MVC权限模块
设计方向:
1.摒弃SiteMap,避免在容易书写错误的sitemap中书写,导航在controller和action上打标签生成。
2.controller统一继承basecontroller,在basecontroller上统一权限拦截。
3.使用缓存保存权限列表,避免反复读取数据库。
4.使用Elinq作为ORM工具
5.使用页面部分试图权限
一. 获取权限视图缓存列表
///
<summary>
/// 获取权限视图缓存列表
/// </summary>
/// <returns></returns>
public static List<AuthModel> GetAuthCache()
{
List<AuthModel> viewRoleGroup;
string key = " ViewAuthList ";
if (HttpRuntime.Cache[key] != null)
{
viewRoleGroup = (List<AuthModel>)HttpRuntime.Cache[key];
}
else
{
viewRoleGroup = ElinqHelper.List<AuthModel>().Where(p => p.ID > 0).ToList();
}
return viewRoleGroup; }
/// 获取权限视图缓存列表
/// </summary>
/// <returns></returns>
public static List<AuthModel> GetAuthCache()
{
List<AuthModel> viewRoleGroup;
string key = " ViewAuthList ";
if (HttpRuntime.Cache[key] != null)
{
viewRoleGroup = (List<AuthModel>)HttpRuntime.Cache[key];
}
else
{
viewRoleGroup = ElinqHelper.List<AuthModel>().Where(p => p.ID > 0).ToList();
}
return viewRoleGroup; }
二.权限判断业务逻辑
//
权限判断业务逻辑
protected virtual bool AuthorizeCore(ActionExecutingContext filterContext, bool isViewPage)
{
HttpCookie cookie = System.Web.HttpContext.Current.Request.Cookies.Get( " userCookie ");
if (cookie != null)
{
HttpContext.Current.Session[ " name "] = cookie.Values[ " name "];
HttpContext.Current.Session[ " zu "] = cookie.Values[ " zu "];
}
if (HttpContext.Current.Session[ " name "] == null) return false;
if (HttpContext.Current.Session[ " name "].ToString() == " admin ") return true;
if (filterContext.HttpContext == null) throw new ArgumentNullException( " httpContext ");
var controllerName = filterContext.RouteData.Values[ " controller "].ToString();
var actionName = filterContext.RouteData.Values[ " action "].ToString();
var list = GetCache.GetAuthCache();
var grouplist = list.FirstOrDefault(p => p.CONTROLLERNAME == controllerName && p.ACTIONNAME == actionName).GROUPISLIST;
var group = Convert.ToDecimal(HttpContext.Current.Session[ " zu "]);
if (grouplist.Contains(group)) return true;
return false; }
protected virtual bool AuthorizeCore(ActionExecutingContext filterContext, bool isViewPage)
{
HttpCookie cookie = System.Web.HttpContext.Current.Request.Cookies.Get( " userCookie ");
if (cookie != null)
{
HttpContext.Current.Session[ " name "] = cookie.Values[ " name "];
HttpContext.Current.Session[ " zu "] = cookie.Values[ " zu "];
}
if (HttpContext.Current.Session[ " name "] == null) return false;
if (HttpContext.Current.Session[ " name "].ToString() == " admin ") return true;
if (filterContext.HttpContext == null) throw new ArgumentNullException( " httpContext ");
var controllerName = filterContext.RouteData.Values[ " controller "].ToString();
var actionName = filterContext.RouteData.Values[ " action "].ToString();
var list = GetCache.GetAuthCache();
var grouplist = list.FirstOrDefault(p => p.CONTROLLERNAME == controllerName && p.ACTIONNAME == actionName).GROUPISLIST;
var group = Convert.ToDecimal(HttpContext.Current.Session[ " zu "]);
if (grouplist.Contains(group)) return true;
return false; }
三.权限拦截
[newAuthorizeFilterAttribute]
public class BaseController : Controller
{
protected override void OnException(ExceptionContext filterContext)
{
filterContext.Controller.ViewData[ " ErrorMessage "] = filterContext.Exception.Message;
filterContext.Result = new ViewResult()
{
ViewName = " Error ",
ViewData = filterContext.Controller.ViewData,
};
filterContext.ExceptionHandled = true;
} }
public class BaseController : Controller
{
protected override void OnException(ExceptionContext filterContext)
{
filterContext.Controller.ViewData[ " ErrorMessage "] = filterContext.Exception.Message;
filterContext.Result = new ViewResult()
{
ViewName = " Error ",
ViewData = filterContext.Controller.ViewData,
};
filterContext.ExceptionHandled = true;
} }
四.更新权限列表
[Description(
"
更新权限列表
")]
public ActionResult UpAuthList()
{
var count = 0;
var result = GetActionPermission.GetAllActionByAssembly().Where(p => !(p.ActionMethod is HttpPostAttribute));
var dbConfiguration = ElinqHelper.dbConfiguration;
ElinqHelper.AddClass<AuthModel>();
using ( var ctx = dbConfiguration.CreateDbContext())
{
var q = ctx.Set<AuthModel>();
var sqlResult = q.Where(p => p.ID > 0);
foreach ( var item in result)
{
var newId = ElinqHelper.NextVal( " SQ_AUTH ");
var auth = sqlResult.FirstOrDefault(p => p.CONTROLLERNAME == item.ControllerName
&& p.ACTIONNAME == item.ActionName);
