• ASP.NET MVC 基于页面的权限管理


      菜单表

        namespace AspNetMvcAuthDemo1.Models  
        {  
            public class PermissionItem  
            {  
                public int ID { set; get; }  
          
                public int PermissionID { set; get; }  
          
                public string Name { set; get; }  
          
                public string Route { set; get; }  
            }  
        }  

     菜单表集合

    namespace AspNetMvcAuthDemo1.Models  
    {  
        public class PermissionList  
        {  
            public int ID { set; get; }  
      
            public int PermissionID { set; get; }  
      
            public int UserID { set; get; }  
        }  
    } 

    模拟初始化菜单数据

        namespace AspNetMvcAuthDemo1.Models  
        {  
            public class UrlAuthorizeEntities  
            {  
                public IEnumerable<PermissionItem> PermissionItems = new List<PermissionItem>   
                {  
                    new PermissionItem{ ID = 1 , PermissionID = 1, Name = "Test Page 1", Route = "/Home/Page1" },  
                    new PermissionItem{ ID = 2 , PermissionID = 2, Name = "Test Page 2", Route = "/Home/Page2" },  
                    new PermissionItem{ ID = 3 , PermissionID = 3, Name = "Test Page 3", Route = "/Home/Page3" },  
                    new PermissionItem{ ID = 4 , PermissionID = 1, Name = "Test Page 4", Route = "/Home/Page4" },  
                    new PermissionItem{ ID = 5 , PermissionID = 2, Name = "Test Page 5", Route = "/Home/Page5" }  
                };  
          
                public IEnumerable<PermissionList> PermissionList = new List<PermissionList>  
                {  
                    new PermissionList{ ID = 1 , PermissionID = 2, UserID = 1},  
                    new PermissionList{ ID = 2 , PermissionID = 3, UserID = 1},  
                };  
            }  
        }  

    账户帮助类-AccountHelper

        namespace AspNetMvcAuthDemo1.UrlAuthorize  
        {  
            /// <summary>  
            /// Account Helper  
            /// </summary>  
            public static class AccountHelper  
            {  
                /// <summary>  
                /// Get all permission list  
                /// </summary>  
                /// <returns>Permission List</returns>  
                public static List<PermissionItem> GetPermissionItems()  
                {  
                    if (HttpContext.Current.Cache["PermissionItems"] == null)  
                    {  
                        UrlAuthorizeEntities db = new UrlAuthorizeEntities();  
                        var items = db.PermissionItems.Where(c => c.PermissionID > 0).ToList();  
                        HttpContext.Current.Cache["PermissionItems"] = items;  
                    }  
          
                    return (List<PermissionItem>)HttpContext.Current.Cache["PermissionItems"];  
                }  
          
                /// <summary>  
                /// Get User Permission  
                /// </summary>  
                /// <param name="userID">User ID</param>  
                /// <returns>User Permission Array</returns>  
                public static Int32[] GetUserPermission(int userID)  
                {  
                    if (HttpContext.Current.Session["Permission"] == null)  
                    {  
                        UrlAuthorizeEntities db = new UrlAuthorizeEntities();  
                        var permissions = db.PermissionList.Where(c => c.UserID == userID).Select(c=>c.PermissionID).ToArray();  
                        HttpContext.Current.Session["Permission"] = permissions;  
                    }  
                    return (Int32[])HttpContext.Current.Session["Permission"];  
                }  
            }  
        }  

    账户帮助类-AccountHelper

        namespace AspNetMvcAuthDemo1.UrlAuthorize  
        {  
            /// <summary>  
            /// URL permission  
            /// </summary>  
            public class UrlAuthorizeAttribute : AuthorizeAttribute  
            {  
                /// <summary>  
                /// Rewrite OnAuthorization  
                /// </summary>  
                /// <param name="filterContext"></param>  
                public override void OnAuthorization(AuthorizationContext filterContext)  
                {  
                    //Get permission list  
                    List<PermissionItem> pItems = AccountHelper.GetPermissionItems();  
          
                    //Get current page permission ID,if items is null,the page you what to access has not been configed.  
                    var item = pItems.FirstOrDefault(c => c.Route == filterContext.HttpContext.Request.Path);  
          
                    if (item != null)  
                    {  
                        int[] permissions = AccountHelper.GetUserPermission(int.Parse(filterContext.HttpContext.Session["UserID"].ToString()));  
                        if (Array.IndexOf<Int32>(permissions, item.PermissionID) == -1)  
                        {  
                            //have not permission  
                            filterContext.HttpContext.Response.Write("You have no permission to access this page.");  
                            filterContext.HttpContext.Response.End();  
                        }  
                    }  
                    else  
                    {  
                        //the page you what to access has not been configed.  
                        filterContext.HttpContext.Response.Write("The page you want to access has not been configed permission.");  
                        filterContext.HttpContext.Response.End();  
                    }  
                }  
            }  
        }  

    控制器

        namespace AspNetMvcAuthDemo1.Controllers  
        {  
            public class HomeController : Controller  
            {  
                public ActionResult Index()  
                {  
                    return View();  
                }  
          
                public ActionResult About()  
                {  
                    ViewBag.Message = "Your application description page.";  
          
                    return View();  
                }  
          
                public ActionResult Contact()  
                {  
                    ViewBag.Message = "Your contact page.";  
          
                    return View();  
                }  
          
                public string Login()  
                {  
                    HttpContext.Session["UserID"] = 1;  
                    return "Login success.";  
                }  
          
                [UrlAuthorize]  
                public string Page1()  
                {  
                    return "Page1";  
                }  
          
                [UrlAuthorize]  
                public string Page2()  
                {  
                    return "Page2";  
                }  
          
                [UrlAuthorize]  
                public string Page3()  
                {  
                    return "Page3";  
                }  
          
                [UrlAuthorize]  
                public string Page4()  
                {  
                    return "Page4";  
                }  
          
                [UrlAuthorize]  
                public string Page5()  
                {  
                    return "Page5";  
                }  
          
                [UrlAuthorize]  
                public string Page6()  
                {  
                    return "Page6";  
                }  
            }  
        }  

    完整代码下载点击这里

    技术交流QQ群:15129679

  • 相关阅读:
    MAX导致数据库超时
    mysql查询效率提高技巧
    微信回调报文解析, 获取请求体内容
    炖汤秘方
    首字母小写
    List分页
    HttpServletRequest通过InputStream获取参数
    github命令行
    mysql死锁
    分布式锁-redis
  • 原文地址:https://www.cnblogs.com/yeminglong/p/7363550.html
走看看 - 开发者的网上家园