[C#][ASP.NET MVC]实做成员和角色管理

发布时间：2020-12-16 01:24:19 所属栏目：百科来源：网络整理

导读：[C#][ASP.NET MVC]实做成员和角色管理在网站安全管理方面，ASP.NET2.0以后提供两大API(Membership、Role)，帮助开发人员快速建立相关安全管理机制，而MVC架构下我们当然也可以利用这两大API实做管理机制，自己觉得整体开发时间还满快的(拜MVC所赐XD)，这

在网站安全管理方面，ASP.NET2.0以后提供两大API(Membership、Role)，

帮助开发人员快速建立相关安全管理机制，

而MVC架构下我们当然也可以利用这两大API实做管理机制，

自己觉得整体开发时间还满快的(拜MVC所赐XD)，这里记录一下。

Add SystemController

公开成员相关属性

#region 成员相关属性

    public class UserAttribute
    {
        public Guid key { get; set; }
        public String Username { get; set; }
        public String Lastlogindate { get; set; }
    }

    public class CreateAttribute : UserAttribute//继承UserAttribute
    {
        public String Password { get; set; }
        public String Confirmpw { get; set; }
        public String Email { get; set; }
    }

    public class DetailsAttribute : CreateAttribute//继承CreateAttribute
    {
        public String Comment { get; set; }
        public bool Isapproved { get; set; }
        public String Createdate { get; set; }
        public String Lastactivitydate { get; set; }
        public String Lastlockoutdate { get; set; }
    }

    public class EditAttribute : DetailsAttribute//继承DetailsAttribute
    {
        public bool IslockedOut { get; set; }
        public String Lastpasswordchangeddate { get; set; }
    }

    #endregion

?Add SystemRepository

public class SystemRepository
    {      
        public List
  

 
  
  GetAllusers() { List 
 
  
    users = new List 
   
     (); foreach (MembershipUser t in Membership.GetAllUsers()) { users.Add(//循环设定公开属性(UserAttribute class in controller) new UserAttribute { key = (Guid)t.ProviderUserKey,Username = t.ToString(),Lastlogindate=t.LastLoginDate.ToString("yyyy/MM/dd hh:mm:ss") }); } return users; } public List 
    
      Detailsusers(Guid key) { List 
     
       Details = new List 
      
        (); var user = Membership.GetUser(key);//依照key取得成员相关资讯 Details.Add(//设定公开属性(DetailsAttribute class in controller) new DetailsAttribute { Username = user.UserName,key = (Guid)user.ProviderUserKey,Email = user.Email,Comment = user.Comment,Isapproved = user.IsApproved,Createdate = user.CreationDate.ToString("yyyy/MM/dd hh:mm:ss"),Lastlogindate = user.LastLoginDate.ToString("yyyy/MM/dd hh:mm:ss"),Lastactivitydate = user.LastActivityDate.ToString("yyyy/MM/dd hh:mm:ss"),Lastlockoutdate = user.LastLockoutDate.ToString("yyyy/MM/dd hh:mm:ss") }); return Details; } public List 
       
         Editusers(Guid key) { List 
        
          Edits = new List 
         
           (); var user = Membership.GetUser(key);//依照key取得成员相关资讯 Edits.Add(//设定公开属性(EditAttribute class in controller) new EditAttribute { Username = user.UserName,IslockedOut=user.IsLockedOut,Createdate=user.CreationDate.ToString("yyyy/MM/dd hh:mm:ss"),Lastpasswordchangeddate = user.LastPasswordChangedDate.ToString("yyyy/MM/dd hh:mm:ss") }); return Edits; } }

?Index In Controller

[NonAction]//新增自订Url Routing
        protected RedirectToRouteResult RedirectToUserPage( MembershipUser user )
        {
            var rvd = new RouteValueDictionary( new
            {
                controller = ControllerContext.RouteData.Values[ "controller" ],action = "Edit",key = ( Guid ) user.ProviderUserKey
            } );
            return RedirectToRoute( rvd );
        }

        SystemRepository systemrepository = new SystemRepository();
        
        // GET: /System/
        //[Authorize(Roles = "Administrators")]//属于Administrators才有权限
        public ActionResult Index()
        {
            ViewData["Roles"] = Roles.GetAllRoles().ToList();
            return View(systemrepository.GetAllusers());//指向systemrepository
        }

编写virtual method for role

#region virtual method for role

        [AcceptVerbs(HttpVerbs.Post)]
        public virtual ActionResult CreateRole(String name)
        {
            Roles.CreateRole(name);//建立新角色
            return RedirectToAction("Index");
        }

        public virtual ActionResult DeleteRole(String name)
        {
            Roles.DeleteRole(name);//删除角色
            return RedirectToAction("Index");
        }

        public virtual ActionResult AdduserTorole( Guid key,String roleName )
        {
            var user = Membership.GetUser(key);
            Roles.AddUserToRole(user.UserName,roleName);//成员加入特定角色中
            return RedirectToUserPage( user );
        }

        public virtual ActionResult RemoveuserFromrole( Guid key,String roleName )
        {
            var user = Membership.GetUser(key);          
            Roles.RemoveUserFromRole(user.UserName,roleName);//移除特定角色中的成员
            return RedirectToUserPage( user );
        }