if (auth != null)
{
if ( string.IsNullOrEmpty(auth.CONTROLLERNAME) || string.IsNullOrEmpty(auth.ACTIONNAME)) break;
if (auth.DESCRIPTION != item.Description)
{
if (q.Update( new { DESCRIPTION = item.Description, LASTTIME = DateTime.Now }, p => p.ID == auth.ID) > 0) count++;
}
}
else
{
AuthModel model = new AuthModel
{
ID = newId,
CONTROLLERNAME = item.ControllerName,
ACTIONNAME = item.ActionName,
DESCRIPTION = item.Description,
LASTTIME = DateTime.Now
};
if (q.Insert(model) > 0)
{
newId++;
count++;
}
}
}
}
return Content( " 成功更新 " + count.ToString() + " 个 ");}
public ActionResult UpAuthList()
{
var count = 0;
var result = GetActionPermission.GetAllActionByAssembly().Where(p => !(p.ActionMethod is HttpPostAttribute));
var dbConfiguration = ElinqHelper.dbConfiguration;
ElinqHelper.AddClass<AuthModel>();
using ( var ctx = dbConfiguration.CreateDbContext())
{
var q = ctx.Set<AuthModel>();
var sqlResult = q.Where(p => p.ID > 0);
foreach ( var item in result)
{
var newId = ElinqHelper.NextVal( " SQ_AUTH ");
var auth = sqlResult.FirstOrDefault(p => p.CONTROLLERNAME == item.ControllerName
&& p.ACTIONNAME == item.ActionName);
if (auth != null)
{
if ( string.IsNullOrEmpty(auth.CONTROLLERNAME) || string.IsNullOrEmpty(auth.ACTIONNAME)) break;
if (auth.DESCRIPTION != item.Description)
{
if (q.Update( new { DESCRIPTION = item.Description, LASTTIME = DateTime.Now }, p => p.ID == auth.ID) > 0) count++;
}
}
else
{
AuthModel model = new AuthModel
{
ID = newId,
CONTROLLERNAME = item.ControllerName,
ACTIONNAME = item.ActionName,
DESCRIPTION = item.Description,
LASTTIME = DateTime.Now
};
if (q.Insert(model) > 0)
{
newId++;
count++;
}
}
}
}
return Content( " 成功更新 " + count.ToString() + " 个 ");}
五.导航
public
static MvcHtmlString GetWebPath(
this HtmlHelper html,
string itemTemplate)
{
var sb = new StringBuilder();
var controllerList = GetCache.GetControllerCache();
var menu = GetCache.GetActionCache()
.Where(p => p.Attrs.Count(q => q.TypeId.ToString() == " MvcApplication.Controllers.Menu ") > 0);
CurrentUser currentuser = new CurrentUser();
if (currentuser.ActionPermission == null)
return MvcHtmlString.Create(sb.ToString());
foreach ( var controller in controllerList)
{
if (currentuser.ActionPermission != null)
{
var list = currentuser.ActionPermission.Where(p => p.CONTROLLERNAME == controller.ControllerName && p.CONTROLLERNAME != " Home ");
foreach ( var item in list)
{
var result = menu.FirstOrDefault(p => p.ActionName == item.ACTIONNAME && p.ControllerName == item.CONTROLLERNAME);
if (result != null)
{
sb.Append(itemTemplate.Replace( " {0} ", result.ControllerName).Replace( " {1} ", result.ActionName).Replace( " {2} ",
controller.Description));
break;
}
}
}
}
return MvcHtmlString.Create(sb.ToString());}
{
var sb = new StringBuilder();
var controllerList = GetCache.GetControllerCache();
var menu = GetCache.GetActionCache()
.Where(p => p.Attrs.Count(q => q.TypeId.ToString() == " MvcApplication.Controllers.Menu ") > 0);
CurrentUser currentuser = new CurrentUser();
if (currentuser.ActionPermission == null)
return MvcHtmlString.Create(sb.ToString());
foreach ( var controller in controllerList)
{
if (currentuser.ActionPermission != null)
{
var list = currentuser.ActionPermission.Where(p => p.CONTROLLERNAME == controller.ControllerName && p.CONTROLLERNAME != " Home ");
foreach ( var item in list)
{
var result = menu.FirstOrDefault(p => p.ActionName == item.ACTIONNAME && p.ControllerName == item.CONTROLLERNAME);
if (result != null)
{
sb.Append(itemTemplate.Replace( " {0} ", result.ControllerName).Replace( " {1} ", result.ActionName).Replace( " {2} ",
controller.Description));
break;
}
}
}
}
return MvcHtmlString.Create(sb.ToString());}
六.页面代码块级权限设计
public static HelperResult RoleHtmlTags(this HtmlHelper htmlHelper, string action, Func<string, HelperResult> template)
{
var controller = HttpContext.Current.Request.RequestContext.RouteData.Values["controller"].ToString();
CurrentUser currentuser = new CurrentUser();
var auth = currentuser.ActionPermission.Count(p => p.CONTROLLERNAME == controller && p.ACTIONNAME == action);
if (auth > 0)
{
return new HelperResult(writer =>
{
writer.Write(template.Invoke(null));
});
}
else
{
return null;
}
}
页面使用方法
@Html.RoleHtmlTags(
"
WorkLogEdit
", @<span>@Html.ActionLink(
"
编辑
",
"
WorkLogEdit
",
new { id = dt.id })<span>|</span></span>)