.net mvc3.0 权限 问题
请教 我 有一个 用户表, 一个权限组表, 一个权限表一个用户有多个权限组, 一个权限组有多个权限。
请问 MVC 3.0 是如何设置权限的,本人MVC 是新手。
--------------------编程问答-------------------- 用Power.Has --------------------编程问答--------------------
--------------------编程问答--------------------
public class Power
{
public static bool Has()
{
return true;
}
public static bool Has(string operateName)
{
return RoleFilterAttribute.HasPower(operateName);
}
public static bool Has(LoginType loginType)
{
return RoleFilterAttribute.HasPower(loginType);
}
public static bool Has( params string[] operateNames)
{
return RoleFilterAttribute.HasPower(operateNames);
}
public static string[] GetOperateListByRoleID(Guid roleID)
{
return GetOperateList(BLL.Accounts.RoleFn.GetPowersByRoleID(roleID));
}
static string[] GetOperateList(DataResult<DataTable> data)
{
if (data.Status == ResultState.Success && data.Data != null && data.Data.Rows.Count > 0)
{
List<string> list = new List<string>();
foreach (DataRow row in data.Data.Rows)
list.Add(row[0].ToString());
return list.ToArray();
}
return new string[0];
}
public static string[] GetOperateListByUserID(Guid userID)
{
return GetOperateList(BLL.Accounts.RoleFn.GetPowersByUserID(userID));
}
}
public class RoleFilterAttribute : FilterAttribute, IAuthorizationFilter
{
public RoleFilterAttribute()
{
}
public RoleFilterAttribute(string operateName)
{
OperateName = operateName;
}
public RoleFilterAttribute(params string[] operateNames)
{
OperateNames = operateNames;
}
public RoleFilterAttribute(LoginType neadLoginType)
{
NeadLoginType = neadLoginType;
}
public RoleFilterAttribute(string operateName, LoginType neadLoginType)
{
OperateName = operateName;
NeadLoginType = neadLoginType;
}
#region IAuthorizationFilter 成员
/// <summary>
/// 权限控制
/// </summary>
/// <param name="filterContext"></param>
public void OnAuthorization(AuthorizationContext filterContext)
{
//首先必须登录
if (!Account.IsLogin)
{
filterContext.Result = new RedirectResult("/Account/Login");
return;
}
LoginData? ldata = Account.LoginUser;
if (!ldata.HasValue)
{
filterContext.Result = new RedirectResult("/Account/Login");
return;
}
//如果设置管理员类型则必须匹配
if (NeadLoginType.HasValue && ldata.Value.LoginType != NeadLoginType.Value)
{
filterContext.Result = new RedirectResult("/Account/NoPower");
return;
}
//权限判断(如果设置了具体操作权限则必须匹配)
if(!String.IsNullOrEmpty(OperateName) && !ldata.Value.Powers.Contains(OperateName))
{
filterContext.Result = new RedirectResult("/Account/NoPower");
return;
}
//权限判断(如果设置了一组操作权限则必须匹配其中一个)
if (OperateNames != null && OperateNames.Length > 0 && !HasPower(OperateNames, ldata.Value))
{
filterContext.Result = new RedirectResult("/Account/NoPower");
return;
}
}
#endregion
/// <summary>
/// 指定管理员类型
/// </summary>
public LoginType? NeadLoginType { set; get; }
private static bool BasePower(LoginData ldata)
{
///开发人员不限制权限
if (ldata.LoginType == LoginType.Developer) return true;
return false;
}
public static bool HasPower(LoginType loginType)
{
if (!Account.IsLogin)
{
return false;
}
LoginData? ldata = Account.LoginUser;
if (!ldata.HasValue)
{
return false;
}
if (BasePower(ldata.Value)) return true;
//权限判断
return ldata.Value.LoginType == loginType;
}
/// <summary>
/// 设置操作权限
/// </summary>
public string OperateName { set; get; }
/// <summary>
/// 设置一组操作权限,当前用户只需要拥有其中一个即可
/// </summary>
public string[] OperateNames { set; get; }
/// <summary>
/// 判断当前用户是否拥有该操作权限
/// </summary>
/// <param name="operateName"></param>
/// <returns></returns>
public static bool HasPower(string operateName)
{
if (!Account.IsLogin)
{
return false;
}
LoginData? ldata = Account.LoginUser;
if (!ldata.HasValue)
{
return false;
}
if (BasePower(ldata.Value)) return true;
//权限判断
return ldata.Value.Powers.Contains(operateName);
}
/// <summary>
/// 只需要拥有其中一个操作权限即可
/// </summary>
/// <param name="operateNames"></param>
/// <returns></returns>
public static bool HasPower(string[] operateNames)
{
if (!Account.IsLogin)
{
return false;
}
LoginData? ldata = Account.LoginUser;
if (!ldata.HasValue)
{
return false;
}
if (BasePower(ldata.Value)) return true;
//权限判断
foreach (string opname in operateNames)
if (ldata.Value.Powers.Contains(opname))
return true;
return false;
}
bool HasPower(string[] operateNames, LoginData ldata)
{
//权限判断
foreach (string opname in operateNames)
if (ldata.Powers.Contains(opname))
return true;
return false;
}
}
Controller里[RoleFilterAttribute(new string[] {"Power.Has中定义的权限"})]
--------------------编程问答-------------------- 虽然不懂 但貌似很强大的样子 Mark一下~ --------------------编程问答-------------------- 你可以把所有的控制器都继承一个,在这个里面来控制权限菜单加载,另外你所说的权限的问题,对于你所说的一个用户有多个权限组这句话我感觉你把路走的有点远,可能它会方便,我一般都是如果用户想拥有其他权限组的权限,可以给他先加权限组,在权限组里去加用户,总体来说就是用权限组来控制,不知道你明白不?? --------------------编程问答-------------------- 顶一下 我也刚学mvc3.0 --------------------编程问答-------------------- 顶一下 我也刚学mvc3.0 --------------------编程问答--------------------
--------------------编程问答--------------------
同意5楼观点 --------------------编程问答--------------------
直接在global里面加载个全局filter就可以了。
补充:.NET技术 , ASP.NET
