自己实现AOP的权限管理的代码

于 2009-01-21 08:49:32 发布
阅读量89 收藏
点赞数
文章标签: runtime

using System;
using System.Collections.Generic;
using System.Reflection;
using System.Linq;
using System.Text;
using System.Runtime.Remoting.Contexts;
using System.Runtime.Remoting.Activation;
using System.Runtime.Remoting.Messaging;

namespace LiangQ.Authentification
{
#region 自定义Aspect,实际意义就是一个消息接收器,加入到消息处理管道中
internal class AuthAspect:IMessageSink
{
private IMessageSink m_next;
internal AuthAspect(IMessageSink next)
{
m_next = next;
}
public IMessageSink NextSink
{
get { return m_next; }
}
public IMessageCtrl AsyncProcessMessage(IMessage msg, IMessageSink replySink)
{
throw new InvalidOperationException();
}
public IMessage SyncProcessMessage(IMessage msg)
{
if (!authManage(msg))//权限处理函数
{
throw new InvalidOperationException("你没有权限执行这个功能");
}
IMessage returnMessage = m_next.SyncProcessMessage(msg);
return returnMessage;
}
private bool authManage(IMessage msg)//权限处理函数
{
if (!(msg is IMethodMessage)) return true;
IMethodMessage call = msg as IMethodMessage;
//Type type = Type.GetType(call.TypeName);
//string callStr = type.Name + "." + call.MethodName ;

//Console.WriteLine(callStr);

string needProfile="max", profile=" ",methodName;
//获取自定义属性的参数
string[] typeName = call.TypeName.Split(',');

string className = typeName[0];

Type t = Type.GetType(className);

MethodInfo m = t.GetMethod(call.MethodName);

foreach (object attr in m.GetCustomAttributes(true))
{
if (attr is AuthAttribute)
{
profile = ((AuthAttribute)attr).ProfileName;
}
}

//获取函数名
methodName = call.MethodName;
//假设通过一定方法可以获取到执行这个函数所需要的权限对象名称
needProfile = "admin";

if (profile == needProfile)
{
return true;
}
else return false;
}
}
#endregion
#region 自定义的权限检查属性
[AttributeUsage(AttributeTargets.All)]
public class AuthAttribute:ContextAttribute
{
private string profileName;
public AuthAttribute()
: base("Auth")
{
}
public AuthAttribute(string profile)
: base("Auth")
{
this.profileName = profile;
}
public string ProfileName
{
get { return this.profileName; }
}
public override void GetPropertiesForNewContext(IConstructionCallMessage ctorMsg)
{
ctorMsg.ContextProperties.Add(new AuthProperty());
}
}
#endregion //自定义的权限检查属性
public class AuthProperty : IContextProperty, IContributeObjectSink
{
public IMessageSink GetObjectSink(MarshalByRefObject o, IMessageSink next)
{
return new AuthAspect(next);
}
public string Name
{
get { return "AuthProperty"; }
}
public void Freeze(Context newContext)
{
}
public bool IsNewContextOK(Context newCtx)
{
return true;
}
}
}


using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;

namespace LiangQ.Authentification
{
class Program
{
static void Main(string[] args)
{
UserInterface t = new UserInterface();
try
{
t.printReport();
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
Console.Read();
}
}
[Auth()]
public class UserInterface : ContextBoundObject
{
[Auth("simpleUser")]
public void printReport()
{
Console.WriteLine("I am Liang-Q");
}
}
}
觉得还是很有意思的一件事情,这样做可以减少大量的权限检查的代码,也使得权限的可配置性更强。

[@more@]

来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/14820420/viewspace-1016350/,如需转载,请注明出处,否则将追究法律责任。

转载于:http://blog.itpub.net/14820420/viewspace-1016350/

cisui0933
关注
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值