前一篇介绍了需求,和数据库结构与网站和项目结构
这一篇主要介绍一下网站结构和配置
admin下面的web.config
<?xml version="1.0"?>
<configuration>
<configSections>
<section name="Permission" type="EC.Permissions.Config"/>
</configSections>
<appSettings/>
<connectionStrings/>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
<configuration>
<configSections>
<section name="Permission" type="EC.Permissions.Config"/>
</configSections>
<appSettings/>
<connectionStrings/>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
EC.Permissions.Config主要是实现了IConfigurationSectionHandler接口,来完成自定义的配置
admin/test下面 web.config
<?
xml version
=
"
1.0
"
?>
<?xml version="1.0"?>
<configuration>
<Permission type="EC.Permissions.PermissionInfo">
<ModulePath>account</ModulePath>
<ModuleName>test</ModuleName>
<Items>
<Item>
<Page>Default.aspx</Page>
<Function>列表</Function>
<Val>2</Val>
</Item>
<Item>
<Page>Default.aspx</Page>
<Function>编辑</Function>
<Val>16</Val>
</Item>
<Item>
<Page>Default.aspx</Page>
<Function>删除</Function>
<Val>32</Val>
</Item>
<Item>
<Page>Ok.aspx</Page>
<Function>测试</Function>
<Val>2</Val>
</Item>
</Items>
</Permission>
</configuration>
<?xml version="1.0"?>
<configuration>
<Permission type="EC.Permissions.PermissionInfo">
<ModulePath>account</ModulePath>
<ModuleName>test</ModuleName>
<Items>
<Item>
<Page>Default.aspx</Page>
<Function>列表</Function>
<Val>2</Val>
</Item>
<Item>
<Page>Default.aspx</Page>
<Function>编辑</Function>
<Val>16</Val>
</Item>
<Item>
<Page>Default.aspx</Page>
<Function>删除</Function>
<Val>32</Val>
</Item>
<Item>
<Page>Ok.aspx</Page>
<Function>测试</Function>
<Val>2</Val>
</Item>
</Items>
</Permission>
</configuration>
1.串行化 web.config
EC.Permissions.Config 类
using
System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Configuration;
using System.Xml;
using System.Xml.Serialization;
using System.IO;
namespace EC.Permissions
{
public class Config : IConfigurationSectionHandler
{
#region IConfigurationSectionHandler Members
public object Create( object parent, object configContext, System.Xml.XmlNode section)
{
// EC.Permissions.PermissionInfo
string typeName = ((XmlElement)section).GetAttribute( " type " );
Type type = Type.GetType(typeName);
XmlSerializer xz = new XmlSerializer(type);
using (StringReader sr = new StringReader(section.OuterXml))
{
return xz.Deserialize(sr);
}
}
#endregion
}
}
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Configuration;
using System.Xml;
using System.Xml.Serialization;
using System.IO;
namespace EC.Permissions
{
public class Config : IConfigurationSectionHandler
{
#region IConfigurationSectionHandler Members
public object Create( object parent, object configContext, System.Xml.XmlNode section)
{
// EC.Permissions.PermissionInfo
string typeName = ((XmlElement)section).GetAttribute( " type " );
Type type = Type.GetType(typeName);
XmlSerializer xz = new XmlSerializer(type);
using (StringReader sr = new StringReader(section.OuterXml))
{
return xz.Deserialize(sr);
}
}
#endregion
}
}
2.EC.Permissions.PermissionInfo类
using
System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Xml.Serialization;
namespace EC.Permissions
{
[Serializable]
[XmlRoot( " Permission " )]
public class PermissionInfo
{
/// <summary>
/// 权限数据库ID
/// </summary>
public int PermissionId { get ; set ; }
/// <summary>
/// 用户组ID
/// </summary>
public string RoleId { get ; set ; }
/// <summary>
/// 用户组名
/// </summary>
public string RoleName { get ; set ; }
/// <summary>
/// 模块路径
/// </summary>
[XmlElement( " ModulePath " , typeof ( string ))]
public string ModulePath { get ; set ; }
/// <summary>
/// 模块名字
/// </summary>
[XmlElement( " ModuleName " , typeof ( string ))]
public string ModuleName { get ; set ; }
/// <summary>
/// 权限值
/// </summary>
public PermissionType PermissionValue { get ; set ; }
[XmlArrayItem( " Item " , typeof (PermissionItemInfo))]
public PermissionItemInfo[] Items { get ; set ; }
}
[Serializable]
[XmlRoot( " Items " )]
public class PermissionItemInfo
{
[XmlElement( " Page " , typeof ( string ))]
public string Page { get ; set ; }
[XmlElement( " Function " , typeof ( string ))]
public string Function { get ; set ; }
[XmlElement( " Val " , typeof ( int ))]
public int Value { get ; set ; }
public override bool Equals( object obj)
{
if (obj == null )
return false ;
if ( this .GetType() != obj.GetType())
return false ;
if (((PermissionItemInfo)obj).Page == this .Page) return true ;
return base .Equals(obj);
}
}
/// <summary>
/// 权限类型
/// </summary>
public enum PermissionType
{
ALL = 0 ,
LIST = 2 ,
VIEW = 4 ,
ADD = 8 ,
EDIT = 16 ,
DELETE = 32 ,
PRINT = 64
}
}
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Xml.Serialization;
namespace EC.Permissions
{
[Serializable]
[XmlRoot( " Permission " )]
public class PermissionInfo
{
/// <summary>
/// 权限数据库ID
/// </summary>
public int PermissionId { get ; set ; }
/// <summary>
/// 用户组ID
/// </summary>
public string RoleId { get ; set ; }
/// <summary>
/// 用户组名
/// </summary>
public string RoleName { get ; set ; }
/// <summary>
/// 模块路径
/// </summary>
[XmlElement( " ModulePath " , typeof ( string ))]
public string ModulePath { get ; set ; }
/// <summary>
/// 模块名字
/// </summary>
[XmlElement( " ModuleName " , typeof ( string ))]
public string ModuleName { get ; set ; }
/// <summary>
/// 权限值
/// </summary>
public PermissionType PermissionValue { get ; set ; }
[XmlArrayItem( " Item " , typeof (PermissionItemInfo))]
public PermissionItemInfo[] Items { get ; set ; }
}
[Serializable]
[XmlRoot( " Items " )]
public class PermissionItemInfo
{
[XmlElement( " Page " , typeof ( string ))]
public string Page { get ; set ; }
[XmlElement( " Function " , typeof ( string ))]
public string Function { get ; set ; }
[XmlElement( " Val " , typeof ( int ))]
public int Value { get ; set ; }
public override bool Equals( object obj)
{
if (obj == null )
return false ;
if ( this .GetType() != obj.GetType())
return false ;
if (((PermissionItemInfo)obj).Page == this .Page) return true ;
return base .Equals(obj);
}
}
/// <summary>
/// 权限类型
/// </summary>
public enum PermissionType
{
ALL = 0 ,
LIST = 2 ,
VIEW = 4 ,
ADD = 8 ,
EDIT = 16 ,
DELETE = 32 ,
PRINT = 64
}
}
3.EC.Permissions.DAL 数据库访问
using
System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Collections;
using System.Web.Security;
using System.Data;
using EC.DBUtility;
using System.Data.SqlClient;
using System.Configuration;
using System.Web;
namespace EC.Permissions
{
public class DAL
{
private static DataAccessManager dataAccessManager = new DataAccessManager();
/// <summary>
/// 判断页面是否有此权限
/// 1.得到当前用户所有的用户组
/// 2.得到所有用户组的权限并取并集
/// </summary>
/// <param name="type"></param>
/// <returns></returns>
public static bool CheckPage()
{
bool bResult = false ;
PermissionInfo pi = GetPermissionInfo;
if (pi == null )
return true ;
Hashtable ht = GetPermissionsByRole();
if (ht.Count > 0 )
{
string key = string .Format( " M-{0} " , FolderPath);
if (ht.ContainsKey(key))
{
string filename = GetFileName;
