你的位置:首页 > ASP.net教程

[ASP.net教程]基于页面的权限设计原形


权限属性定义:

/// <summary>  /// 权限属性  /// </summary>  [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = false)]  public class AccessLevAttribute : Attribute  {    /// <summary>    /// 名称    /// </summary>    public string Name { get; set; }    /// <summary>    /// 权限    /// </summary>    public string LevStr { get; set; }    /// <summary>    ///     /// </summary>    static Type attrType = typeof(AccessLevAttribute);    public AccessLevAttribute(string name)    {      this.Name = name;    }    public AccessLevAttribute(string name, string levStr)    {      this.Name = name;      this.LevStr = levStr;    }    /// <summary>    /// 解析类属性    /// </summary>    /// <param name="t"></param>    /// <returns></returns>    public static AccessLevAttribute ParseClass(Type t)    {      return Parse(t.GetCustomAttributes(attrType, false));    }    /// <summary>    /// 解析方法属性    /// </summary>    /// <param name="m"></param>    /// <returns></returns>    public static AccessLevAttribute ParseMethod(MethodInfo m)    {      return Parse(m.GetCustomAttributes(attrType, false));    }    static AccessLevAttribute Parse(object[] attributes)    {      return (attributes == null || attributes.Length != 1) ? null : attributes[0] as AccessLevAttribute;    }  }

 

 

页面基类:

public class PageBase : System.Web.UI.Page  {    public PageBase()    {      this.Init += new EventHandler(PageBase_Init);    }    void PageBase_Init(object sender, EventArgs e)    {      Type clssType = this.GetType().BaseType;      var classAttr = AccessLevAttribute.ParseClass(clssType); //获取类上定义的权限数据      Response.Write(classAttr == null ? clssType.Name : classAttr.Name);                  foreach (var m in clssType.GetMethods(BindingFlags.DeclaredOnly | BindingFlags.Instance | BindingFlags.Public | BindingFlags.NonPublic))      {        var a = AccessLevAttribute.ParseMethod(m); //获取方法上定义的权限数据        Response.Write(a == null ? m.Name : a.Name);      }          }  }

 

页面类:

[AccessLev("classAliasName")]  public partial class WebForm1 :PageBase  {    protected void Page_Load(object sender, EventArgs e)    {    }    [AccessLev("methodAliasName")]    string Test()    {      return DateTime.Now.ToString();    }  }

 

验证在基类中统一完成,相对一般的基于url验证更安全,且可细化到页面的方法级