这是本人在做一个用户数较少而且对权限控制要求不算太高的项目时的一个设计思路,分享出来希望能抛砖引玉,也欢迎板砖。
在设计权限管理模块时没用角色这个概念,而是用不同用户登录时显示各自权限内的菜单的这个方法,鉴于Coalesys PanelBar for Asp.net 这个控件功能的强大,就用它做应用程序的主控菜单,不同用户登录时调用已自己ID命名的 userfile XML文件
1
PanelBar1.LoadXml(Server.MapPath(userfile));
userfile的xml代码片断
1
<
Group
Caption
="系统管理"
Expanded
="true"
>
2 < Item Caption ="权限管理" IconImage ="/net_places.gif" URL ="SoftAccount.aspx" Target ="internalFrame" />
3 < Item Caption ="基础数据" IconImage ="/control_panel.gif" URL ="BaseDataMain.aspx" Target ="internalFrame" />
4 < Item Caption ="系统运行" IconImage ="/documents.gif" URL ="SystemRun.aspx" Target ="internalFrame" />
5 </ Group >
6 < Group Caption ="销售管理" Expanded ="true" >
7 < Item Caption ="订单管理" IconImage ="/net_places.gif" URL ="OrderControlMain.aspx" Target ="internalFrame" />
8 < Item Caption ="审核订单" IconImage ="/control_panel.gif" URL ="OrdersControl/OrderAudit.aspx" Target ="internalFrame" />
9 < Item Caption ="订单汇总" IconImage ="/documents.gif" URL ="WebForm4.aspx" Target ="internalFrame" />
10 </ Group >
2 < Item Caption ="权限管理" IconImage ="/net_places.gif" URL ="SoftAccount.aspx" Target ="internalFrame" />
3 < Item Caption ="基础数据" IconImage ="/control_panel.gif" URL ="BaseDataMain.aspx" Target ="internalFrame" />
4 < Item Caption ="系统运行" IconImage ="/documents.gif" URL ="SystemRun.aspx" Target ="internalFrame" />
5 </ Group >
6 < Group Caption ="销售管理" Expanded ="true" >
7 < Item Caption ="订单管理" IconImage ="/net_places.gif" URL ="OrderControlMain.aspx" Target ="internalFrame" />
8 < Item Caption ="审核订单" IconImage ="/control_panel.gif" URL ="OrdersControl/OrderAudit.aspx" Target ="internalFrame" />
9 < Item Caption ="订单汇总" IconImage ="/documents.gif" URL ="WebForm4.aspx" Target ="internalFrame" />
10 </ Group >
关键是如何在系统中增加、更新用户的权限?鉴于权限的层次关系,我觉得用treeview来操作是最直观和方便的。我用一个XML文件作为菜单主控文件,
1
<?
xml version="1.0" encoding="gb2312"
?>
2 < Tmodules >
3 < Tmodule moduleName ="系统管理" Expanded ="true" >
4 < Cmodule >
5 < funcName > 权限管理 </ funcName >
6 < IconImage > /net_places.gif </ IconImage >
7 < URL > SoftAccount.aspx </ URL >
8 < Target > internalFrame </ Target >
9 </ Cmodule >
10 < Cmodule >
11 < funcName > 基础数据 </ funcName >
12 < IconImage > /control_panel.gif </ IconImage >
13 < URL > BaseDataMain.aspx </ URL >
14 < Target > internalFrame </ Target >
15 </ Cmodule >
16 < Cmodule >
17 < funcName > 系统运行 </ funcName >
18 < IconImage > /documents.gif </ IconImage >
19 < URL > SystemRun.aspx </ URL >
20 < Target > internalFrame </ Target >
21 </ Cmodule >
22 </ Tmodule >
23 < Tmodule moduleName ="销售管理" Expanded ="true" >
24 < Cmodule >
25 < funcName > 订单管理 </ funcName >
26 < IconImage > /net_places.gif </ IconImage >
27 < URL > OrderControlMain.aspx </ URL >
28 < Target > internalFrame </ Target >
29 </ Cmodule >
30 < Cmodule >
31 < funcName > 审核订单 </ funcName >
32 < IconImage > /control_panel.gif </ IconImage >
33 < URL > WebForm4.aspx </ URL >
34 < Target > internalFrame </ Target >
35 </ Cmodule >
36 < Cmodule >
37 < funcName > 订单汇总 </ funcName >
38 < IconImage > /documents.gif </ IconImage >
39 < URL > WebForm4.aspx </ URL >
40 < Target > internalFrame </ Target >
41 </ Cmodule >
42 </ Tmodule >
43 < Tmodule moduleName ="客户关系管理" Expanded ="true" >
44 < Cmodule >
45 < funcName > 客户管理 </ funcName >
46 < IconImage > /net_places.gif </ IconImage >
47 < URL > CustomerBase.aspx </ URL >
48 < Target > internalFrame </ Target >
49 </ Cmodule >
50 < Cmodule >
51 < funcName > 客户汇总 </ funcName >
52 < IconImage > /control_panel.gif </ IconImage >
53 < URL > WebForm4.aspx </ URL >
54 < Target > internalFrame </ Target >
55 </ Cmodule >
56
57
58 </ Tmodule >
59 < Tmodule moduleName ="往来管理" Expanded ="true" >
60 < Cmodule >
61 < funcName > 销售发票 </ funcName >
62 < IconImage > /net_places.gif </ IconImage >
63 < URL > WebForm4.aspx </ URL >
64 < Target > internalFrame </ Target >
65 </ Cmodule >
66 < Cmodule >
67 < funcName > 销售收款 </ funcName >
68 < IconImage > /control_panel.gif </ IconImage >
69 < URL > WebForm4.aspx </ URL >
70 < Target > internalFrame </ Target >
71 </ Cmodule >
72 < Cmodule >
73 < funcName > 费用支出 </ funcName >
74 < IconImage > /documents.gif </ IconImage >
75 < URL > WebForm4.aspx </ URL >
76 < Target > internalFrame </ Target >
77 </ Cmodule >
78 < Cmodule >
79 < funcName > 银行查询 </ funcName >
80 < IconImage > /net_setup.gif </ IconImage >
81 < URL > WebForm4.aspx </ URL >
82 < Target > internalFrame </ Target >
83 </ Cmodule >
84 </ Tmodule >
85 < Tmodule moduleName ="仓库管理" Expanded ="true" >
86 < Cmodule >
87 < funcName > 仓库 </ funcName >
88 < IconImage > /net_places.gif </ IconImage >
89 < URL > StocksControl/StockControlMain.aspx </ URL >
90 < Target > internalFrame </ Target >
91 </ Cmodule >
92
93
94
95 </ Tmodule >
96 < Tmodule moduleName ="市场管理" Expanded ="true" >
97 < Cmodule >
98 < funcName > 潜在客户 </ funcName >
99 < IconImage > /net_places.gif </ IconImage >
100 < URL > CustomerBase.aspx </ URL >
101 < Target > internalFrame </ Target >
102 </ Cmodule >
103 < Cmodule >
104 < funcName > 竞争对手 </ funcName >
105 < IconImage > /control_panel.gif </ IconImage >
106 < URL > WebForm4.aspx </ URL >
107 < Target > internalFrame </ Target >
108 </ Cmodule >
109 < Cmodule >
110 < funcName > 合作伙伴 </ funcName >
111 < IconImage > /documents.gif </ IconImage >
112 < URL > Commpany.aspx </ URL >
113 < Target > internalFrame </ Target >
114 </ Cmodule >
115
116
117 </ Tmodule >
118 </ Tmodules >
2 < Tmodules >
3 < Tmodule moduleName ="系统管理" Expanded ="true" >
4 < Cmodule >
5 < funcName > 权限管理 </ funcName >
6 < IconImage > /net_places.gif </ IconImage >
7 < URL > SoftAccount.aspx </ URL >
8 < Target > internalFrame </ Target >
9 </ Cmodule >
10 < Cmodule >
11 < funcName > 基础数据 </ funcName >
12 < IconImage > /control_panel.gif </ IconImage >
13 < URL > BaseDataMain.aspx </ URL >
14 < Target > internalFrame </ Target >
15 </ Cmodule >
16 < Cmodule >
17 < funcName > 系统运行 </ funcName >
18 < IconImage > /documents.gif </ IconImage >
19 < URL > SystemRun.aspx </ URL >
20 < Target > internalFrame </ Target >
21 </ Cmodule >
22 </ Tmodule >
23 < Tmodule moduleName ="销售管理" Expanded ="true" >
