权限设置 

数据库结构

  • Ø  Tb_Common_User(用户表)
  • Ø  Tb_Common_Role(角色表)
  • Ø  Tb_Common_Authority(权限功能表)
  • Ø  Tb_Common_RoleAuthority(角色权限表)

 

 

流程图

 

操作步骤

  1. 获取权限模块

       void Session_Start(object sender, EventArgs e)

       {

           DataView dv = conn.GetDataTable("select GUID,OrderID,AuthorityName,URL from Tb_Common_Authority where type=0").DefaultView;

       }

 

  1. 记录用户、角色、与之对应权限模块 

               string str = conn.GetScalar("SELECT isnull(WorkNO,'')+'|'+isnull(RealName,'')+'|'+isnull(WorkNO,'')+'|'+isnull(NetworkNO,'')+'|'+isnull(roleguid,'')+'|'+isnull(rolename,'')+'|'+isnull(AuthorityGUID,'')+'|'+isnull(AuthorityAssGUID,'')+'|'+isnull(UserType,'') FROM View_User where GUID='" + userid + "'");

               FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, userName, System.DateTime.Now, dt, true, str, FormsAuthentication.FormsCookiePath);

 

  1. 模块权限控制

if (!this.IsPostBack)

           {

               try

               {

                   string[] authority = ui.Authority.Split(',');

 

                   for (int i = 0; i < authority.Length; i++)

                   {

                       DataView dv = (DataView)Application["siteAuthority"];

                       dv.RowFilter = "GUID='" + authority[i].ToString() + "'";

                       if (dv.Count > 0)

                       {

                           string a = string.Empty;

                               string urlArr = string.Empty;

                               if (Request.RawUrl.ToString().Split('/').Length > 2)

                                   urlArr = Request.RawUrl.ToString().Split('/')[2];

                               else

                                   urlArr = Request.RawUrl.ToString();

 

 

                               if (dv[0]["url"].ToString().IndexOf(urlArr) != -1)

                               {

                                   InerUrl += " <li   class=\"Curspan\"><a href='" + dv[0]["url"].ToString() + "'>" + dv[0]["AuthorityName"].ToString() + "</a></li>";                                  

                               }

                              else

                               {

                                   InerUrl += " <li><a href='" + dv[0]["url"].ToString() + "'> " + dv[0]["AuthorityName"].ToString() + "</a></li>";

                               }                          

                        }

                   }

               }

               catch

               {

                   Response.Write("<script>window.top.close();</script>");

                   Response.End();

                   return;

               }

           }

终述

权限设置主要体现在导航菜单入口上,通过验证用户角色的权限进行菜单控制。通过四张数据表进行权限控制,还是比较简单的。

Last edited Mar 23, 2011 at 7:33 AM by zp, version 1

Comments

No comments yet.