扩展NET-MEMBERSHIP权限功能

1、扩展 ASP. NET MEMBERSHIP 权限功能（一）扩展ASP. NET MEMBERSHIP权限功能目前常用的ASP. NET的membership功能，可以将权限控制到页，需要我们在web. config中进行设置，如 果需求稍多一点，你会发现有些力不从心，网上有很多开源的权限管理系统，但差不多都是重新设计开发，所以 我这里要做的是在membership的基础上增加用户组权限到每个页面及按钮的功能，如A组只能新增，他的页面 上面就只有新增按钮，B组只能删除和修改他的界面上就没有新增的功能，即使B组知道新增的URL,进入后也 会提示无权限，各个功能都能过后台数据库进行配置，全局来控制

2、。membership的用法不用多说，下面讲讲思路1. 当用户访问文件目录，读取当前目录下面的web. config2. 根web. config中的设定每个文件权限，并匹配数据库中的信息，如果符合条件显示按钮或页面，不成 立隐藏或提示1. 数据库创建表aspnet Ex PermissionsForRo1es列名1数据类型I允许空JPermissionldint厂Rolelduniqueidentifier層ModulePathnvarchar（250）FPermissionValueintP创建视图vw aspnet Ex PermissionsForRolesB ggB_h（由有列）yJ

3、/Pern5nldlRole IdModulePath7 Per miss ion Valueaspnet_Roles叫所有列）Application IdRoieldRole NameLoweredRoleNameDescription创建存储过程aspnet Ex GetPermiss ionByRo1es 田日代码CREATE PROCEDURE dbo. aspnet Ex GetPermissionByRoleslolesnvarchar (max)二 NULL pathnvarchar (inax)二 NULLASBEGINSET NOCOUNT ON；dec 1are sq1 n

4、varchar(2000)set sql =，select * from vw_aspnet_Ex_PermissionsForRoles where Ro 1eName in(r+roles+ f) and ModulePath=，*+path+r if roles is not nullEXEC sp_executesql sqlEND数据库准备完毕下面是结构自http：/loc&lhost/日/ AdminEJ-,Testi 田 巴 Da.xilt. aspx 白曲Ok. aspx coni gffeb. configB- Permissi onsS-；可| Properties日“空

5、References?白“项目文件结构曹 Buttonitem, cs 呦 ButtonltemCouverter. cs PermissionsB-utton. cs；“ 宿 Confi g. cs；筍 DAL. cs曹 DatsJilodel. cs 鲨| HttpModule. cs扩展 ASP. NET MEMBERSHIP 权限功能（二）前一篇介绍了需求，和数据库结构与和项目结构这一篇主要介绍一下结构和配置admin 下面的 web. configsection name二Permission type二ECPermissions.ConfiR*/authorizationEC. P

6、ermissions. Config 主要是实现了 IConfigur且tionSectionHandler 接口 来完成自定义的配置 admin/test Tffi web. configPermission type=HEC. Permissions. PermissionlnfonaccounttestDefault. aspx列表2Default. aspx 编辑 16Default. aspx 删除 32Ok. aspx 测试 21.串行化 web. configEC. Permissions .Config 类usingSystem；usingSystem Collections.

7、 Generic；usingSystem Linq；usingSystem. Text；usingSystem Configuration；usingSystem. Xml；usingSystem Xml. Serialization；usingSystem 10；namespace EC. Permissionspublic class Config : IConf i gurat ionSec t i onHandlerSregion IConfigurationSectionHandler Memberspublic object Create(object parent, object

8、 configContext, System.Xml.XmlNode section)/EC. Permissions PermissionInfostring typeName = (XmlElement)section) GetAttribute(n type*)；Type type = Type GetType(typeName)；XmlSerializer xz = new，XmlSerial izer (type)；using (StringReader sr = new StiingReader (sect ion OuterXml)return xz.Deserialize(sr

9、)；Sendregion2.EC. Permissions Permissionlnfo 类using System；using System Collections Generic；using System Linq；using System Text；using System Xml. Serialization；namespace EC. PermissionsSerializableXm1Root(H Perm i ss i onH)public class PermissionInfo/ /权限数据库ID/ public int Permissionld/ /用户组ID/ publi

