扩展.NET-MEMBERSHIP权限功能

《扩展.NET-MEMBERSHIP权限功能》由会员分享，可在线阅读，更多相关《扩展.NET-MEMBERSHIP权限功能（27页珍藏版）》请在装配图网上搜索。

1、扩展ASP.NET MEMBERSHIP权限功能(一 ) 扩展ASP.NET MEMBERSHIP权限功能目前常用的ASP.NET 的membership功能，可以将权限控制到页，需要我们在web.config中进行设立，如果需求稍多一点，你会发既有些力不从心，网上有诸多开源的权限管理系统，但差不多都是重新设计开发，因此我这里要做的是在membership的基本上增长 顾客组权限到每个页面及按钮的功能，如A组只能新增,她的页面上面就只有新增按钮，B组只能删除和修改 她的界面上就没有新增的功能,虽然B组懂得新增的URL，进入后也会提示无权限，各个功能都能过后台数据库进行配备，全局来控制。 mem

2、bership的用法不用多说，下面讲讲思路1. 当顾客访问文献目录，读取目前目录下面的web.config2. 根据web.config中的设定每个文献权限，并匹配数据库中的信息,如果符合条件显示按钮或页面，不成立隐藏或提示1.数据库创立表aspnet_Ex_PermissionsForRoles创立视图vw_aspnet_Ex_PermissionsForRoles 创立存储过程aspnet_Ex_GetPermissionByRoles代码 CREATEPROCEDUREdbo.aspnet_Ex_GetPermissionByRolesrolesnvarchar(max)=NULL,pa

3、thnvarchar(max)=NULLASBEGINSETNOCOUNTON;declaresqlnvarchar()setsql=select*fromvw_aspnet_Ex_PermissionsForRoleswhereRoleNamein(+roles+)andModulePath=+path+ifrolesisnotnullEXECsp_executesqlsqlEND数据库准备完毕下面是网站构造项目文献构造扩展ASP.NET MEMBERSHIP权限功能(二 ) 前一篇简介了需求，和数据库构造与网站和项目构造这一篇重要简介一下网站构造和配备admin下面的web.config

4、EC.Permissions.Config重要是实现了IConfigurationSectionHandler接口，来完毕自定义的配备admin/test下面 web.config account test Default.aspx 列表 2 Default.aspx 编辑 16 Default.aspx 删除 32 Ok.aspx 测试 2 1.串行化 web.config EC.Permissions.Config 类usingSystem;usingSystem.Collections.Generic;usingSystem.Linq;usingSystem.Text;usingSyst

5、em.Configuration;usingSystem.Xml;usingSystem.Xml.Serialization;usingSystem.IO;namespaceEC.PermissionspublicclassConfig:IConfigurationSectionHandler#regionIConfigurationSectionHandlerMemberspublicobjectCreate(objectparent,objectconfigContext,System.Xml.XmlNodesection)/EC.Permissions.PermissionInfostr

6、ingtypeName=(XmlElement)section).GetAttribute(type);Typetype=Type.GetType(typeName);XmlSerializerxz=newXmlSerializer(type);using(StringReadersr=newStringReader(section.OuterXml)returnxz.Deserialize(sr);#endregion2.EC.Permissions.PermissionInfo类usingSystem;usingSystem.Collections.Generic;usingSystem.

7、Linq;usingSystem.Text;usingSystem.Xml.Serialization;namespaceEC.PermissionsSerializableXmlRoot(Permission)publicclassPermissionInfo/权限数据库ID/publicintPermissionIdget;set;/顾客组ID/publicstringRoleIdget;set;/顾客组名/publicstringRoleNameget;set;/模块途径/XmlElement(ModulePath,typeof(string)publicstringModulePath

8、get;set;/模块名字/XmlElement(ModuleName,typeof(string)publicstringModuleNameget;set;/权限值/publicPermissionTypePermissionValueget;set;XmlArrayItem(Item,typeof(PermissionItemInfo)publicPermissionItemInfoItemsget;set;SerializableXmlRoot(Items)publicclassPermissionItemInfoXmlElement(Page,typeof(string)public

