篇(15)-入门实战-权限管理之用户创建与关联角色(ViewModel再用与模型验证一 ...

篇(15)-Asp.Net Core入门实战-权限管理之用户创建与关联角色(ViewModel再用与模型验证一)
在上个篇章中，讲了角色和菜单的关系(也就是给角色赋权)，本章讲用户和给用户分派角色的功能。如果是小白，最好是仔细看我写的代码，因为关键代码处都有注解。建议将篇14和篇15阅读完毕再做演练，为防止单篇过长，我将其分成2篇来讲解。
用户与角色的处理逻辑是：(1).用户的增删改查；(2).给用户选一个所属角色。
1.用户管理功能
（1）.用户表(Sql库)的创建

1. CREATE TABLE [dbo].[Manager](
2. [Id] [int] IDENTITY(1,1) NOT NULL,
3. [RoleId] [int] NOT NULL,
4. [UserName] [varchar](32) NOT NULL,
5. [Password] [varchar](128) NOT NULL,
6. [Avatar] [varchar](256) NULL,
7. [NickName] [varchar](32) NULL,
8. [Mobile] [varchar](16) NULL,
9. [Email] [varchar](128) NULL,
10. [LoginCount] [int] NULL,
11. [LoginLastIp] [varchar](64) NULL,
12. [LoginLastTime] [datetime] NULL,
13. [AddManagerId] [int] NOT NULL,
14. [AddTime] [datetime] NOT NULL,
15. [ModifyManagerId] [int] NULL,
16. [ModifyTime] [datetime] NULL,
17. [IsLock] [bit] NOT NULL,
18. [IsDelete] [bit] NOT NULL,
19. [Remark] [varchar](128) NULL,
20. CONSTRAINT [PK_MANAGER] PRIMARY KEY NONCLUSTERED
21. (
22. [Id] ASC
23. )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
24. ) ON [PRIMARY]
25. GO

复制代码

 
（2）.用户Model的编写，这个Model直接与Sql表的结构一致。

1. public class Manager
2. {
3. /// <summary>
4. /// 主键 MaxLength属性作用于字符串，不能用在int类型上
5. /// </summary>
6. [Key]
7. public int Id { get; set; }
8. /// <summary>
9. /// 角色ID
10. /// </summary>
11. public int RoleId { get; set; }
12. /// <summary>
13. /// 用户名
14. /// </summary>
15. [Required]
16. public String UserName { get; set; }
17. /// <summary>
18. /// 密码
19. /// </summary>
20. public String Password { get; set; }
21. /// <summary>
22. /// 头像
23. /// </summary>
24. public String Avatar { get; set; }
25. /// <summary>
26. /// 用户昵称
27. /// </summary>
28. public String NickName { get; set; }
29. /// <summary>
30. /// 手机号码
31. /// </summary>
32. public String Mobile { get; set; }
33. /// <summary>
34. /// 邮箱地址
35. /// </summary>
36. public String Email { get; set; }
37. /// <summary>
38. /// 登录次数
39. /// </summary>
40. public int? LoginCount { get; set; }
41. /// <summary>
42. /// 最后一次登录IP
43. /// </summary>
44. public String LoginLastIp { get; set; }
45. /// <summary>
46. /// 最后一次登录时间
47. /// </summary>
48. public DateTime? LoginLastTime { get; set; }
49. /// <summary>
50. /// 添加人
51. /// </summary>
52. [Required]
53. public int AddManagerId { get; set; }
54. /// <summary>
55. /// 添加时间
56. /// </summary>
57. [Required]
58. public DateTime AddTime { get; set; }
59. /// <summary>
60. /// 修改人
61. /// </summary>
62. public int? ModifyManagerId { get; set; }
63. /// <summary>
64. /// 修改时间
65. /// </summary>
66. [MaxLength(23)]
67. public DateTime? ModifyTime { get; set; }
68. /// <summary>
69. /// 是否锁定
70. /// </summary>
71. [Required]
72. public Boolean IsLock { get; set; }
73. /// <summary>
74. /// 是否删除
75. /// </summary>
76. [Required]
77. public Boolean IsDelete { get; set; }
78. /// <summary>
79. /// 备注
80. /// </summary>
81. public String Remark { get; set; }
82. }

