.NET has provided us with the operation of system role and permissions, but the implementation of the scheme is not very detailed, so we can make our needs. The information saved in context.user is the relevant role and permission information. Context.user type is system.security.principal.ilincipal; context.user.Identity is System.Security.Principal.iIdentity, so as long as the above two interfaces we implemented can implement the scheme first defined class siteprincipal code as follows:
Class SitePrincipal Implements System.Security.Principal.IPrincipal #Region "private variable" Private _Identity As System.Security.Principal.IIdentity Private _PermissionList As ArrayList Private _RoleList As ArrayList #End Region #Region "constructor" '' '---- -------------------------------------------------- ----------------------- '' '' '' Change '' '' '' << Param name = "userid"> User ID number '' '' '' '' '' '' '' '[MRHJW] 2005-3-14 Created' '' '' --------------------------------------------- ------------------------------- Public Sub New () Sub New (Byval Userid AS Integer) DIM User As New Data .User me._identity = new business.siteident = user.getuserroles (userid) me._permissionList = User.GeteffECTIVEPERMISSIONLIST (userid) End sub '' ---------------- -------------------------------------------------- -------- ------- '' '' '' ' '' '' '' '' '[mrhjw] 2005-3-14 created' '' '' '
-------------------------------------------------- --------------------------- Public Sub New () Sub New (Byval Emailaddress As String) DIM User As New Data.user Me._Identity = New Business.SiteIdentity (EmailAddress) Me._RoleList = User.GetUserRoles (CType (Me._Identity, SiteIdentity) .UserID) Me._PermissionList = User.GetEffectivePermissionList (CType (Me._Identity, SiteIdentity) .UserID) End Sub #End Region #Region "[system.seirciPal.iPrincipal] interface implementation method" '' --------------------------- ------------------------------------------------ '' '' '' [system.semburity.principal.iprincipal] interface Identity implementation '' '' '' '' '' '' '' '' [mrhjw] 2005-3-14 created '' '' '------------------- -------------------------------------------------- ------ Public Readonly Property Identity () Property Identity () as system.security.prin Cipal.iidentity Implements System.Security.Principal.iPrincipal.Identity Get Return ME._IDENTITITY End Get End Property '' ------------------------- -------------------------------------------------- - '' '' '' '[System.Security.Principal.iprincipal] interface is Insinrole implementation' '' '' ' Role Name ' '' '' <
Remarks> '' '' '' '' [mrhjw] 2005-3-14 created '' '' '------------- -------------------------------------------------- -------------- Public function isinrole () Function isinrole (byval role as string) as boolean imports system.security.principal.iprincipal.isinrole Return Me._RoleList.Contains (Role) end function #End region #Region "New Attribute" '' ------------------------------------- -------------------------------------- '' '' 'Verification Is there a corresponding license '' '' '' '' license ID number '' ' ' '' '' < / remarks> '' '' '' '' '[mrhjw] 2005-3-14 created' '' '' ----------------- -------------------------------------------------- -------- Public Readonly Property Haspermission () Property Haspermission (Byval Permissionid AS Integer) AS Boolean Get Return Me._PermissionList .Contains (permissionid) end end * "-------------------------------------- -------------------------------------- '' '' '' Returning List '' '' ' ' '' '' '' '' ''
[Mrhjw] 2005-3-14 created '' '' '' ------------------------------- ---------------------------------------------- Public Readonly Property Roles () Property Roles () ARRAYLIST GET RETURN ME._ROLIST End Get End Property '' ------------------------------ --------------------------------------------- '' ' '' 'Return license list' '' '' '' ' ' '' '' <'' '' '' '' '' [MRHJW ] 2005-3-14 Created '' '' '--------------------------------- -------------------------------------------- Public Readonly Property Permissions () Property Permissions () ARRAYLIST GET RETURN Me._PermissionList End Get Producty #end Region #Region "New Method" '' ---------------------- -------------------------------------------------- ----- '' '' 'Verification Login. Iif (Sign in Return SiteprIncipal, Return Nothing) '' '' ' login account ' ' login password ' ' '' '' '' '' '' '' [mrhjw] 2005-3-14 created '' '' ''
-------------------------------------------------- --------------------------- Public Shared Function Validatelogin () Function Validatelogin (Byval Password AS String) AS Business.SitePrincipal Dim User as Data.User Dim newID as Integer newID = User.ValidataLogin (EmailAddress, Password) If newID> 0 then Return New SitePrincipal (EmailAddress) Else Return Nothing End If End Function #End Region End class class is then defined SiteIdentity, the following code :