24 < Cmodule >
25 < funcName > 订单管理 </ funcName >
26 < IconImage > /net_places.gif </ IconImage >
27 < URL > OrderControlMain.aspx </ URL >
28 < Target > internalFrame </ Target >
29 </ Cmodule >
30 < Cmodule >
31 < funcName > 审核订单 </ funcName >
32 < IconImage > /control_panel.gif </ IconImage >
33 < URL > WebForm4.aspx </ URL >
34 < Target > internalFrame </ Target >
35 </ Cmodule >
36 < Cmodule >
37 < funcName > 订单汇总 </ funcName >
38 < IconImage > /documents.gif </ IconImage >
39 < URL > WebForm4.aspx </ URL >
40 < Target > internalFrame </ Target >
41 </ Cmodule >
42 </ Tmodule >
43 < Tmodule moduleName ="客户关系管理" Expanded ="true" >
44 < Cmodule >
45 < funcName > 客户管理 </ funcName >
46 < IconImage > /net_places.gif </ IconImage >
47 < URL > CustomerBase.aspx </ URL >
48 < Target > internalFrame </ Target >
49 </ Cmodule >
50 < Cmodule >
51 < funcName > 客户汇总 </ funcName >
52 < IconImage > /control_panel.gif </ IconImage >
53 < URL > WebForm4.aspx </ URL >
54 < Target > internalFrame </ Target >
55 </ Cmodule >
56
57
58 </ Tmodule >
59 < Tmodule moduleName ="往来管理" Expanded ="true" >
60 < Cmodule >
61 < funcName > 销售发票 </ funcName >
62 < IconImage > /net_places.gif </ IconImage >
63 < URL > WebForm4.aspx </ URL >
64 < Target > internalFrame </ Target >
65 </ Cmodule >
66 < Cmodule >
67 < funcName > 销售收款 </ funcName >
68 < IconImage > /control_panel.gif </ IconImage >
69 < URL > WebForm4.aspx </ URL >
70 < Target > internalFrame </ Target >
71 </ Cmodule >
72 < Cmodule >
73 < funcName > 费用支出 </ funcName >
74 < IconImage > /documents.gif </ IconImage >
75 < URL > WebForm4.aspx </ URL >
76 < Target > internalFrame </ Target >
77 </ Cmodule >
78 < Cmodule >
79 < funcName > 银行查询 </ funcName >
80 < IconImage > /net_setup.gif </ IconImage >
81 < URL > WebForm4.aspx </ URL >
82 < Target > internalFrame </ Target >
83 </ Cmodule >
84 </ Tmodule >
85 < Tmodule moduleName ="仓库管理" Expanded ="true" >
86 < Cmodule >
87 < funcName > 仓库 </ funcName >
88 < IconImage > /net_places.gif </ IconImage >
89 < URL > StocksControl/StockControlMain.aspx </ URL >
90 < Target > internalFrame </ Target >
91 </ Cmodule >
92
93
94
95 </ Tmodule >
96 < Tmodule moduleName ="市场管理" Expanded ="true" >
97 < Cmodule >
98 < funcName > 潜在客户 </ funcName >
99 < IconImage > /net_places.gif </ IconImage >
100 < URL > CustomerBase.aspx </ URL >
101 < Target > internalFrame </ Target >
102 </ Cmodule >
103 < Cmodule >
104 < funcName > 竞争对手 </ funcName >
105 < IconImage > /control_panel.gif </ IconImage >
106 < URL > WebForm4.aspx </ URL >
107 < Target > internalFrame </ Target >
108 </ Cmodule >
109 < Cmodule >
110 < funcName > 合作伙伴 </ funcName >
111 < IconImage > /documents.gif </ IconImage >
112 < URL > Commpany.aspx </ URL >
113 < Target > internalFrame </ Target >
114 </ Cmodule >
115
116
117 </ Tmodule >
118 </ Tmodules >
通过XSLT转化为生成radtreeview的XML文件也就是生成一棵权限树,这样新增、更新用户权限时可以在这棵权限树里操作,进而生成userfile,而且如果系统更新了功能菜单,只要手工修改一下菜单主控文件(更新系统模块功能一般由开发人员完成),然后让系统管理员执行一下XSLT转化就更新了权限树,实际运行中还是很方便的。
XSLT文件如下:
1
<?