复制代码

 
（3）.用户View部分的编写
（3.1）视图View部分包括用户的增、删、改、查功能，还有对应的修改用户角色，修改用户密码。

（3.2）Create视图代码如下

1. @{ ViewData["Title"] = "新建用户"; }
2. @model RegisterManagerView
3. @section Scripts{
6. @{ await Html.RenderPartialAsync("_ValidationScriptsPartial");}
7. }
8. <form action="/Manager/Create" method="post">
9. @Html.AntiForgeryToken()
11. <label asp-for="UserName">用户名</label>
13. <input type="text" asp-for="UserName" name="UserName" placeholder="用户名">
14. <span asp-validation-for="UserName" class="text-danger"></span>
18. <label asp-for="Password">密码</label>
20. <input type="password" asp-for="Password" name="Password" placeholder="密码" />
21. <span asp-validation-for="Password" class="text-danger"></span>
25. <label asp-for="ConfirmPassword">确认密码</label>
27. <input type="password" asp-for="ConfirmPassword" name="ConfirmPassword" placeholder="确认密码" />
28. <span asp-validation-for="ConfirmPassword" class="text-danger"></span>
32. <label asp-for="Mobile">手机号</label>
34. <input type="text" asp-for="Mobile" name="Mobile" placeholder="手机号">
35. <span asp-validation-for="Mobile" class="text-danger"></span>
39. <label asp-for="Email">Email</label>
41. <input type="text" asp-for="Email" name="Email" placeholder="邮箱">
42. <span asp-validation-for="Email" class="text-danger"></span>
46. <label asp-for="Remark">介绍</label>
48. <textarea name="Remark" asp-for="Remark" placeholder="相关介绍"></textarea>
53. <button type="submit">确定</button>
54. <button type="reset">重置</button>
57. </form>

复制代码

 
（3.3）Edit视图代码如下

1. @{ ViewData["Title"] = "编辑用户"; }
2. @model EditManagerView
3. @section Scripts{
6. @{ await Html.RenderPartialAsync("_ValidationScriptsPartial");}
7. }
8. <form action="/Manager/Edit" method="post">
9. @Html.AntiForgeryToken()
11. <label asp-for="UserName">用户名</label>
13. <input type="text" asp-for="UserName" name="UserName" placeholder="用户名">
14. <span asp-validation-for="UserName" class="text-danger"></span>
15. <input type="hidden" asp-for="Id" />
19. <label asp-for="Mobile">手机号</label>
21. <input type="text" asp-for="Mobile" name="Mobile" placeholder="手机号">
22. <span asp-validation-for="Mobile" class="text-danger"></span>
26. <label asp-for="Email">Email</label>
28. <input type="text" asp-for="Email" name="Email" placeholder="邮箱">
29. <span asp-validation-for="Email" class="text-danger"></span>
33. <label asp-for="Remark">介绍</label>
35. <textarea name="Remark" asp-for="Remark" placeholder="相关介绍"></textarea>
40. <button type="submit">确定</button>
41. <button type="reset">重置</button>
44. </form>

复制代码

 
（3.4）Index视图代码如下（列表页）

1. @using Humanizer;
2. @using RjWebCms.Db;
3. @model PaginatedList<PageManager>
4. @{
5. ViewData["Title"] = "用户列表";
6. }
7. @section Scripts{
10. }
12. @Html.AntiForgeryToken()
13. <form asp-action="Index" method="get">
14. <table>
15. <tr><td><a asp-controller="Manager" asp-action="Create">添加</a></td></tr>
16. <tr>
17. <td>查询关键词:<input type="text" name="SearchString" value="@ViewData["CurrentFilter"]" /></td>
18. <td><input type="submit" value="查询" /></td>
19. <td><a asp-action="Index">Back</a></td>
20. <td><a id="DelAll" name="DelAll">批量删除</a></td>
21. </tr>
22. </table>
23. </form>
24. <table class="table table-hover">
25. <thead>
26. <tr>
27. <td>✔</td>
28. <td><a asp-action="Index" asp-route-sortOrder="@ViewData["NameSortParm"]" asp-route-currentFilter="@ViewData["CurrentFilter"]">用户名</a></td>
29. <td>角色名</td>
30. <td>手机号</td>
31. <td><a asp-action="Index" asp-route-sortOrder="@ViewData["DateSortParm"]" asp-route-currentFilter="@ViewData["CurrentFilter"]">时间</a></td>
32. <td>操作</td>
33. </tr>
34. @foreach (var item in Model)
35. {
36. <tr>
37. <td><input type="checkbox" class="done-checkbox" name="chk_ids" value="@item.Id"></td>
38. <td>@item.UserName</td>
39. <td>@item.RoleName</td>
40. <td>@item.Mobile</td>
41. <td>@item.AddTime</td>
42. <td>
43. <a asp-controller="Manager" asp-action="Details" asp-route-id="@item.Id">View</a>
44. <a asp-action="Edit" asp-route-id="@item.Id">Edit</a>
45. <a asp-action="ChangeRole" asp-route-id="@item.Id">ChangeRole</a>
46. <a asp-action="ChangePass" asp-route-id="@item.Id">ChangePass</a>
47. <a asp-controller="Manager" asp-action="Delete" asp-route-id="@item.Id">Delete</a>
48. </td>
49. </tr>
50. }
51. </thead>
52. </table>
53. @{
54. var prevDisabled = !Model.HasPreviousPage ? "disabled" : "";
55. var nextDisabled = !Model.HasNextPage ? "disabled" : ""; ;
56. }
57. <a asp-action="Index"
58. asp-route-sortOrder="@ViewData["CurrentSort"]"
59. asp-route-pageNumber="@(Model.PageIndex - 1)"
60. asp-route-currentFilter="@ViewData["CurrentFilter"]"
61. class="btn btn-default @prevDisabled">
62. 上一页
63. </a>
64. <a asp-action="Index"
65. asp-route-sortOrder="@ViewData["CurrentSort"]"
66. asp-route-pageNumber="@(Model.PageIndex + 1)"
67. asp-route-currentFilter="@ViewData["CurrentFilter"]"
68. class="btn btn-default @nextDisabled">
69. 下一页
70. </a>

复制代码

 
（3.5）ChangePass视图代码

1. @model ChangePassView
2. @section Scripts{
5. @{ await Html.RenderPartialAsync("_ValidationScriptsPartial");}
6. }
7. <form action="/Manager/ChangePass" method="post">
8. @Html.AntiForgeryToken()
10. <label asp-for="OldPass">旧密码</label>
11. <input type="hidden" asp-for="Id" />
13. <input type="password" asp-for="OldPass" name="OldPass" placeholder="密码" />
14. <span asp-validation-for="OldPass" class="text-danger"></span>
18. <label asp-for="NewPass">新密码</label>
20. <input type="password" asp-for="NewPass" name="NewPass" placeholder="密码" />
21. <span asp-validation-for="NewPass" class="text-danger"></span>
25. <label asp-for="ConfirmNewPass">确认新密码</label>
27. <input type="password" asp-for="ConfirmNewPass" name="ConfirmNewPass" placeholder="确认密码" />
28. <span asp-validation-for="ConfirmNewPass" class="text-danger"></span>
33. <button type="submit">确定</button>
34. <button type="reset">重置</button>
37. </form>

复制代码

 
（3.6）ChangeRole视图代码

1. @using RjWebCms.Models;
2. @{ ViewData["Title"] = "修改对应角色"; }
3. @model ChangeUserRole
4. <form action="/Manager/ChangeRole" method="post">
5. @Html.AntiForgeryToken()
7. <label asp-for="Id">选择对应角色</label>
8. <input type="hidden" asp-for="Id" />
10. @Html.DropDownList("ddl_RoleList", ViewBag.database as IEnumerable<SelectListItem>)
15. <button type="submit">确定</button>
16. <button type="reset">重置</button>
19. </form>

复制代码

 
 
