User Role UserInRoleFunction//页面资源 Control//页内资源,跟页面资源挂钩 Menu//菜单,可以独立,也可以跟页面挂钩FunctionAuth//角色(用户)跟页面资源(页内资源,菜单)的关联性 多应用的话还有个Application基于BasePage:Page,我是需要自己在PageLoad时去调用BasePage内验证指定Control是否可以访问,因为如果自动去控制的话,Control表就会比较复杂这是非MVC模式的权限,MVC是通过控制Action来实现权限控制
一个SYS_Menu 角色与菜单关联。 控件的是否隐藏来控制控件的增加与删除。
做个页面维护他们。写一个pagebase做为所以页面的基类,pagebase重写System.Web.UI.Page中的方法,在pagebase中来控制按钮
能不能给个具体的实例啊?
/// 获取角色的菜单项权限列表
/// </summary>
/// <param name="roleId">角色标识</param>
/// <returns>角色的菜单项权限列表</returns>
public ArrayList GetMenuPermissionList(int roleId)
{
AdoHelper helper = AdoHelper.CreateHelper();
StringBuilder query = new StringBuilder();
query.Append("select a.PermissionId from R_RolePermission a inner join T_permission b on a.PermissionId=b.PermissionId");
query.AppendFormat(" where b.PermissionTypeId=1 and a.RoleId={0}", roleId);
DataSet ds = helper.ExecuteDataset(query.ToString());
ArrayList list = new ArrayList();
foreach (DataRow dr in ds.Tables[0].Rows)
{
list.Add(dr["PermissionId"]);
}
return list;
}基本是用户表 角色表 角色权限表 用户角色表 就可以搞定了
角色表
用户表
部门表
细粒度权限设置
细粒度:表示实例级需要考虑具体对象的实例
权限系统提供一个基础,并解决那些具有“共性”的(或者说粗粒度的)部分
在这个基础之上,根据“业务逻辑”的独特权限需求,编码实现细粒度部分
用户组
角色组
权限分1可执行 2可读 3可写 等
Action粒度的权限管理
{
string page_path = this.Page.Request.Url.ToString();
string page_name = page_path.Substring(page_path.LastIndexOf('/') + 1); var query = from u in db.BS_EmployeeInfo.Include("SYS_Role")
where u.employee_id == this.CurrentUserInfo.employee_id
select u;
BS_EmployeeInfo user = query.ToList()[0];
string role_id = user.SYS_Role.role_id; ControlsLogic control = new ControlsLogic();
List<v_Control_Author> list = control.GetControlsInfoByPageNameAndRole(page_name, role_id); foreach (v_Control_Author author in list)
{
if (author.contr_type == "ToolbarButton")
{
Coolite.Ext.Web.ToolbarButton ToolbarButton = string.IsNullOrEmpty(author.usercontr_id) ? (Coolite.Ext.Web.ToolbarButton)this.Page.FindControl(author.contr_id) : (Coolite.Ext.Web.ToolbarButton)this.Page.FindControl(author.usercontr_id).FindControl(author.contr_id);
ToolbarButton.Visible = true;
}
else if (author.contr_type == "Button")
{
Coolite.Ext.Web.Button Button = string.IsNullOrEmpty(author.usercontr_id) ? (Coolite.Ext.Web.Button)this.Page.FindControl(author.contr_id) : (Coolite.Ext.Web.Button)this.Page.FindControl(author.usercontr_id).FindControl(author.contr_id);
Button.Visible = true;
}
else if (author.contr_type == "Label")
{
Coolite.Ext.Web.Label Label = string.IsNullOrEmpty(author.usercontr_id) ? (Coolite.Ext.Web.Label)this.Page.FindControl(author.contr_id) : (Coolite.Ext.Web.Label)this.Page.FindControl(author.usercontr_id).FindControl(author.contr_id);
Label.Hidden = false;
}
else if (author.contr_type == "ToolbarTextItem")
{
Coolite.Ext.Web.ToolbarTextItem ToolbarTextItem = string.IsNullOrEmpty(author.usercontr_id) ? (Coolite.Ext.Web.ToolbarTextItem)this.Page.FindControl(author.contr_id) : (Coolite.Ext.Web.ToolbarTextItem)this.Page.FindControl(author.usercontr_id).FindControl(author.contr_id);
ToolbarTextItem.Visible = true;
}
else if (author.contr_type == "Panel")
{
Coolite.Ext.Web.Panel Panel = string.IsNullOrEmpty(author.usercontr_id) ? (Coolite.Ext.Web.Panel)this.Page.FindControl(author.contr_id) : (Coolite.Ext.Web.Panel)this.Page.FindControl(author.usercontr_id).FindControl(author.contr_id);
Panel.Visible = true;
}
else if (author.contr_type == "GridPanel")
{
Coolite.Ext.Web.GridPanel GridPanel = string.IsNullOrEmpty(author.usercontr_id) ? (Coolite.Ext.Web.GridPanel)this.Page.FindControl(author.contr_id) : (Coolite.Ext.Web.GridPanel)this.Page.FindControl(author.usercontr_id).FindControl(author.contr_id);
string gridcommand_author = author.gridcommand_author;
try
{
if (!string.IsNullOrEmpty(gridcommand_author))
{
string[] columns_author = gridcommand_author.Split(';');
foreach (string column_author in columns_author)
{
string column_index = column_author.Substring(0, column_author.IndexOf(':'));
