ASP.NET.4.5.1+MVC5.0设置系统角色与权限(一)(4)

namespace HR
{
    public class RoleControllerBase : ControllerBase
    {
        SystemUserRepository sysuserrepository = new SystemUserRepository();
        /// <summary>
        /// 用户权限
        /// </summary>
        public virtual List<EnumMoudle> PermissionList
        {
            get
            {
                var permissionList = new List<EnumMoudle>();
                return permissionList;
            }
        }
        public string BusinessPermissionString { get; set; }
        [NotMapped]
        public List<EnumMoudle> BusinessPermissionList
        {
            get
            {
                if (string.IsNullOrEmpty(BusinessPermissionString))
                    return new List<EnumMoudle>();
                else
                    return BusinessPermissionString.Split(",".ToCharArray()).Select(p => int.Parse(p)).Cast<EnumMoudle>().ToList();
            }
            set
            {
                BusinessPermissionString = string.Join(",", value.Select(p => (int)p));
            }
        }
        /// <summary>
        /// Action方法执行前没有权限提示信息
        /// </summary>
        /// <param></param>
        protected override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var noAuthorizeAttributes = filterContext.ActionDescriptor.GetCustomAttributes(typeof(AuthorizeIgnoreAttribute), false);
            if (noAuthorizeAttributes.Length > 0)
                return;
            base.OnActionExecuting(filterContext);
            bool hasPermission = true;
            var permissionAttributes = filterContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes(typeof(PermissionAttribute), false).Cast<PermissionAttribute>();
            permissionAttributes = filterContext.ActionDescriptor.GetCustomAttributes(typeof(PermissionAttribute), false).Cast<PermissionAttribute>().Union(permissionAttributes);
            var attributes = permissionAttributes as IList<PermissionAttribute> ?? permissionAttributes.ToList();
            if (permissionAttributes != null && attributes.Count() > 0)
            {
                 string cookie = CookieHelper.GetValue("SystemUserID");
                 if (string.IsNullOrEmpty(cookie))
                 {
                     filterContext.Result = Content("您没有登录！");
                 }
                 else
                 {
                     int mid = int.Parse(CookieHelper.GetValue("SystemUserID"));
                     var model = sysuserrepository.GetModel(mid);
                     BusinessPermissionString = model.BusinessPermissionString;
                     hasPermission = true;
                     foreach (var attr in attributes)
                     {
                         foreach (var permission in attr.Permissions)
                         {
                             if (!BusinessPermissionList.Contains(permission))
                             {
                                 hasPermission = false;
                                 break;
                             }
                         }
                     }
                     if (!hasPermission)
                     {
                         if (Request.UrlReferrer != null)
                             filterContext.Result = this.Stop("您没有权限！", "/default/ng");
                         else
                             filterContext.Result = Content("您没有权限！");
                     }
                 }
            }
        }
    }
}

6.在每个Controller继承RoleControllerBase类

public class EmployeesController : RoleControllerBase

7.在HR.Helpers文件夹下添加PermissionAttribute.Cs ，并继承 FilterAttribute, IActionFilter

复制代码 代码如下: