#眉標=Enterprise Library #副標=設計模型套件系列(8) #大標=系統安全的守護神 #作者=文/王寧疆 ==<反灰>=========== using Microsoft.Practices.EnterpriseLibrary.Security; ================ ==程式1 =========== ISecurityCacheProvider cache = SecurityCacheFactory.GetSecurityCacheProvider( "Caching Store Provider"); //取出名稱為Caching Store Provider的快取設定 IToken token = cache.SaveIdentity(new GenericIdentity("帳號")); ..將使用者的帳號資訊存入快取記憶體中 ================ ==程式2 =========== IIdentity savedIdentity = cache.GetIdentity(token); //從快取記憶體中取出事先存入的使用者帳號 ================ ==程式3 =========== cache.ExpireIdentity(token); //清除存放在快取記憶體中的使用者帳號 ================ ==程式4 =========== IPrincipal principal = new GenericPrincipal(new GenericIdentity("帳號"), new string[]{"Manager"}); //會將使用者帳號加入到Manager角色,變成Manager角色的成員 Thread.CurrentPrincipal= principal;/將/建好的GenericPrincipal類別的物件填入Thread類別的CurrentPrincipal屬性中存放 ================ ==程式5 =========== IAuthorizationProvider ruleProvider = AuthorizationFactory.GetAuthorizationProvider( "RuleProvider"); //取得AuthorizationProvider bool authorized = ruleProvider.Authorize(Thread.CurrentPrincipal, "Print Document"); //判斷放在Thread類別的CurrentPrincipal屬性中的使用者帳號是否 //能夠獲得名稱為Print Document的安全管制設定附予的執行權限 if (authorized) { //允許使用者執行某項工作 } Else { //拒絕使用者執行某項工作 } ================ ==程式6 =========== ================ ==程式7 =========== ================ ==程式8 =========== ================ ==<反灰>=========== using Microsoft.Practices.EnterpriseLibrary.Security; using System.Threading; using Microsoft.Practices.EnterpriseLibrary.Data.Sql; using System.Data.Common; using System.Drawing; ================ ==程式9 =========== protected void Page_Load(object sender, EventArgs e) { string strConn = ConfigurationManager.ConnectionStrings[ "NorthwindConnectionString"].ConnectionString;//取出記載於Web.config設定檔中的資料庫連線資訊 IAuthorizationProvider ruleProvider = AuthorizationFactory.GetAuthorizationProvider("RuleProvider"); //取得AuthorizationProvider string strSQL =""; //宣告存放欲執行的SQL敘述的變數 if (ruleProvider.Authorize(Thread.CurrentPrincipal, "EmployeeRule")) //判斷使用者是否可以通過EmployeeRule安全管制規則的檢查 { strSQL = "Select OrderID, ProductID, UnitPrice, Quantity from [Order Details]";//不讀取Discount欄位 } if (ruleProvider.Authorize(Thread.CurrentPrincipal, "ManagerRule")) //判斷使用者是否可以通過ManagerRule安全管制規則的檢查 { strSQL = "Select OrderID, ProductID, UnitPrice, Quantity, Discount from [Order Details]";//要讀取Discount欄位 } SqlDatabase db = new SqlDatabase(strConn); //建立SqlDatabase類別的物件 DbCommand cmd = db.GetSqlStringCommand(strSQL); //建立負責執行SQL敘述的DbCommand類別的物件 DataSet ds = db.ExecuteDataSet(cmd); //呼叫SqlDatabase類別的ExecuteDataSet方法執行資料庫查詢 GridView1.DataSource = ds.Tables[0]; //將查詢得到的結果交給GridView控制項進行顯示 GridView1.DataBind(); //命令GridView控制項顯示交付的資料庫記錄 } ================ ==程式10 =========== protected void GridView1_RowDataBound(object sender, GridViewRowEventArgs e) { if (e.Row.RowType == DataControlRowType.DataRow) //判斷是否正在顯示資料列 { IAuthorizationProvider ruleProvider = AuthorizationFactory.GetAuthorizationProvider("RuleProvider");//取得AuthorizationProvider if (ruleProvider.Authorize(Thread.CurrentPrincipal, "ManagerRule")) //判斷使用者是否為Manager角色的成員 { e.Row.Cells[4].Text = decimal.Parse(e.Row.Cells[4].Text).ToString("C");//將Discount欄位的內容顯示成貨幣格式 e.Row.Cells[4].ForeColor = Color.Red; ///將Discount欄位的內容顯示成紅色 } } } ================ ==程式11 =========== if (ruleProvider.Authorize(Thread.CurrentPrincipal, "EmployeeRule")) //Employee角色或Manager角色的成員可以通過檢查 ================ ==程式12 =========== if (ruleProvider.Authorize(Thread.CurrentPrincipal, "ManagerRule")) //Manager角色的成員可以通過檢查 ================