ASP.NET MVC-如何根据登录的用户角色权限隐藏或显示链接/按钮? [英] ASP.NET MVC - How to hide or Show a link/button based on logged in User's Role permission?

问题描述

我正在使用ASP.NET MVC4.

I am using ASP.NET MVC4.

这是我的用户

1. Administrator
2. L1 Admin
3. L2 Admin

管理员组用户具有设置"权限(用于添加，权限设置). 查看日志，错误报告等.

Administrator group users have permission for Settings(used adding , permission settings). View Logs, Error Reports etc.

如果用户是管理员组的成员，则只能看到与设置相关的菜单.

If a user is a member for Administrator group, he can see only menus which are related ti above settings.

我有一个菜单表，其中包含菜单详细信息.有一些功能，如删除，编辑，是根据当前用户的角色显示的，在顶部菜单中不可用.列出数据时，Delete，Edit链接放置在表中.这也包括在内，对于这种类型的条目，IsVisible为false.

I have a menu table, having menu details. There are some functions like Delete,Edit which are shown based on the role of the current user and not availble in the top Menu . Delete,Edit link is placed inside a table while Listing the data. That also included and for that types of entry , IsVisible is false.

MenuID - MenuName - Controller - Action - ParentID - IsVisible

我有一个roleMenu表，其中有分配给每个角色的菜单.

I have a roleMenu table, having menu which are assigned to each roles.

RoleID - MenuID

如果管理员正在登录，则他可以看到所有菜单. 如果L1Admin正在登录，则他只能看到分配给他的菜单.

If Admininstrator is logging in, he can see all menus. If L1Admin is logging in , he can only see menu which are assigned to him.

我创建了一个用于身份验证的自定义属性，之后我查询数据库并基于Contoller和Action(表菜单与RoleMenu联接)获得用户的许可.因此，如果用户尝试通过输入浏览器通过URL访问操作，则可以限制请求.

I created a custom attribute for authentication and after that I query the database and get the permission for the user based on the Contoller and Action (table Menu joins RoleMenu). So I can restrict a request if the user tries access an action through URL by typing in browser.

如果我以L1Admin身份输入，则只能看到列表页面"，并且菜单已正确创建. 在列表页面中，我正在使用列表.因此，如何根据登录用户的权限隐藏编辑/详细信息"链接.

If I am entering as L1Admin, I can only see the List Pages and the menu is created correclty. In the list page I am using for listing. So how can I hide the Edit/Details link based on the Permission of logged in user.

 <div style="float: left">
        <table width="50%">
            <tr>
                <th>
                    @Html.DisplayNameFor(model => model.Name)
                </th>
                <th>
                </th>
            </tr>
            @foreach (var item in Model)
            {
                <tr>
                    <td style="width:30%;">
                        @Html.DisplayFor(modelItem => item.Name)
                    </td>
                    <td style="width:20%;">
// I need to hide EDIT/DELETE based on the permission setting of Current logged in user.
                        @Html.ActionLink("Edit", "Edit", new { id = item.ID }) | 
                        <a href="Server/@item.ID">Details</a> |
                        @Html.ActionLink("Delete", "Delete", new { id = item.ID })
                    </td>
                </tr>
            }
        </table>
    </div>

谢谢.

编辑

我正在将权限详细信息存储在数据库中.

I am storing the permission details in a database.

推荐答案

例如，您可以按照以下方式进行操作:

For example, you can do it in a way like this:

@if (ViewContext.HttpContext.User.IsInRole("Your role"))
{
    // Do something here
}

这篇关于ASP.NET MVC-如何根据登录的用户角色权限隐藏或显示链接/按钮?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！