扩展ASP.NET MEMBERSHIP权限功能(二 )

  前一篇介绍了需求,和数据库结构与网站和项目结构

 

  这一篇主要介绍一下网站结构和配置

  admin下面的web.config

<?xml version="1.0"?>
<configuration>
  <configSections>
    <section name="Permission" type="EC.Permissions.Config"/>
  </configSections>
    <appSettings/>
    <connectionStrings/>
  <system.web>
    <authorization>
      <deny users="?" />
    </authorization>
  </system.web>
</configuration>

 

 

  EC.Permissions.Config主要是实现了IConfigurationSectionHandler接口,来完成自定义的配置

 

   admin/test下面 web.config

  

<?xml version="1.0"?>
<?xml version="1.0"?>
<configuration>
  <Permission type="EC.Permissions.PermissionInfo">
    <ModulePath>account</ModulePath>
    <ModuleName>test</ModuleName>
    <Items>
      <Item>
        <Page>Default.aspx</Page>
        <Function>列表</Function>
        <Val>2</Val>
      </Item>
      <Item>
        <Page>Default.aspx</Page>
        <Function>编辑</Function>
        <Val>16</Val>
      </Item>
      <Item>
        <Page>Default.aspx</Page>
        <Function>删除</Function>
        <Val>32</Val>
      </Item>
      <Item>
        <Page>Ok.aspx</Page>
        <Function>测试</Function>
        <Val>2</Val>
      </Item>
    </Items>
  </Permission>
</configuration>

 

 

  1.串行化 web.config

  EC.Permissions.Config 类

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Configuration;
using System.Xml;
using System.Xml.Serialization;
using System.IO;

namespace EC.Permissions
{
    
public class Config : IConfigurationSectionHandler
    {
        
#region IConfigurationSectionHandler Members

        
public object Create(object parent, object configContext, System.Xml.XmlNode section)
        {
            
//EC.Permissions.PermissionInfo
            string typeName = ((XmlElement)section).GetAttribute("type");
            Type type 
= Type.GetType(typeName);
            XmlSerializer xz 
= new XmlSerializer(type);
            
using (StringReader sr = new StringReader(section.OuterXml))
            {
                
return xz.Deserialize(sr);
            }
        }

        
#endregion
    }
}

 

 

  2.EC.Permissions.PermissionInfo

  

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Xml.Serialization;

namespace EC.Permissions
{

    [Serializable]
    [XmlRoot(
"Permission")]
    
public class PermissionInfo
    {
        
/// <summary>
        
/// 权限数据库ID
        
/// </summary>
        public int PermissionId { getset; }

        
/// <summary>
        
/// 用户组ID
        
/// </summary>
        public string RoleId { getset; }

        
/// <summary>
        
/// 用户组名
        
/// </summary>
        public string RoleName { getset; }

        
/// <summary>
        
/// 模块路径
        
/// </summary>
        [XmlElement("ModulePath"typeof(string))]
        
public string ModulePath { getset; }

        
/// <summary>
        
/// 模块名字
        
/// </summary>

        [XmlElement(
"ModuleName"typeof(string))]
        
public string ModuleName { getset; }

        
/// <summary>
        
/// 权限值
        
/// </summary>
        public PermissionType PermissionValue { getset; }

        [XmlArrayItem(
"Item"typeof(PermissionItemInfo))]
        
public PermissionItemInfo[] Items { getset; }
    }

    [Serializable]
    [XmlRoot(
"Items")]
    
public class PermissionItemInfo
    {
        [XmlElement(
"Page"typeof(string))]
        
public string Page { getset; }

        [XmlElement(
"Function"typeof(string))]
        
public string Function { getset; }

        [XmlElement(
"Val"typeof(int))]
        
public int Value { getset; }

        
public override bool Equals(object obj)
        {
            
if (obj == null)
                
return false;

            
if (this.GetType() != obj.GetType())
                
return false;

            
if (((PermissionItemInfo)obj).Page == this.Page) return true;


            
return base.Equals(obj);
        }
    }

    
/// <summary>
    
/// 权限类型
    
/// </summary>
    public enum PermissionType
    {
        ALL
=0,
        LIST
=2,
        VIEW
=4,
        ADD
=8,
        EDIT
=16,
        DELETE
=32,
        PRINT
=64
    }
}

 

   3.EC.Permissions.DAL 数据库访问

  

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Collections;
using System.Web.Security;
using System.Data;
using EC.DBUtility;
using System.Data.SqlClient;
using System.Configuration;
using System.Web;

namespace EC.Permissions
{
    
public class DAL
    {
        
private static DataAccessManager dataAccessManager = new DataAccessManager();

        
/// <summary>
        
/// 判断页面是否有此权限
        
/// 1.得到当前用户所有的用户组
        
/// 2.得到所有用户组的权限并取并集
        
/// </summary>
        
/// <param name="type"></param>
        
/// <returns></returns>
        public static bool CheckPage()
        {
            
bool bResult = false;

            PermissionInfo pi 
= GetPermissionInfo;
            
if (pi == null)
                
return true;

