利用sitemap來做功能選單及權限管理
定義好sitemap檔,除了可以提供menu控制項跟巡覽控制項的資料來源外,也可以拿來作為授權功能的管理工具。
將sitemap node讀進checkboxlist的項目,作為功能選項依據。
Web.sitemap
<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
<siteMapNode>
<siteMapNode url="~/linejob.aspx#0" title="工作單管理" description="_self" >
<siteMapNode url="~/linejob.aspx" title="新增工作單" description="_self" />
<siteMapNode url="~/linejobfinish.aspx" title="完工輸入" description="_self" />
</siteMapNode>
<siteMapNode url="~/deptquery.aspx#0" title="查詢報表" description="_self" >
<siteMapNode url="~/deptquery.aspx" title="部門別查詢" description="_self" />
<siteMapNode url="~/contractquery.aspx" title="工區查詢" description="_self" />
</siteMapNode>
<siteMapNode url="~/employee.aspx#0" title="系統管理" description="_self" >
<siteMapNode url="~/contract.aspx" title="工區契約" description="_self" />
<siteMapNode url="~/contract_dept.aspx" title="契約部門管理" description="_self" />
<siteMapNode url="~/dept.aspx" title="部門管理" description="_self" />
<siteMapNode url="~/employee.aspx" title="使用者管理" description="_self" />
<siteMapNode url="~/zipcodeupload.aspx" title="街道檔更新" description="_self" />
</siteMapNode>
<siteMapNode url="~/操作手冊_簡易版.DOC" title ="說明文件" description="_blank" />
</siteMapNode>
</siteMap>
使用者管理頁面授權欄位,定義checkboxlist來列出sitemap nodes,並且利用hidden filed來跟資料庫授權功能欄位"menu" binding
使用者管理頁面.aspx.vb,關於授權欄位的databound處理,把sitemap node帶進checkboxlist並找出hidden field的值做判斷後binding
Protected Sub DetailsView1_DataBound(ByVal sender As Object, ByVal e As System.EventArgs) Handles DetailsView1.DataBound
For Each level0 As SiteMapNode In SiteMap.RootNode.ChildNodes
If level0.HasChildNodes Then
For Each level1 As SiteMapNode In level0.ChildNodes
Dim item As New ListItem
item.Text = level0.Title & ":" & level1.Title
item.Value = level1.Title
If DetailsView1.CurrentMode = DetailsViewMode.Edit Then
If CType(DetailsView1.FindControl("menueditHiddenField"), HiddenField).Value.Contains(level1.Title) Then
item.Selected = True
Else
item.Selected = False
End If
CType(DetailsView1.FindControl("menueditCheckBoxList"), CheckBoxList).Items.Add(item)
Else
CType(DetailsView1.FindControl("menuCheckBoxList"), CheckBoxList).Items.Add(item)
End If
Next
End If
Next
End Sub
使用者管理頁面加入client端程式碼,處理前端勾選授權功能時,修改hidden field的值
<script runat="server">
Sub checkmenuinsert(ByVal sender As Object, ByVal e As EventArgs)
Dim i As Integer
Dim check1 As CheckBoxList = CType(DetailsView1.FindControl("menuCheckBoxList"), CheckBoxList)
Dim menu As HiddenField = CType(DetailsView1.FindControl("menuHiddenField"), HiddenField)
menu.Value = ""
For i = 0 To check1.Items.Count - 1
If check1.Items(i).Selected Then
menu.Value += check1.Items(i).Text + "/"
End If
Next
End Sub
Sub checkmenuedit(ByVal sender As Object, ByVal e As EventArgs)
Dim i As Integer
Dim check1 As CheckBoxList = CType(DetailsView1.FindControl("menueditCheckBoxList"), CheckBoxList)
Dim menu As HiddenField = CType(DetailsView1.FindControl("menueditHiddenField"), HiddenField)
menu.Value = ""
For i = 0 To check1.Items.Count - 1
If check1.Items(i).Selected Then
menu.Value += check1.Items(i).Text + "/"
End If
Next
End Sub
</script>
登入後,將授權功能"menu"寫入session,自動檢查是否具有授權權限,若無權限則popup警示並跳回上一頁
Protected Sub Menu1_DataBound(ByVal sender As Object, ByVal e As System.EventArgs) Handles Menu1.DataBound
If Session("menu") Is Nothing Then
Response.Redirect("~/Default.aspx")
ElseIf Not Session("menu").ToString.Contains(Menu1.SelectedValue) Then
Response.Write("<script language=javascript>alert('您沒有操作此功能權限!!');history.back(1);</script>")
End If
End Sub
|