One of the solutions for adding, deleting, and modifying permissions for menu items in MVC

I have been paying more attention to the solution of adding, deleting, and modifying query permissions for function items. I have also seen some garden friends in the garden, but I have never seen the solution I expected (maybe I did not see it ).)

The front-end time shows the extendedArticleSuddenly suddenly came up with a solution

Function Description

For example, the menu management path is: /back/menu I need to set the add, delete, and modify permissions for this page based on roles or individuals. The following uses the role as an example (multiple Union entries need to be determined)

My solutions:

First, use a relational table to save the menu.

Menu ID, role ID, permission

1 1 Add; Edit; del

2 1 add

3 1 del

A user with a role ID of 1 has three menu items (Permission is set according to one convention. Add is set to add Edit to edit del is set to modify according to your preferences.)

The extension html. actionlink method is as follows:

Using system. web. MVC. HTML; using system. web. security; using iservice; using models; using system. collections. generic; using yujiajunmvc; using system. LINQ; namespace system. web. MVC {public static class htmlextensions {// <summary> // determine the permission connection /// </Summary> /// <Param name = "htmlhelper"> </Param> /// <Param name = "linktext"> displayed text </param> /// <Param name = "operate"> Add edit del </param> // <returns> </returns> Public static mvchtmlstring actionlinks (this htmlhelper, string linktext, string actionname, string controllname, object routevalues, object htmlattributes, string operate) {httpcookie cookie = httpcontext. current. request. cookies ["operateitem"]; // when logging on, save the user permission and obtain the user's permission here if (cookie = NULL | string. isnullorempty (operate) return mvchtmlstring. empty; string Path = httpcontext. current. request. rawurl. tolower (); // the current page path list <string> List = desencrypt. decrypt (cookie. value ). split (','). tolist (); // convert the decryption string to get the current user's functional permissions. Here I set it to/back/menu/_ add; Edit,/back/userlist/_ edit; del and so on. Note the differences in the MVC path. For example,/back/menu/accesses the same page.
VaR Limit = List. firstordefault (A => A. Contains (PATH); // if the permission on the current page can be found if (limit! = NULL) if (limit. contains (operate) // and has the permission to pass in. Here, you must keep returning htmlhelper with your own conventions. actionlink (linktext, actionname, controllname, routevalues, htmlattributes); // return the connection return mvchtmlstring. empty; // no permission to return Blank} public static mvchtmlstring actionlinkempty (this htmlhelper, string linktext, string operate, string property = NULL) {httpcookie cookie = httpcontext. current. request. cookies ["operatei TEM "]; // obtain the user's permissions if (cookie = NULL | string. isnullorempty (operate) return mvchtmlstring. empty; string Path = httpcontext. current. request. rawurl. tolower (); // the current page path list <string> List = desencrypt. decrypt (cookie. value ). split (','). tolist (); // convert the decryption string var Limit = List. firstordefault (A =>. contains (PATH); If (limit! = NULL) if (limit. contains (operate) return mvchtmlstring. create (string. format ("<a href = \" javascript: void (0) \ "id = \" {0} \ "class = \" {1} \ "{2 }>{ 3} </a>", operate, operate, property, linktext); Return mvchtmlstring. empty ;}}}

Frontend page call

@ Html. actionlinks ("add", "useradd", "items", null, null, "add ")

In this way, the permission judgment is realized.

There is still a problem here. I never thought of a good solution. I hope the garden friends can provide a good solution.

This problem is also mentioned above when the user directly enters the browser and does not judge the permissions on the subpage.

 
/Back/menu/Add/1
 

 
And so on.