/// <summary>
/// 某个用户是否有相应的操作权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <param name="permissionItemCode">权限编号</param>
/// <param name="permissionItemName">权限名称</param>
/// <returns>是否有权限</returns>
public bool IsAuthorizedByUser(BaseUserInfo userInfo, string userId, string permissionItemCode, string permissionItemName = null)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
bool returnValue = false;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
if (string.IsNullOrEmpty(userId))
{
userId = userInfo.Id;
}
#if (!DEBUG)
// 是超级管理员,就不用继续判断权限了
BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo);
returnValue = userManager.IsAdministrator(userId);
if (returnValue)
{
return(returnValue);
}
#endif
BasePermissionManager permissionManager = new BasePermissionManager(dbHelper, userInfo);
returnValue = permissionManager.CheckPermissionByUser(userId, permissionItemCode, permissionItemName);
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_IsAuthorizedByUser, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return(returnValue);
}
/// <summary>
/// 授予资源的权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="resourceCategory">资源分类</param>
/// <param name="resourceId">资源主键</param>
/// <param name="grantPermissionItemIds">权限主键</param>
/// <returns>影响的行数</returns>
public int GrantResourcePermission(BaseUserInfo userInfo, string resourceCategory, string resourceId, string[] grantPermissionItemIds)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
int returnValue = 0;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
BaseRoleScopeManager roleScopeManager = new BaseRoleScopeManager(dbHelper, userInfo);
// 小心异常,检查一下参数的有效性
if (grantPermissionItemIds != null)
{
BasePermissionManager permissionManager = new BasePermissionManager(dbHelper, userInfo);
for (int i = 0; i < grantPermissionItemIds.Length; i++)
{
BasePermissionEntity resourcePermissionEntity = new BasePermissionEntity();
resourcePermissionEntity.ResourceCategory = resourceCategory;
resourcePermissionEntity.ResourceId = resourceId;
resourcePermissionEntity.PermissionId = int.Parse(grantPermissionItemIds[i]);
resourcePermissionEntity.Enabled = 1;
resourcePermissionEntity.DeletionStateCode = 0;
permissionManager.Add(resourcePermissionEntity);
returnValue++;
}
}
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_GrantResourcePermission, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return(returnValue);
}
/// <summary>
/// 撤消资源的权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="resourceCategory">资源分类</param>
/// <param name="resourceId">资源主键</param>
/// <param name="revokePermissionItemIds">权限主键</param>
/// <returns>影响的行数</returns>
public int RevokeResourcePermission(BaseUserInfo userInfo, string resourceCategory, string resourceId, string[] revokePermissionItemIds)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
int returnValue = 0;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
// BaseRoleScopeManager manager = new BaseRoleScopeManager(dbHelper, userInfo);
// 小心异常,检查一下参数的有效性
if (revokePermissionItemIds != null)
{
BasePermissionManager permissionManager = new BasePermissionManager(dbHelper, userInfo);
for (int i = 0; i < revokePermissionItemIds.Length; i++)
{
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceCategory, resourceCategory));
parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceId, resourceId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldPermissionItemId, revokePermissionItemIds[i]));
// returnValue += permissionManager.SetDeleted(parameters);
returnValue += permissionManager.Delete(parameters);
}
}
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_RevokeResourcePermission, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return(returnValue);
}
/// <summary>
/// 获得某个用户的所有权限列表
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <returns>数据表</returns>
public DataTable GetPermissionDTByUser(BaseUserInfo userInfo, string userId)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
DataTable dataTable = new DataTable(BasePermissionItemEntity.TableName);
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
string tableName = BasePermissionItemEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "PermissionItem";
}
// 是否超级管理员
BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo);
BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo, tableName);
if (userManager.IsAdministrator(userId))
{
dataTable = permissionItemManager.GetDataTable();
}
else
{
tableName = BasePermissionEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "Permission";
}
BasePermissionManager permissionManager = new BasePermissionManager(dbHelper, userInfo, tableName);
string[] ids = permissionManager.GetPermissionIdsByUser(userId);
// 若是以前赋予的权限,后来有些权限设置为无效了,那就不应该再获取哪些无效的权限才对。
// bug修正:没有赋值DataTable,导致返回值空
dataTable = permissionItemManager.GetDataTable(
new KeyValuePair <string, object>(BasePermissionItemEntity.FieldId, ids)
, new KeyValuePair <string, object>(BasePermissionItemEntity.FieldEnabled, 1)
, new KeyValuePair <string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0));
}
dataTable.TableName = tableName;
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_GetPermissionDTByUser, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return(dataTable);
}
/// <summary>
/// 有某个操作权限的所有用户列表
/// 反向通知有权限的用户
/// </summary>
/// <param name="permissionItemCode">操作权限编号</param>
/// <param name="permissionItemName">操作权限名称</param>
/// <returns>用户主键数组</returns>
public string[] GetPermissionUserIds(string permissionItemCode, string permissionItemName = null)
{
var permissionManager = new BasePermissionManager(UserCenterDbHelper, UserInfo);
return(permissionManager.GetUserIds(permissionItemCode, permissionItemName));
}