xml version="1.0" encoding="utf-8"
?>
2 < xsl:stylesheet version ="1.0" xmlns:xsl ="http://www.w3.org/1999/XSL/Transform" >
3 < xsl:output method ="xml" indent ="yes" encoding ="utf-8" omit-xml-declaration ="no" />
4 < xsl:template match ="/" >
5 < xsl:element name ="Tree" >
6 < xsl:apply-templates />
7 </ xsl:element >
8 </ xsl:template >
9 < xsl:template match ="Tmodules" >
10 < xsl:apply-templates select ="Tmodule" />
11 </ xsl:template >
12 < xsl:template match ="Tmodule" >
13 < xsl:element name ="Node" >
14 < xsl:attribute name ="Text" >
15 < xsl:value-of select ="@moduleName" />
16 </ xsl:attribute >
17 < xsl:attribute name ="Expanded" > true </ xsl:attribute >
18
19 < xsl:apply-templates select ="Cmodule" />
20 </ xsl:element >
21 </ xsl:template >
22 < xsl:template match ="Cmodule" >
23 < xsl:apply-templates select ="funcName" />
24 </ xsl:template >
25 < xsl:template match ="funcName" >
26 < xsl:element name ="Node" >
27 < xsl:attribute name ="Text" >
28 < xsl:value-of select ="." />
29 </ xsl:attribute >
30 </ xsl:element >
31 </ xsl:template >
32
33
34 </ xsl:stylesheet >
35
2 < xsl:stylesheet version ="1.0" xmlns:xsl ="http://www.w3.org/1999/XSL/Transform" >
3 < xsl:output method ="xml" indent ="yes" encoding ="utf-8" omit-xml-declaration ="no" />
4 < xsl:template match ="/" >
5 < xsl:element name ="Tree" >
6 < xsl:apply-templates />
7 </ xsl:element >
8 </ xsl:template >
9 < xsl:template match ="Tmodules" >
10 < xsl:apply-templates select ="Tmodule" />
11 </ xsl:template >
12 < xsl:template match ="Tmodule" >
13 < xsl:element name ="Node" >
14 < xsl:attribute name ="Text" >
15 < xsl:value-of select ="@moduleName" />
16 </ xsl:attribute >
17 < xsl:attribute name ="Expanded" > true </ xsl:attribute >
18
19 < xsl:apply-templates select ="Cmodule" />
20 </ xsl:element >
21 </ xsl:template >
22 < xsl:template match ="Cmodule" >
23 < xsl:apply-templates select ="funcName" />
24 </ xsl:template >
25 < xsl:template match ="funcName" >
26 < xsl:element name ="Node" >
27 < xsl:attribute name ="Text" >
28 < xsl:value-of select ="." />
29 </ xsl:attribute >
30 </ xsl:element >
31 </ xsl:template >
32
33
34 </ xsl:stylesheet >
35
如何把userfile文件中的权限显示为treeview的选中的节点
string User_XML_File = Server.MapPath( " /PressMange/XML/ " + USER_ID + " .xml " );
if ( ! IsPostBack) {
XmlDocument doc = new XmlDocument();
doc.Load(User_XML_File);
string xpath = "//@Caption ";
XmlNodeList nodes = doc.SelectNodes(xpath);
ArrayList nodeCollection = RadTreeView1.GetAllNodes();
foreach(XmlNode node in nodes)
{
foreach(RadTreeNode rnode in nodeCollection)
{
if(rnode.Text==node.Value)
{
rnode.Checked=true;
break;
}
}
}
}
新增、更新用户权限就是更新userfile:
private
void
createNewUserXML()
{
string message = string.Empty;
int groupid =0;
string[] arrlist;
ArrayList nodeCollection = RadTreeView1.CheckedNodes;
if (nodeCollection.Count==0)
return;
docstand= new XmlDocument();
docstand.Load(Server.MapPath("/PressMange/XML/XMLStand.xml"));
docmoudle = new XmlDocument();
docmoudle.Load(Server.MapPath("/PressMange/XML/XMLMoudle.xml"));
foreach (RadTreeNode node in nodeCollection)
{
message = node.FullPath;
int i = message.IndexOf("//");
if (i<0)
{
groupid++;
//Response.Write(message+"<br>");
processGroup(message);
}
else if(groupid>0)
//else
{
arrlist = message.Split('//');
processItem(arrlist[1]);
}
}
string user_tmp_file ="/PressMange/TempReports/"+USER_ID+"_tmp.xml";
string user_file =Server.MapPath( "/PressMange/XML/"+USER_ID+".xml");
docstand.Save(Server.MapPath(user_tmp_file));
File.Copy(Server.MapPath(user_tmp_file),user_file,true);
}
