• 基于页面的权限设计原形


    权限属性定义:

    /// <summary>
        /// 权限属性
        /// </summary>
        [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = false)]
        public class AccessLevAttribute : Attribute
        {
            /// <summary>
            /// 名称
            /// </summary>
            public string Name { get; set; }
    
            /// <summary>
            /// 权限
            /// </summary>
            public string LevStr { get; set; }
    
            /// <summary>
            /// 
            /// </summary>
            static Type attrType = typeof(AccessLevAttribute);
    
            public AccessLevAttribute(string name)
            {
                this.Name = name;
            }
    
            public AccessLevAttribute(string name, string levStr)
            {
                this.Name = name;
                this.LevStr = levStr;
            }
    
            /// <summary>
            /// 解析类属性
            /// </summary>
            /// <param name="t"></param>
            /// <returns></returns>
            public static AccessLevAttribute ParseClass(Type t)
            {
                return Parse(t.GetCustomAttributes(attrType, false));
            }
    
            /// <summary>
            /// 解析方法属性
            /// </summary>
            /// <param name="m"></param>
            /// <returns></returns>
            public static AccessLevAttribute ParseMethod(MethodInfo m)
            {
                return Parse(m.GetCustomAttributes(attrType, false));
            }
    
            static AccessLevAttribute Parse(object[] attributes)
            {
                return (attributes == null || attributes.Length != 1) ? null : attributes[0] as AccessLevAttribute;
            }
        }
    

    页面基类:

    public class PageBase : System.Web.UI.Page
        {
            public PageBase()
            {
                this.Init += new EventHandler(PageBase_Init);
            }
    
            void PageBase_Init(object sender, EventArgs e)
            {
                Type clssType = this.GetType().BaseType;
    
                var classAttr = AccessLevAttribute.ParseClass(clssType); //获取类上定义的权限数据
                Response.Write(classAttr == null ? clssType.Name : classAttr.Name);
                            
                foreach (var m in clssType.GetMethods(BindingFlags.DeclaredOnly | BindingFlags.Instance | BindingFlags.Public | BindingFlags.NonPublic))
                {
                    var a = AccessLevAttribute.ParseMethod(m); //获取方法上定义的权限数据
                    Response.Write(a == null ? m.Name : a.Name);
                }
                
            }
        }
    

    页面类:

    [AccessLev("classAliasName")]
        public partial class WebForm1 :PageBase
        {
            protected void Page_Load(object sender, EventArgs e)
            {
    
            }
    
            [AccessLev("methodAliasName")]
            string Test()
            {
                return DateTime.Now.ToString();
            }
        }
    

    验证在基类中统一完成,相对一般的基于url验证更安全,且可细化到页面的方法级

  • 相关阅读:
    CV大牛/实验室主页
    mendeley使用技巧
    卷积理解与思考
    CMake构建OpenGL项目
    信号与系统学习(2)-跃阶信号
    信号与系统学习(1)-正弦信号和指数信号
    txt转换为mat
    matlab取整函数
    三维观察流水线的理解
    C#中文和UNICODE字符转换方法
  • 原文地址:https://www.cnblogs.com/jiang_zheng/p/4632793.html
Copyright © 2020-2023  润新知