将ASP.NET MVC控制器中的当前用户传递给DAL

时间:2018-01-24 16:26:07

标签: c# asp.net asp.net-mvc razor

我正在为我的ASP.NET应用程序使用Windows身份验证。在剃刀视图中获取当前用户名非常简单,即@User.Identity.Name

我正在实现的功能是在sql select查询中传递当前用户名并从表中获取关联角色。接下来,我想将角色传回控制器,以便我可以在所有应用程序视图中访问它。

这样我就可以在我的视图中执行操作,比如

@if (CurrentUserRole = "Admin") {
  // Do something
} else {
  // So something else
}

HomeController.cs 

using System;
using System.Web;
using System.Collections.Generic;
using System.Diagnostics;
using Microsoft.AspNetCore.Mvc;
using nmvs_db.dal;
using nmvs_module;
using nmvs_module.util;
using SecureMedi.Models;
using SecureMedi.DAL;

namespace SecureMedi.Controllers {
    public class HomeController: Controller {
        static HomeController() {
            foreach(string s in new string[] {
                "com.ibm.oauth.OAuthUtils",
                "nmvs_server",
                "nmvs_module"
            }) {
                var l = org.apache.log4j.Logger.getLogger(s);
                l.addAppender(new DotNetAppender());
                l.debug(s + " test");
            }
        }

        public IActionResult Error() {
            return View();
        }

        public IActionResult Index() {
            ViewData["TextAreaResult"] = "No result yet";
            return View();
        }

        public IActionResult AnotherPage() {
            ViewData["TextAreaResult"] = "No result yet";
            return View();
        }
    }
}

UsersDAL.cs(DAL)

using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using SecureMedi.Models;

namespace SecureMedi.DAL {
    public class UsersDAL {
        public void CurrentUser(string currentUserName) {
            string connectionstring = "MY_CONNECTION_STRING";
            string sql = String.Format("select users.name 'Username', roles.name 'Role' from sys.database_principals users inner join sys.database_role_members memberof on users.principal_id = memberof.member_principal_id inner join sys.database_principals roles ON memberof.role_principal_id = roles.principal_id and roles.type = 'R' where users.name = '[{0}]'", currentUserName);
            SqlConnection conn = new SqlConnection(connectionstring);
            SqlCommand cmd = new SqlCommand(sql, conn);

            conn.Open();
            SqlDataReader rdr = cmd.ExecuteReader();
            if (rdr.Read()) {
                string CurrentUserRole = rdr["Role"].ToString();
                rdr.Close();
            }
            conn.Close();
        }
    }
}

直接对DB表运行查询会返回类似

的内容

查询

select users.name 'Username', roles.name 'Role' from sys.database_principals users inner join sys.database_role_members memberof on users.principal_id = memberof.member_principal_id inner join sys.database_principals roles ON memberof.role_principal_id = roles.principal_id and roles.type = 'R' where users.name = 'Domain\username'

结果

Username             Role 
Domain\username      Admin

另外,如果我在currentUserName函数中正确传递CurrentUser arg,我不能100%确定。

我已经抬头看了看 How to get the current user in ASP.NET MVCHow to pass a value from ASP.NET MVC controller to ASP.NET webforms control inside MVC View?但我不确定如何在控制器和DAL中传递当前用户名的值。

1 个答案:

答案 0 :(得分:0)

public CurrentUser GetCurrentUser(string currentUserName) {
        string connectionstring = "MY_CONNECTION_STRING";
        string sql = String.Format("select users.name 'Username', roles.name 'Role' from sys.database_principals users inner join sys.database_role_members memberof on users.principal_id = memberof.member_principal_id inner join sys.database_principals roles ON memberof.role_principal_id = roles.principal_id and roles.type = 'R' where users.name = '[{0}]'", currentUserName);
        SqlConnection conn = new SqlConnection(connectionstring);
        SqlCommand cmd = new SqlCommand(sql, conn);

        conn.Open();
        CurrentUser currentUser = new CurrentUser();
        SqlDataReader rdr = cmd.ExecuteReader();
        if (rdr.Read()) {
            currentUser.Role = rdr["Role"].ToString();
            currentUser.Username = currentUserName;
            rdr.Close();
        }
        conn.Close();

       return currentUser;

    }


public class CurrentUser
{
    public string Username {get;set;}
    public string Role {get;set;}
 }
控制器中的

public IActionResult Index() {
        UsersDal dal = new UsersDal();
        ViewData["CurrentUser"] = dal.GetCurrentUser("username");

        return View();
    }

在cshtml中:

@{
   var user = ViewData["CurrentUser"];
 }

 <b>@user.Username</b>
相关问题
最新问题