private void processGroup( string str)
{
XmlAttribute attrtmp = null;
XmlElement elem= docstand.CreateElement("Group");
string xpath = "//Tmodule[@moduleName='"+str+"' ]/. ";
XmlNode node = docmoudle.SelectSingleNode(xpath);
XmlNamedNodeMap nodemap = node.Attributes;
foreach (XmlAttribute attr1 in nodemap)
{
if(attr1.Name=="moduleName")
{
attrtmp = docstand .CreateAttribute("Caption");
}
else
{
attrtmp = docstand.CreateAttribute(attr1.Name);
}
attrtmp.Value=attr1.Value;
elem.SetAttributeNode(attrtmp);
}
XmlNode lastnode = docstand.LastChild;
lastnode.AppendChild(elem);
} // end of processGroup
private void processItem( string str)
{
XmlNode lastnode = null;
XmlAttribute attrtmp = null;
string xpath="//Cmodule/funcName[.='"+str+"']/..";
XmlNode node = docmoudle.SelectSingleNode(xpath);
XmlElement elem= docstand.CreateElement("Item");
XmlNodeList nodelist = node.ChildNodes;
foreach (XmlNode childnode in nodelist)
{
if(childnode.Name=="funcName")
{
attrtmp = docstand .CreateAttribute("Caption");
}
else
{
attrtmp = docstand .CreateAttribute(childnode.Name);
}
attrtmp.Value=childnode.InnerText;
elem.SetAttributeNode(attrtmp);
}
string xpath1 = "//Group[last()]";
XmlNode nodetmp = docstand.SelectSingleNode(xpath1);
if(nodetmp.HasChildNodes)
{
lastnode = nodetmp;
}
else
{
lastnode = nodetmp;
}
lastnode.AppendChild(elem);
}
{
string message = string.Empty;
int groupid =0;
string[] arrlist;
ArrayList nodeCollection = RadTreeView1.CheckedNodes;
if (nodeCollection.Count==0)
return;
docstand= new XmlDocument();
docstand.Load(Server.MapPath("/PressMange/XML/XMLStand.xml"));
docmoudle = new XmlDocument();
docmoudle.Load(Server.MapPath("/PressMange/XML/XMLMoudle.xml"));
foreach (RadTreeNode node in nodeCollection)
{
message = node.FullPath;
int i = message.IndexOf("//");
if (i<0)
{
groupid++;
//Response.Write(message+"<br>");
processGroup(message);
}
else if(groupid>0)
//else
{
arrlist = message.Split('//');
processItem(arrlist[1]);
}
}
string user_tmp_file ="/PressMange/TempReports/"+USER_ID+"_tmp.xml";
string user_file =Server.MapPath( "/PressMange/XML/"+USER_ID+".xml");
docstand.Save(Server.MapPath(user_tmp_file));
File.Copy(Server.MapPath(user_tmp_file),user_file,true);
}
private void processGroup( string str)
{
XmlAttribute attrtmp = null;
XmlElement elem= docstand.CreateElement("Group");
string xpath = "//Tmodule[@moduleName='"+str+"' ]/. ";
XmlNode node = docmoudle.SelectSingleNode(xpath);
XmlNamedNodeMap nodemap = node.Attributes;
foreach (XmlAttribute attr1 in nodemap)
{
if(attr1.Name=="moduleName")
{
attrtmp = docstand .CreateAttribute("Caption");
}
else
{
attrtmp = docstand.CreateAttribute(attr1.Name);
}
attrtmp.Value=attr1.Value;
elem.SetAttributeNode(attrtmp);
}
XmlNode lastnode = docstand.LastChild;
lastnode.AppendChild(elem);
} // end of processGroup
private void processItem( string str)
{
XmlNode lastnode = null;
XmlAttribute attrtmp = null;
string xpath="//Cmodule/funcName[.='"+str+"']/..";
XmlNode node = docmoudle.SelectSingleNode(xpath);
XmlElement elem= docstand.CreateElement("Item");
XmlNodeList nodelist = node.ChildNodes;
foreach (XmlNode childnode in nodelist)
{
if(childnode.Name=="funcName")
{
attrtmp = docstand .CreateAttribute("Caption");
}
else
{
attrtmp = docstand .CreateAttribute(childnode.Name);
}
attrtmp.Value=childnode.InnerText;
elem.SetAttributeNode(attrtmp);
}
string xpath1 = "//Group[last()]";
XmlNode nodetmp = docstand.SelectSingleNode(xpath1);
if(nodetmp.HasChildNodes)
{
lastnode = nodetmp;
}
else
{
lastnode = nodetmp;
}
lastnode.AppendChild(elem);
}
看看界面效果:/Files/masey/gif.rar