扩展ASP.NET MEMBERSHIP权限功能(二 )
前一篇介绍了需求,和数据库结构与网站和项目结构
这一篇主要介绍一下网站结构和配置
admin下面的web.config
<?xml version="1.0"?>
<configuration>
<configSections>
<section name="Permission" type="EC.Permissions.Config"/>
</configSections>
<appSettings/>
<connectionStrings/>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
<configuration>
<configSections>
<section name="Permission" type="EC.Permissions.Config"/>
</configSections>
<appSettings/>
<connectionStrings/>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
EC.Permissions.Config主要是实现了IConfigurationSectionHandler接口,来完成自定义的配置
admin/test下面 web.config
<?xml version="1.0"?>
<?xml version="1.0"?>
<configuration>
<Permission type="EC.Permissions.PermissionInfo">
<ModulePath>account</ModulePath>
<ModuleName>test</ModuleName>
<Items>
<Item>
<Page>Default.aspx</Page>
<Function>列表</Function>
<Val>2</Val>
</Item>
<Item>
<Page>Default.aspx</Page>
<Function>编辑</Function>
<Val>16</Val>
</Item>
<Item>
<Page>Default.aspx</Page>
<Function>删除</Function>
<Val>32</Val>
</Item>
<Item>
<Page>Ok.aspx</Page>
<Function>测试</Function>
<Val>2</Val>
</Item>
</Items>
</Permission>
</configuration>
<?xml version="1.0"?>
<configuration>
<Permission type="EC.Permissions.PermissionInfo">
<ModulePath>account</ModulePath>
<ModuleName>test</ModuleName>
<Items>
<Item>
<Page>Default.aspx</Page>
<Function>列表</Function>
<Val>2</Val>
</Item>
<Item>
<Page>Default.aspx</Page>
<Function>编辑</Function>
<Val>16</Val>
</Item>
<Item>
<Page>Default.aspx</Page>
<Function>删除</Function>
<Val>32</Val>
</Item>
<Item>
<Page>Ok.aspx</Page>
<Function>测试</Function>
<Val>2</Val>
</Item>
</Items>
</Permission>
</configuration>
1.串行化 web.config
EC.Permissions.Config 类
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Configuration;
using System.Xml;
using System.Xml.Serialization;
using System.IO;
namespace EC.Permissions
{
public class Config : IConfigurationSectionHandler
{
#region IConfigurationSectionHandler Members
public object Create(object parent, object configContext, System.Xml.XmlNode section)
{
//EC.Permissions.PermissionInfo
string typeName = ((XmlElement)section).GetAttribute("type");
Type type = Type.GetType(typeName);
XmlSerializer xz = new XmlSerializer(type);
using (StringReader sr = new StringReader(section.OuterXml))
{
return xz.Deserialize(sr);
}
}
#endregion
}
}
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Configuration;
using System.Xml;
using System.Xml.Serialization;
using System.IO;
namespace EC.Permissions
{
public class Config : IConfigurationSectionHandler
{
#region IConfigurationSectionHandler Members
public object Create(object parent, object configContext, System.Xml.XmlNode section)
{
//EC.Permissions.PermissionInfo
string typeName = ((XmlElement)section).GetAttribute("type");
Type type = Type.GetType(typeName);
XmlSerializer xz = new XmlSerializer(type);
using (StringReader sr = new StringReader(section.OuterXml))
{
return xz.Deserialize(sr);
}
}
#endregion
}
}
2.EC.Permissions.PermissionInfo类
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Xml.Serialization;
namespace EC.Permissions
{
[Serializable]
[XmlRoot("Permission")]
public class PermissionInfo
{
/// <summary>
/// 权限数据库ID
/// </summary>
public int PermissionId { get; set; }
/// <summary>
/// 用户组ID
/// </summary>
public string RoleId { get; set; }
/// <summary>
/// 用户组名
/// </summary>
