ASP.NET MVC 基于页面的权限管理
2017-08-15 10:00
519 查看
菜单表
namespace AspNetMvcAuthDemo1.Models { public class PermissionItem { public int ID { set; get; } public int PermissionID { set; get; } public string Name { set; get; } public string Route { set; get; } } }
菜单表集合
namespace AspNetMvcAuthDemo1.Models { public class PermissionList { public int ID { set; get; } public int PermissionID { set; get; } public int UserID { set; get; } } }
模拟初始化菜单数据
namespace AspNetMvcAuthDemo1.Models { public class UrlAuthorizeEntities { public IEnumerable<PermissionItem> PermissionItems = new List<PermissionItem> { new PermissionItem{ ID = 1 , PermissionID = 1, Name = "Test Page 1", Route = "/Home/Page1" }, new PermissionItem{ ID = 2 , PermissionID = 2, Name = "Test Page 2", Route = "/Home/Page2" }, new PermissionItem{ ID = 3 , PermissionID = 3, Name = "Test Page 3", Route = "/Home/Page3" }, new PermissionItem{ ID = 4 , PermissionID = 1, Name = "Test Page 4", Route = "/Home/Page4" }, new PermissionItem{ ID = 5 , PermissionID = 2, Name = "Test Page 5", Route = "/Home/Page5" } }; public IEnumerable<PermissionList> PermissionList = new List<PermissionList> { new PermissionList{ ID = 1 , PermissionID = 2, UserID = 1}, new PermissionList{ ID = 2 , PermissionID = 3, UserID = 1}, }; } }
账户帮助类-AccountHelper
namespace AspNetMvcAuthDemo1.UrlAuthorize { /// <summary> /// Account Helper /// </summary> public static class AccountHelper { /// <summary> /// Get all permission list /// </summary> /// <returns>Permission List</returns> public static List<PermissionItem> GetPermissionItems() { if (HttpContext.Current.Cache["PermissionItems"] == null) { UrlAuthorizeEntities db = new UrlAuthorizeEntities(); var items = db.PermissionItems.Where(c => c.PermissionID > 0).ToList(); HttpContext.Current.Cache["PermissionItems"] = items; } return (List<PermissionItem>)HttpContext.Current.Cache["PermissionItems"]; } /// <summary> /// Get User Permission /// </summary> /// <param name="userID">User ID</param> /// <returns>User Permission Array</returns> public static Int32[] GetUserPermission(int userID) { if (HttpContext.Current.Session["Permission"] == null) { UrlAuthorizeEntities db = new UrlAuthorizeEntities(); var permissions = db.PermissionList.Where(c => c.UserID == userID).Select(c=>c.PermissionID).ToArray(); HttpContext.Current.Session["Permission"] = permissions; } return (Int32[])HttpContext.Current.Session["Permission"]; } } }
账户帮助类-AccountHelper
namespace AspNetMvcAuthDemo1.UrlAuthorize { /// <summary> /// URL permission /// </summary> public class UrlAuthorizeAttribute : AuthorizeAttribute { /// <summary> /// Rewrite OnAuthorization /// </summary> /// <param name="filterContext"></param> public override void OnAuthorization(AuthorizationContext filterContext) { //Get permission list List<PermissionItem> pItems = AccountHelper.GetPermissionItems(); //Get current page permission ID,if items is null,the page you what to access has not been configed. var item = pItems.FirstOrDefault(c => c.Route == filterContext.HttpContext.Request.Path); if (item != null) { int[] permissions = AccountHelper.GetUserPermission(int.Parse(filterContext.HttpContext.Session["UserID"].ToString())); if (Array.IndexOf<Int32>(permissions, item.PermissionID) == -1) { //have not permission filterContext.HttpContext.Response.Write("You have no permission to access this page."); filterContext.HttpContext.Response.End(); } } else { //the page you what to access has not been configed. filterContext.HttpContext.Response.Write("The page you want to access has not been configed permission."); filterContext.HttpContext.Response.End(); } } } }
控制器
namespace AspNetMvcAuthDemo1.Controllers { public class HomeController : Controller { public ActionResult Index() { return View(); } public ActionResult About() { ViewBag.Message = "Your application description page."; return View(); } public ActionResult Contact() { ViewBag.Message = "Your contact page."; return View(); } public string Login() { HttpContext.Session["UserID"] = 1; return "Login success."; } [UrlAuthorize] public string Page1() { return "Page1"; } [UrlAuthorize] public string Page2() { return "Page2"; } [UrlAuthorize] public string Page3() { return "Page3"; } [UrlAuthorize] public string Page4() { return "Page4"; } [UrlAuthorize] public string Page5() { return "Page5"; } [UrlAuthorize] public string Page6() { return "Page6"; } } }
完整代码下载点击这里
技术交流QQ群:15129679
相关文章推荐
- ASP.NET MVC 基于页面的权限管理
- 通用权限管理系统[基于asp.net(c# 4.0) + MVC 4 + extjs 4.2 + PetaPoco](一、搭架子 - 有源码)
- 七天学会ASP.NET MVC (五)——Layout页面使用和用户角色管理
- 一个基于Asp.Net MVC的权限方案
- ASP.NET小收集:页面权限管理
- ASP.NET MVC 企业级实战 —— 创建用户权限管理示例程序
- ASP.NET MVC 5实现基于Quartz.net 的任务调度管理平台(一)
- 一步一步Asp.Net MVC系列_权限管理设计起始篇
- 一步一步Asp.Net MVC系列_权限管理之权限控制
- 【无私分享:从入门到精通ASP.NET MVC】从0开始,一起搭框架、做项目(7.1) 模块管理,验证权限,展示模块列表
- 在ASP.NET MVC中实现基于URL的权限控制
- ASP.NET MVC:窗体身份验证及角色权限管理示例
- ASP.NET MVC 3.0:基于Ajax的表单提交,A页面认证失败后页面被强转至登录页面,待登录成功将如何回到A页面?
- 在ASP.NET MVC中实现基于URL的权限控制
- ASP.NET MVC案例教程(基于ASP.NET MVC beta)——第二篇:第一个页面
- ASP.NET MVC案例教程(基于ASP.NET MVC beta)——第二篇:第一个页面
- 一步步打造基于ASP.NET的CMS内容管理系统--Step4 权限设定(补充)
- ASP.NET MVC:窗体身份验证及角色权限管理示例
- 一步一步Asp.Net MVC系列_权限管理设计起始篇
- 【商业版、提供全部源码】基于RBAC的C#ASP.NET支持多用户的通用权限管理系统高质量源码10月份销售20套