9、stringPageget;set;XmlElement(Function,typeof(string)publicstringFunctionget;set;XmlElement(Val,typeof(int)publicintValueget;set;publicoverrideboolEquals(objectobj)if(obj=null)returnfalse;if(this.GetType()!=obj.GetType()returnfalse;if(PermissionItemInfo)obj).Page=this.Page)returntrue;returnbase.Equal

10、s(obj);/权限类型/publicenumPermissionTypeALL=0,LIST=2,VIEW=4,ADD=8,EDIT=16,DELETE=32,PRINT=643.EC.Permissions.DAL 数据库访问usingSystem;usingSystem.Collections.Generic;usingSystem.Linq;usingSystem.Text;usingSystem.Collections;usingSystem.Web.Security;usingSystem.Data;usingEC.DBUtility;usingSystem.Data.SqlCli

11、ent;usingSystem.Configuration;usingSystem.Web;namespaceEC.PermissionspublicclassDALprivatestaticDataAccessManagerdataAccessManager=newDataAccessManager();/判断页面与否有此权限/1.得到目前顾客所有的顾客组/2.得到所有顾客组的权限并取并集/publicstaticboolCheckPage()boolbResult=false;PermissionInfopi=GetPermissionInfo;if(pi=null)returntrue;

12、Hashtableht=GetPermissionsByRole();if(ht.Count0)stringkey=string.Format(M-0,FolderPath);if(ht.ContainsKey(key)stringfilename=GetFileName;/拆箱取出并判断权限PermissionInfoht_PermissionInfo=(PermissionInfo)htkey;foreach(PermissionItemInfotempinpi.Items)if(temp.Page.ToLower().Equals(filename)&(Convert.ToInt32(h

13、t_PermissionInfo.PermissionValue)&temp.Value)=temp.Value)bResult=true;break;returnbResult;/判断按钮与否有此权限/1.得到目前顾客所有的顾客组/2.得到所有顾客组的权限并取并集/publicstaticboolCheckButton(PermissionTypetype)boolbResult=false;Hashtableht=GetPermissionsByRole();if(ht.Count0)stringkey=string.Format(M-0,FolderPath);if(ht.Contain

14、sKey(key)/拆箱取出并判断权限PermissionInfoht_PermissionInfo=(PermissionInfo)htkey;bResult=(ht_PermissionInfo.PermissionValue&type)=type;returnbResult;/目前目录/publicstaticStringFolderPathgetstringpaths=HttpContext.Current.Request.ServerVariablesSCRIPT_NAME.ToString();returnpaths.ToLower();/获取目前访问页面地址/publicstat

15、icstringGetFileNamegetstringpaths=HttpContext.Current.Request.ServerVariablesSCRIPT_NAME.ToString();returnpaths.Substring(paths.LastIndexOf(/)+1).ToLower();/获取目前目录下权限配备集合/publicstaticPermissionInfoGetPermissionInfogetreturn(PermissionInfo)ConfigurationManager.GetSection(Permission);/得到所有顾客组的权限并取并集/p

16、ublicstaticHashtableGetPermissionsByRole()Hashtableht=newHashtable();stringrolesArr=Roles.GetRolesForUser();stringroles=string.Join(,rolesArr);roles=+roles+;SqlParameterparms=newSqlParameter2;parms0=newSqlParameter(roles,SqlDbType.NVarChar);parms0.Value=roles;parms1=newSqlParameter(path,SqlDbType.NV

17、arChar);parms1.Value=FolderPath;/读取顾客组的所有权限using(IDataReaderdr=dataAccessManager.ReadDatabase.ExecuteSpReader(aspnet_Ex_GetPermissionByRoles,parms)while(dr.Read()PermissionInfopermissioninfo=newPermissionInfo();permissioninfo.PermissionId=Convert.ToInt32(drPermissionId);permissioninfo.RoleId=Convert

