bootstrap adminlte教程4-2：实现文章的阅读权限的问题（前台checkbox读出角色列表选择）

要实现的方法很简单，就是 cmscontent表中有一个字段是cmspression，就是用来看角色包含 不包含 。

1.CmsContentsController中先要上面上先引用role管理的方法

private RoleManager _roleManager;
		public RoleManager RoleManager
		{
			get
			{
				return _roleManager ?? HttpContext.GetOwinContext().Get<RoleManager>();
			}
			private set
			{
				_roleManager = value;
			}
		}

　　然后在Creat方法的GET中代码如下

// GET: CmsContents/Create
        public ActionResult Create()
        {
			ViewBag.drolistmenu = db.CmsColumns.Select(g => new SelectListItem
			{
				Text = g.Name,
				Value = g.Id.ToString(),
				Selected = false
			});
			var roleList = RoleManager.Roles.Select(c => new { rolename=c.Name, rolename2=c.Name }).ToList();   ///取出ROLE表的数据，我全是角色名作参数
		 
			ViewBag.rolelist1 = new MultiSelectList(roleList, "rolename", "rolename2");   //生成MultiSelectList格式的veiwbag

                  return View(); }

　　前台进行更改

@model jsdhh2.Models.CmsContent
 

	@{
		ViewBag.Title = "Create"; Layout = "~/Views/Shared/_AdminLayout.cshtml";
	}
	<!-- Content Header (Page header) -->
	<section class="content-header">
		<h1>
			新建文章
			<small>注意选择正确的栏目</small>
		</h1>
		<ol class="breadcrumb">
			<li><a href="#"><i class="fa fa-dashboard"></i> Level</a></li>
			<li class="active">Here</li>
		</ol>
	</section>
	<!--end Content Header (Page header) -->

	<h1></h1>
	<div class="col-md-12">
		<div class="panel panel-default">
			<div class="panel-heading">
				@Html.ActionLink("返回", "Index", "", new { @class = "btn btn-warning" })
			</div>
			<div class="panel-body">

				@using (Html.BeginForm())
			{
					@Html.AntiForgeryToken()

					<div class="form-horizontal">
						<h4>发表文章</h4>
						<hr />
						@Html.ValidationSummary(true, "", new { @class = "text-danger" })



						<div class="form-group">
							<div class="control-label col-md-2">请选择栏目</div>
							<div class="col-md-10">
								@Html.DropDownList("ColumnId", new SelectList(ViewBag.drolistmenu, "Value", "Text"), "请选择")
								@Html.ValidationMessageFor(model => model.ColumnId, "", new { @class = "text-danger" })
							</div>
						</div>

						<div class="form-group">
							<div class="control-label col-md-2">标题</div>
							<div class="col-md-10">
								@Html.EditorFor(model => model.Title, new { htmlAttributes = new { @class = "form-control" } })
								@Html.ValidationMessageFor(model => model.Title, "", new { @class = "text-danger" })
							</div>
						</div>

						<div class="form-group">
							<div class="control-label col-md-2">请输入内容</div>
							<div class="col-md-10">
								@Html.EditorFor(model => model.Contents, new { htmlAttributes = new { @class = "form-control" } })
								@Html.ValidationMessageFor(model => model.Contents, "", new { @class = "text-danger" })
							</div>
						</div>




						<div class="form-group">
							<div class="control-label col-md-2">请选择授权阅读人</div>
							<div class="col-md-10">
							 @Html.CheckBox("All", true)全选
							@foreach (var item in (MultiSelectList)ViewBag.rolelist1)
							{
								@*@Html.CheckBox("sefe",item.Value)@item.Value*@

								@Html.CheckBox(@item.Value, false)@item.Value
								@*<input type="checkbox" name="selectRole" value=@item.Value id=@item.Value/>@item.Value*@

							})

								@*@Html.EditorFor(model => model.CmsPermission, new { htmlAttributes = new { @class = "form-control" } })*@
								@Html.ValidationMessageFor(model => model.CmsPermission, "", new { @class = "text-danger" })
							</div>
						</div>




						<div class="form-group">
							<div class="col-md-offset-2 col-md-10">
								<input type="submit" value="发表" class="btn btn-success" />
							</div>
						</div>
					</div>
			}

  
 

			</div>


		</div>

	</div>

　　注意我增另了一个全选，要是新建文章不取消，那么就写一个ALL进去。

在Creat 方法的POST代码

  // POST: CmsContents/Create
        // 为了防止“过多发布”攻击，请启用要绑定到的特定属性，有关 
        // 详细信息，请参阅 https://go.microsoft.com/fwlink/?LinkId=317598。
        [HttpPost]
        [ValidateAntiForgeryToken]
        public async Task<ActionResult> Create([Bind(Include = "ColumnId,Title,Contents,CmsPermission")] CmsContent cmsContent, FormCollection form)
        {
		    var	 dt = DateTime.Now;
			string str = dt.ToString("yyyyMMddHHmmss");
			cmsContent.Id = str;
			cmsContent.CreatUser = Session["username"].ToString();
			cmsContent.PcIp = Request.UserHostAddress;
			cmsContent.CreatUser = Session["username"].ToString();
			cmsContent.ReplyCount =0;
			cmsContent.CreatTime = DateTime.Now;

			var winnars = from x in form.AllKeys        ///选择所有的传进来的form

							  //var winnars = from x in form["selectRole"]
						  where form[x] != "false"

						  select x;
		 
			string Lstring = "";
			 
			//foreach (var id in winnars)
			foreach(var id in winnars)
			{  
				 Lstring = Lstring + id + ",";  


			} 
			cmsContent.CmsPermission = Lstring;
				if (ModelState.IsValid)
            {
                db.CmsContents.Add(cmsContent);
                await db.SaveChangesAsync();
                return RedirectToAction("Index");
            }

            return View(cmsContent);
        }

　　这样新建的时候的样子

 

查看详细。

 

发现他写入了一起其他控件的name进来。处理了一天没搞好，我的水平，实在郁闷。。

先就中止了。

2.进行查看页面的权限管理

在Details方法中进行分析

  // GET: CmsContents/Details/5
        public async Task<ActionResult> Details(string id)
        {
            if (id == null)
            {
                return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
            }
            CmsContent cmsContent = await db.CmsContents.FindAsync(id);
            if (cmsContent == null)
            {
                return HttpNotFound();
            }
			string ifrolename = Session["role"].ToString();
			if (!cmsContent.CmsPermission.Contains("All")& !cmsContent.CmsPermission.Contains(ifrolename)){    ///这里分析这个字段是否有ALL或角色名。
				return View("NoYueDu");
			}

			return View(cmsContent);
        }

　　

5，建一个

NoYueDu的视图，在 CmsContents下面，写上：你没有访问的权限

6.试图访问：