using System; using System.Data; using System.Data.SqlClient; using Csla; using Csla.Data; namespace ProjectTracker.Library { /// <summary> /// 集?成?明?值?对?基?类?,?两?个?泛?型?参?数?,?名?类?型?,?值?类?型?,?因?为?其?中?的?NameValuePair子?对?象?需?要?这?连?个?泛?型?的?支?持? /// /// </summary> [Serializable()] public class RoleList : NameValueListBase<int, string> { #region Business Methods /// <summary> /// 获?得?默?认?的?职?位? /// </summary> /// <returns></returns> public static int DefaultRole() { RoleList list = GetList(); //如?果?列?表?中?有?值?,?返?回?第?一?个?职?位?为?默?认?职?位? if (list.Count > 0) return list.Items[0].Key; else throw new NullReferenceException( "没?有?可?用?的?职?位?,?提?供?默?认?选?择?"); } #endregion #region Factory Methods /// <summary> /// 静?态?的?列?表?成?员?,?这?代?表?着?,?她?是?一?个?公?用?的? /// </summary> private static RoleList _list; /// <summary> /// 返?回?职?位?列?表? /// </summary> public static RoleList GetList() { //如?果?列?表?是?null空?的?,?则?加?载?她? //Fetch提?供?了?一?个?泛?型?,?参?数?Criteria是?使?用?了?基?类?中?默?认?定?义?的?,?这?在?这?里?已?经?足?够?了?,构?造?Criteria //的?时?候?提?供?了?一?个?roleList的?类?型?对?象?typeof可?以?获?得?一?个?类?的?类?型?对?象?,?通?过?这?个?对?象?可?以?获?得?此?类?的?方?法?,?属?性?等?值?,?但?这?里?使?用?初?始?化?不?详? if (_list == null) _list = DataPortal.Fetch<RoleList>(new Criteria(typeof(RoleList))); return _list; } /// <summary> /// Clears the in-memory RoleList cache /// so the list of roles is reloaded on /// next request. /// 就?像?上?面?所?说?的?,?在?内?存?中?清?空?RoleList,?这?样?下?一?次?访?问?就?可?以?从?新?加?载?职?位?列?表?,?这?个?列?表?是?静?态?的?哦?,?如?果?不?清?空?就?会?存?在? /// 清?空?缓?存? /// </summary> public static void InvalidateCache() { _list = null; } /// <summary> /// 默?认?构?造?器? /// </summary> private RoleList() { /* require use of factory methods */ } #endregion #region Data Access private void DataPortal_Fetch(Criteria criteria) { //去?掉?属?性?更?改?事?件? this.RaiseListChangedEvents = false; using (SqlConnection cn = new SqlConnection(Database.PTrackerConnection)) { cn.Open(); using (SqlCommand cm = cn.CreateCommand()) { cm.CommandType = CommandType.StoredProcedure; cm.CommandText = "getRoles"; using (SafeDataReader dr = new SafeDataReader(cm.ExecuteReader())) { //由?于?这?个?基?类?默?认?的?情?况?下?是?只?读?的?,?所?有?在?为?其?添?加?对?象?的?时?候?应?该?将?其?回?复?为?可?写?的?,?修?改?后?再?还?原? IsReadOnly = false; while (dr.Read()) { //加?一?个?名?值?对?的?对?象?到?名?值?集?合?中? this.Add(new NameValuePair( dr.GetInt32("id"), dr.GetString("name"))); } IsReadOnly = true; } } } this.RaiseListChangedEvents = true; } #endregion } }
using System; using System.Data; using System.Data.SqlClient; using System.Collections.Generic; using System.Security.Principal; using Csla; namespace ProjectTracker.Library.Security { /// <summary> /// 继?承?自?只?读?基?类?,?与?.net 安?全?标?志?接?口? /// </summary> [Serializable()] public class PTIdentity : ReadOnlyBase<PTIdentity>, IIdentity { #region Business Methods private bool _isAuthenticated;//是?否?通?过?验?证?标?记? private string _name = string.Empty;//名?字? private List<string> _roles = new List<string>();//权?限?列?表? //验?证?类?型?CSLA public string AuthenticationType { get { return "Csla"; } } //是?否?通?过?验?证?属?性? public bool IsAuthenticated { get { return _isAuthenticated; } } //标?记?名?称? public string Name { get { return _name; } } //重?载?已?获?得?object支?持? protected override object GetIdValue() { return _name; } //是?否?存?在?,?内?联?,?进?调?用?list对?象?的?Contains实?现? internal bool IsInRole(string role) { return _roles.Contains(role); } #endregion #region Factory Methods /// <summary> /// 未?经?验?证?方?法?,?内?部?将?调?用?Identity构?造?器?实?例?化?标?记?类? /// </summary> /// <returns></returns> internal static PTIdentity UnauthenticatedIdentity() { return new PTIdentity(); } /// <summary> /// 获?得?一?个?标?记? /// </summary> /// <param name="username">用?