[英]Bind Menu based on Role Based Authorization asp.net c#
我想根據用戶ID綁定菜單。
在我的登錄頁面中,我已經可以將用戶ID傳遞到主頁 。
在主頁上,使用userID並顯示菜單,該菜單可以授予特定用戶的權限。
這是我的編碼:
Login.aspx.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Data;
namespace OT_WorkFlow_Application
{
public partial class Login : System.Web.UI.Page
{
//string strqry, User, Password;
String User, Password;
String UserID;
String UserType;
int RowCount;
protected void Page_Load(object sender, EventArgs e)
{
lblErrorMessage.Visible = false;
}
protected void btnLogin_Click(object sender, EventArgs e)
{
using (SqlConnection sqlCon = new SqlConnection(@"Mysql connection;"))
{
using (SqlCommand cmd = new SqlCommand("sp_CheckUser", sqlCon))
{
using (SqlDataAdapter da = new SqlDataAdapter(cmd.CommandText, sqlCon))
{
DataTable dt = new DataTable();
da.Fill(dt);
RowCount = dt.Rows.Count;
for (int i = 0; i < RowCount; i++)
{
User = dt.Rows[i]["UserName"].ToString();
Password = dt.Rows[i]["Password"].ToString();
UserID = dt.Rows[i]["UserID"].ToString();
if (User == txtUserName.Text && Password == txtPassword.Text)
{
Session["UserName"] = User;
Session["UserID"] = UserID;
Response.Redirect("Home.aspx");
}
else
{
lblErrorMessage.Visible = true;
}
}
}
}
}
}
}
}
Home.aspx.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.IO;
using System.Data.SqlClient;
using System.Data;
using System.Configuration;
namespace OT_WorkFlow_Application
{
public partial class OT : System.Web.UI.MasterPage
{
SqlConnection sqlCon = new SqlConnection(@"Mysql connection;");
protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
DataTable dt = this.GetData(0);
PopulateMenu(dt, 0, null);
}
}
private DataTable GetData(int UserID)
{
//Sql query for testing purpose
string query = "select m.* from tbpermission as per , [tbrolemodule] as rm, [tbrole] as r, [tbmodule] m, [tblUser] u where per.RoleID = rm.RoleID and rm.RoleID = r.RoleID and rm.moduleID = m.moduleID and per.Userid = u.Userid";
string LoginDBConnectionString1 = ConfigurationManager.ConnectionStrings["LoginDBConnectionString1"].ConnectionString;
using (SqlConnection con = new SqlConnection(LoginDBConnectionString1))
{
DataTable dt = new DataTable();
//using (SqlCommand cmd = new SqlCommand("Sp_Module", sqlCon))
using (SqlCommand cmd = new SqlCommand(query))
{
using (SqlDataAdapter sda = new SqlDataAdapter())
{
cmd.Parameters.AddWithValue("@UserID", UserID);
cmd.CommandType = CommandType.Text;
cmd.Connection = con;
sda.SelectCommand = cmd;
sda.Fill(dt);
}
}
return dt;
}
}
private void PopulateMenu(DataTable dt, int UserID, MenuItem parentMenuItem)
{
string currentPage = Path.GetFileName(Request.Url.AbsolutePath);
foreach (DataRow row in dt.Rows)
{
MenuItem menuItem = new MenuItem
{
//Value = row["UserID"].ToString();
Value = row["ModuleID"].ToString(),
Text = row["Name"].ToString(),
//Text1 = row["Description"].ToString(),
NavigateUrl = row["Url"].ToString(),
Selected = row["Url"].ToString().EndsWith(currentPage, StringComparison.CurrentCultureIgnoreCase)
};
if (UserID == 0 )
{
Menu1.Items.Add(menuItem);
DataTable dtChild = this.GetData(int.Parse(menuItem.Value));
PopulateMenu(dtChild, int.Parse(menuItem.Value), menuItem);
}
else
{
parentMenuItem.ChildItems.Add(menuItem);
}
}
}
}
}
下圖是SQL代碼: 來自數據庫的SQL查詢
邏輯錯誤菜單綁定不正確
我相信問題出在Home.aspx.cs中。
不確定如何修改“親子編碼”。
您似乎將UserID
存儲在會話狀態中。 在另一頁中,您可以從會話階段讀取該值並使用它:
protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
int UserID = 0;
if(Session["UserName"] != null) int.TryParse(Session["UserName"].ToString(), out UserID);
DataTable dt = this.GetData(UserID);
PopulateMenu(dt, UserID, null);
}
}
您還應該查找內置的asp.net授權和身份驗證,因為它比實施自己的更為完整和安全。
您正在遞歸調用中加載菜單。 我認為您正在嘗試獲取父菜單,然后為該父菜單項加載所有子菜單項,並且如果用戶無權對其進行過濾,則同時對其進行過濾。
您需要將GetData(int userID)函數更新為GetData(int menuItemParentID,int userID),因為在遞歸調用函數時要在代碼中傳遞userID的menuID。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.