18、.ToString(drRoleId);permissioninfo.ModulePath=Convert.ToString(drModulePath).ToLower();permissioninfo.PermissionValue=(PermissionType)(drPermissionValue);permissioninfo.RoleName=Convert.ToString(drRoleName);stringkey=string.Format(M-0,permissioninfo.ModulePath);/判断是存入了相似值if(ht.ContainsKey(key)/拆箱取出并

19、判断，存最大权限PermissionInfoht_PermissionInfo=(PermissionInfo)htkey;if(ht_PermissionInfo.PermissionValue!=permissioninfo.PermissionValue)ht_PermissionInfo.PermissionValue=ht_PermissionInfo.PermissionValue|permissioninfo.PermissionValue;htkey=ht_PermissionInfo;elseht.Add(key,permissioninfo);dr.Close();retu

20、rnht;至此 简易的框架搭建完毕下一篇 扩展ASP.NET MEMBERSHIP权限功能(三 )之权限控件 (效果图)扩展ASP.NET MEMBERSHIP权限功能(三 )之权限控件 在上一篇中我们完毕的简易的框架，这一篇中重要是如何制作权限按钮的控件（新增，编辑，删除，打印）扩展ASP.NET MEMBERSHIP权限功能(三 )之权限控件 (效果图)由PermissionsButton.cs、ButtonItem.cs、ButtonItemConverter.cs构成1.PermissionsButton.cs 继存 WebControl类usingSystem;usingSystem

21、.Collections.Generic;usingSystem.Linq;usingSystem.Text;usingSystem.Web;usingSystem.ComponentModel;usingSystem.Web.UI;usingSystem.Security.Permissions;usingSystem.Web.UI.WebControls;usingSystem.Drawing.Design;usingSystem.ComponentModel.Design;namespaceEC.Permissions.WebControls/菜单按钮控件/AspNetHostingPe

22、rmission(SecurityAction.Demand,Level=AspNetHostingPermissionLevel.Minimal),AspNetHostingPermission(SecurityAction.InheritanceDemand,Level=AspNetHostingPermissionLevel.Minimal),DefaultProperty(Buttons),ParseChildren(true,Buttons),ToolboxData(),PersistenceMode(PersistenceMode.InnerDefaultProperty),Des

23、cription(菜单按钮控件)publicclassPermissionsButton:WebControlpublicstringTemplateStr=0;privateListbuttons;publicPermissionsButton()buttons=newList();protectedoverridevoidRender(HtmlTextWriterw)w.Write(TemplateStr,AddButtonToHtml();base.RenderContents(w);/按钮集合/Category(Behavior),Description(按钮集合),Editor(ty

24、peof(CollectionEditor),typeof(UITypeEditor),PersistenceMode(PersistenceMode.InnerDefaultProperty)DesignerSerializationVisibility(DesignerSerializationVisibility.Content)publicListButtonsgetreturnbuttons;privatestringAddButtonToHtml()StringBuildersb=newStringBuilder();sb.Append();foreach(ButtonItembu

25、ttoninButtons)if(DAL.CheckButton(button.Type)sb.Append();sb.AppendFormat(,button.Text);sb.Append();sb.Append();returnsb.ToString();2. ButtonItem.csusingSystem;usingSystem.Collections.Generic;usingSystem.Linq;usingSystem.Text;usingSystem.ComponentModel;namespaceEC.Permissions.WebControlsTypeConverter

26、(typeof(ButtonItemConverter),Description(按钮集合)publicclassButtonItempublicButtonItem():this(String.Empty,PermissionType.LIST,true)publicButtonItem(stringcaption,PermissionTypetype,boolvisible)this.Text=caption;this.Type=type;this.Visible=visible;Category(Behavior),DefaultValue(按钮),Description(按钮名称),B