            Hashtable ht 
= GetPermissionsByRole();

            
if (ht.Count > 0)
            {
                
string key = string.Format("M-{0}", FolderPath);
                
if (ht.ContainsKey(key))
                {
                    
string filename = GetFileName;
                    
//拆箱取出并判断权限
                    PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];

                    
foreach (PermissionItemInfo temp in pi.Items)
                    {
                        
if (temp.Page.ToLower().Equals(filename) && ((Convert.ToInt32(ht_PermissionInfo.PermissionValue)&temp.Value)==temp.Value))
                        {
                            bResult 
= true;
                            
break;
                        }
                    }
                }
            }

            
return bResult;
        }



        
/// <summary>
        
/// 判断按钮是否有此权限
        
/// 1.得到当前用户所有的用户组
        
/// 2.得到所有用户组的权限并取并集
        
/// </summary>
        
/// <param name="type"></param>
        
/// <returns></returns>
        public static bool CheckButton(PermissionType type)
        {

            
bool bResult = false;

            Hashtable ht 
= GetPermissionsByRole();

            
if (ht.Count > 0)
            {
                
string key = string.Format("M-{0}", FolderPath);
                
if (ht.ContainsKey(key))
                {
                    
//拆箱取出并判断权限
                    PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];

                    bResult 
= (ht_PermissionInfo.PermissionValue & type) == type;
                }
            }

            
return bResult;
        }

        

        
/// <summary>
        
/// 当前目录
        
/// </summary>
        public static String FolderPath
        {
            
get
            {
                
string paths = HttpContext.Current.Request.ServerVariables["SCRIPT_NAME"].ToString();
                
return paths.ToLower();
            }
        }


        
/// <summary>
        
/// 获取当前访问页面地址
        
/// </summary>
        public static string GetFileName
        {
            
get
            {
                
string paths= HttpContext.Current.Request.ServerVariables["SCRIPT_NAME"].ToString();
                
return paths.Substring(paths.LastIndexOf("/"+ 1).ToLower();
            }
        }

        
/// <summary>
        
/// 获取当前目录下权限配置集合
        
/// </summary>
        public static PermissionInfo GetPermissionInfo
        {
            
get
            {
                
return (PermissionInfo)ConfigurationManager.GetSection("Permission");
            }
        }

        
/// <summary>
        
/// 得到所有用户组的权限并取并集
        
/// </summary>
        
/// <returns></returns>
        public static Hashtable GetPermissionsByRole()
        {
            Hashtable ht 
= new Hashtable();

            
string[] rolesArr=Roles.GetRolesForUser();
            
string roles = string.Join("','", rolesArr);
            roles 
= "'" + roles + "'";

            SqlParameter[] parms 
= new SqlParameter[2]; 

            parms[
0= new SqlParameter("@roles", SqlDbType.NVarChar);
            parms[
0].Value = roles;
            parms[
1= new SqlParameter("@path", SqlDbType.NVarChar);
            parms[
1].Value = FolderPath;

            
//读取用户组的所有权限
            using (IDataReader dr = dataAccessManager.ReadDatabase.ExecuteSpReader("aspnet_Ex_GetPermissionByRoles", parms))
            {
                
while (dr.Read())
                {
                    PermissionInfo permissioninfo 
= new PermissionInfo();
                    permissioninfo.PermissionId 
= Convert.ToInt32(dr["PermissionId"]);
                    permissioninfo.RoleId 
= Convert.ToString(dr["RoleId"]);
                    permissioninfo.ModulePath 
= Convert.ToString(dr["ModulePath"]).ToLower();
                    permissioninfo.PermissionValue 
= (PermissionType)(dr["PermissionValue"]);
                    permissioninfo.RoleName 
= Convert.ToString(dr["RoleName"]);

                    
string key = string.Format("M-{0}", permissioninfo.ModulePath);

                    
//判断是存入了相同值
                    if (ht.ContainsKey(key))
                    {
                        
//拆箱取出并判断,存最大权限
                        PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];
                        
if (ht_PermissionInfo.PermissionValue != permissioninfo.PermissionValue)
                        {
                            ht_PermissionInfo.PermissionValue 
= ht_PermissionInfo.PermissionValue | permissioninfo.PermissionValue;
                            ht[key] 
= ht_PermissionInfo;
                        }
                    }
                    
else
                    {
                        ht.Add(key, permissioninfo);
                    }

                }

                dr.Close();
                
            }

            
return ht;
        }
    }
}

 

 

 

   至此 简易的框架搭建完成

 

  下一篇 扩展ASP.NET MEMBERSHIP权限功能(三 )之权限控件

  (效果图)

  

  

 

 

  目录

  扩展ASP.NET MEMBERSHIP权限功能(四 )之页面权限
  扩展ASP.NET MEMBERSHIP权限功能(三 )之权限控件
  扩展ASP.NET MEMBERSHIP权限功能(二 )
  扩展ASP.NET MEMBERSHIP权限功能(一 )

 

posted @ 2010-05-14 22:54  alex hu  阅读(1290)  评论(0编辑  收藏  举报