10、c stiing Roleld / /用户组名/ public string RoleName/ /模块路径/ XmlElement(ModulePathM,public string ModulePath/ /模块名字/ XmlElement(wModu1 eNameM,pub1ic string ModuleName/ get； set； get； set； get； set； typeof(string) get； set； typeof(string) get； set； /权限值/ public PermissionType PermissionValue get； set； Xml

11、Arrayltem(n1tenf* typeof(Permissionltemlnfo)public PermissionltemlnfoE Items get； set； SerializableXmlRoot(wItemsw)public class PermissionltemlnfoXmlElement(wPagen, typeof(string)public string Page get； set； XmlElement(nFunction”， typeof(string)public string Function get； set； XmlElementt typeof(int

12、)public int Value get； set； publ ic overiide bool Equals (object obj)if (obj = null)return false；if (this. GetTypeO != obj. GetTypeO)return false；true；i f (PermissionItemInfo)obj) Page = this Page) return return base Equals(obj)；/ /权限类型/ public enum PermissionTypeALL二0.LIST=2,VIEW=4,ADD二&EDIT=16tDEL

13、ETE=32tPRINT二64= new DataAccessManager():FolderPath)；3. EC. Permissions. DAL 数据库访问 using System；using System Collections Generic；using System Linq；using System Text；using System. Collections；using System Web Security；using System. Data；using EC. DBUtility；using System. Data SqlClient；using System Co

14、nfiguration；using System Web；namespace EC. Permissionspublic class DALprivate static DataAccessManager dataAccessManager / /判断页面是否有此权限/ 1.得到当前用户所有的用户组/ 2.得到所有用户组的权限并取并集/ / / public static bool CheckPage ()bool bResult = false；Permissioninfo pi = GetPermissionInfo； if (pi = null)return true；Hashtable

15、 ht = GetPermi ss ionsByRo Le()；if (ht. Count 0)strinR key = strinR. Format(nM0 if (ht. ContainsKey (key)string fi1ename = GetFileName；/拆箱取出并判断权限Permissioninfo ht Permissionlnfo(Permissionlnfo)htkey: foreach (Permissioniteminfo temp in pi. Items)if (temp. Page. ToLower() Equals(filename) & (Convert.

16、Tolnt32(ht Permissionlnfo. PermissionValue)&temp Value)=temp Value)bResult = true； break；return bResult；/判断按钮是否有此权限1得到当前用户所有的用户组/2.得到所有用户组的权限并取并集/public static bool CheckButton(PermissionType type)bool bResult = false；Hashtable ht = GetPermissionsByRoleO； 辻(ht. Count 0)str inf? key = str inj? Format

17、 (WM- ；0w, FolderPath)； if (ht. ContainsKey (key)/拆箱取出并判断权限Permissionlnfo ht Permissioninfo(PermissionInfo)htkey；bResult(htPermissionlnfo. PermissionValue & type)=type；return bResult；/ /当前目录/ public static String FolderPathgetstring paths = HttpContext. Current Request ServerVariablesSCRIPTNAME.ToSt

18、ring()；return paths ToLower()；/获取当前访问页面地址/public staticstr ini? Ge tFil eNamegetstringpaths= HttpContext Current Request ServerVar iabl es SCR I PTME.ToString()；returnpaths Substring(paths LastIndexOf(/) 十 1). ToLower()；/获取当前目录下权限配置集合/public static Permissionlnfo GetPermissionlnfo getreturn (Permiss

19、ionlnfo)ConfigurationManager GetSect ion(wPermission”)；/ /得到所有用户组的权限并取并集/ / public static Hashtable GetPermi ss i onsByRole()Hashtable ht=new Hashtable ()；stiingt iolesArr=Roles GetRolesForUser()；string loles=stiingroles/rr)；roles =八+loles +SqlParameter parms = new Sq1Parameter2；parmsEO = new Sq 1 P

