Imports System Imports System.Web ''' ----------------------------------------------------------------------------- ''' Project : Accounts.Business ''' Class : WebModules.Accounts.Business.SitePrincipal ''' ''' ----------------------------------------------------------------------------- ''' <summary> ''' 本类通过实现[System.Security.Principal.IIdentity]接口来实现本站点权限管理 ''' </summary> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicClass SitePrincipalClass SitePrincipal Implements System.Security.Principal.IPrincipal #Region "私有变量" Private _Identity As System.Security.Principal.IIdentity Private _PermissionList As ArrayList Private _RoleList As ArrayList #End Region #Region "构造函数" ''' ----------------------------------------------------------------------------- ''' <summary> ''' 通过用户ID号来实例化 ''' </summary> ''' <param name="UserID">用户ID号</param> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicSub New()SubNew(ByVal UserID AsInteger) Dim User AsNew Data.User Me._Identity =New Business.SiteIdentity(UserID) Me._RoleList = User.GetUserRoles(UserID) Me._PermissionList = User.GetEffectivePermissionList(UserID) End Sub ''' ----------------------------------------------------------------------------- ''' <summary> ''' 通过登录帐号来实例化 ''' </summary> ''' <param name="EmailAddress">登录帐号</param> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicSub New()SubNew(ByVal EmailAddress AsString) Dim User AsNew Data.User Me._Identity =New Business.SiteIdentity(EmailAddress) Me._RoleList = User.GetUserRoles(CType(Me._Identity, SiteIdentity).UserID) Me._PermissionList = User.GetEffectivePermissionList(CType(Me._Identity, SiteIdentity).UserID) End Sub #End Region #Region "[System.Security.Principal.IPrincipal]接口的实现方法" ''' ----------------------------------------------------------------------------- ''' <summary> ''' [System.Security.Principal.IPrincipal]接口的Identity实现方法 ''' </summary> ''' <value></value> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicReadOnlyProperty Identity()Property Identity() As System.Security.Principal.IIdentity Implements System.Security.Principal.IPrincipal.Identity Get Return Me._Identity EndGet End Property ''' ----------------------------------------------------------------------------- ''' <summary> ''' [System.Security.Principal.IPrincipal]接口的IsInRole实现方法 ''' </summary> ''' <param name="role">角色名称</param> ''' <returns></returns> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicFunction IsInRole()Function IsInRole(ByVal Role AsString) AsBooleanImplements System.Security.Principal.IPrincipal.IsInRole Return Me._RoleList.Contains(Role) End Function #End Region #Region "新增属性" ''' ----------------------------------------------------------------------------- ''' <summary> ''' 验证是否有相应的许可 ''' </summary> ''' <param name="PermissionID">许可ID号</param> ''' <value></value> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicReadOnlyProperty HasPermission()Property HasPermission(ByVal PermissionID AsInteger) AsBoolean Get Return Me._PermissionList.Contains(PermissionID) EndGet End Property ''' ----------------------------------------------------------------------------- ''' <summary> ''' 返回角色列表 ''' </summary> ''' <value></value> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicReadOnlyProperty Roles()Property Roles() As ArrayList Get Return Me._RoleList EndGet End Property ''' ----------------------------------------------------------------------------- ''' <summary> ''' 返回许可列表 ''' </summary> ''' <value></value> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicReadOnlyProperty Permissions()Property Permissions() As ArrayList Get Return Me._PermissionList EndGet End Property #End Region #Region "新增方法" ''' ----------------------------------------------------------------------------- ''' <summary> ''' 验证登录.iif(登录成功,return SitePrincipal,return nothing) ''' </summary> ''' <param name="EmailAddress">登录帐号</param> ''' <param name="Password">登录密码</param> ''' <returns></returns> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicSharedFunction ValidateLogin()Function ValidateLogin(ByVal EmailAddress AsString, ByVal Password AsString) As Business.SitePrincipal Dim User As Data.User Dim newID AsInteger newID = User.ValidataLogin(EmailAddress, Password) If newID >0Then ReturnNew SitePrincipal(EmailAddress) Else ReturnNothing EndIf End Function #End Region End Class
