问题描述
在我的sql数据库中,我具有允许用户访问应用程序中不同网页的权限.我有一个页面,可以在运行时动态更改用户的权限.是否可以在不使用web.config的情况下允许/拒绝用户访问?
到目前为止,这是我在一个类中的代码:
In my sql db I have permissions to allow users access to different web pages in my app. I have a page where i can dynamically change the permissions of the users during runtime. Can I allow/deny user access without using web.config?
Here''s my code so far in a class:
public static int AllowUserAccess(int agentID, string formName)
{
SqlDataReader reader;
int userid = 0;
try
{
conn = OpenConnection();
comm = new SqlCommand();
comm.Connection = conn;
comm.CommandType = CommandType.Text;
comm.CommandText = "Select a.pkAgentID, PERM.FormName, AGP.fkAgentGroupID, agp.AllowAccess from Agents A inner join AgentGroupPermissions AGP on a.fkAgentGroupID = agp.fkAgentGroupID inner join Permission Perm ON AGP.fkPermissionID = PERM.pkPermissionID WHERE A.pkAgentID = @AgentID AND PERM.FormName = @FormName";
comm.Parameters.Add("@AgentID", SqlDbType.Int).Value = agentID;
comm.Parameters.Add("@FormName", SqlDbType.VarChar).Value = formName;
reader = comm.ExecuteReader();
if (reader.IsClosed == false)
{
reader.Close();
}
return userid;
}
catch (Exception ex)
{
ex.Message.ToString();
return userid;
}
}
我希望在我的site.master中获得此功能,并在用户登录后使用该功能来授权某些权限.这是我到目前为止所拥有的:
In my site.master i wish to get this function and use it to authorize certain permissions once the user logs in. This is what I have so far:
protected void AllowAccess()
{
SqlCommand comm = new SqlCommand();
string id = Request.Params["AgentID"];
int agentID = Convert.ToInt32(id);
string form = "";
int access = DataFunctions.AllowUserAccess(agentID, form);
bool allow = false;
if (allow == true)
{
}
else
{
Response.Redirect("Login.aspx");
}
}
我被困住了,不知道要获取AllowAccess值然后获取路径或显示每个特定用户的特定网页方面的其他操作.
I''m stuck and I do not know what else to do in regards of getting the AllowAccess value and then getting a path or to show the specific web pages for each particular user.
推荐答案
这篇关于允许/拒绝用户访问其他网页的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!