string column_hidden = column_author.Substring(column_author.IndexOf(':') + 1);
int index = int.Parse(column_index);
bool hidden = bool.Parse(column_hidden);
GridPanel.ColumnModel.Columns[index].Hidden = !hidden;
}
}
}
catch
{
continue;
}
}
}
}
这个方法主要是控制控件的,实例我弄不到完整的,基本思路就是这样。
v_Control_Author 是控件与角色的视图。
给你一个想法。不知道对你会不会有帮助
protected void AuthorityManagement()
{
string page_path = this.Page.Request.Url.ToString();
string page_name = page_path.Substring(page_path.LastIndexOf('/') + 1); var query = from u in db.BS_EmployeeInfo.Include("SYS_Role")
where u.employee_id == this.CurrentUserInfo.employee_id
select u;
BS_EmployeeInfo user = query.ToList()[0];
string role_id = user.SYS_Role.role_id; ControlsLogic control = new ControlsLogic();
List<v_Control_Author> list = control.GetControlsInfoByPageNameAndRole(page_name, role_id); foreach (v_Control_Author author in list)
{
if (author.contr_type == "ToolbarButton")
{
Coolite.Ext.Web.ToolbarButton ToolbarButton = string.IsNullOrEmpty(author.usercontr_id) ? (Coolite.Ext.Web.ToolbarButton)this.Page.FindControl(author.contr_id) : (Coolite.Ext.Web.ToolbarButton)this.Page.FindControl(author.usercontr_id).FindControl(author.contr_id);
ToolbarButton.Visible = true;
}
else if (author.contr_type == "Button")
{
Coolite.Ext.Web.Button Button = string.IsNullOrEmpty(author.usercontr_id) ? (Coolite.Ext.Web.Button)this.Page.FindControl(author.contr_id) : (Coolite.Ext.Web.Button)this.Page.FindControl(author.usercontr_id).FindControl(author.contr_id);
Button.Visible = true;
}
else if (author.contr_type == "Label")
{
Coolite.Ext.Web.Label Label = string.IsNullOrEmpty(author.usercontr_id) ? (Coolite.Ext.Web.Label)this.Page.FindControl(author.contr_id) : (Coolite.Ext.Web.Label)this.Page.FindControl(author.usercontr_id).FindControl(author.contr_id);
Label.Hidden = false;
}
else if (author.contr_type == "ToolbarTextItem")
{
Coolite.Ext.Web.ToolbarTextItem ToolbarTextItem = string.IsNullOrEmpty(author.usercontr_id) ? (Coolite.Ext.Web.ToolbarTextItem)this.Page.FindControl(author.contr_id) : (Coolite.Ext.Web.ToolbarTextItem)this.Page.FindControl(author.usercontr_id).FindControl(author.contr_id);
ToolbarTextItem.Visible = true;
}
else if (author.contr_type == "Panel")
{
Coolite.Ext.Web.Panel Panel = string.IsNullOrEmpty(author.usercontr_id) ? (Coolite.Ext.Web.Panel)this.Page.FindControl(author.contr_id) : (Coolite.Ext.Web.Panel)this.Page.FindControl(author.usercontr_id).FindControl(author.contr_id);
Panel.Visible = true;
}
else if (author.contr_type == "GridPanel")
{
Coolite.Ext.Web.GridPanel GridPanel = string.IsNullOrEmpty(author.usercontr_id) ? (Coolite.Ext.Web.GridPanel)this.Page.FindControl(author.contr_id) : (Coolite.Ext.Web.GridPanel)this.Page.FindControl(author.usercontr_id).FindControl(author.contr_id);
string gridcommand_author = author.gridcommand_author;
try
{
if (!string.IsNullOrEmpty(gridcommand_author))
{
string[] columns_author = gridcommand_author.Split(';');
foreach (string column_author in columns_author)
{
string column_index = column_author.Substring(0, column_author.IndexOf(':'));
string column_hidden = column_author.Substring(column_author.IndexOf(':') + 1);
int index = int.Parse(column_index);
bool hidden = bool.Parse(column_hidden);
GridPanel.ColumnModel.Columns[index].Hidden = !hidden;
}
}
}
catch
{
continue;
}
}
}
}
Role:角色表
Function功能模块表
RoleAuthority角色权限表
Users用户表
用户表中包含了角色ID字段
我能够控制每一个按钮,也能控制页面的访问权限,我现在需要一种比较简变的方法来对整个站点的权限进行控件,尝试在基类中写,但由于权限读出来之后存入了Session中,而基类好像又不能使用Session,麻烦!
Role
UserInRoleFunction//页面资源
Control//页内资源,跟页面资源挂钩
Menu//菜单,可以独立,也可以跟页面挂钩FunctionAuth//角色(用户)跟页面资源(页内资源,菜单)的关联性
多应用的话还有个Application基于BasePage:Page,我是需要自己在PageLoad时去调用BasePage内验证指定Control是否可以访问,因为如果自动去控制的话,Control表就会比较复杂这是非MVC模式的权限,MVC是通过控制Action来实现权限控制
如果不写入基类,我想可能需要每个页面都去写权限验证,那样是不是太乱?
另外,我是将权限集合(IList<C_RoleAuthority>)存入Session的,这样做好不好?
如果不存入Session,还有没有其他办法?当然不想每次从数据库中读取,那样性能要降低。