20、arameter (M ro Ies SqlDbType NVaiChar)； parms0Value = roles；parms1= new SqlParameter(Mpath, SqlDbType NTarChar)；parms1 Value = FolderPath；/读取用户组的所有权限using (IDataReader dr = dataAccessManager. ReadDatabase ExecuteSpReader(Has pnet _Ex_ GetPermi ssi onByRo1esn. parms)while (dr. ReadO)Permissioninfo pe

21、rmissioninfo = new PermissionlnfoO；permissioninfo. Permissionld = Convert Tolnt32(drPermission Id”)；permissioninfo. Roleld = Convert ToString(drRoleld”):permissioninf o. Modul ePath = Con vert ToString (dr *Modul ePath ”) ToLower()；permissioninfo. PermissionValue = (PermissionType)(drEnPermis sionVa

22、lue1*)；permissioninf o. Ro 1 eName = Con vert ToS t r i ng (d w Ro 1 eXamen )；string key = string .Format (nM- 0permissioninf* o. Modul ePath)；/判断是存入了相同值if (ht. ContainsKey (key)拆箱取出并判断，存最大权限Permissioninfo ht_Permissionlnfo 二 (Pennissionlnfo) htkey；if (ht_PermissionInfo. PermissionValue != permissio

23、n info. PermissionValue)ht_Permissionlnfo. PermissionValue = ht_Permi ssionlnfo.PermissionValuepermissioninfo. PermissionValue；htkey = ht_Permissionlnfo；elseht.Add (key, permissioninfo)；dr. Close ():return ht；至此简易的框架搭建完成下一篇扩展ASP. NET MEMBERSHIP权限功能（三）之权限控件（效果图）IIBackColorBordorColorBorderStyleBorder

24、WidtLCnCLgg FontFore?ciox_曰 Beliavi oxButtoreEnabledEfiabLeTheTiingEriblcV: cwStatoSkinlDHotSetTrueTrueTrue扩展ASP.NET MEMBERSHIP权限功能（三）之权限控件在上一篇中我们完成的简易的框架，这一篇中主要是如何制作权限按钮的控件（新增，编辑，删除，打印）扩展ASP. NET MEMBERSHIP权限功能（三）之权限控件（效果图）# PermissicBckCelcr BorderColor Bor dexStyle BcrdcrWidth CssClsssQ FontF e 玄

25、疋 el Q：、曰 BaKaviorButtonsEnabledFn 久 bl oThsn ng EnalleVieAtate SkiiJnToolTipVisible BataIjxpr cssions) 1. iyont Keidit WidthQ iidu)KotSet(C9lLecJUjA)仏。ImeTrue由 PermissionsButton. cs、Buttonltem. cs、ButtonltemConverter. cs 组成1. PermissionsButton. cs 继存 WebControl 类usingSystem；usingSystem. Collections

26、. Generic；usingSystem. Linq；usingSystem Text；usingSystem Web；usingSystem ComponentModel；usingSystem. Web LI；usingSystem. Security Permissions；usingSystem. Web. LI. WebControls；usingSystem Drawing Design；usingSystem. ComponentMode1. Design；namespace EC. Permissions WebControls/ /菓单按钮控件/ AspNetHosting

27、Permission(SecurityAction Demand.Level = AspNetHostingPermissionLeve1. Minimal).AspNetHostingPermission(SecurityAction. InheritanceDemand.Level = AspNetHostingPermissionLeve1. Minimal)Defaul tProperty (Buttons1*),ParseCh i1dren (true. Buttonsn),ToolboxData( ). Persistenc(?Mode(PersistenceMode InnerD

28、efaul tProperty).Description (菜单按钮控件)pub1ic class PermissionsButton :WebCon tro1publ ic string TemplateSti* =,T0n；private List buttons；public PermissionsButton()buttons = new List ()；protected override void Render(HtmlTextWr i ter w) w. Write(TemplateStr, AddButtonToHtml()；base. RenderContents(w)；/

29、/按钮集合/ Category(n Behav i orM,Description(按钮集合”)Ed i tor(typeof(Co11ec t i onEd i tor). typeof(UITypeEditor),PersistenceMode(PersistenceMode InnerDeFaultPi、operty)DesignerSerializationVisibi1ity(DesignerSerializationTisibi1i ty. Content) public List Buttons get return buttons； private string .AddBut