户?名?</param> /// <param name="password">密?码?</param> /// <returns></returns> internal static PTIdentity GetIdentity( string username, string password) { //数?据?门?户?调?用?,?标?准?类?传?递? return DataPortal.Fetch<PTIdentity>(new Criteria(username, password)); } //防?止?意?外?实?例?化? private PTIdentity() { /* require use of factory methods */ } #endregion #region Data Access /// <summary> /// 标?准?类?定?义?有?用?户?名?及?密?码?属?性?,?提?供?移?动?对?象?的?查?询?需?求? /// </summary> [Serializable()] private class Criteria { private string _username; public string Username { get { return _username; } } private string _password; public string Password { get { return _password; } } /// <summary> /// 构?造?器?,?初?始?化?私?有?成?员?变?量?(?或?者?叫?数?据?域?/实?例?域?)? /// </summary> /// <param name="username"></param> /// <param name="password"></param> public Criteria(string username, string password) { _username = username; _password = password; } } private void DataPortal_Fetch(Criteria criteria) { using (SqlConnection cn = new SqlConnection(Database.SecurityConnection)) { cn.Open(); using (SqlCommand cm = cn.CreateCommand()) { cm.CommandText = "Login"; cm.CommandType = CommandType.StoredProcedure; cm.Parameters.AddWithValue("@user", criteria.Username); cm.Parameters.AddWithValue("@pw", criteria.Password); //使?用?的?SqlDataReader using (SqlDataReader dr = cm.ExecuteReader()) { if (dr.Read()) { _name = criteria.Username; //将?验?证?标?记?志?真? _isAuthenticated = true; //如?果?存?在?下?一?个?数?据?集? if (dr.NextResult()) { //装?载?权?限?列?表? while (dr.Read()) { _roles.Add(dr.GetString(0)); } } } else { //没?有?通?过?验?证?则?建?立?一?个?未?经?过?授?权?的?标?记?类? //总?之?他?都?会?将?对?象?传?给?UI用?于?建?立?一?个?负?责?人?对?象?,?提?供?对?权?限?的?支?持? _name = string.Empty; _isAuthenticated = false; _roles.Clear(); } } } } } #endregion } }
using System; using System.Security.Principal; namespace ProjectTracker.Library.Security { /// <summary> /// 继?承?自?框?架?的?安?全?空?间?中?的?业?务?负?责?人?基?类? /// </summary> [Serializable()] public class PTPrincipal : Csla.Security.BusinessPrincipalBase { /// <summary> /// 构?造?函?数?,?提?供?标?准?对?象?做?参?数?初?始?化?给?基?类? /// </summary> /// <param name="identity">标?准?对?象?,?提?供?给?了?基?类?</param> private PTPrincipal(IIdentity identity) : base(identity) { } /// <summary> /// 静?态?登?入?,? /// </summary> /// <param name="username"></param> /// <param name="password"></param> /// <returns></returns> public static bool Login(string username, string password) { //返?回?通?过?方?法?验?证?一?个?标?记?对?象?,?下?面?的?Unauthenticated是?用?来?返?回?无?需?验?证?的?标?记?对?象? PTIdentity identity = PTIdentity.GetIdentity(username, password); // 如?果?验?证?成?功? if (identity.IsAuthenticated) { //利?用?标?记?对?象?,?建?立?负?责?人?对?象? PTPrincipal principal = new PTPrincipal(identity); //将?负?责?人?对?象?交?给?CSLA,?引?用?程?序?上?下?文?中?的?用?户? Csla.ApplicationContext.User = principal; } //返?回?验?证?结?果? return identity.IsAuthenticated; } /// <summary> /// 静?态?登?出?,? /// </summary> public static void Logout() { //使?用?未?经?验?证?的?标?记?方?法?,?生?命?一?个?标?准?方?法? PTIdentity identity = PTIdentity.UnauthenticatedIdentity(); //利?用?未?经?验?证?的?标?记?对?象?,?初?始?化?一?个?负?责?人?对?象?,? PTPrincipal principal = new PTPrincipal(identity); //并?将?此?负?责?人?对?象?,?赋?予?当?前?上?下?文?的?用?户? Csla.ApplicationContext.User = principal; } /// <summary> /// 重?载?基?类?,?判?断?当?前?标?准?类?权?限?是?否?是?参?数?说?的? /// </summary> /// <param name="role">要?判?断?的?权?限?</param> /// <returns></returns> public override bool IsInRole(string role) { //this,?使?用?的?是?业?务?基?类?中?定?义?的?成?员?变?量?,?这?个?变?量?已?经?在?初?始?化?负?责?人?对?象?的?时?候?被?传?输?给?了?业?务?基?类? //获?得?当?前?上?下?文?中?负?责?人?的?标?记? PTIdentity identity = (PTIdentity)this.Identity; //调?用?这?个?标?记?的?方?法?来?判?断?是?否?存?在? return identity.IsInRole(role); } } }
冯瑞涛