请教 我 有一个 用户表, 一个权限组表, 一个权限表
一个用户有多个权限组, 一个权限组有多个权限。请问 MVC 3.0 是如何设置权限的,本人MVC 是新手。
一个用户有多个权限组, 一个权限组有多个权限。请问 MVC 3.0 是如何设置权限的,本人MVC 是新手。
解决方案 »
- |zyciis| 微软的ASP.NET AJAX提交后点其他链接在FireFox中存在Bug,如何解决 第二贴
- 怎么能让一个TextBox输完内容后,按回车后响应一个Button的点击事件?
- 关于在Repeater中批量删除的问题
- 在datagrid中嵌入html控件file field后,在datagrid编辑模式下怎样获取当前选择的文件?急!!
- 【求指教】C#中SQL Server连接 哪里出错了?
- 关于Response.End()的问题,高分相送
- .net 如何清除外站登陆
- 用VB.NET写ASP.NET, 如何取得DataGrid里面编辑文本框中输入的值?
- 程序中怎么处理存储过程的输出参数是游标变量??
- 一个htmltablecell的问题
- 页面排序更新数据排序功能
- asp.net gridview鼠标选择得到行的索引
public class Power
{
public static bool Has()
{
return true;
}
public static bool Has(string operateName)
{
return RoleFilterAttribute.HasPower(operateName);
}
public static bool Has(LoginType loginType)
{
return RoleFilterAttribute.HasPower(loginType);
}
public static bool Has( params string[] operateNames)
{
return RoleFilterAttribute.HasPower(operateNames);
} public static string[] GetOperateListByRoleID(Guid roleID)
{
return GetOperateList(BLL.Accounts.RoleFn.GetPowersByRoleID(roleID));
}
static string[] GetOperateList(DataResult<DataTable> data)
{
if (data.Status == ResultState.Success && data.Data != null && data.Data.Rows.Count > 0)
{
List<string> list = new List<string>();
foreach (DataRow row in data.Data.Rows)
list.Add(row[0].ToString());
return list.ToArray();
}
return new string[0];
}
public static string[] GetOperateListByUserID(Guid userID)
{
return GetOperateList(BLL.Accounts.RoleFn.GetPowersByUserID(userID));
}
}
{
public RoleFilterAttribute()
{ } public RoleFilterAttribute(string operateName)
{
OperateName = operateName;
} public RoleFilterAttribute(params string[] operateNames)
{
OperateNames = operateNames;
} public RoleFilterAttribute(LoginType neadLoginType)
{
NeadLoginType = neadLoginType;
} public RoleFilterAttribute(string operateName, LoginType neadLoginType)
{
OperateName = operateName;
NeadLoginType = neadLoginType;
} #region IAuthorizationFilter 成员 /// <summary>
/// 权限控制
/// </summary>
/// <param name="filterContext"></param>
public void OnAuthorization(AuthorizationContext filterContext)
{
//首先必须登录
if (!Account.IsLogin)
{
filterContext.Result = new RedirectResult("/Account/Login");
return;
} LoginData? ldata = Account.LoginUser; if (!ldata.HasValue)
{
filterContext.Result = new RedirectResult("/Account/Login");
return;
} //如果设置管理员类型则必须匹配
if (NeadLoginType.HasValue && ldata.Value.LoginType != NeadLoginType.Value)
{
filterContext.Result = new RedirectResult("/Account/NoPower");
return;
} //权限判断(如果设置了具体操作权限则必须匹配)
if(!String.IsNullOrEmpty(OperateName) && !ldata.Value.Powers.Contains(OperateName))
{
filterContext.Result = new RedirectResult("/Account/NoPower");
return;
}
//权限判断(如果设置了一组操作权限则必须匹配其中一个)
if (OperateNames != null && OperateNames.Length > 0 && !HasPower(OperateNames, ldata.Value))
{
filterContext.Result = new RedirectResult("/Account/NoPower");
return;
}
} #endregion /// <summary>
/// 指定管理员类型
/// </summary>
public LoginType? NeadLoginType { set; get; } private static bool BasePower(LoginData ldata)
{
///开发人员不限制权限
if (ldata.LoginType == LoginType.Developer) return true; return false;
} public static bool HasPower(LoginType loginType)
{
if (!Account.IsLogin)
{
return false;
} LoginData? ldata = Account.LoginUser; if (!ldata.HasValue)
{
return false;
} if (BasePower(ldata.Value)) return true; //权限判断
return ldata.Value.LoginType == loginType;
} /// <summary>
/// 设置操作权限
/// </summary>
public string OperateName { set; get; } /// <summary>
/// 设置一组操作权限,当前用户只需要拥有其中一个即可
/// </summary>
public string[] OperateNames { set; get; } /// <summary>
/// 判断当前用户是否拥有该操作权限
/// </summary>
/// <param name="operateName"></param>
/// <returns></returns>
public static bool HasPower(string operateName)
{ if (!Account.IsLogin)
{
return false;
} LoginData? ldata = Account.LoginUser; if (!ldata.HasValue)
{
return false;
} if (BasePower(ldata.Value)) return true; //权限判断
return ldata.Value.Powers.Contains(operateName);
} /// <summary>
/// 只需要拥有其中一个操作权限即可
/// </summary>
/// <param name="operateNames"></param>
/// <returns></returns>
public static bool HasPower(string[] operateNames)
{ if (!Account.IsLogin)
{
return false;
} LoginData? ldata = Account.LoginUser; if (!ldata.HasValue)
{
return false;
} if (BasePower(ldata.Value)) return true; //权限判断
foreach (string opname in operateNames)
if (ldata.Value.Powers.Contains(opname))
return true; return false;
} bool HasPower(string[] operateNames, LoginData ldata)
{
//权限判断
foreach (string opname in operateNames)
if (ldata.Powers.Contains(opname))
return true; return false;
} }Controller里[RoleFilterAttribute(new string[] {"Power.Has中定义的权限"})]