } }