• MVC权限模块

    设计方向:

    1.摒弃SiteMap,避免在容易书写错误的sitemap中书写,导航在controller和action上打标签生成。

    2.controller统一继承basecontroller,在basecontroller上统一权限拦截。

    3.使用缓存保存权限列表,避免反复读取数据库。 

    4.使用Elinq作为ORM工具 

    5.使用页面部分试图权限 

    一. 获取权限视图缓存列表

            /// <summary>
                /// 获取权限视图缓存列表
                /// </summary>
                /// <returns></returns>
            public static List<AuthModel> GetAuthCache()
            {
                List<AuthModel> viewRoleGroup;
                string key = "ViewAuthList";
                if (HttpRuntime.Cache[key] != null)
                {
                    viewRoleGroup = (List<AuthModel>)HttpRuntime.Cache[key];
                }
                else
                {
                    viewRoleGroup = ElinqHelper.List<AuthModel>().Where(p => p.ID > 0).ToList();
                }
                return viewRoleGroup; }

     二.权限判断业务逻辑

       //权限判断业务逻辑
            protected virtual bool AuthorizeCore(ActionExecutingContext filterContext, bool isViewPage)
            {
                HttpCookie cookie = System.Web.HttpContext.Current.Request.Cookies.Get("userCookie");
                if (cookie != null)
                {
                    HttpContext.Current.Session["name"] = cookie.Values["name"];
                    HttpContext.Current.Session["zu"] = cookie.Values["zu"];
                }

                if (HttpContext.Current.Session["name"] == nullreturn false;
                if (HttpContext.Current.Session["name"].ToString() == "admin"return true;
                if (filterContext.HttpContext == nullthrow new ArgumentNullException("httpContext");
                var controllerName = filterContext.RouteData.Values["controller"].ToString();
                var actionName = filterContext.RouteData.Values["action"].ToString();

                var list = GetCache.GetAuthCache();
                var grouplist = list.FirstOrDefault(p => p.CONTROLLERNAME == controllerName && p.ACTIONNAME == actionName).GROUPISLIST;
                var group = Convert.ToDecimal(HttpContext.Current.Session["zu"]);
                if (grouplist.Contains(group))return true;
                return false; }

            

    三.权限拦截

        [newAuthorizeFilterAttribute]
        public class BaseController : Controller
        {
            protected override void OnException(ExceptionContext filterContext)
            {
                filterContext.Controller.ViewData["ErrorMessage"] = filterContext.Exception.Message;
                filterContext.Result = new ViewResult()
                {
                    ViewName = "Error",
                    ViewData = filterContext.Controller.ViewData,
                };
                filterContext.ExceptionHandled = true;
            } } 

    四.更新权限列表

            [Description("更新权限列表")]
            public ActionResult UpAuthList()
            {
                var count = 0;
                var result = GetActionPermission.GetAllActionByAssembly().Where(p => !(p.ActionMethod is HttpPostAttribute));
                var dbConfiguration = ElinqHelper.dbConfiguration;
                ElinqHelper.AddClass<AuthModel>();
                using (var ctx = dbConfiguration.CreateDbContext())
                {
                    var q = ctx.Set<AuthModel>();
                    var sqlResult = q.Where(p => p.ID > 0);
                    foreach (var item in result)
                    {
                        var newId = ElinqHelper.NextVal("SQ_AUTH");
                        var auth = sqlResult.FirstOrDefault(p => p.CONTROLLERNAME == item.ControllerName
                            && p.ACTIONNAME == item.ActionName);
                        if (auth != null)
                        {
                            if (string.IsNullOrEmpty(auth.CONTROLLERNAME) || string.IsNullOrEmpty(auth.ACTIONNAME)) break;
                            if (auth.DESCRIPTION != item.Description)
                            {
                                if (q.Update(new { DESCRIPTION = item.Description, LASTTIME = DateTime.Now }, p => p.ID == auth.ID) > 0) count++;
                            }
                        }
                        else
                        {
                            AuthModel model = new AuthModel
                            {
                                ID = newId,
                                CONTROLLERNAME = item.ControllerName,
                                ACTIONNAME = item.ActionName,
                                DESCRIPTION = item.Description,
                                LASTTIME = DateTime.Now
                            };
                            if (q.Insert(model) > 0)
                            {
                                newId++;
                                count++;
                            }
                        }
                    }
                }
                return Content("成功更新" + count.ToString() + "");}

            

    五.导航

    public static MvcHtmlString GetWebPath(this HtmlHelper html, string itemTemplate)
            {
                var sb = new StringBuilder();
                var controllerList = GetCache.GetControllerCache();
                var menu = GetCache.GetActionCache()
                  .Where(p => p.Attrs.Count(q => q.TypeId.ToString() == "MvcApplication.Controllers.Menu") > 0);

                CurrentUser currentuser = new CurrentUser();
                if (currentuser.ActionPermission == null)
                    return MvcHtmlString.Create(sb.ToString());

                foreach (var controller in controllerList)
                {
                    if (currentuser.ActionPermission != null)
                    {
                        var list = currentuser.ActionPermission.Where(p => p.CONTROLLERNAME == controller.ControllerName && p.CONTROLLERNAME != "Home");
                        foreach (var item in list)
                        {
                            var result = menu.FirstOrDefault(p => p.ActionName == item.ACTIONNAME && p.ControllerName == item.CONTROLLERNAME);
                            if (result != null)
                            {
                                sb.Append(itemTemplate.Replace("{0}", result.ControllerName).Replace("{1}", result.ActionName).Replace("{2}",
                                    controller.Description));
                                break;
                            }
                        }
                    }
                }
                return MvcHtmlString.Create(sb.ToString());}

            

    六.页面代码块级权限设计 

    public static HelperResult RoleHtmlTags(this HtmlHelper htmlHelper, string action, Func<string, HelperResult> template)
            {
                var controller = HttpContext.Current.Request.RequestContext.RouteData.Values["controller"].ToString();
                CurrentUser currentuser = new CurrentUser();
                var auth = currentuser.ActionPermission.Count(p => p.CONTROLLERNAME == controller && p.ACTIONNAME == action);
                if (auth > 0)
                {
                    return new HelperResult(writer =>
                    {
                        writer.Write(template.Invoke(null));
                    });
                }
                else
                {
                    return null;
                }
            }

         页面使用方法 

    @Html.RoleHtmlTags("WorkLogEdit", @<span>@Html.ActionLink("编辑""WorkLogEdit"new { id = dt.id })<span>|</span></span>) 
  • 相关阅读:
    Problem E. Matrix from Arrays(杭电2018年多校第四场+思维+打表找循环节)
    Reachability from the Capital(Codeforces Round #490 (Div. 3)+tarjan有向图缩点)
    Network of Schools(POJ1326+有向图进行缩点)
    John's trip(POJ1041+欧拉回路+打印路径)
    Watchcow(POJ2230+双向欧拉回路+打印路径)
    Network(POJ3694+边双连通分量+LCA)
    Problem L. Visual Cube(杭电多校2018年第三场+模拟)
    floyd骚操作——传递闭包
    Remmarguts' Date(POJ2449+最短路+A*算法)
    Transformation(线段树+HDU4578+多种操作+鬼畜的代码)
  • 原文地址:https://www.cnblogs.com/hotss/p/3321430.html
Copyright © 2020-2023  润新知