设计方向:
1.摒弃SiteMap,避免在容易书写错误的sitemap中书写,导航在controller和action上打标签生成。
2.controller统一继承basecontroller,在basecontroller上统一权限拦截。
3.使用缓存保存权限列表,避免反复读取数据库。
4.使用Elinq作为ORM工具
5.使用页面部分试图权限
一. 获取权限视图缓存列表
/// <summary>
/// 获取权限视图缓存列表
/// </summary>
/// <returns></returns>
public static List<AuthModel> GetAuthCache()
{
List<AuthModel> viewRoleGroup;
string key =
"ViewAuthList";
if (HttpRuntime.Cache[key] !=
null)
{
viewRoleGroup = (List<AuthModel>)HttpRuntime.Cache[key];
}
else {
viewRoleGroup = ElinqHelper.List<AuthModel>().Where(p => p.ID >
0).ToList();
}
return viewRoleGroup;
}
二.权限判断业务逻辑
//权限判断业务逻辑
protected virtual bool AuthorizeCore(ActionExecutingContext filterContext,
bool isViewPage)
{
HttpCookie cookie = System.Web.HttpContext.Current.Request.Cookies.Get(
"userCookie");
if (cookie !=
null)
{
HttpContext.Current.Session[
"name"] = cookie.
Values[
"name"];
HttpContext.Current.Session[
"zu"] = cookie.Values[
"zu"];
}
if (HttpContext.Current.Session[
"name"] ==
null)
return false;
if (HttpContext.Current.Session[
"name"].ToString() ==
"admin")
return true;
if (filterContext.HttpContext ==
null)
throw new ArgumentNullException(
"httpContext");
var controllerName = filterContext.RouteData.Values[
"controller"].ToString();
var actionName = filterContext.RouteData.Values[
"action"].ToString();
var list = GetCache.GetAuthCache();
var grouplist = list.FirstOr
Default(p => p.CONTROLLERNAME == controllerName && p.ACTIONNAME == actionName).GROUPISLIST;
var group = Convert.To
Decimal(HttpContext.Current.Session[
"zu"]);
if (grouplist.Contains(group))
return true;
return false;
}
三.权限拦截
[newAuthorizeFilterAttribute]
public class BaseController : Controller
{
protected override void OnException(ExceptionContext filterContext)
{
filterContext.Controller.
ViewData[
"ErrorMessage"] = filterContext.Exception.Message;
filterContext.Result =
new ViewResult()
{
ViewName =
"Error",
ViewData = filterContext.Controller.ViewData,
};
filterContext.ExceptionHandled =
true;
}
}
四.更新权限列表
[Description(
"更新权限列表")]
public ActionResult UpAuthList()
{
var count =
0;
var result = GetActionPermission.GetAllActionByAssembly().Where(p => !(p.ActionMethod
is HttpPostAttribute));
var dbConfiguration = ElinqHelper.dbConfiguration;
ElinqHelper.AddClass<AuthModel>();
using (
var ctx = dbConfiguration.CreateDbContext())
{
var q = ctx.Set<AuthModel>();
var sqlResult = q.Where(p => p.ID >
0);
foreach (
var item
in result)
{
var newId = ElinqHelper.NextVal(
"SQ_AUTH");
var auth = sqlResult.FirstOrDefault(p => p.CONTROLLERNAME == item.ControllerName
&& p.ACTIONNAME == item.ActionName);
if (auth !=
null)
{
if (
string.IsNullOrEmpty(auth.CONTROLLERNAME) ||
string.IsNullOrEmpty(auth.ACTIONNAME))
break;
if (auth.DESCRIPTION != item.Description)
{
if (q.Update(
new { DESCRIPTION = item.Description, LASTTIME = DateTime.Now }, p => p.ID == auth.ID) >
0) count++;
}
}
else {
AuthModel model =
new AuthModel
{
ID = newId,
CONTROLLERNAME = item.ControllerName,
ACTIONNAME = item.ActionName,
DESCRIPTION = item.Description,
LASTTIME = DateTime.Now
};
if (q.Insert(model) >
0)
{
newId++;
count++;
}
}
}
}
return Content(
"成功更新" + count.ToString() +
"个");}
五.导航
public static MvcHtmlString GetWebPath(
this HtmlHelper html,
string itemTemplate)
{
var sb =
new StringBuilder();
var controllerList = GetCache.GetControllerCache();
var menu = GetCache.GetActionCache()
.Where(p => p.Attrs.Count(q => q.TypeId.ToString() ==
"MvcApplication.Controllers.Menu") >
0);
CurrentUser currentuser =
new CurrentUser();
if (currentuser.ActionPermission ==
null)
return MvcHtmlString.Create(sb.ToString());
foreach (
var controller
in controllerList)
{
if (currentuser.ActionPermission !=
null)
{
var list = currentuser.ActionPermission.Where(p => p.CONTROLLERNAME == controller.ControllerName && p.CONTROLLERNAME !=
"Home");
foreach (
var item
in list)
{
var result = menu.FirstOrDefault(p => p.ActionName == item.ACTIONNAME && p.ControllerName == item.CONTROLLERNAME);
if (result !=
null)
{
sb.Append(itemTemplate.Replace(
"{0}", result.ControllerName).Replace(
"{1}", result.ActionName).Replace(
"{2}",
controller.Description));
break;
}
}
}
}
return MvcHtmlString.Create(sb.ToString());}
六.页面代码块级权限设计
public static HelperResult RoleHtmlTags(this HtmlHelper htmlHelper, string action, Func<string, HelperResult> template) { var controller = HttpContext.Current.Request.RequestContext.RouteData.Values["controller"].ToString(); CurrentUser currentuser = new CurrentUser(); var auth = currentuser.ActionPermission.Count(p => p.CONTROLLERNAME == controller && p.ACTIONNAME == action); if (auth > 0) { return new HelperResult(writer => { writer.Write(template.Invoke(null)); }); } else { return null; } }
页面使用方法
@Html.RoleHtmlTags(
"WorkLogEdit", @<span>@Html.ActionLink(
"编辑",
"WorkLogEdit",
new { id = dt.id })<span>|</span></span>)
相关文章
