mvc-百步飞剑-14

说明:上一节简单介绍了菜单权限的设置,这节主要讲解非菜单的增删改的权限设置

1.1 权限过滤在BaseController中添加权限过滤

    
#region 00后门
                    if (LoginUser.UName=="逍遥小天狼")
                    {
                        return;
                    }
                    #endregion
                    #region 01完成权限的guolv
                    //获取地址栏中传入的地址
                    string requestUrl = Request.Url.AbsolutePath;
                    //获取请求方式
                    string requestHttpMethod = Request.HttpMethod;
                    IApplicationContext ctx = ContextRegistry.GetContext();
                    IUserInfoService userInfoService = (IUserInfoService)ctx.GetObject("userInfoService");
                    IActionInfoService actionInfoService = (IActionInfoService)ctx.GetObject("actionInfoService");
                    //根据请求地址与请求方式找出具体的权限
                   var currentAction = actionInfoService.LoadEntities(a=>a.Url==requestUrl&&a.HttpMethod==requestHttpMethod).FirstOrDefault();
                   if (currentAction == null)//地址错误
                    {
                        Response.Redirect("/Error.html");
                        return;
                    }

                    ///地址正确,判断权限.
                    //1号方案
                   var currentUserInfo = userInfoService.LoadEntities(u=>u.ID == LoginUser.ID).FirstOrDefault();
                   var action = currentUserInfo.R_UserInfo_ActionInfo.Where(r=>r.ActionInfoID == currentAction.ID).FirstOrDefault();
                   if (action != null)
                   {
                       if (action.IsPass == true)
                       {
                           return;
                       }
                       else {
                           Response.Redirect("/Error.html");
                           return;
                       }
                   }
                    //2号方案
                    //01根据用户信息获取角色
                   var currentUserRoles = currentUserInfo.RoleInfo;
                    //02根据角色获取权限
                   var currentUserActions = from a in currentUserRoles
                                            select a.ActionInfo;
                    var count = (from a in currentUserActions
                                from b in a
                                where b.ID == currentAction.ID
                                    select b).Count();
                    if (count <1)
                    {
                        Response.Redirect("/Error.html");
                        return;
                    }
                    #endregion
View Code

1.2 添加用户,设置用户信息

  1.2.1 通过角色-权限分配权限  添加用户(1)=>设置角色(root)=>为角色(root)设置权限(1用户管理+5用户首页+显示菜单<为了显示菜单图标>+查询所有用户的信息)

运行效果

   1.2.2 直接为用户分配权限

 

 

posted @ 2017-04-06 14:42  逍遥小天狼  阅读(67)  评论(0编辑  收藏  举报