1、用户表中要有roleid字段即角色id
2、权限表qx_qx(id,createdate,modulename,cmd)
modulename 学生管理 cmd 浏览
modulename 学生管理 cmd 新增
modulename 学生管理 cmd 编辑
modulename 学生管理 cmd 删除
3、角色表qx_role(id,createdate,rolename) 如:校长、教师、主任等
4、角色权限表qx_role_qx(id,createdate,roleid,qxid)
一、前台如学生管理studen.aspx 班级管理class.aspx
新增btnAdd 编辑btnEdit 删除btnDel
二、通过角色权限表中的(new DAL.Role_qxDAL().CalcCount("roleid=" + u.roleid + " and qxid=" + qx.id) > 0)
显示或隐藏 "新增btnAdd 编辑btnEdit 删除btnDel" 按钮
<%=GetLink("班级管理","class.aspx") %>
<%=GetLink("学生管理", "student.aspx")%>
显示浏览功能即链接地址
public string GetLink(string name, string url)
{
string str = "";
Model.Qx qx = new DAL.QxDAL().GetModelByNameCMD(name, "浏览");
if (qx != null)
{
Model.User u = Session["user"] as Model.User;
if (new DAL.Role_qxDAL().CalcCount("roleid=" + u.roleid + " and qxid=" + qx.id) > 0)
{
str = "<a href='" + url + "' target='frm'>" + name + "</a><br />";
}
}
return str;
}
}
显示新增按钮以此类推可设置编辑、删除按钮
Model.User u = Session["user"] as Model.User;
Model.Qx qx = new DAL.QxDAL().GetModelByNameCmd("班级管理", "新增"); //GetModelByNameCmd根据modulename和cmd生成model
if (qx != null)
{
if (new DAL.Role_qxDAL().CalcCount("roleid=" + u.roleid + " and qxid=" + qx.id) > 0)
{
btnAdd.Visible = true;
}
else
{
btnAdd.Visible = false;
}
}
后台
用户管理
新增用户:
Page_Load事件中
ddlrole.DataSource = new DAL.RoleDAL().GetList("");
ddlrole.DataTextField = "rolename";
ddlrole.DataValueField = "id";
ddlrole.DataBind();
//新增用户
string name = txtname.Text.Trim();
string pwd = txtpwd.Text.Trim();
if (name.Length == 0 || pwd.Length == 0)
{
Xiaobin.Utility.Tool.Alert("请输入内容", this.Page);
eturn;
}
string tmp = ddlrole.SelectedValue;
int x;
if (!int.TryParse(tmp, out x))
{
Xiaobin.Utility.Tool.Alert("请先添加角色再操作", this.Page);
eturn;
}
new DAL.UserDAL().Add(new Model.User()
{
roleid = x,
sername = name,
assword = pwd
});
Xiaobin.Utility.Tool.AlertAndGo("新增成功", Request.Url.ToString(), this.Page);
用户权限管理
<asp:HiddenField ID="hfOpreate" runat="server" />
<asp:HiddenField ID="hfroleid" runat="server" />
<asp:ListBox ID="lsbrole" AutoPostBack="true" runat="server" OnSelectedIndexChanged="lsbrole_SelectedIndexChanged"></asp:ListBox>
你选择的角色为:<asp:Literal ID="litrole" runat="server"></asp:Literal>
<asp:Repeater ID="rep1" runat="server" OnItemDataBound="rep1_ItemDataBound">
<ItemTemplate>
<asp:Literal ID="litname" Text='<%#Eval("modulename") %>' runat="server"></asp:Literal>
<asp:Repeater ID="rep2" runat="server" OnItemDataBound="rep2_ItemDataBound">
<ItemTemplate>
<asp:CheckBox ID="chk" ToolTip='<%#Eval("id") %>' Text='<%#Eval("cmd") %>' runat="server" />
</ItemTemplate>
</asp:Repeater>
<br />
</ItemTemplate>
</asp:Repeater>
新增角色btnAdd
//编辑角色btnEdit
//删除角色btnDel
//授权btnAuthorize
<div id="pop" style="background-color: White; z-index: 10; position: absolute; width: 380px; height: 80px; line-height: 80px; border: 3px solid yellow; display: none; bottom: 170px;">
角色名称:<asp:TextBox ID="txtrolename" runat="server"></asp:TextBox>
<asp:Button ID="btnOK" runat="server" Text="确定" OnClick="btnOK_Click" />
<input type="button" value="取消" onclick="$.popup.close('#pop')" /></div> //div为弹出的层
if (!Page.IsPostBack)
{
lsbrole.DataSource = new DAL.RoleDAL().GetList("");
lsbrole.DataTextField = "rolename";
lsbrole.DataValueField = "id";
lsbrole.DataBind();
rep1.DataSource = new DAL.QxDAL().GetListDisinctName();
rep1.DataBind();