// 拆箱取出并判断权限
PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];
foreach (PermissionItemInfo temp in pi.Items)
{
if (temp.Page.ToLower().Equals(filename) && ((Convert.ToInt32(ht_PermissionInfo.PermissionValue) & temp.Value) == temp.Value))
{
bResult = true ;
break ;
}
}
}
}
return bResult;
}
/// <summary>
/// 判断按钮是否有此权限
/// 1.得到当前用户所有的用户组
/// 2.得到所有用户组的权限并取并集
/// </summary>
/// <param name="type"></param>
/// <returns></returns>
public static bool CheckButton(PermissionType type)
{
bool bResult = false ;
Hashtable ht = GetPermissionsByRole();
if (ht.Count > 0 )
{
string key = string .Format( " M-{0} " , FolderPath);
if (ht.ContainsKey(key))
{
// 拆箱取出并判断权限
PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];
bResult = (ht_PermissionInfo.PermissionValue & type) == type;
}
}
return bResult;
}
/// <summary>
/// 当前目录
/// </summary>
public static String FolderPath
{
get
{
string paths = HttpContext.Current.Request.ServerVariables[ " SCRIPT_NAME " ].ToString();
return paths.ToLower();
}
}
/// <summary>
/// 获取当前访问页面地址
/// </summary>
public static string GetFileName
{
get
{
string paths = HttpContext.Current.Request.ServerVariables[ " SCRIPT_NAME " ].ToString();
return paths.Substring(paths.LastIndexOf( " / " ) + 1 ).ToLower();
}
}
/// <summary>
/// 获取当前目录下权限配置集合
/// </summary>
public static PermissionInfo GetPermissionInfo
{
get
{
return (PermissionInfo)ConfigurationManager.GetSection( " Permission " );
}
}
/// <summary>
/// 得到所有用户组的权限并取并集
/// </summary>
/// <returns></returns>
public static Hashtable GetPermissionsByRole()
{
Hashtable ht = new Hashtable();
string [] rolesArr = Roles.GetRolesForUser();
string roles = string .Join( " ',' " , rolesArr);
roles = " ' " + roles + " ' " ;
SqlParameter[] parms = new SqlParameter[ 2 ];
parms[ 0 ] = new SqlParameter( " @roles " , SqlDbType.NVarChar);
parms[ 0 ].Value = roles;
parms[ 1 ] = new SqlParameter( " @path " , SqlDbType.NVarChar);
parms[ 1 ].Value = FolderPath;
// 读取用户组的所有权限
using (IDataReader dr = dataAccessManager.ReadDatabase.ExecuteSpReader( " aspnet_Ex_GetPermissionByRoles " , parms))
{
while (dr.Read())
{
PermissionInfo permissioninfo = new PermissionInfo();
permissioninfo.PermissionId = Convert.ToInt32(dr[ " PermissionId " ]);
permissioninfo.RoleId = Convert.ToString(dr[ " RoleId " ]);
permissioninfo.ModulePath = Convert.ToString(dr[ " ModulePath " ]).ToLower();
permissioninfo.PermissionValue = (PermissionType)(dr[ " PermissionValue " ]);
permissioninfo.RoleName = Convert.ToString(dr[ " RoleName " ]);
string key = string .Format( " M-{0} " , permissioninfo.ModulePath);
// 判断是存入了相同值
if (ht.ContainsKey(key))
{
// 拆箱取出并判断,存最大权限
PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];
if (ht_PermissionInfo.PermissionValue != permissioninfo.PermissionValue)
{
ht_PermissionInfo.PermissionValue = ht_PermissionInfo.PermissionValue | permissioninfo.PermissionValue;
ht[key] = ht_PermissionInfo;
}
}
else
{
ht.Add(key, permissioninfo);
}
}
dr.Close();
}
return ht;
}
}
}
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Collections;
using System.Web.Security;
using System.Data;
using EC.DBUtility;
using System.Data.SqlClient;
using System.Configuration;
using System.Web;
namespace EC.Permissions
{
public class DAL
{
private static DataAccessManager dataAccessManager = new DataAccessManager();
/// <summary>
/// 判断页面是否有此权限
/// 1.得到当前用户所有的用户组
/// 2.得到所有用户组的权限并取并集
/// </summary>
/// <param name="type"></param>
/// <returns></returns>
