http://www.hahasoft.cn/Blog/article.asp?id=17
大部分MIS系统中,都存在多用户权限系统,下面给出权限设计的思路
例如现在系统的功能如下:
人员管理,数据备份,公文管理(公文管理里面又按类别分为 添加,删除,评论)
此时我们可以利用 序列化来写一个权限类,然后把它序列化成xml字符串,存储在用户数据库的一个字段里面.
为了实现"树型权限", PermissionItemNews 实现了 ICollection 接口
代码如下:
using System;
using System.IO;
using System.Collections;
using System.Xml.Serialization;
using System.Web.UI ;
using System.ComponentModel ;
using System.Web.Caching ;
namespace HSSite.Util
{
public class Permission
{
public static Permission Get(int UserID)
{
Permission p = null ;
string sql = "Select Permission From Account Where ID=" + UserID.ToString() ;
string strPm = string.Empty ;
System.Data.DataTable dt = SqlHelper.ExecuteDataset(SqlHelper.ConnectionString ,System.Data.CommandType.Text ,sql ).Tables[0] ;
if (dt.Rows.Count > 0)
{
strPm = Convert.ToString(dt.Rows[0]["Permission"]) ;
if (strPm.Trim()==string.Empty )
{
p = new Permission() ;
p.UserID = UserID ;
p.SaveToDatabase() ;
}
else
{
System.IO.StringReader r = new StringReader(strPm) ;
System.Xml.Serialization.XmlSerializer xml = new XmlSerializer(typeof(Permission)) ;
p = (Permission) xml.Deserialize(r) ;
r.Close() ;
}
}
return p ;
}
// 从缓存中读取权限 . 缓存 Key : UserPermission23
public static Permission GetFromCache(System.Web.HttpCookieCollection cookie)
{
try
{
int UserID = Int32.Parse(cookie["UserID"].Value) ;
if ( System.Web.HttpRuntime.Cache["UserPermission" + UserID.ToString()] == null )
{
Permission p = null ;
p = Permission.Get(UserID) ;
if ( p!=null)
System.Web.HttpRuntime.Cache.Insert("UserPermission" + UserID.ToString() , p , null , DateTime.Now.AddMinutes(20), TimeSpan.Zero) ;
return p ;
}
else
return (Permission)System.Web.HttpRuntime.Cache["UserPermission" + UserID.ToString()] ;
}
catch ( Exception ex)
{
throw ex ;
}
}
public int UserID = 0 ;
public bool PersonManage = false ;
public bool Backup = false ;
public PermissionItemNews News = new PermissionItemNews() ;
public void SaveToDatabase()
{
System.Text.StringBuilder sb = new System.Text.StringBuilder() ;
System.IO.StringWriter w = new StringWriter(sb) ;
// 如果权限改变则清除缓存
System.Web.HttpRuntime.Cache.Remove("UserPermission" + this.UserID.ToString()) ;
try
{
System.Xml.Serialization.XmlSerializer x = new System.Xml.Serialization.XmlSerializer(typeof(Permission)) ;
x.Serialize(w,this) ;
string sql = "Update Account Set Permission='" + sb.ToString() + "' Where ID=" + this.UserID.ToString() ;
SqlHelper.ExecuteNonQuery(SqlHelper.ConnectionString ,System.Data.CommandType.Text ,sql ) ;
}
catch(Exception ex)
{
throw ex ;
}
finally
{
w.Close() ;
}
}
}
public class PermissionItemNews:System.Collections.ICollection
{
private ArrayList al = new ArrayList();
public PermissionItemNewsItem this[int index]
{
get{return (PermissionItemNewsItem) al[index];}
}
public bool Exists(int CategoryID)
{
if ( this[CategoryID.ToString()] == null )
return false ;
else
return true ;
}
public PermissionItemNewsItem this[string CategoryID]
{
get
{
PermissionItemNewsItem tn = null ;
foreach (PermissionItemNewsItem n in al)
{
if (n!=null)
if (Convert.ToInt32(n.CategoryID) == Convert.ToInt32(CategoryID) )
{
tn = n ;
break ;
}
}
return tn ;
}
}
public void CopyTo(Array a, int index)
{
al.CopyTo(a, index);
}
public int Count
{
get{return al.Count;}
}
public object SyncRoot
{
get{return this;}
}
public bool IsSynchronized
{
get{return false;}
}
public IEnumerator GetEnumerator()
{
return al.GetEnumerator();
}
public void Add(PermissionItemNewsItem n)
{
al.Add(n);
}
public void Clear()
{
al.Clear() ;
}
public void Remove(int CategoryID)
{
foreach ( PermissionItemNewsItem n in al)
{
if(n.CategoryID == CategoryID )
{
al.Remove(n) ;
break ;
}
}
}
public string GetListIDs()
{
string ids = string.Empty ;
foreach ( PermissionItemNewsItem itm in al )
{
if ( itm.List )
ids = ids + itm.CategoryID.ToString() + "," ;
}
return ids + "0" ;
}
public bool CanUpdate(int catId)
{
bool can = false ;
foreach ( PermissionItemNewsItem itm in al)
{
if (catId == itm.CategoryID )
{
can = itm.Update ;
break ;
}
}
return can ;
}
public bool CanAdult(int catId)
{
bool can = false ;
foreach ( PermissionItemNewsItem itm in al)
{
if (catId == itm.CategoryID )
{
can = itm.Aduit ;
break ;
}
}
return can ;
}
public bool CanInsert(int catId)
{
bool can = false ;
foreach ( PermissionItemNewsItem itm in al)
{
if (catId == itm.CategoryID )
{
can = itm.Insert ;
break ;
}
}
return can ;
}
public bool CanDelete(int catId)
{
bool can = false ;
foreach ( PermissionItemNewsItem itm in al)
{
if (catId == itm.CategoryID )
{
can = itm.Delete ;
break ;
}
}
return can ;
}
}
public class PermissionItemNewsItem
{
public int CategoryID = 0 ;
public bool List = false ;
public bool Insert = false ;
public bool Update = false ;
public bool Delete = false ;
public bool Aduit = false ;
public bool Comment = false ;
}
}