扩展XAF 11.2权限
之按钮权限控制
1. 需求:XAF系统本身已经带了比较好用权限管理:Object-Level,Class-Level,Member-Level;但是没有对自定义按钮按角色分配的权限控制,因此需实现对自定义按钮的角色权限控制
2. 控制方式:角色按钮控制(角色、按钮多对多关系)
3. 系统权限类型为SecurityStrategyComplex, AuthenticationStandard(需选择自定义的MySecurityUser和MySecurityRole)
4. 需要区分自定义按钮和XAF系统本身自带按钮
5. 此按钮权限控制不控制XAF系统自带按钮,也可以通过简单修改能控制其自身按钮(未测试)
6. 使用规则,按钮的ID定义需以btn开头。
7. 系统需自定义User为MySecurityUser和Role为MySecurityRole;
定义BO为ActionData;
定义ViewContorl为ActionPermissionViewControl
8. 同步按钮信息功能(第一次使用需建立同步按钮信息资料)
实现代码:
using System;
using System.Collections.Generic;
using System.Linq;
using DevExpress.ExpressApp.Security;
using DevExpress.Xpo;
using DevExpress.Persistent.Base;
using DevExpress.ExpressApp.DC;
namespace SecurityDemoTest.Module.BusinessObjects
{
[XafDisplayName("User"), Persistent, ImageName("BO_User")]
public class MySecurityUser : SecurityUserWithRolesBase
{
public MySecurityUser(DevExpress.Xpo.Session session)
: base(session)
{
}
private string _Description;
public string Description
{
get
{
return _Description;
}
set
{
SetPropertyValue("Description", ref _Description, value);
}
}
}
}
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using DevExpress.ExpressApp.Security;
using DevExpress.Xpo;
using DevExpress.Persistent.Base;
namespace SecurityDemoTest.Module.BusinessObjects
{
[DefaultClassOptions]
public class MySecurityRole : SecurityRole
{
public MySecurityRole(Session session)
: base(session)
{
}
[Association("ActionDatas-MySecurityRoles")]
public XPCollection<ActionData> ActionPermissions
{
get
{
return GetCollection<ActionData>("ActionPermissions");
}
}
}
}
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using DevExpress.Xpo;
using DevExpress.Xpo.Metadata;
using DevExpress.Persistent.Base;
namespace SecurityDemoTest.Module.BusinessObjects
{
[DefaultClassOptions,Persistent]
public class ActionData : XPObject
{
private string _ActionId;
public string ActionId
{
get
{
return _ActionId;
}
set
{
SetPropertyValue("ActionId", ref _ActionId, value);
}
}
private string _Caption;
public string Caption
{
get
{
return _Caption;
}
set
{
SetPropertyValue("Caption", ref _Caption, value);
}
}
private string _Descritpion;
public string Descritpion
{
get
{
return _Descritpion;
}
set
{
SetPropertyValue("Descritpion", ref _Descritpion, value);
}
}
private bool _Enabled;
public bool Enabled
{
get
{
return _Enabled;
}
set
{
SetPropertyValue("Enabled", ref _Enabled, value);
}
}
private MySecurityRole _MyRole;
public ActionData()
{
}
public ActionData(Session session)
: base(session)
{
}
public ActionData(Session session, XPClassInfo classInfo)
: base(session, classInfo)
{
}
//[Association(typeof(MySecurityRole))]
//public MySecurityRole MyRole
//{
// get
// {
// return _MyRole;
// }
// set
// {
// SetPropertyValue("MyRole", ref _MyRole, value);
// }
//}
private string _Kind;
public string Kind
{
get
{
return _Kind;
}
set
{
SetPropertyValue("Kind", ref _Kind, value);
}
}
private string _Category;
public string Category
{
get
{
return _Category;
}
set
{
SetPropertyValue("Category", ref _Category, value);
}
}
[Association("ActionDatas-MySecurityRoles")]
public XPCollection<MySecurityRole> MySecurityRoles
{
get
{
return GetCollection<MySecurityRole>("MySecurityRoles");
}
}
}
}
using System;
using System.Collections.Generic;
using DevExpress.ExpressApp;
using DevExpress.ExpressApp.Actions;
using System.Collections;
using DevExpress.ExpressApp.Model;
using DevExpress.Data.Filtering;
using DevExpress.Utils;
using DevExpress.ExpressApp.Core;
namespace SecurityDemoTest.Module.BusinessObjects
{
public partial class ActionPermissionViewController : ViewController
{
public ActionPermissionViewController()
{
InitializeComponent();
RegisterActions(components);
this.TargetObjectType = typeof(ActionData);
this.TargetViewType = ViewType.ListView;
}
protected override void OnActivated()
{
foreach (Controller controller in Frame.Controllers)
{
foreach (ActionBase action in controller.Actions)
{
if (action.Id.StartsWith("btn"))
{
bool isAction = IsAllowAccessAction(action.Id);
action.Active.SetItemValue("ActionState1", isAction);
}
}
}
}
private static bool IsAllowAccessAction(string actionId)
{
MySecurityUser currentUser = SecuritySystem.CurrentUser as MySecurityUser;
Guard.ArgumentNotNull(currentUser, "CurrentUser");