        #endregion

Add Index View

只列出须自行编写的表现层code

角色 <% if( (ViewData["Roles"] as List ).Count > 0 ){ %>

) ){ %>

[<% =Html.ActionLink("删除","DeleteRole","System",new { name = Html.Encode(role) },new { onclick = "return confirm(‘确定要删除吗?‘)" })%>] <% =Html.ActionLink(Html.Encode(role).ToString(),"Role",new { id =Html.Encode(role) },null)%>

<% } %>

<% }else{ %>

系统中未存在任何角色

<% } %> <% using (Html.BeginForm("CreateRole","System")) {%> 新角色名称:<% =Html.TextBox("name")%>

<%} %>

新增Guest角色

删除Guest角色

Details In Controller

public ActionResult Details(Guid key)
        {
            return View(systemrepository.Detailsusers(key));
        }

Add Details View

须自行修改Details参数部分

....
.......
........
  最后锁定日期: <%= Html.Encode(item.Lastlockoutdate)%> 
    
     <%=Html.ActionLink("Edit","Edit",new { key = item.key })%> | <%=Html.ActionLink("Back to List","Index")%> 
    <%} %>

Create In Controller

public ActionResult Create()
        {
            return View();
        }

        //
        // POST: /System/Create

        [AcceptVerbs( HttpVerbs.Post )]
        public ActionResult Create( FormCollection collection )
        {
            try
            {             
                MembershipCreateStatus status = MembershipCreateStatus.UserRejected;
                MembershipUser user = null;   
                if( collection[ "Password" ].Equals( collection[ "Confirmpw" ],StringComparison.CurrentCultureIgnoreCase ) )
                {
                    user = Membership.CreateUser( collection[ "Username" ],collection[ "Password" ],collection[ "Email" ],null,true,out status );
                }
                if( status == MembershipCreateStatus.Success )
                    return RedirectToAction( "Index" );
                else
                    return RedirectToAction( "Error" );
            }
            catch
            {
                return View( "Error" );
            }
        }

编写virtual method for member

#region virtual method for member

        public virtual RedirectToRouteResult UnlockUser( Guid key )
        {
            var user = Membership.GetUser(key);           
            user.UnlockUser();//解除锁定
            return RedirectToUserPage( user );
        }

        public virtual ActionResult DeleteUser(Guid key)
        {
            var user = Membership.GetUser(key);          
            Membership.DeleteUser(user.UserName,true);//删除成员
            return RedirectToAction("Index");
        }

        #endregion

Add Create View

新增test123成员

删除test123成员

?Edit In Controller

// GET: /System/Edit/5

        public ActionResult Edit(Guid key)
        {
            var user = Membership.GetUser(key);            
            ViewData["AllRoles"] = Roles.GetAllRoles().OrderBy(x => x).ToList();
            ViewData["UsersRoles"] = Roles.GetRolesForUser(user.UserName).OrderBy(x => x).ToList();
            return View(systemrepository.Editusers(key));//指向systemrepository
        }

        //
        // POST: /System/Edit/5

        [AcceptVerbs(HttpVerbs.Post)]
        public ActionResult Edit( Guid key,FormCollection collection )
        {
            try
            {   
                var user = Membership.GetUser(key);
                //设定白名单
                UpdateModel( user,new[] { "Email","Comment","Isapproved" },collection.ToValueProvider() );              
                Membership.UpdateUser(user);//更新
                return RedirectToUserPage( user );
            }
            catch
            {
                return RedirectToAction( "Error" );
            }
        }

编写virtual method for password

#region virtual method for password
     
        public virtual ViewResult ResetPassword()
        {           
            String userName = Request.Form["UserName"];          
            var user = Membership.GetUser(userName);
            var pwd = user.ResetPassword(null);
            ViewData["newpw"] = pwd;
            return View();
        }

        #endregion

?Add Edit View

只列出须自行编写的表现层code

由于controller传给view含有list类型，所以实做IList泛型集合，并循环显示出相关数据。

 
  
  <% var allRoles = (IList)ViewData["AllRoles"]; var usersRoles = (IList)ViewData["UsersRoles"]; %> ..... ...... <% using( Html.BeginForm( "ResetPassword","System" ) ) { %> 
 
  
密码修改 <% foreach( var item in Model ) { %> <% =Html.Hidden( "Username",Html.Encode( item.Username ) )%> 
    
    最近密码变更时间: 
    
      <% =item.Createdate != item.Lastpasswordchangeddate ? item.Lastpasswordchangeddate : "从未变更密码"%> 
     
    
    
    
 
   <%} %> <%} %> 
 
  
角色修改 <% if( ( ( IList ) ViewData[ "AllRoles" ] ).Count > 0 ) { %> <% foreach( String role in allRoles ) { %> <% foreach( var item in Model ) { %> 
   
     <% if( usersRoles.Contains( role ) ) { %> [<% =Html.ActionLink( "移除","RemoveuserFromrole",new { key = Html.Encode(item.key ),roleName = Html.Encode( role )},null )%>]<% } else { %> [<% =Html.ActionLink( "加入","AdduserTorole",null )%>] <% } %> <% =Html.ActionLink( role,new { id = Html.Encode( role )},null )%> <%} %> 
    <% } %> <% } else { %> 
   
     还未加入任何角色 
    <% } %> 
  

    <%=Html.ActionLink("Back to List","Index") %> 
   

 ?