（4）.用户Controller部分的实现

1. public class ManagerController : Controller{
2. 　　private readonly IManagerService _manager;
3. 　　private readonly IManagerRoleService _managerRoleService;
4. 　　private readonly AppDbContext _appDbContext;
5. 　　public ManagerController(IManagerService manager,IManagerRoleService managerRoleService, AppDbContext appDbContext){
6. 　　　　_manager = manager;
7. 　　　　_managerRoleService = managerRoleService;
8. 　　　　_appDbContext = appDbContext;
9. 　　}
10. 　　public async Task<IActionResult> Index(string sortOrder, string currentFilter, string searchString, int? pageNumber){
11. 　　　　ViewData["CurrentSort"] = sortOrder;
12. 　　　　ViewData["NameSortParm"] = String.IsNullOrEmpty(sortOrder) ? "name_desc" : "";
13. 　　　　ViewData["DateSortParm"] = sortOrder == "Date" ? "date_desc" : "Date";
14. 　　if (searchString != null)
15. 　　{
16. 　　　　pageNumber = 1;
17. 　　}
18. 　　else
19. 　　{
20. 　　　　searchString = currentFilter;
21. 　　}
23. #region 分页操作数据
24. ViewData["CurrentFilter"] = searchString;
25. var managers = from s in _appDbContext.Manager
26. join t in _appDbContext.ManagerRole on s.RoleId equals t.Id
27. select new PageManager{
28. Id=s.Id,
29. RoleId =s.RoleId,
30. UserName = s.UserName,
31. Email = s.Email,
32. Mobile = s.Mobile,
33. AddTime = s.AddTime,
34. RoleName = t.RoleName};
35. if (!string.IsNullOrEmpty(searchString))
36. {
37. managers = managers.Where(s => s.UserName.Contains(searchString));
38. }
39. switch (sortOrder)
40. {
41. case "name_desc":
42. managers = managers.OrderByDescending(s => s.UserName);
43. break;
44. case "Date":
45. managers = managers.OrderBy(s => s.AddTime);
46. break;
47. case "date_desc":
48. managers = managers.OrderByDescending(s => s.AddTime);
49. break;
50. default:
51. managers = managers.OrderBy(s => s.UserName);
52. break;
53. }
55. #endregion
56. int pageSize = 4;
57. return View(await PaginatedList<PageManager>.CreateAsync(managers.AsNoTracking(), pageNumber ?? 1, pageSize));
58. }
60. [HttpGet]
61. public IActionResult Create()
62. {
63. return View();
64. }
66. [HttpPost]
67. [ValidateAntiForgeryToken]
68. public async Task<IActionResult> Create(RegisterManagerView manager)
69. {
70. if (ModelState.IsValid)
71. {
72. Manager mUser = new Manager
73. {
74. UserName = manager.UserName,//但暂时用重写的方式来处理
75. Password = AESEncryptHelper.Encode(manager.Password.Trim(), RjWebKeys.AesEncryptKeys), //对密码加密;
76. Mobile = manager.Mobile,
77. Email = manager.Email,
78. Remark = manager.Remark
79. };
80. //此处可以用AutoMapper进行转换
81. //因为AddManagerAsync的参数是Manager对象，而非RegisterManagerView对象
82. //否则就需要重写一个AddManagerAsync(RegisterManagerView manager) 这样的方法
83. var successful = await _manager.AddManagerAsync(mUser);
84. if (successful)
85. return RedirectToAction("Index");
86. else
87. return BadRequest("失败");
88. }
89. return View(manager);
90. }
92. [HttpGet]
93. public async Task<IActionResult> Edit(int id)
94. {
95. if (string.IsNullOrEmpty(id.ToString()))
96. return NotFound();
97. var m = await _manager.FindManagerAsync(id);
98. if (m == null)
99. return NotFound();
100. EditManagerView mView = new EditManagerView() {
101. Id = id,
102. UserName = m.UserName,
103. //Password = AESEncryptHelper.Decode(m.Password,RjWebKeys.AesEncryptKeys), //解密密码
104. //ConfirmPassword = AESEncryptHelper.Decode(m.Password, RjWebKeys.AesEncryptKeys), //解密密码
105. Mobile = m.Mobile,
106. Email = m.Email,
107. Remark = m.Remark
108. };
109. return View(mView);
110. }
112. [HttpPost]
113. public async Task<IActionResult> Edit(int id, EditManagerView editManager)
114. {
115. if (string.IsNullOrEmpty(id.ToString()))
116. return NotFound();
117. if (ModelState.IsValid)
118. {
119. try
120. {
121. //做个对象转换
122. Manager mUser = new Manager {
123. UserName = editManager.UserName,
124. Mobile = editManager.Mobile,
125. Email = editManager.Email,
126. Remark = editManager.Remark
127. };
128. //因为UpdateManagerAysnc方法参数为完整Manger对象，所以要转换
129. var result = await _manager.UpdateManagerAysnc(id, mUser);
130. if(result)
131. return RedirectToAction("Index");
132. else
133. return BadRequest("编辑失败");
134. }
136. catch (Exception ex)
137. {
138. return BadRequest("编辑失败");
139. }
140. }
142. return View();
143. }