Guard.ArgumentIsNotNullOrEmpty(actionId, "ActionId");
foreach (MySecurityRole role in currentUser.Roles)
{
foreach (ActionData ap in role.ActionPermissions)
{
if (ap.ActionId == actionId && ap.Kind == "Custom" )
return true;
}
}
return false;
}
private void SycAction_Execute(object sender, SimpleActionExecuteEventArgs e)
{
SyncActions(btnSycAction);
ObjectSpace.CommitChanges();
View.ObjectSpace.Refresh();
}
private void SyncActions(ActionBase action)
{
foreach (IModelAction item in action.Model.Application.ActionDesign.Actions)
{
ActionData ap = ObjectSpace.FindObject<ActionData>(new BinaryOperator("ActionId", item.Id));
if (ap == null)
{
ap = ObjectSpace.CreateObject<ActionData>();
ap.ActionId = item.Id;
ap.Caption = item.Caption;
ap.Category = item.Category;
ap.Enabled = true;
ap.Descritpion = item.ToolTip;
}
else
{
ap.Caption = item.Caption;
ap.Descritpion = item.ToolTip;
ap.Category = item.Category;
}
if (item.Id.StartsWith("btn"))
{
ap.Kind = "Custom";
}
else
{
ap.Kind = "System";
}
}
}
}
}
namespace SecurityDemoTest.Module.BusinessObjects
{
partial class ActionPermissionViewController
{
/// <summary>
/// Required designer variable.
/// </summary>
private System.ComponentModel.IContainer components = null;
/// <summary>
/// Clean up any resources being used.
/// </summary>
/// <param name="disposing">true if managed resources should be disposed; otherwise, false.</param>
protected override void Dispose(bool disposing)
{
if (disposing && (components != null))
{
components.Dispose();
}
base.Dispose(disposing);
}
#region Component Designer generated code
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.components = new System.ComponentModel.Container();
this.btnSycAction = new DevExpress.ExpressApp.Actions.SimpleAction(this.components);
//
// btnSycAction
//
this.btnSycAction.Caption = "btn Syc Action";
this.btnSycAction.ConfirmationMessage = null;
this.btnSycAction.Id = "btnSycAction";
this.btnSycAction.ImageName = null;
this.btnSycAction.Shortcut = null;
this.btnSycAction.Tag = null;
this.btnSycAction.TargetObjectsCriteria = null;
this.btnSycAction.TargetViewId = null;
this.btnSycAction.ToolTip = null;
this.btnSycAction.TypeOfView = null;
this.btnSycAction.Execute += new DevExpress.ExpressApp.Actions.SimpleActionExecuteEventHandler(this.SycAction_Execute);
}
#endregion
private DevExpress.ExpressApp.Actions.SimpleAction btnSycAction;
}
}
using System.Collections.Generic;
using System.Linq;
using DevExpress.ExpressApp.Security;
using DevExpress.Xpo;
using DevExpress.Persistent.Base;
using DevExpress.ExpressApp.DC;
namespace SecurityDemoTest.Module.BusinessObjects
{
[XafDisplayName("User"), Persistent, ImageName("BO_User")]
public class MySecurityUser : SecurityUserWithRolesBase
{
public MySecurityUser(DevExpress.Xpo.Session session)
: base(session)
{
}
private string _Description;
public string Description
{
get
{
return _Description;
}
set
{
SetPropertyValue("Description", ref _Description, value);
}
}
}
}
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using DevExpress.ExpressApp.Security;
using DevExpress.Xpo;
using DevExpress.Persistent.Base;
namespace SecurityDemoTest.Module.BusinessObjects
{
[DefaultClassOptions]
public class MySecurityRole : SecurityRole
{
public MySecurityRole(Session session)
: base(session)
{
}
[Association("ActionDatas-MySecurityRoles")]
public XPCollection<ActionData> ActionPermissions
{
get
{
return GetCollection<ActionData>("ActionPermissions");
}
}
}
}
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using DevExpress.Xpo;
using DevExpress.Xpo.Metadata;
using DevExpress.Persistent.Base;
namespace SecurityDemoTest.Module.BusinessObjects
{
[DefaultClassOptions,Persistent]
public class ActionData : XPObject
{
private string _ActionId;
public string ActionId
{
get
{
return _ActionId;
}
set
{
SetPropertyValue("ActionId", ref _ActionId, value);
}
}
private string _Caption;
public string Caption
{
get
{
return _Caption;
}
set
{
SetPropertyValue("Caption", ref _Caption, value);
}
}
private string _Descritpion;
public string Descritpion
{
get
{
return _Descritpion;
}
set
{
SetPropertyValue("Descritpion", ref _Descritpion, value);
}
}
private bool _Enabled;
public bool Enabled
{
get
{
return _Enabled;
}
set
{
SetPropertyValue("Enabled", ref _Enabled, value);
}
}
private MySecurityRole _MyRole;