接着定义类SiteIdentity,代码如下:
Imports System Imports System.Web Imports Mrhjw.Components ''' ----------------------------------------------------------------------------- ''' Project : Accounts.Business ''' Class : WebModules.Accounts.Business.SiteIdentity ''' ''' ----------------------------------------------------------------------------- ''' <summary> ''' 本类通过实现[System.Security.Principal.IIdentity]接口来实现本站点权限管理 ''' </summary> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicClass SiteIdentityClass SiteIdentity Implements System.Security.Principal.IIdentity #Region "私有变量" Private _UserName AsString'//用户名 Private _EmailAddress AsString'//帐号 Private _PassWord AsString'//密码 Private _UserID AsInteger'//用户ID号 Private _Theme AsString=String.Empty '//用户的主题_默认为'default' #End Region #Region "构造函数" ''' ----------------------------------------------------------------------------- ''' <summary> ''' 通过登录帐号来实例化 ''' </summary> ''' <param name="EmailAddress">登录帐号</param> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicSub New()SubNew(ByVal EmailAddress AsString) Dim User AsNew Data.User Dim Dr As DataRow Dr = User.Retrieve(EmailAddress) '''to do something ''' ''' ''' ''' AppGlobals.Skin = Me._Theme End Sub ''' ----------------------------------------------------------------------------- ''' <summary> ''' 根据用户ID号来实例化 ''' </summary> ''' <param name="UserID"></param> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicSub New()SubNew(ByVal UserID AsInteger) Dim User AsNew Data.User Dim Dr As DataRow Dr = User.Retrieve(UserID) '''to do something ''' ''' ''' ''' ''' AppGlobals.Skin = Me._Theme End Sub #End Region #Region "[System.Security.Principal.IIdentity]接口的实现方法" ''' ----------------------------------------------------------------------------- ''' <summary> ''' System.Security.Principal.IIdentity接口的AuthenticationType实现 ''' </summary> ''' <value></value> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicReadOnlyProperty AuthenticationType()Property AuthenticationType() AsStringImplements System.Security.Principal.IIdentity.AuthenticationType Get Return"custom AuthenticationType" EndGet End Property ''' ----------------------------------------------------------------------------- ''' <summary> ''' System.Security.Principal.IIdentity接口的IsAuthenticated实现,返回true,由于必须在通过验证后才使用本类,故返回true ''' </summary> ''' <value></value> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicReadOnlyProperty IsAuthenticated()Property IsAuthenticated() AsBooleanImplements System.Security.Principal.IIdentity.IsAuthenticated Get ReturnTrue EndGet End Property ''' ----------------------------------------------------------------------------- ''' <summary> ''' System.Security.Principal.IIdentity接口的Name实现 ''' </summary> ''' <value></value> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicReadOnlyProperty Name()Property Name() AsStringImplements System.Security.Principal.IIdentity.Name Get Return Me._UserName EndGet End Property #End Region #Region "新增属性" ''' ----------------------------------------------------------------------------- ''' <summary> ''' 返回登录帐号 (EmailAddress) ''' </summary> ''' <value></value> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicReadOnlyProperty EmailAddress()Property EmailAddress() AsString Get Return Me._EmailAddress EndGet End Property ''' ----------------------------------------------------------------------------- ''' <summary> ''' 返回密码 ''' </summary> ''' <value></value> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicReadOnlyProperty PassWord()Property PassWord() AsString Get Return Me._PassWord EndGet End Property ''' ----------------------------------------------------------------------------- ''' <summary> ''' 返回用户的ID号 ''' </summary> ''' <value></value> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicReadOnlyProperty UserID()Property UserID() AsInteger Get Return Me._UserID EndGet End Property ''' ----------------------------------------------------------------------------- ''' <summary> ''' 用户的主题信息 ''' </summary> ''' <value></value> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-14 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicReadOnlyProperty Theme()Property Theme() AsString Get Return Me._Theme EndGet End Property #End Region '//THE END End Class