30、tonToHtml ()StiingBuildei* sb = new StringBui Ider ():sb. Append(T)； foreach (ButtonItem button in Buttons)Text)；if (DAL. CheckButton(button. Type)sb. Append(td)；sb. AppendFormat(*input type=*button* value=,0, button.sb. Append (rrrr)；sb. Append(nM)； return sb. ToStringO ；2. Buttonltem cs using Syst

31、em；using System Collections Generic；using System. Linq；using System Text；using System ComponentModel； namespace EC. Permissions WebControlsTypeConveiter (typeof (ButtonI temConverter). Descript ion (按钮集合”)public class Buttonitempubl ic ButtonltemO: this(String.Empty, PermissionType. LIST, true)publi

32、c Buttonltem(string caption. PermissionType type, bool visible) this.Text = caption；this.Type = type；this.Visible = visible；Category (w Behav iorM, Defaul tValueC* 按钮n), Descript ion (H 按钮名称”),Browsable (true), NotifyParentProperty(true)public string Text get； set； Category (BehaviorM. DefaultVa 1 u

33、e (true), Descript ion (M 是否显示,Not ifyParentProperty (true)public bool Visible get； set； Category (wBehaviorM, DefaultValue(M,T), Description(M 功能类型),NotifyParentProperty (true)public PermissionType Type get； set； 3. ButtonltemConverter csusing System； using System Collections Generic； using System

34、Linq；using System Text；using System ComponentModel；using System. Globalization； namespace EC. Permissions WebControlspublic class ButtonItemConverter : ExpandableObjectConverterregion方法publicoveriide bool Can ConvertFrom (ITypeDescr i ptorContext context, Type sourceType)iif (sourceType = typeof (st

35、iing)ireturn true；jreturn base CanConvertFrom(context. sourceType)；public override bool CanConvertTo(ITypeDescriptorContext context, Type destinationType)if (destinationType = typeof(string) return true； return base CanConvertTo(contextt destinationType)；public override object ConvertFrom(ITypeDescr

36、i ptorContext context, CultureInFo c ulture, object value)if (value = null) return new ButtonltemO ；if (value is string)string s = (string)value；if (s. Length =0) return new ButtonltemO;retuim wButtonltemM；return base ConvertFrom(contextt culture, value)；public override object ConvertTo(ITypeDescri

37、ptorContext context. CultureInfo cul ture, object value, Type destinationType)if (value != null) if (! (value is ButtonItem) throw new ArgumentException(HInvalid Buttonltem, value”)；if (destinationType = typeof(string) if (value = null) retur n String .Empty； return (Buttonltem)value).Text； retuin b

38、ase ConvertTo(context, culture, value, destinationType)；Sendregion最后在 webroot 的 web. config中添加页面引用Default, aspx插入SQL Your Roleld请替换成你现有的RoleldINSERT INTO aspnet Ex PermissionsForRoles(Roleld.ModulePath,PermissionValue) ValuesYour R oleld1.r/Admin/Test/default. aspx.26)INSERT INTO aspnet Ex Permissio

39、nsForRoles(Roleld.ModulePath,PermissionValue) Values(fYour R oleld1.r/Admin/Test/ok aspx*,26)运行页面效果如下收藏夹卜 | ,hu.bj. cnMogs. com新増I编辑将26改为8注数字来源于/ /权限类型/ public enum PermissionType ALL二0,LIST=2,VIEW二4,ADD=8tEDIT=16,DELETE=32tPRINT=64弦收藏夹 盘IT 倉 hubj. cnblog：s. com 新划!删除按钮没有了将 8 改为 32 (DELETE)/3hubj. cnblogs. con - ViiiLdovs InteriiLeit至卜| 倉 hubj. enblog5. com按钮不见扩展ASP. NET MEMBERSHIP权限功能(四)之页面权限之前介绍的是如何让按钮显示在不同的用户组中，现在需要做的是如果这本是B组具有新増功能权限访问的页，A组进来后怎么进行提示1. HttpModule. csusing System；using System. Col lections Generic；using System Linq；using System Text；us