public ActionData()
{
}
public ActionData(Session session)
: base(session)
{
}
public ActionData(Session session, XPClassInfo classInfo)
: base(session, classInfo)
{
}
//[Association(typeof(MySecurityRole))]
//public MySecurityRole MyRole
//{
// get
// {
// return _MyRole;
// }
// set
// {
// SetPropertyValue("MyRole", ref _MyRole, value);
// }
//}
private string _Kind;
public string Kind
{
get
{
return _Kind;
}
set
{
SetPropertyValue("Kind", ref _Kind, value);
}
}
private string _Category;
public string Category
{
get
{
return _Category;
}
set
{
SetPropertyValue("Category", ref _Category, value);
}
}
[Association("ActionDatas-MySecurityRoles")]
public XPCollection<MySecurityRole> MySecurityRoles
{
get
{
return GetCollection<MySecurityRole>("MySecurityRoles");
}
}
}
}
using System;
using System.Collections.Generic;
using DevExpress.ExpressApp;
using DevExpress.ExpressApp.Actions;
using System.Collections;
using DevExpress.ExpressApp.Model;
using DevExpress.Data.Filtering;
using DevExpress.Utils;
using DevExpress.ExpressApp.Core;
namespace SecurityDemoTest.Module.BusinessObjects
{
public partial class ActionPermissionViewController : ViewController
{
public ActionPermissionViewController()
{
InitializeComponent();
RegisterActions(components);
this.TargetObjectType = typeof(ActionData);
this.TargetViewType = ViewType.ListView;
}
protected override void OnActivated()
{
foreach (Controller controller in Frame.Controllers)
{
foreach (ActionBase action in controller.Actions)
{
if (action.Id.StartsWith("btn"))
{
bool isAction = IsAllowAccessAction(action.Id);
action.Active.SetItemValue("ActionState1", isAction);
}
}
}
}
private static bool IsAllowAccessAction(string actionId)
{
MySecurityUser currentUser = SecuritySystem.CurrentUser as MySecurityUser;
Guard.ArgumentNotNull(currentUser, "CurrentUser");
Guard.ArgumentIsNotNullOrEmpty(actionId, "ActionId");
foreach (MySecurityRole role in currentUser.Roles)
{
foreach (ActionData ap in role.ActionPermissions)
{
if (ap.ActionId == actionId && ap.Kind == "Custom" )
return true;
}
}
return false;
}
private void SycAction_Execute(object sender, SimpleActionExecuteEventArgs e)
{
SyncActions(btnSycAction);
ObjectSpace.CommitChanges();
View.ObjectSpace.Refresh();
}
private void SyncActions(ActionBase action)
{
foreach (IModelAction item in action.Model.Application.ActionDesign.Actions)
{
ActionData ap = ObjectSpace.FindObject<ActionData>(new BinaryOperator("ActionId", item.Id));
if (ap == null)
{
ap = ObjectSpace.CreateObject<ActionData>();
ap.ActionId = item.Id;
ap.Caption = item.Caption;
ap.Category = item.Category;
ap.Enabled = true;
ap.Descritpion = item.ToolTip;
}
else
{
ap.Caption = item.Caption;
ap.Descritpion = item.ToolTip;
ap.Category = item.Category;
}
if (item.Id.StartsWith("btn"))
{
ap.Kind = "Custom";
}
else
{
ap.Kind = "System";
}
}
}
}
}
namespace SecurityDemoTest.Module.BusinessObjects
{
partial class ActionPermissionViewController
{
/// <summary>
/// Required designer variable.
/// </summary>
private System.ComponentModel.IContainer components = null;
/// <summary>
/// Clean up any resources being used.
/// </summary>
/// <param name="disposing">true if managed resources should be disposed; otherwise, false.</param>
protected override void Dispose(bool disposing)
{
if (disposing && (components != null))
{
components.Dispose();
}
base.Dispose(disposing);
}
#region Component Designer generated code
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.components = new System.ComponentModel.Container();
this.btnSycAction = new DevExpress.ExpressApp.Actions.SimpleAction(this.components);
//
// btnSycAction
//
this.btnSycAction.Caption = "btn Syc Action";
this.btnSycAction.ConfirmationMessage = null;
this.btnSycAction.Id = "btnSycAction";
this.btnSycAction.ImageName = null;
this.btnSycAction.Shortcut = null;
this.btnSycAction.Tag = null;
this.btnSycAction.TargetObjectsCriteria = null;
this.btnSycAction.TargetViewId = null;
this.btnSycAction.ToolTip = null;
this.btnSycAction.TypeOfView = null;
this.btnSycAction.Execute += new DevExpress.ExpressApp.Actions.SimpleActionExecuteEventHandler(this.SycAction_Execute);
}
#endregion
private DevExpress.ExpressApp.Actions.SimpleAction btnSycAction;
}
}
欢迎转载,转载请注明出处:http://www.cnblogs.com/Tonyyang/