27、rowsable(true),NotifyParentProperty(true)publicstringTextget;set;Category(Behavior),DefaultValue(true),Description(与否显示),NotifyParentProperty(true)publicboolVisibleget;set;Category(Behavior),DefaultValue(),Description(功能类型),NotifyParentProperty(true)publicPermissionTypeTypeget;set;3. ButtonItemConve

28、rter.csusingSystem;usingSystem.Collections.Generic;usingSystem.Linq;usingSystem.Text;usingSystem.ComponentModel;usingSystem.Globalization;namespaceEC.Permissions.WebControlspublicclassButtonItemConverter:ExpandableObjectConverter#region措施publicoverrideboolCanConvertFrom(ITypeDescriptorContextcontext

29、,TypesourceType)if(sourceType=typeof(string)returntrue;returnbase.CanConvertFrom(context,sourceType);publicoverrideboolCanConvertTo(ITypeDescriptorContextcontext,TypedestinationType)if(destinationType=typeof(string)returntrue;returnbase.CanConvertTo(context,destinationType);publicoverrideobjectConve

30、rtFrom(ITypeDescriptorContextcontext,CultureInfoculture,objectvalue)if(value=null)returnnewButtonItem();if(valueisstring)strings=(string)value;if(s.Length=0)returnnewButtonItem();returnButtonItem;returnbase.ConvertFrom(context,culture,value);publicoverrideobjectConvertTo(ITypeDescriptorContextcontex

31、t,CultureInfoculture,objectvalue,TypedestinationType)if(value!=null)if(!(valueisButtonItem)thrownewArgumentException(InvalidButtonItem,value);if(destinationType=typeof(string)if(value=null)returnString.Empty;return(ButtonItem)value).Text;returnbase.ConvertTo(context,culture,value,destinationType);#e

32、ndregion最后在webroot的web.config中添加页面引用 Default.aspx 插入SQL Your RoleId请替代成你既有的RoleIdINSERT INTO aspnet_Ex_PermissionsForRoles(RoleId,ModulePath,PermissionValue) Values(Your RoleId,/Admin/Test/default.aspx,26)INSERT INTO aspnet_Ex_PermissionsForRoles(RoleId,ModulePath,PermissionValue) Values(Your RoleId

33、,/Admin/Test/ok.aspx,26)运营页面 效果如下将26改为8注 数字来源于/权限类型/publicenumPermissionTypeALL=0,LIST=2,VIEW=4,ADD=8,EDIT=16,DELETE=32,PRINT=64!删除按钮没有了将8改为32(DELETE)按钮不见扩展ASP.NET MEMBERSHIP权限功能(四 )之页面权限 之前简介的是如何让按钮显示在不同的顾客组中，目前需要做的是 如果这本是B组具有新增功能权限访问的页，A组进来后怎么进行提示1. HttpModule.csusingSystem;usingSystem.Collections

34、.Generic;usingSystem.Linq;usingSystem.Text;usingSystem.Web;usingSystem.Web.Security;namespaceEC.PermissionspublicclassHttpModule:IHttpModule#regionIHttpModuleMemberspublicvoidDispose()publicvoidInit(HttpApplicationcontext)context.AcquireRequestState+=newEventHandler(context_AcquireRequestState);void

35、context_AcquireRequestState(objectsender,EventArgse)if(HttpContext.Current.User!=null)/检查顾客与否登录，并判断与否有页面权限if(HttpContext.Current.User.Identity.IsAuthenticated)/检查目前页面与否在配备文献中if(!DAL.CheckPage()/可以在这里进行扩展HttpContext.Current.Response.Write(无权限访问此页);#endregion2.打开Webroot 中的web.config增长3. 新建print.aspx在 Admin/Test/Print.aspx访问提示 无权限访问此页 在Admin/Test/web.config增长 Print.aspx 打印 64 同步新增SQLINSERT INTO aspnet_Ex_PermissionsForRoles (RoleId, ModulePath, PermissionValue) Values (Your RoleId, /Admin/Test/print.aspx, 64)Print.aspx页面代码这里是Print.aspxcc1:ButtonI