Class SiteIdentity Implements System.Security.Principal.IIdentity #Region "private variable" Private _UserName As String '// username Private _EmailAddress As String' // account Private _PassWord As String '// password Private _UserID As Integer' // user ID Private _theme as string = string.empty '// User's topic _ default is' defink "" Constructor "' '' ---------------------------------------------------------------------------------------------------------------------------------- -------------------------------------------------- -------- '' '' '' Create '' '' '' Login account 'by logging in account '' '' '' '' [mrhjw] 2005-3-14 created '' '' '---------- -------------------------------------------------- ----------------- Public Sub New () Sub New (Byval Emailaddress As String) DIM USER AS New Data.user DIM DR AS DATAROW DR = User.Retrieve (EmailAddress) ' '' to do something '' '' '' '' '' 'Appglobals.skin = Me._Theme End Sub '' ----------------------------------------- ---------------------------------- '' '' '' according to user ID number Instantiate '' '' '' 'system.semburity.principal.iIndentity interface AuthenticationType implementation' '' '' '' '' '' '' '' '[mrhjw] 2005-3-14 created' '' '' '-------------- -------------------------------------------------- ------------- Public Readonly Property AuthenticationType () Property AuthenticationType () AS S TRING IMPLEMENTS system.security.principal.iidentity.AuthenticationType Get Return "Custom AuthenticationType" End Get Property '' "--------------------------------------------------------------------------------------------------------------------------------------------------------------- -------------------------------------------------- - '' '' '' system.security.principal.iIndentity interface isauthenticated implementation, returning True, since this class must be used after verification, returns true '' '<
/ summary> '' ' ' '' '' '' '' '' '' <'' [MRHJW] 2005-3-14 Created '' '' ------------------------------------------------------------------------------------------------------------------------------------------------------------------ ------------------------------- Public Readonly Property isauthenticated () Property isauthenticated () as boolean implements system.security.principal. Iidentity.isauthenticated get return true end end end * "------------------------------------- ---------------------------------------- '' '' SYSTEM . Ssent.Principal.iIdentity interface Name implementation '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' [" MRHJW] 2005-3-14 created '' '' '-------------------------------- -------------------------------------------- Public Readonly Property Name ) Property name () as string ustements system.security.principal.iidentity.name Get Retu RN me._username end end entry #end region #Region "new attribute" '' ----------------------------- ------------------------------------------------ '' '' '' Return login account (emaildress) '' '' '' '' '' '' '
'' '' '[mrhjw] 2005-3-14 created' '' '' --------------------- -------------------------------------------------- ---- Public Readonly Property EmailAddress () Property Emailaddress () AS String Get Return Me._EmailAddress End Get End Property '' ------------------------------------------------------------------------------------------------ -------------------------------------------------- ----- '' '' '' 'Return Password' '' '' '' '' '' '' '' '' '' '' < History> '' '[mrhjw] 2005-3-14 created' '' '' -------------------------- -------------------------------------------------- - Public Readonly Property Password () Property Password () AS STRING GET RETURN ME._PASSWORD END GET End Property '' ------------------------- -------------------------------------------------- - '' '' 'Return to the user's ID number' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' ' '' '' '' '' '' '[mrhjw] 2005-3-14 created' '' '' ''
-------------------------------------------------- --------------------------- Public Readonly Property UserId () Property UserId () AS Integer Get Return Me._Userid End Get Property '' '------------------------------------- --------------------------- '' '' '' user's topic '' '' '' ' ' ' '' '' '' '' [mrhjw] 2005-3-14 created '' '' '- -------------------------------------------------- -------------------------- Public Readonly Property Theme () Property Theme () AS STRING GET RETURN Me._Theme End Get Property #END Region '// the end end class then we define a page base class, let all the pages inherit it
Appppage.vb code is as follows:
Imports
SYSTEM
Imports
System.Web
Namespace Components
Namespace Components.Web '' ----------------------------------------- -------------------------------- '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '': '' '' '-------------------------------------------- ------------------------------- '' '' 'This class is all page files Base class, _ '' 'All pages are directly or indirectly inherited.