}
新增事件
hfOpreate.Value = "add";
string rolename = txtrolename.Text.Trim();
Xiaobin.Utility.Tool.ExecJs("$.popup.open('#pop')", this.Page);
编辑事件
int x;
if (!int.TryParse(hfroleid.Value, out x))
{
Xiaobin.Utility.Tool.Alert("请选择角色", this.Page);
return;
}
hfOpreate.Value = "edit";
txtrolename.Text = litrole.Text;
Xiaobin.Utility.Tool.ExecJs("$.popup.open('#pop')", this.Page);
删除
int x;
if (!int.TryParse(hfroleid.Value, out x))
{
Xiaobin.Utility.Tool.Alert("请?选?择?角?色|?", this.Page);
return;
}
new DAL.RoleDAL().Delete(x);
选择角色。双击ListBox控件
hfroleid.Value = lsbrole.SelectedValue;
litrole.Text = lsbrole.SelectedItem.Text;
rep1.DataSource = new DAL.QxDAL().GetListDisinctName();
rep1.DataBind();
循环rep1
if (e.Item.ItemType == ListItemType.AlternatingItem || e.Item.ItemType == ListItemType.Item)
{
Repeater rep2 = e.Item.FindControl("rep2") as Repeater;
string name = (e.Item.FindControl("litname") as Literal).Text;
rep2.DataSource = new DAL.QxDAL().GetList("modulename='" + name + "'");
rep2.DataBind();
}
循环rep2
if (e.Item.ItemType == ListItemType.AlternatingItem || e.Item.ItemType == ListItemType.Item)
{
CheckBox chk = e.Item.FindControl("chk") as CheckBox;
int qxid = int.Parse(chk.ToolTip);
int roleid;
if (int.TryParse(hfroleid.Value, out roleid))
{
if (new DAL.Role_qxDAL().CalcCount("roleid=" + roleid + " and qxid=" + qxid) > 0)
{
chk.Checked = true;
}
else
{
chk.Checked = false;
}
}
}
确定事件
string name = txtrolename.Text.Trim();
if (hfOpreate.Value == "add")
{
new DAL.RoleDAL().Add(new Model.Role()
{
rolename = name
});
Xiaobin.Utility.Tool.AlertAndGo("新增成功", Request.Url.ToString(), this.Page);
}
else if (hfOpreate.Value == "edit")
{
Model.Role r = new DAL.RoleDAL().GetModel(int.Parse(hfroleid.Value));
if (r != null)
{
r.rolename = name;
}
new DAL.RoleDAL().Update(r);
Xiaobin.Utility.Tool.AlertAndGo("编辑成功", Request.Url.ToString(), this.Page);
}
授权事件
int roleid;
if (!int.TryParse(hfroleid.Value, out roleid))
{
Xiaobin.Utility.Tool.Alert("请选择角色", this.Page);
return;
}
foreach (RepeaterItem item in rep1.Items)
{
Repeater rep2 = item.FindControl("rep2") as Repeater;
foreach (RepeaterItem item2 in rep2.Items)
{
CheckBox chk = item2.FindControl("chk") as CheckBox;
int qxid = int.Parse(chk.ToolTip);
if (chk.Checked)
{
if (new DAL.Role_qxDAL().CalcCount("roleid=" + roleid + " and qxid=" + qxid) == 0)
{
new DAL.Role_qxDAL().Add(new Model.Role_qx()
{
qxid = qxid,
roleid = roleid
});
}
}
else
{
if (new DAL.Role_qxDAL().CalcCount("roleid=" + roleid + " and qxid=" + qxid) > 0)
{
new DAL.Role_qxDAL().DeleteByroleidQxid(roleid, qxid); //DeleteByroleidQxid方法即删除roleid和qxid方法
}
}
}
}
QXDAL.cs中加上采用distinct方法获取唯一不同的值 控制按钮
public DataSet GetListDisinctName()
{
StringBuilder strSql = new StringBuilder();
strSql.Append("select distinct modulename ");
strSql.Append(" FROM qx_qx ");
Database db = DatabaseFactory.CreateDatabase();
return db.ExecuteDataSet(CommandType.Text, strSql.ToString());
}
直接方法
1)在后台代码定义一个bool类型的变量
bool IsAdmin=false;
然后在代码里,例如在用户登陆的Click事件里判断用户的身份:
IsAdmin = User.IsInRole("Administrators");
这段代码很简单,它会获取用户的角色,如果属于Administrators角色,则IsAdmin返回true,否则返回false。
2)在页面里利用IsAdmin控制控件的可见性
示意代码如下:
<asp:Button ID="btnDelete" Text="删除" runat="server" Visible='<%#IsAdmin %>'>
在这段代码,如果用户属于Administrators角色,则IsAdmin返回true,这样“管理员”就可以看见“删除”,否则返回false就表示当前用户无法删除此纪录。