public string RoleName { get; set; }
/// <summary>
/// 模块路径
/// </summary>
[XmlElement("ModulePath", typeof(string))]
public string ModulePath { get; set; }
/// <summary>
/// 模块名字
/// </summary>
[XmlElement("ModuleName", typeof(string))]
public string ModuleName { get; set; }
/// <summary>
/// 权限值
/// </summary>
public PermissionType PermissionValue { get; set; }
[XmlArrayItem("Item", typeof(PermissionItemInfo))]
public PermissionItemInfo[] Items { get; set; }
}
[Serializable]
[XmlRoot("Items")]
public class PermissionItemInfo
{
[XmlElement("Page", typeof(string))]
public string Page { get; set; }
[XmlElement("Function", typeof(string))]
public string Function { get; set; }
[XmlElement("Val", typeof(int))]
public int Value { get; set; }
public override bool Equals(object obj)
{
if (obj == null)
return false;
if (this.GetType() != obj.GetType())
return false;
if (((PermissionItemInfo)obj).Page == this.Page) return true;
return base.Equals(obj);
}
}
/// <summary>
/// 权限类型
/// </summary>
public enum PermissionType
{
ALL=0,
LIST=2,
VIEW=4,
ADD=8,
EDIT=16,
DELETE=32,
PRINT=64
}
}
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Xml.Serialization;
namespace EC.Permissions
{
[Serializable]
[XmlRoot("Permission")]
public class PermissionInfo
{
/// <summary>
/// 权限数据库ID
/// </summary>
public int PermissionId { get; set; }
/// <summary>
/// 用户组ID
/// </summary>
public string RoleId { get; set; }
/// <summary>
/// 用户组名
/// </summary>
public string RoleName { get; set; }
/// <summary>
/// 模块路径
/// </summary>
[XmlElement("ModulePath", typeof(string))]
public string ModulePath { get; set; }
/// <summary>
/// 模块名字
/// </summary>
[XmlElement("ModuleName", typeof(string))]
public string ModuleName { get; set; }
/// <summary>
/// 权限值
/// </summary>
public PermissionType PermissionValue { get; set; }
[XmlArrayItem("Item", typeof(PermissionItemInfo))]
public PermissionItemInfo[] Items { get; set; }
}
[Serializable]
[XmlRoot("Items")]
public class PermissionItemInfo
{
[XmlElement("Page", typeof(string))]
public string Page { get; set; }
[XmlElement("Function", typeof(string))]
public string Function { get; set; }
[XmlElement("Val", typeof(int))]
public int Value { get; set; }
public override bool Equals(object obj)
{
if (obj == null)
return false;
if (this.GetType() != obj.GetType())
return false;
if (((PermissionItemInfo)obj).Page == this.Page) return true;
return base.Equals(obj);
}
}
/// <summary>
/// 权限类型
/// </summary>
public enum PermissionType
{
ALL=0,
LIST=2,
VIEW=4,
ADD=8,
EDIT=16,
DELETE=32,
PRINT=64
}
}
3.EC.Permissions.DAL 数据库访问
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Collections;
using System.Web.Security;
using System.Data;
using EC.DBUtility;
using System.Data.SqlClient;
using System.Configuration;
using System.Web;
namespace EC.Permissions
{
public class DAL
{
private static DataAccessManager dataAccessManager = new DataAccessManager();
/// <summary>
/// 判断页面是否有此权限
/// 1.得到当前用户所有的用户组
/// 2.得到所有用户组的权限并取并集
/// </summary>
/// <param name="type"></param>
/// <returns></returns>
public static bool CheckPage()
{
bool bResult = false;
PermissionInfo pi = GetPermissionInfo;
if (pi == null)
return true;
Hashtable ht = GetPermissionsByRole();
if (ht.Count > 0)
{
string key = string.Format("M-{0}", FolderPath);
if (ht.ContainsKey(key))
{
string filename = GetFileName;
//拆箱取出并判断权限
PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];
foreach (PermissionItemInfo temp in pi.Items)
{
if (temp.Page.ToLower().Equals(filename) && ((Convert.ToInt32(ht_PermissionInfo.PermissionValue)&temp.Value)==temp.Value))
{
bResult = true;
break;
}
}
}
}
return bResult;
}
/// <summary>
/// 判断按钮是否有此权限
/// 1.得到当前用户所有的用户组
/// 2.得到所有用户组的权限并取并集
/// </summary>
/// <param name="type"></param>
/// <returns></returns>
public static bool CheckButton(PermissionType type)
{
bool bResult = false;
Hashtable ht = GetPermissionsByRole();
if (ht.Count > 0)
{
string key = string.Format("M-{0}", FolderPath);
if (ht.ContainsKey(key))
{
//拆箱取出并判断权限
PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];
bResult = (ht_PermissionInfo.PermissionValue & type) == type;
}
}
return bResult;
}
/// <summary>
/// 当前目录
/// </summary>
public static String FolderPath
{
get
{
string paths = HttpContext.Current.Request.ServerVariables["SCRIPT_NAME"].ToString();
return paths.ToLower();
}
}
/// <summary>
/// 获取当前访问页面地址
/// </summary>
public static string GetFileName
{
get
{
string paths= HttpContext.Current.Request.ServerVariables["SCRIPT_NAME"].ToString();
return paths.Substring(paths.LastIndexOf("/") + 1).ToLower();
}
}
/// <summary>
/// 获取当前目录下权限配置集合
/// </summary>
public static PermissionInfo GetPermissionInfo
{
get
{
return (PermissionInfo)ConfigurationManager.GetSection("Permission");
}
}
/// <summary>
/// 得到所有用户组的权限并取并集
/// </summary>
/// <returns></returns>
public static Hashtable GetPermissionsByRole()
{
Hashtable ht = new Hashtable();
string[] rolesArr=Roles.GetRolesForUser();
string roles = string.Join("','", rolesArr);
roles = "'" + roles + "'";
SqlParameter[] parms = new SqlParameter[2];
parms[0] = new SqlParameter("@roles", SqlDbType.NVarChar);
parms[0].Value = roles;
parms[1] = new SqlParameter("@path", SqlDbType.NVarChar);
parms[1].Value = FolderPath;
//读取用户组的所有权限
using (IDataReader dr = dataAccessManager.ReadDatabase.ExecuteSpReader("aspnet_Ex_GetPermissionByRoles", parms))
{
while (dr.Read())
{
PermissionInfo permissioninfo = new PermissionInfo();
permissioninfo.PermissionId = Convert.ToInt32(dr["PermissionId"]);
permissioninfo.RoleId = Convert.ToString(dr["RoleId"]);
permissioninfo.ModulePath = Convert.ToString(dr["ModulePath"]).ToLower();
permissioninfo.PermissionValue = (PermissionType)(dr["PermissionValue"]);
permissioninfo.RoleName = Convert.ToString(dr["RoleName"]);
string key = string.Format("M-{0}", permissioninfo.ModulePath);
//判断是存入了相同值
if (ht.ContainsKey(key))
{
//拆箱取出并判断,存最大权限
PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];
if (ht_PermissionInfo.PermissionValue != permissioninfo.PermissionValue)
{
ht_PermissionInfo.PermissionValue = ht_PermissionInfo.PermissionValue | permissioninfo.PermissionValue;
ht[key] = ht_PermissionInfo;
}
}
else
{
ht.Add(key, permissioninfo);
}
}
dr.Close();
}
return ht;
}
}
}
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Collections;
using System.Web.Security;
using System.Data;
using EC.DBUtility;
using System.Data.SqlClient;
using System.Configuration;
using System.Web;
namespace EC.Permissions
{
public class DAL
{
private static DataAccessManager dataAccessManager = new DataAccessManager();
/// <summary>
/// 判断页面是否有此权限
/// 1.得到当前用户所有的用户组
/// 2.得到所有用户组的权限并取并集
/// </summary>
/// <param name="type"></param>
/// <returns></returns>
