一:關于前台權限
1:隻允許自己看到
首先,我們需要确定在 Role 設定頁面,使用者所對應的 View Page by others 和 View all content 未被選中。備注,我們首先和得設定 Anonymous 和 Authenticated 的這兩個的權限,這兩項也未被選中。
這樣一來,我們可以達到整個站點,我們隻能看到自己的東西,如下:
而如果是 Admin 等全權限登入的,應該是這樣的:
2:隻允許某個角色看到
同理1。
二:關于自定義權限
首先,我們需要在子產品的根目錄下建立檔案 Permissions:
public class Permissions : IPermissionProvider { public static readonly Permission ManageBlogs = new Permission { Description = "Manage blogs for others", Name = "ManageBlogs" }; public static readonly Permission ManageOwnBlogs = new Permission { Description = "Manage own blogs", Name = "ManageOwnBlogs", ImpliedBy = new[] { ManageBlogs } }; public static readonly Permission PublishBlogPost = new Permission { Description = "Publish or unpublish blog post for others", Name = "PublishBlogPost", ImpliedBy = new[] { ManageBlogs } }; public static readonly Permission PublishOwnBlogPost = new Permission { Description = "Publish or unpublish own blog post", Name = "PublishOwnBlogPost", ImpliedBy = new[] { PublishBlogPost, ManageOwnBlogs } }; public static readonly Permission EditBlogPost = new Permission { Description = "Edit blog posts for others", Name = "EditBlogPost", ImpliedBy = new[] { PublishBlogPost } }; public static readonly Permission EditOwnBlogPost = new Permission { Description = "Edit own blog posts", Name = "EditOwnBlogPost", ImpliedBy = new[] { EditBlogPost, PublishOwnBlogPost } }; public static readonly Permission DeleteBlogPost = new Permission { Description = "Delete blog post for others", Name = "DeleteBlogPost", ImpliedBy = new[] { ManageBlogs } }; public static readonly Permission DeleteOwnBlogPost = new Permission { Description = "Delete own blog post", Name = "DeleteOwnBlogPost", ImpliedBy = new[] { DeleteBlogPost, ManageOwnBlogs } }; public static readonly Permission MetaListBlogs = new Permission { ImpliedBy = new[] { EditBlogPost, PublishBlogPost, DeleteBlogPost }, Name = "MetaListBlogs"}; public static readonly Permission MetaListOwnBlogs = new Permission { ImpliedBy = new[] { EditOwnBlogPost, PublishOwnBlogPost, DeleteOwnBlogPost }, Name = "MetaListOwnBlogs" }; public virtual Feature Feature { get; set; } public IEnumerable<Permission> GetPermissions() { return new[] { ManageOwnBlogs, ManageBlogs, EditOwnBlogPost, EditBlogPost, PublishOwnBlogPost, PublishBlogPost, DeleteOwnBlogPost, DeleteBlogPost, }; } public IEnumerable<PermissionStereotype> GetDefaultStereotypes() { new PermissionStereotype { Name = "Administrator", Permissions = new[] {ManageBlogs} }, Name = "Editor", Permissions = new[] {PublishBlogPost,EditBlogPost,DeleteBlogPost} Name = "Moderator", Name = "Author", Permissions = new[] {ManageOwnBlogs} Name = "Contributor", Permissions = new[] {EditOwnBlogPost} }
其次,我們需要在控制器中,為服務設定權限,如:
<code>public AdminController(IMyService myService, IOrchardServices orchardServices) { _myService = myService; Services = orchardServices; }</code> 。。。 <code>Services.Authorizer.Authorize(Permissions.SomeModulePermission, T("Some operation failed"));</code>
<code></code>
<code>三:擷取目前登入使用者的角色資訊</code>
四:對 PART 設定權限
至此,ORCHARD 已經完全控制了是以的顯式和功能權限,包括頁面上的 PART部分。
本文轉自最課程陸敏技部落格園部落格,原文連結:http://www.cnblogs.com/luminji/p/3837735.html,如需轉載請自行聯系原作者