WF提供了一种用于对所有支持数据输入的活动的、基于角色的访问机制。工作流创建者可以完全控制如何创建角色和角色集合。这样将使创建者能够提供必
要的授权机制,在执行活动之前验证调用者的角色。比如WF中的WebServiceInputActivity 和 HandleExternalEventActivity活动。
WF中提供来两种方式:ActiveDirectoryRole(通过活动目录用户)和WebWorkflowRole(ASP.NET Role)。下面举例说明:
1.我们使用HandleExternalEventActivity活动来提供图书检索功能,当有人检索的时候会触发检索事件,只有会员才可以使用该功能。首先来定义事件参数:
using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Workflow.Activities; namespace CaryWFRole { [Serializable] public class BookEventArgs : ExternalDataEventArgs { public string ID { get; set; } public string Name { get; set; } public string Author { get; set; } public BookEventArgs() : base(Guid.NewGuid()) { } public BookEventArgs(Guid instanceID, string id, string name, string author) : base(instanceID) { this.ID = id; this.Name = name; this.Author = author; } } }
using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Workflow.Activities; namespace CaryWFRole { [ExternalDataExchangeAttribute()] public interface ISearchBookService { event EventHandler<BookEventArgs> SearchBook; } }
3.实现该接口,代码如下:
using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Security.Principal; namespace CaryWFRole { public class SearchBookService:ISearchBookService { public event EventHandler<BookEventArgs> SearchBook; public void OnSearchRequest(Guid instanceId, string id,string name,string author, IIdentity identity) { BookEventArgs args = new BookEventArgs(instanceId, id, name, author); String securityIdentifier = null; WindowsIdentity windowsIdentity = identity as WindowsIdentity; if (windowsIdentity != null && windowsIdentity.User != null) securityIdentifier = windowsIdentity.User.Translate(typeof(NTAccount)).ToString(); else if (identity != null) securityIdentifier = identity.Name; args.Identity = securityIdentifier; Console.WriteLine("return book by: {0}", identity.Name); if (SearchBook != null) SearchBook(null, args); } } }
4.工作流设计如下:
通过设置检索事件(HandleExternalEventActivity)活动的的Roles属性来控制,只有该角色集合的用户才有权限。在工作流中我们只允许会员才可以做
检索,代码如下:
using System; using System.ComponentModel; using System.ComponentModel.Design; using System.Collections; using System.Drawing; using System.Linq; using System.Workflow.ComponentModel.Compiler; using System.Workflow.ComponentModel.Serialization; using System.Workflow.ComponentModel; using System.Workflow.ComponentModel.Design; using System.Workflow.Runtime; using System.Workflow.Activities; using System.Workflow.Activities.Rules; namespace CaryWFRole { public sealed partial class BookWorkflow : SequentialWorkflowActivity { public BookWorkflow() { InitializeComponent(); } private WorkflowRoleCollection sAllowRoles = new WorkflowRoleCollection(); public WorkflowRoleCollection AllowRoles { get { return sAllowRoles; } } private void codeActivity1_ExecuteCode(object sender, EventArgs e) { WebWorkflowRole role = new WebWorkflowRole("会员"); AllowRoles.Add(role); } private void handleExternalEventActivity1_Invoked(object sender, ExternalDataEventArgs e) { Console.WriteLine("查询成功"); } } }
5.通过如下函数来创建角色和用户,代码如下:
static void CreateRoles() { if (!System.Web.Security.Roles.RoleExists("会员")) { System.Web.Security.Roles.CreateRole("会员"); string[] users = { "张三", "李四", "王五" }; string[] ClerkRole = { "会员" }; System.Web.Security.Roles.AddUsersToRoles(users, ClerkRole); } }
6.假设以张三的身份来检索,触发事件的函数如下:
static void SendSearchRequest() { try { string id = "001"; string name = "C#高级编程"; string author = "某某某"; GenericIdentity genIdentity = new GenericIdentity("张三"); sBook.OnSearchRequest(workflowInstanceId, id, name, author, genIdentity); } catch (Exception e) { Console.WriteLine("Exception message: {0}", e.ToString()); } }
using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading; using System.Workflow.Runtime; using System.Workflow.Runtime.Hosting; using System.Security.Principal; using System.Workflow.Activities; namespace CaryWFRole { class Program { static SearchBookService sBook; static Guid workflowInstanceId; static AutoResetEvent waitHandle = new AutoResetEvent(false); static void Main() { CreateRoles(); using (WorkflowRuntime workflowRuntime = new WorkflowRuntime()) { workflowRuntime.StartRuntime(); Type type = typeof(BookWorkflow); ExternalDataExchangeService dataService = new ExternalDataExchangeService(); workflowRuntime.AddService(dataService); sBook = new SearchBookService(); dataService.AddService(sBook); workflowRuntime.WorkflowCompleted += OnWorkflowCompleted; workflowRuntime.WorkflowTerminated += OnWorkflowTerminated; WorkflowInstance instance = workflowRuntime.CreateWorkflow(type); workflowInstanceId = instance.InstanceId; instance.Start(); SendSearchRequest(); waitHandle.WaitOne(); workflowRuntime.StopRuntime(); } } static void OnWorkflowCompleted(object sender, WorkflowCompletedEventArgs e) { waitHandle.Set(); } static void OnWorkflowTerminated(object sender, WorkflowTerminatedEventArgs e) { Console.WriteLine(e.Exception.Message); waitHandle.Set(); } } }
8.我们要配置aspnetdb数据库,app.config如下:
<?xml version="1.0" encoding="utf-8" ?> <configuration> <connectionStrings> <add name="SqlServerConnection" connectionString="Integrated Security = SSPI;server=.;database=aspnetdb" /> </connectionStrings> <system.web> <roleManager enabled="true" defaultProvider="SqlProvider"> <providers> <add name="SqlProvider" connectionStringName="SqlServerConnection" applicationName="ConsoleAppSample" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </roleManager> </system.web> </configuration>
9.执行结果如下:
