最近用MVC 做了一个欧莱雅预约 campaign的项目,项目上线后为了以后作为一个模板使用,有在后期进行权限控制,进行了一些简单的用户登录,以及用户分组等权限操作。
首先: 简单的分为3种角色:超级管理员,管理员,普通用户
等级: 所有权限 中等权限 低
根据不同的角色分配给不同的用户,然后根据用户权限来操作:
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
public class RoleAttribute : ActionFilterAttribute
{
/// <summary>
/// 全局过滤器,判断用户是否登陆以及用户可查看菜单权限
/// </summary>
/// <param name="filterContext"></param>
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
CompositionContainer container = HttpContext.Current.Application["MEFContainer"] as CompositionContainer;
IRoleContract contract = container.GetExportedValueOrDefault<IRoleContract>();
List<Bespeak_Menu> menu = new List<Bespeak_Menu>();
//CurrentUser user = (CurrentUser)filterContext.HttpContext.Session["User"];
//获取用户Cookic
Bespeak_Admin user = JsonConvert.DeserializeObject<Bespeak_Admin>(WebHelper.GetAuthData());
if (user != null)
{
filterContext.Controller.ViewBag.NikeName = user.NickName;
menu = contract.GetBespeakMenu(user.Id, null);
filterContext.Controller.ViewBag.Menus = menu;
}
else
{
filterContext.HttpContext.Response.Redirect("/Admin/Account/Login");
}
}
/// <summary>
/// 用户访问权限
/// </summary>
///
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
public class UserVisitAttribute : ActionFilterAttribute
{
/// <summary>
/// 判断登陆用户是否有用地址访问权限
/// </summary>
/// <param name="filterContext"></param>
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
string actions = ConfigurationManager.AppSettings["Index"];
string[] arraction = actions.Split(',');
CompositionContainer container = HttpContext.Current.Application["MEFContainer"] as CompositionContainer;
//获取session
//CurrentUser user = (CurrentUser)filterContext.HttpContext.Session["User"];
//获取Cookie 用户ID
//string users = WebHelper.GetAuthData();
Bespeak_Admin usersall = JsonConvert.DeserializeObject<Bespeak_Admin>(WebHelper.GetAuthData());
IRoleContract contract = container.GetExportedValueOrDefault<IRoleContract>();
var area = filterContext.RouteData.DataTokens;
var areaname = area["area"];
string controller = filterContext.RouteData.Values["controller"].ToString();
string action = filterContext.RouteData.Values["action"].ToString();
string url = "/" + areaname + "/" + controller + "/" + action;
//判断是否为Ajax请求
//bool ajaxurl = filterContext.HttpContext.Request.IsAjaxRequest();
if (usersall != null)
{
//判断是否为Ajax请求
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
//var httpurl = filterContext.HttpContext.Request.Url;
//if (httpurl.ToString().Contains("_ajax==true")) { }
filterContext.Controller.ViewBag.returnUrl = url;
}
else
{
if (arraction.Contains(action))//判断是否包含Action
{
filterContext.Controller.ViewBag.returnUrl = url;
}
else
{
var a = HttpContext.Current.Application[""];
ListResult<Bespeak_Menu> menulist = contract.GetUrl(usersall.Id, url);
if (menulist.Data != null)
{
filterContext.Controller.ViewBag.returnUrl = url;
}
else
{
filterContext.HttpContext.Response.Redirect("/Home/ErrorPage");
}
}
}
}
}
}