设计方向:
1.摒弃SiteMap,避免在容易书写错误的sitemap中书写,导航在controller和action上打标签生成。
2.controller统一继承basecontroller,在basecontroller上统一权限拦截。
3.使用缓存保存权限列表,避免反复读取数据库。
4.使用Elinq作为ORM工具
5.使用页面部分试图权限
一. 获取权限视图缓存列表
///
<summary>
///
获取权限视图缓存列表
///
</summary>
///
<returns></returns>
public
static List<AuthModel> GetAuthCache()
{
List<AuthModel> viewRoleGroup;
string key =
"
ViewAuthList
";
if (HttpRuntime.Cache[key] !=
null)
{
viewRoleGroup = (List<AuthModel>)HttpRuntime.Cache[key];
}
else
{
viewRoleGroup = ElinqHelper.List<AuthModel>().Where(p => p.ID >
0).ToList();
}
return viewRoleGroup;
}
二.权限判断业务逻辑
//
权限判断业务逻辑
protected
virtual
bool AuthorizeCore(ActionExecutingContext filterContext,
bool isViewPage)
{
HttpCookie cookie = System.Web.HttpContext.Current.Request.Cookies.Get(
"
userCookie
");
if (cookie !=
null)
{
HttpContext.Current.Session[
"
name
"] = cookie.Values[
"
name
"];
HttpContext.Current.Session[
"
zu
"] = cookie.Values[
"
zu
"];
}
if (HttpContext.Current.Session[
"
name
"] ==
null)
return
false;
if (HttpContext.Current.Session[
"
name
"].ToString() ==
"
admin
")
return
true;
if (filterContext.HttpContext ==
null)
throw
new ArgumentNullException(
"
httpContext
");
var controllerName = filterContext.RouteData.Values[
"
controller
"].ToString();
var actionName = filterContext.RouteData.Values[
"
action
"].ToString();
var list = GetCache.GetAuthCache();
var grouplist = list.FirstOrDefault(p => p.CONTROLLERNAME == controllerName && p.ACTIONNAME == actionName).GROUPISLIST;
var group = Convert.ToDecimal(HttpContext.Current.Session[
"
zu
"]);
if (grouplist.Contains(group))
return
true;
return
false;
}
三.权限拦截
[newAuthorizeFilterAttribute]
public
class BaseController : Controller
{
protected
override
void OnException(ExceptionContext filterContext)
{
filterContext.Controller.ViewData[
"
ErrorMessage
"] = filterContext.Exception.Message;
filterContext.Result =
new ViewResult()
{
ViewName =
"
Error
",
ViewData = filterContext.Controller.ViewData,
};
filterContext.ExceptionHandled =
true;
}
}
四.更新权限列表
[Description(
"
更新权限列表
")]
public ActionResult UpAuthList()
{
var count =
0;
var result = GetActionPermission.GetAllActionByAssembly().Where(p => !(p.ActionMethod
is HttpPostAttribute));
var dbConfiguration = ElinqHelper.dbConfiguration;
ElinqHelper.AddClass<AuthModel>();
using (
var ctx = dbConfiguration.CreateDbContext())
{
var q = ctx.Set<AuthModel>();
var sqlResult = q.Where(p => p.ID >
0);
foreach (
var item
in result)
{
var newId = ElinqHelper.NextVal(
"
SQ_AUTH
");
var auth = sqlResult.FirstOrDefault(p => p.CONTROLLERNAME == item.ControllerName
&& p.ACTIONNAME == item.ActionName);
if (auth !=
null)
{
if (
string.IsNullOrEmpty(auth.CONTROLLERNAME) ||
string.IsNullOrEmpty(auth.ACTIONNAME))
break;
if (auth.DESCRIPTION != item.Description)
{
if (q.Update(
new { DESCRIPTION = item.Description, LASTTIME = DateTime.Now }, p => p.ID == auth.ID) >
0) count++;
}
}
else
{
AuthModel model =
new AuthModel
{
ID = newId,
CONTROLLERNAME = item.ControllerName,
ACTIONNAME = item.ActionName,
DESCRIPTION = item.Description,
LASTTIME = DateTime.Now
};
if (q.Insert(model) >
0)
{
newId++;
count++;
}
}
}
}
return Content(
"
成功更新
" + count.ToString() +
"
个
");}
五.导航
public
static MvcHtmlString GetWebPath(
this HtmlHelper html,
string itemTemplate)
{
var sb =
new StringBuilder();
var controllerList = GetCache.GetControllerCache();
var menu = GetCache.GetActionCache()
.Where(p => p.Attrs.Count(q => q.TypeId.ToString() ==
"
MvcApplication.Controllers.Menu
") >
0);
CurrentUser currentuser =
new CurrentUser();
if (currentuser.ActionPermission ==
null)
return MvcHtmlString.Create(sb.ToString());
foreach (
var controller
in controllerList)
{
if (currentuser.ActionPermission !=
null)
{
var list = currentuser.ActionPermission.Where(p => p.CONTROLLERNAME == controller.ControllerName && p.CONTROLLERNAME !=
"
Home
");
foreach (
var item
in list)
{
var result = menu.FirstOrDefault(p => p.ActionName == item.ACTIONNAME && p.ControllerName == item.CONTROLLERNAME);
if (result !=
null)
{
sb.Append(itemTemplate.Replace(
"
{0}
", result.ControllerName).Replace(
"
{1}
", result.ActionName).Replace(
"
{2}
",
controller.Description));
break;
}
}
}
}
return MvcHtmlString.Create(sb.ToString());}
六.页面代码块级权限设计
public static HelperResult RoleHtmlTags(this HtmlHelper htmlHelper, string action, Func<string, HelperResult> template)
{
var controller = HttpContext.Current.Request.RequestContext.RouteData.Values["controller"].ToString();
CurrentUser currentuser = new CurrentUser();
var auth = currentuser.ActionPermission.Count(p => p.CONTROLLERNAME == controller && p.ACTIONNAME == action);
if (auth > 0)
{
return new HelperResult(writer =>
{
writer.Write(template.Invoke(null));
});
}
else
{
return null;
}
}
页面使用方法
@Html.RoleHtmlTags(
"
WorkLogEdit
", @<span>@Html.ActionLink(
"
编辑
",
"
WorkLogEdit
",
new { id = dt.id })<span>|</span></span>)