public static bool CheckPage()
{
bool bResult = false;
PermissionInfo pi = GetPermissionInfo;
if (pi == null)
return true;
Hashtable ht = GetPermissionsByRole();
if (ht.Count > 0)
{
string key = string.Format("M-{0}", FolderPath);
if (ht.ContainsKey(key))
{
string filename = GetFileName;
//拆箱取出并判断权限
PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];
foreach (PermissionItemInfo temp in pi.Items)
{
if (temp.Page.ToLower().Equals(filename) && ((Convert.ToInt32(ht_PermissionInfo.PermissionValue)&temp.Value)==temp.Value))
{
bResult = true;
break;
}
}
}
}
return bResult;
}
/// <summary>
/// 判断按钮是否有此权限
/// 1.得到当前用户所有的用户组
/// 2.得到所有用户组的权限并取并集
/// </summary>
/// <param name="type"></param>
/// <returns></returns>
public static bool CheckButton(PermissionType type)
{
bool bResult = false;
Hashtable ht = GetPermissionsByRole();
if (ht.Count > 0)
{
string key = string.Format("M-{0}", FolderPath);
if (ht.ContainsKey(key))
{
//拆箱取出并判断权限
PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];
bResult = (ht_PermissionInfo.PermissionValue & type) == type;
}
}
return bResult;
}
/// <summary>
/// 当前目录
/// </summary>
public static String FolderPath
{
get
{
string paths = HttpContext.Current.Request.ServerVariables["SCRIPT_NAME"].ToString();
return paths.ToLower();
}
}
/// <summary>
/// 获取当前访问页面地址
/// </summary>
public static string GetFileName
{
get
{
string paths= HttpContext.Current.Request.ServerVariables["SCRIPT_NAME"].ToString();
return paths.Substring(paths.LastIndexOf("/") + 1).ToLower();
}
}
/// <summary>
/// 获取当前目录下权限配置集合
/// </summary>
public static PermissionInfo GetPermissionInfo
{
get
{
return (PermissionInfo)ConfigurationManager.GetSection("Permission");
}
}
/// <summary>
/// 得到所有用户组的权限并取并集
/// </summary>
/// <returns></returns>
public static Hashtable GetPermissionsByRole()
{
Hashtable ht = new Hashtable();
string[] rolesArr=Roles.GetRolesForUser();
string roles = string.Join("','", rolesArr);
roles = "'" + roles + "'";
SqlParameter[] parms = new SqlParameter[2];
parms[0] = new SqlParameter("@roles", SqlDbType.NVarChar);
parms[0].Value = roles;
parms[1] = new SqlParameter("@path", SqlDbType.NVarChar);
parms[1].Value = FolderPath;
//读取用户组的所有权限
using (IDataReader dr = dataAccessManager.ReadDatabase.ExecuteSpReader("aspnet_Ex_GetPermissionByRoles", parms))
{
while (dr.Read())
{
PermissionInfo permissioninfo = new PermissionInfo();
permissioninfo.PermissionId = Convert.ToInt32(dr["PermissionId"]);
permissioninfo.RoleId = Convert.ToString(dr["RoleId"]);
permissioninfo.ModulePath = Convert.ToString(dr["ModulePath"]).ToLower();
permissioninfo.PermissionValue = (PermissionType)(dr["PermissionValue"]);
permissioninfo.RoleName = Convert.ToString(dr["RoleName"]);
string key = string.Format("M-{0}", permissioninfo.ModulePath);
//判断是存入了相同值
if (ht.ContainsKey(key))
{
//拆箱取出并判断,存最大权限
PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];
if (ht_PermissionInfo.PermissionValue != permissioninfo.PermissionValue)
{
ht_PermissionInfo.PermissionValue = ht_PermissionInfo.PermissionValue | permissioninfo.PermissionValue;
ht[key] = ht_PermissionInfo;
}
}
else
{
ht.Add(key, permissioninfo);
}
}
dr.Close();
}
return ht;
}
}
}
至此 简易的框架搭建完成
下一篇 扩展ASP.NET MEMBERSHIP权限功能(三 )之权限控件
(效果图)
目录
扩展ASP.NET MEMBERSHIP权限功能(四 )之页面权限
扩展ASP.NET MEMBERSHIP权限功能(三 )之权限控件
扩展ASP.NET MEMBERSHIP权限功能(二 )
扩展ASP.NET MEMBERSHIP权限功能(一 )