145. public async Task<IActionResult> Details(int id)
146. {
147. var item = await _manager.FindManagerAsync(id);
148. return View(item);
149. }
151. public async Task<IActionResult> Delete(int id)
152. {
153. var result = await _manager.DeleteManagerAsync(id);
154. if (result)
155. return RedirectToAction("Index");
156. else
157. return Ok("删除失败!");
158. }
159. [HttpGet]
160. public async Task<IActionResult> ChangePass(int id)
161. {
162. if (string.IsNullOrEmpty(id.ToString()))
163. return NotFound();
164. //密码框的初始化也可以省略
165. var m = await _manager.FindManagerAsync(id);
166. if (m == null)
167. return NotFound();
168. ChangePassView cpView = new ChangePassView {
169. Id=id,
170. OldPass = AESEncryptHelper.Decode(m.Password, RjWebKeys.AesEncryptKeys) //解密密码m.Password,
171. };
172. return View(cpView);
173. }
175. [HttpPost]
176. [ValidateAntiForgeryToken]
177. public async Task<IActionResult> ChangePass(int id,ChangePassView cheView)
178. {
179. if (string.IsNullOrEmpty(id.ToString()))
180. return NotFound();
181. if (ModelState.IsValid)
182. {
183. //ChangePass方法在ManagerService中，注意参数对象
184. var successful = await _manager.ChangePass(id,cheView);
185. if (successful)
186. return RedirectToAction("Index");
187. else
188. return BadRequest("失败");
189. }
190. return View();
191. }
193. [HttpGet]
194. public async Task<IActionResult> ChangeRole(int id)
195. {
196. //本Action调用后，要初始化下拉框的选择
197. var user = await _manager.FindManagerAsync(id);
198. if (user == null)
199. return NotFound();
200. #region 绑定类别下拉框
201. var rolelist = await _managerRoleService.GetManagerRoleAsync();
202. var roleItems = new List<SelectListItem>()
203. {
204. new SelectListItem(){ Value="0",Text="全部",Selected=true}
205. };
207. foreach (var role in rolelist)
208. {
209. SelectListItem item = new SelectListItem() { Value = role.Id.ToString(), Text = role.RoleName };
210. roleItems.Add(item);
211. }
212. //遍历并选中(实现选中下拉框功能)
213. foreach (SelectListItem item in roleItems)
214. {
215. if (item.Value == user.RoleId.ToString())
216. item.Selected = true;
217. }
218. ViewBag.database = roleItems;
219. #endregion
220. return View();
221. }
223. [HttpPost]
224. [ValidateAntiForgeryToken]
225. public async Task<IActionResult> ChangeRole(int id ,ChangeUserRole user)
226. {
227. //修改用户所属角色
228. if (string.IsNullOrEmpty(id.ToString()))
229. return NotFound();
230. #region 取下拉菜单值(RoleId)
231. string strRoleId = Request.Form["ddl_RoleList"];
232. if (!string.IsNullOrEmpty(strRoleId))
233. user.RoleId = int.Parse(strRoleId);
234. else
235. user.RoleId = 0;
236. #endregion
237. if (ModelState.IsValid)
238. {
239. try
240. {
241. //ChangeRole方法在ManagerService中，注意其参数
242. var result = await _manager.ChangeRole(id, user);
243. if (result)
244. return RedirectToAction("Index");
245. else
246. return BadRequest("编辑失败");
247. }
249. catch (Exception ex)
250. {
251. return BadRequest("编辑失败");
252. }
253. }
254. return View();
255. }
257. #region 验证功能
259. [HttpGet]
260. public async Task<IActionResult> CheckUserName(string UserName)
261. {
262. //result=true，表示有这个用户名，说明验证失败，无法添加
263. //那么return json 需要返回一个false
264. bool result = await _manager.CheckUserName(UserName);
265. return Json(!result); //返回结果必须是Json格式
266. }
268. [HttpGet]
269. public async Task<IActionResult> CheckMobile(string Mobile)
270. {
271. //result=true，表示有这个手机号，说明验证失败，无法添加
272. //那么return json 需要返回一个false
273. bool result = await _manager.CheckMobile(Mobile);
274. return Json(!result); //返回结果必须是Json格式
275. }
277. [HttpGet]
278. public async Task<IActionResult> CheckEmail(string Email)
279. {
280. //result=true，表示有这个邮箱，说明验证失败，无法添加
281. //那么return json 需要返回一个false
282. bool result = await _manager.CheckEmail(Email);
283. return Json(!result); //返回结果必须是Json格式
284. }
286. [HttpGet]
287. public async Task<IActionResult> CheckOldPass(int id,string oldpass)
288. {
289. //result=true，表示有这个旧密码，说明验证失败，无法添加
290. //那么return json 需要返回一个false
291. string strPass = AESEncryptHelper.Encode(oldpass.Trim(), RjWebKeys.AesEncryptKeys); //对密码加密;
292. bool result = await _manager.CheckOldPass(id,strPass);
293. return Json(result); //返回结果必须是Json格式
294. }
295. #endregion
296. }

复制代码

 
2.用户分配角色
分配角色在ChangeRole视图页面完成，注意阅读其对应代码；

免责声明：如果侵犯了您的权益，请联系站长，我们会及时删除侵权内容，谢谢合作！