然后我们定义一个页面基类,让所有的页面都继承它
AppPage.vb代码如下:
Imports System Imports System.Web Namespace ComponentsNamespace Components.Web ''' ----------------------------------------------------------------------------- ''' Project : SimpleDemo ''' Class : Components.Web.AppPage ''' ''' ----------------------------------------------------------------------------- ''' <summary> ''' 本类为本站所有页面文件的基类, _ ''' 所有页面都直接或间接继承此类。 ''' 本类通过继承system.web.ui.page,实现对page的扩展 ''' 对于要增加页面功能,再只需修改此类即可 ''' </summary> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-11 Created ''' </history> ''' ----------------------------------------------------------------------------- PublicClass AppPageClass AppPage Inherits System.Web.UI.Page ''' ----------------------------------------------------------------------------- ''' <summary> ''' 一:初始化自定义验证; 二:添加一个错误委托 ''' </summary> ''' <param name="e"></param> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-11 Created ''' </history> ''' ----------------------------------------------------------------------------- ProtectedOverridesSub OnInit()Sub OnInit(ByVal e As System.EventArgs) If context.User.Identity.IsAuthenticated =TrueThen IfNot (TypeOf context.User Is WebModules.Accounts.Business.SitePrincipal) Then Dim newUser AsNew WebModules.Accounts.Business.SitePrincipal(context.User.Identity.Name) context.User = newUser EndIf EndIf '//添加一个错误委托 'AddHandler Page.Error, AddressOf Me.PhilePage_Error End Sub #Region "异常处理" ''' ----------------------------------------------------------------------------- ''' <summary> ''' 异常事件处理 ''' </summary> ''' <param name="sender"></param> ''' <param name="e"></param> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-11 Created ''' </history> ''' ----------------------------------------------------------------------------- ProtectedSub PhilePage_Error()Sub PhilePage_Error(ByVal sender AsObject, ByVal e As EventArgs) Dim currentError As Exception = Page.Server.GetLastError() IfNot (TypeOf currentError Is AppException.AppException) Then Mrhjw.AppException.AppException.LogError(currentError.Message.ToString) EndIf ShowError(currentError) Page.Server.ClearError() End Sub ''' ----------------------------------------------------------------------------- ''' <summary> ''' 自定义显示友好的错误消息 ''' </summary> ''' <param name="currentError"></param> ''' <remarks> ''' </remarks> ''' <history> ''' [Mrhjw] 2005-3-11 Created ''' </history> ''' ----------------------------------------------------------------------------- ProtectedSub ShowError()Sub ShowError(ByVal currentError As Exception) Dim context As HttpContext = HttpContext.Current context.Response.Write("<table width=100% height=100% border=0 cellpadding=0 cellspacing=0><tr><td align=center valign=middle><font size=2 color=red>"& currentError.Message.Trim&"</font></td></tr></table>") End Sub #End Region End Class End Namespace
登录调用:Login.aspx.vb
PrivateSub link_log_Click()Sub link_log_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles link_log.Click Dim newUser As SitePrincipal = SitePrincipal.Validatelogin(textuser.Text.Trim, txtpass.Text.Trim) If newUser IsNothingThen Alert(textuser.Text.Trim+"帐号登录失败!,请重试!", Page) Else context.User = newUser FormsAuthentication.SetAuthCookie(textuser.Text.Trim, False) Response.Redirect("default.aspx") EndIf End Sub
权限管理运用:
PublicClass AuditingOrderClass AuditingOrder Inherits AppPage ProtectedOverridesSub oninit()Sub oninit(ByVal e As EventArgs) MyBase.OnInit(e) End Sub PrivateSub Page_Load()Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) HandlesMyBase.Load IfNot IsPostBack Then '//检查权限 IfCType(context.User, accounts.business.SitePrincipal).HasPermission(CInt(accounts.BusinessPermissions.ManagerOrder)) =FalseThen Response.Redirect("../webpage/limit.aspx") Else '//绑定下拉列表框 BindActiveList() over.Text =DateAdd(DateInterval.Day, 1, Now()).ToString("d") start.Text =DateAdd(DateInterval.Month, -1, Now()).ToString("d") '//加载需要处理的订单 BindMustOrderList() EndIf EndIf End Sub