public static bool CheckPage()
{
bool bResult = false ;
PermissionInfo pi = GetPermissionInfo;
if (pi == null )
return true ;
Hashtable ht = GetPermissionsByRole();
if (ht.Count > 0 )
{
string key = string .Format( " M-{0} " , FolderPath);
if (ht.ContainsKey(key))
{
string filename = GetFileName;
// 拆箱取出并判断权限
PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];
foreach (PermissionItemInfo temp in pi.Items)
{
if (temp.Page.ToLower().Equals(filename) && ((Convert.ToInt32(ht_PermissionInfo.PermissionValue) & temp.Value) == temp.Value))
{
bResult = true ;
break ;
}
}
}
}
return bResult;
}
/// <summary>
/// 判断按钮是否有此权限
/// 1.得到当前用户所有的用户组
/// 2.得到所有用户组的权限并取并集
/// </summary>
/// <param name="type"></param>
/// <returns></returns>
public static bool CheckButton(PermissionType type)
{
bool bResult = false ;
Hashtable ht = GetPermissionsByRole();
if (ht.Count > 0 )
{
string key = string .Format( " M-{0} " , FolderPath);
if (ht.ContainsKey(key))
{
// 拆箱取出并判断权限
PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];
bResult = (ht_PermissionInfo.PermissionValue & type) == type;
}
}
return bResult;
}
/// <summary>
/// 当前目录
/// </summary>
public static String FolderPath
{
get
{
string paths = HttpContext.Current.Request.ServerVariables[ " SCRIPT_NAME " ].ToString();
return paths.ToLower();
}
}
/// <summary>
/// 获取当前访问页面地址
/// </summary>
public static string GetFileName
{
get
{
string paths = HttpContext.Current.Request.ServerVariables[ " SCRIPT_NAME " ].ToString();
return paths.Substring(paths.LastIndexOf( " / " ) + 1 ).ToLower();
}
}
/// <summary>
/// 获取当前目录下权限配置集合
/// </summary>
public static PermissionInfo GetPermissionInfo
{
get
{
return (PermissionInfo)ConfigurationManager.GetSection( " Permission " );
}
}
/// <summary>
/// 得到所有用户组的权限并取并集
/// </summary>
/// <returns></returns>
public static Hashtable GetPermissionsByRole()
{
Hashtable ht = new Hashtable();
string [] rolesArr = Roles.GetRolesForUser();
string roles = string .Join( " ',' " , rolesArr);
roles = " ' " + roles + " ' " ;
SqlParameter[] parms = new SqlParameter[ 2 ];
parms[ 0 ] = new SqlParameter( " @roles " , SqlDbType.NVarChar);
parms[ 0 ].Value = roles;
parms[ 1 ] = new SqlParameter( " @path " , SqlDbType.NVarChar);
parms[ 1 ].Value = FolderPath;
// 读取用户组的所有权限
using (IDataReader dr = dataAccessManager.ReadDatabase.ExecuteSpReader( " aspnet_Ex_GetPermissionByRoles " , parms))
{
while (dr.Read())
{
PermissionInfo permissioninfo = new PermissionInfo();
permissioninfo.PermissionId = Convert.ToInt32(dr[ " PermissionId " ]);
permissioninfo.RoleId = Convert.ToString(dr[ " RoleId " ]);
permissioninfo.ModulePath = Convert.ToString(dr[ " ModulePath " ]).ToLower();
permissioninfo.PermissionValue = (PermissionType)(dr[ " PermissionValue " ]);
permissioninfo.RoleName = Convert.ToString(dr[ " RoleName " ]);
string key = string .Format( " M-{0} " , permissioninfo.ModulePath);
// 判断是存入了相同值
if (ht.ContainsKey(key))
{
// 拆箱取出并判断,存最大权限
PermissionInfo ht_PermissionInfo = (PermissionInfo)ht[key];
if (ht_PermissionInfo.PermissionValue != permissioninfo.PermissionValue)
{
ht_PermissionInfo.PermissionValue = ht_PermissionInfo.PermissionValue | permissioninfo.PermissionValue;
ht[key] = ht_PermissionInfo;
}
}
else
{
ht.Add(key, permissioninfo);
}
}
dr.Close();
}
return ht;
}
}
}
至此 简易的框架搭建完成
下一篇 扩展ASP.NET MEMBERSHIP权限功能(三 )之权限控件
(效果图)
目录
扩展ASP.NET MEMBERSHIP权限功能(四 )之页面权限
扩展ASP.NET MEMBERSHIP权限功能(三 )之权限控件
扩展ASP.NET MEMBERSHIP权限功能(二 )
扩展ASP.NET MEMBERSHIP权限功能(一 )