角色权限声明,必须具备[添加]权限,才能执行此段代码
[RolePermission(SecurityAction.Demand, PermissionAction = PermissionAction.Add)]
public void DataViewInsert()
{
//所有的ORM实体,统一的添加数据到数据库的代码
...
}
使用界面信息,当用户LOGIN完成后,进入主FORM时,填充权限判断所需要具备的外部信息
if (Thread.CurrentPrincipal.Identity.IsAuthenticated)
{
barStaticItem2.Caption = Thread.CurrentPrincipal.Identity.Name;
string[] roles = Role.GetRolesForUser(Thread.CurrentPrincipal.Identity.Name);
barStaticItem3.Caption = roles.Length > 0 ? roles[0] : "#";
#region 填充成员资格对应的界面控件信息
System.Collections.IList imgs = null;
if (this.Ribbon.Images != null)
{
if (this.Ribbon.Images is DevExpress.Utils.ImageCollection)
imgs = (this.Ribbon.Images as DevExpress.Utils.ImageCollection).Images;
else if (this.Ribbon.Images is System.Windows.Forms.ImageList)
imgs = (this.Ribbon.Images as System.Windows.Forms.ImageList).Images;
}
//采用界面的信息,填充进UIControls
foreach (BarItem barItem in this.Ribbon.Items)
{
if (barItem.Visibility != DevExpress.XtraBars.BarItemVisibility.Always) continue;
if (barItem is DevExpress.XtraBars.BarStaticItem) continue;
Image img = null;
if (barItem.ImageIndex > -1)
img = imgs[barItem.ImageIndex] as Image;
else if (barItem.Glyph != null)
img = barItem.Glyph;
UIControlAccess uiOcx = new UIControlAccess()
{
Name = barItem.Name,
FunctionName = barItem.Tag == null ? string.Empty : barItem.Tag.ToString(),
Text = barItem.Caption,
Description = !string.IsNullOrEmpty(barItem.Description) ? barItem.Description : barItem.Hint,
Image = img,
};
(Thread.CurrentPrincipal as MemberPrincipal).UIControls.Add(uiOcx);
}
#endregion
}
UI界面访问控制的基本数据
public class UIControlAccess : IUIControlAccess
{
/// <summary>
/// 权限名称(对应可操作的按钮/菜单等名称)
/// </summary>
public string Name
{
get;
set;
}
/// <summary>
/// 权限显示文本
/// </summary>
public string Text
{
get;
set;
}
/// <summary>
/// 过程名称
/// <remarks>权限判断根据此值进行验证</remarks>
/// </summary>
public string FunctionName
{
get;
set;
}
/// <summary>
/// 权限的描述文本
/// </summary>
public string Description
{
get;
set;
}
/// <summary>
/// 权限编辑时,提供显示的图片
/// </summary>
public System.Drawing.Image Image
{
get;
set;
}
}
在上一篇中有RolePermission对象具有CreateDataRow方法,虽然在内部使用,主要考虑提供一个DATASET,支持权限信息可以绑定输出到表格类的UI控件
运行结果如下图:
运行流程:
当用户添加时,会根据[RolePermission(SecurityAction.Demand, PermissionAction = PermissionAction.Add)]执行RolePermission.Demand()方法
如果不满足权限判断,则抛出异常,由Application.ThreadException事件来接收处理
static void Application_ThreadException(object sender, System.Threading.ThreadExceptionEventArgs e)
{
if (e.Exception is SecurityException)
DevExpress.XtraEditors.XtraMessageBox.Show
(e.Exception.Message,
"安全要求", MessageBoxButtons.OK, MessageBoxIcon.Error);
else
{
//...
}
}
运行结果如下图:
角色的权限数据保存到数据库,由你自己决定去如何实现,这里不做阐述.
如何控制其它的权限呢?
class form1 : Form
{
[RolePermission(SecurityAction.Demand, PermissionAction = PermissionAction.Show)]
private void ShowData()
{
...
}
private void btn1_click()
{
MemberPrincipal mbmPrincipal = System.Threading.Thread.CurrentPrincipal as MemberPrincipal;
if (mbmPrincipal != null)
mbmPrincipal.FunctionName = "ShowData";
ShowData();
}
}