增加了认证和授权的功能：修改RoleHelper和BAAuthorizeAttributes

2016-11-03 14:19:16 +08:00 · 2016-11-03 14:19:16 +08:00 · a1db5bc2fd
parent b74a37aad3
commit a1db5bc2fd
2 changed files with 77 additions and 4 deletions
--- a/Bootstrap.Admin/App_Start/BAAuthorizeAttribute.cs
+++ b/Bootstrap.Admin/App_Start/BAAuthorizeAttribute.cs
@ -1,7 +1,9 @@
-using System;
-using System.Web.Mvc;
+using Bootstrap.DataAccess;
 using Longbow.Security.Principal;
 using Longbow.Web.Mvc;
+using System;
+using System.Linq;
+using System.Web.Mvc;

 namespace Bootstrap.Admin
 {
@ -15,7 +17,8 @@ namespace Bootstrap.Admin
        {
            if (filterContext.HttpContext.User.Identity.IsAuthenticated)
            {
-                var roles = "Administrators;Users".Split(';'); //RoleHelper.RetrieveRolesByUserName();
+                string username = filterContext.HttpContext.User.Identity.Name;
+                var roles = RoleHelper.RetrieveRolesByUserName(username).Select(r => r.RoleName);
                filterContext.HttpContext.User = new LgbPrincipal(filterContext.HttpContext.User.Identity, roles);
            }
            base.OnAuthorization(filterContext);
@ -27,7 +30,8 @@ namespace Bootstrap.Admin
        /// <returns></returns>
        protected override bool AuthenticateRole()
        {
-            Roles = "Administrators;SupperAdmin"; //RoleHelper.RetrieveRolesByUrl();
+            string url = string.Format("~/{0}/{1}", ControllerName, ActionName);
+            Roles = string.Join(";", RoleHelper.RetrieveRolesByURL(url).Select(r => r.RoleName));
            return base.AuthenticateRole();
        }
        /// <summary>
--- a/Bootstrap.DataAccess/RoleHelper.cs
+++ b/Bootstrap.DataAccess/RoleHelper.cs
@ -355,5 +355,74 @@ namespace Bootstrap.DataAccess
            }
            return ret;
        }
+
+        /// <summary>
+        /// 根据用户名查询某个用户所拥有的角色
+        /// 从UserRole表查
+        /// 从User-〉Group-〉GroupRole查
+        /// </summary>
+        /// <returns></returns>
+        public static IEnumerable<Role> RetrieveRolesByUserName(string username)
+        {
+            string key = string.Format("{0}{1}", RoleDataKey, username);
+            return CacheManager.GetOrAdd(key, CacheSection.RetrieveIntervalByKey(RoleDataKey), k =>
+            {
+                List<Role> Roles = new List<Role>();
+                try
+                {
+                    string sql = "select r.ID, r.RoleName, r.[Description] from Roles r left join UserRole ur on r.ID =ur.RoleID inner join Users u on ur.UserID=u.ID and u.UserName=@UserName union select r.ID, r.RoleName, r.[Description] from Roles r left join RoleGroup rg on r.ID =rg.RoleID inner join Groups g on rg.GroupID=g.ID left join UserGroup ug on ug.GroupID=g.ID inner join Users u on ug.UserID=u.ID and u.UserName=@UserName";
+                    DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql);
+                    cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@UserName", username, ParameterDirection.Input));
+                    using (DbDataReader reader = DBAccessManager.SqlDBAccess.ExecuteReader(cmd))
+                    {
+                        while (reader.Read())
+                        {
+                            Roles.Add(new Role()
+                            {
+                                ID = (int)reader[0],
+                                RoleName = (string)reader[1],
+                                Description = (string)reader[2],
+                            });
+                        }
+                    }
+                }
+                catch (Exception ex) { ExceptionManager.Publish(ex); }
+                return Roles;
+            }, CacheSection.RetrieveDescByKey(RoleDataKey));
+        }
+        /// <summary>
+        /// 根据菜单url查询某个所拥有的角色
+        /// 从NavigatorRole表查
+        /// 从Navigators-〉GroupNavigatorRole-〉Role查查询某个用户所拥有的角色
+        /// </summary>
+        /// <returns></returns>
+        public static IEnumerable<Role> RetrieveRolesByURL(string url)
+        {
+            string key = string.Format("{0}{1}", RoleDataKey, url);
+            return CacheManager.GetOrAdd(key, CacheSection.RetrieveIntervalByKey(RoleDataKey), k =>
+            {
+                string sql = "select r.ID, r.RoleName, r.[Description] from Roles r left join NavigationRole nr on r.ID =nr.RoleID inner join Navigations n on nr.NavigationID =n.ID and n.Url=@URl";
+                List<Role> Roles = new List<Role>();
+                try
+                {
+                    DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql);
+                    cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@URl", url, ParameterDirection.Input));
+                    using (DbDataReader reader = DBAccessManager.SqlDBAccess.ExecuteReader(cmd))
+                    {
+                        while (reader.Read())
+                        {
+                            Roles.Add(new Role()
+                            {
+                                ID = (int)reader[0],
+                                RoleName = (string)reader[1],
+                                Description = (string)reader[2],
+                            });
+                        }
+                    }
+                }
+                catch (Exception ex) { ExceptionManager.Publish(ex); }
+                return Roles;
+            }, CacheSection.RetrieveDescByKey(RoleDataKey));
+        }
    }
 }