增加了认证和授权的功能:修改RoleHelper和BAAuthorizeAttributes

This commit is contained in:
liuchun_0206@163.com 2016-11-03 14:19:16 +08:00
parent b74a37aad3
commit a1db5bc2fd
2 changed files with 77 additions and 4 deletions

View File

@ -1,7 +1,9 @@
using System;
using System.Web.Mvc;
using Bootstrap.DataAccess;
using Longbow.Security.Principal;
using Longbow.Web.Mvc;
using System;
using System.Linq;
using System.Web.Mvc;
namespace Bootstrap.Admin
{
@ -15,7 +17,8 @@ namespace Bootstrap.Admin
{
if (filterContext.HttpContext.User.Identity.IsAuthenticated)
{
var roles = "Administrators;Users".Split(';'); //RoleHelper.RetrieveRolesByUserName();
string username = filterContext.HttpContext.User.Identity.Name;
var roles = RoleHelper.RetrieveRolesByUserName(username).Select(r => r.RoleName);
filterContext.HttpContext.User = new LgbPrincipal(filterContext.HttpContext.User.Identity, roles);
}
base.OnAuthorization(filterContext);
@ -27,7 +30,8 @@ namespace Bootstrap.Admin
/// <returns></returns>
protected override bool AuthenticateRole()
{
Roles = "Administrators;SupperAdmin"; //RoleHelper.RetrieveRolesByUrl();
string url = string.Format("~/{0}/{1}", ControllerName, ActionName);
Roles = string.Join(";", RoleHelper.RetrieveRolesByURL(url).Select(r => r.RoleName));
return base.AuthenticateRole();
}
/// <summary>

View File

@ -355,5 +355,74 @@ namespace Bootstrap.DataAccess
}
return ret;
}
/// <summary>
/// 根据用户名查询某个用户所拥有的角色
/// 从UserRole表查
/// 从User-〉Group-〉GroupRole查
/// </summary>
/// <returns></returns>
public static IEnumerable<Role> RetrieveRolesByUserName(string username)
{
string key = string.Format("{0}{1}", RoleDataKey, username);
return CacheManager.GetOrAdd(key, CacheSection.RetrieveIntervalByKey(RoleDataKey), k =>
{
List<Role> Roles = new List<Role>();
try
{
string sql = "select r.ID, r.RoleName, r.[Description] from Roles r left join UserRole ur on r.ID =ur.RoleID inner join Users u on ur.UserID=u.ID and u.UserName=@UserName union select r.ID, r.RoleName, r.[Description] from Roles r left join RoleGroup rg on r.ID =rg.RoleID inner join Groups g on rg.GroupID=g.ID left join UserGroup ug on ug.GroupID=g.ID inner join Users u on ug.UserID=u.ID and u.UserName=@UserName";
DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql);
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@UserName", username, ParameterDirection.Input));
using (DbDataReader reader = DBAccessManager.SqlDBAccess.ExecuteReader(cmd))
{
while (reader.Read())
{
Roles.Add(new Role()
{
ID = (int)reader[0],
RoleName = (string)reader[1],
Description = (string)reader[2],
});
}
}
}
catch (Exception ex) { ExceptionManager.Publish(ex); }
return Roles;
}, CacheSection.RetrieveDescByKey(RoleDataKey));
}
/// <summary>
/// 根据菜单url查询某个所拥有的角色
/// 从NavigatorRole表查
/// 从Navigators-〉GroupNavigatorRole-〉Role查查询某个用户所拥有的角色
/// </summary>
/// <returns></returns>
public static IEnumerable<Role> RetrieveRolesByURL(string url)
{
string key = string.Format("{0}{1}", RoleDataKey, url);
return CacheManager.GetOrAdd(key, CacheSection.RetrieveIntervalByKey(RoleDataKey), k =>
{
string sql = "select r.ID, r.RoleName, r.[Description] from Roles r left join NavigationRole nr on r.ID =nr.RoleID inner join Navigations n on nr.NavigationID =n.ID and n.Url=@URl";
List<Role> Roles = new List<Role>();
try
{
DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql);
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@URl", url, ParameterDirection.Input));
using (DbDataReader reader = DBAccessManager.SqlDBAccess.ExecuteReader(cmd))
{
while (reader.Read())
{
Roles.Add(new Role()
{
ID = (int)reader[0],
RoleName = (string)reader[1],
Description = (string)reader[2],
});
}
}
}
catch (Exception ex) { ExceptionManager.Publish(ex); }
return Roles;
}, CacheSection.RetrieveDescByKey(RoleDataKey));
}
}
}