'' 'This class is implemented by inheriting system.Web.ui.page, implementing the extended' '' '' 'for adding page features, then only modify this class,' '' '' ' '' '' '' '' '[mrhjw] 2005-3-11 created' '' '' '--------------- -------------------------------------------------- ------------ Public Class AppPageClass AppPpege Inherits System.Web.ui.page '' '----------------------- -------------------------------------------------- ---- '' '' '1: Initialization Custom Verification; Second: Add an Error Entrust' '' '' '' '' '' '' '' '[mrhjw] 2005-3-11 created' '' '' ----------- -------------------------------------------------- ---------------- Protected Overrides Sub oninit () Sub Oninit (Byval E AS System.EventArgs) if Context.user.Identity.isauthenticated = TRUE THEN IF NOT (Typeof Context.user IS Webmo dules.Accounts.Business.SitePrincipal) Then Dim newUser As New WebModules.Accounts.Business.SitePrincipal (context.User.Identity.Name) context.User = newUser End If End If '// add an error delegate' AddHandler Page.Error , Addressof me.philepage_ERROR End Sub #Region "Exception Handling" '
'' ------------------------------------------------ ---------------------------- '' '' '' 'Abnormal Event Handling' '' '' ' ' ' '' '' '<' '' '' '' '' '' ' [MRHJW] 2005-3-11 Created '' '' '' ------------------------------- -------------------------------------------- Protected sub pHILEPAGE_ERROR ) Sub PhilePage_Error (ByVal sender As Object, ByVal e As EventArgs) Dim currentError As Exception = Page.Server.GetLastError () If Not (TypeOf currentError Is AppException.AppException) Then Mrhjw.AppException.AppException.LogError (currentError.Message.ToString ) End if Showerror (Currenterror) Page.Server.clearerror () end sub '' ------------------------------- ---------------------------------------------- '' '' 'Custom Display Friendly Error Message' '' '' ' ' '' '' '' '' '' [mrhjw] 2005-3-11 created '' '' ''
-------------------------------------------------- -------------------------- Protected Sub showError () Sub showerror (Byval Currenterror As Exception) DIM Context as httpcontext = httpContext.current Context. Response.write ("
& currentError. Message.trim & " ") End Sub #end Region End Class End NameSpace Login Call: Login.aspx.vb
Private
SUB LINK_LOG_CLICK ()
Sub link_log_Click (textuser.Text.Trim, txtpass.Text.Trim) (ByVal sender As System.Object, ByVal e As System.EventArgs) Handles link_log.Click Dim newUser As SitePrincipal = SitePrincipal.Validatelogin If newUser Is Nothing Then Alert (textuser .Text.trim "account login failed!, Please try again!", Page) Else Context.user = newuser formsauthentication.SetAuthCookie (TextUser.Text.trim, false) response.redirect ("default.aspx") end if end Sub
Permission management application:
Public
Class AuditingOrder
Class AuditingOrder Inherits AppPage Protected Overrides Sub oninit () Sub oninit (ByVal e As EventArgs) MyBase.OnInit (e) End Sub Private Sub Page_Load () Sub Page_Load (ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase .Load If Not IsPostBack Then '// check permissions If CType (context.User, accounts.business.SitePrincipal) .HasPermission (CInt (accounts.BusinessPermissions.ManagerOrder)) = False Then Response.Redirect ( "../ webpage / limit .aspx ") ELSE '// Bind drop-down list box bindactiveList () over.text = dateadd (DateInterVal.day, 1, now ()). Tostring (" D ") Start.Text = dateAdd (DateInterVal.Month, - 1, now ()). TOSTRING ("D") '// Loading the order BINDMUSTORDERLIST () end if End if End SUB to be processed: User role table (Accounts_USERROLES) role table (Account S_Roles_rolepermissions (Accounts_Rolepermissions) Specific license table (Accounts_Permissions) License class table (this table can be available, just for the provision of the Accounts_Permissions table] Also defined enumeration object public enum AccountsPermissions
CreateNewUsers = 100 '// Create a new account deleteusers = 101' // Delete account managerroles = 102 '// Management role ManagerUsers = 104' // Manage User ManagerDepartment = 105 '// Management Department
End Enum (must be aware of whether to correspond to the record of the database, that is, Accounts_Permissions table)
