/// <summary>
/// 添加模型字段权限到会员组
/// </summary>
/// <param name="groupId"></param>
/// <param name="operateCodes">权限码</param>
/// <param name="modelIdAndFieldName">模型ID与字段名的集合体,多个内容用“,”分隔(例:11:FieldName,11:FieldName1)</param>
/// <param name="idType">权限类型 0:单独设置会员权限;1:继承自会员组权限;</param>
/// <returns></returns>
public async Task <bool> AddFieldPermissionToUserGroup(int groupId, OperateCode operateCodes, string modelIdAndFieldName, int idType = 1)
{
if (groupId <= 0 && groupId != -2)
{
return(false);
}
if (string.IsNullOrWhiteSpace(modelIdAndFieldName))
{
return(false);
}
var arrModelIdAndFieldName = modelIdAndFieldName.Split(split, StringSplitOptions.RemoveEmptyEntries);
arrModelIdAndFieldName = StringHelper.RemoveRepeatItem(arrModelIdAndFieldName);
foreach (string strItem in arrModelIdAndFieldName)
{
if (!string.IsNullOrEmpty(strItem))
{
var arrItem = strItem.Split(new char[] { ':' }, StringSplitOptions.RemoveEmptyEntries);
var modelID = DataConverter.CLng(arrItem[0]);
var fieldName = arrItem[1];
await _GroupFieldPermissionsRepository.AddAsync(new GroupFieldPermissionsEntity()
{
GroupID = groupId, OperateCode = ((int)operateCodes).ToString(), ModelID = modelID, FieldName = fieldName, IdType = idType
});
}
}
return(true);
}
public bool DeleteNodePermissions(int id, int nodeId, OperateCode operateCode, int idType)
{
Parameters cmdParams = new Parameters();
string strSql = "DELETE FROM PE_GroupNodePermissions WHERE 1 = 1";
if ((id > 0) || (id == -2))
{
strSql = strSql + " AND GroupID = @GroupID ";
cmdParams.AddInParameter("@GroupID", DbType.Int32, id);
}
if (nodeId >= -2)
{
strSql = strSql + " AND NodeId = @NodeId ";
cmdParams.AddInParameter("@NodeId", DbType.Int32, nodeId);
}
if (operateCode != OperateCode.None)
{
strSql = strSql + " AND OperateCode = @OperateCode ";
cmdParams.AddInParameter("@OperateCode", DbType.Int32, operateCode);
}
if (idType >= 0)
{
strSql = strSql + " AND IdType = @IdType ";
cmdParams.AddInParameter("@IdType", DbType.Int32, idType);
}
try
{
DBHelper.ExecuteNonQuerySql(strSql, cmdParams);
return(true);
}
catch
{
return(false);
}
}
/// <summary>
/// 添加模型字段权限到角色
/// </summary>
/// <param name="roleID"></param>
/// <param name="operateCodes">权限码</param>
/// <param name="modelIdAndFieldName">模型ID与字段名的集合体,多个内容用“,”分隔(例:11:FieldName,11:FieldName1)</param>
/// <returns></returns>
public async Task <bool> AddFieldPermissionToRoles(int roleID, OperateCode operateCodes, string modelIdAndFieldName)
{
if (roleID <= 0 || string.IsNullOrEmpty(modelIdAndFieldName))
{
return(false);
}
var arrModelIdAndFieldName = modelIdAndFieldName.Split(split, StringSplitOptions.RemoveEmptyEntries);
arrModelIdAndFieldName = StringHelper.RemoveRepeatItem(arrModelIdAndFieldName);
foreach (string strItem in arrModelIdAndFieldName)
{
if (!string.IsNullOrEmpty(strItem))
{
var arrItem = strItem.Split(new char[] { ':' }, StringSplitOptions.RemoveEmptyEntries);
var modelID = DataConverter.CLng(arrItem[0]);
var fieldName = arrItem[1];
await _RoleFieldPermissionsRepository.AddAsync(new RoleFieldPermissionsEntity()
{
RoleID = roleID, OperateCode = ((int)operateCodes).ToString(), ModelID = modelID, FieldName = fieldName
});
}
}
return(true);
}
public string GetRoleNodeId(string roleId, OperateCode operateCode)
{
string strCommand = "SELECT DISTINCT NodeID FROM PE_Role_Node_Permissions WHERE RoleID IN (" + DBHelper.ToValidId(roleId) + ") AND OperateCode = @OperateCode";
Parameters cmdParams = new Parameters();
cmdParams.AddInParameter("@RoleId", DbType.String, roleId);
cmdParams.AddInParameter("@OperateCode", DbType.Int32, operateCode);
StringBuilder builder = new StringBuilder();
using (NullableDataReader reader = DBHelper.ExecuteReader(CommandType.Text, strCommand, cmdParams))
{
while (reader.Read())
{
if (builder.Length > 0)
{
builder.Append("," + reader.GetInt32("NodeID").ToString());
}
else
{
builder.Append(reader.GetInt32("NodeID").ToString());
}
}
}
return(builder.ToString());
}
public bool DeleteSpecialPermissions(int id, int specialId, OperateCode operateCode, int idType)
{
Parameters cmdParams = new Parameters();
string strSql = "DELETE FROM PE_GroupSpecialPermissions WHERE 1 = 1";
if ((id > 0) || (id == -2))
{
strSql = strSql + " AND GroupID = @GroupID ";
cmdParams.AddInParameter("@GroupID", DbType.Int32, id);
}
if (specialId > 0)
{
strSql = strSql + " AND SpecialID = @SpecialID ";
cmdParams.AddInParameter("@SpecialID", DbType.Int32, specialId);
}
if (operateCode != OperateCode.None)
{
strSql = strSql + " AND OperateCode = @OperateCode ";
cmdParams.AddInParameter("@OperateCode", DbType.Int32, operateCode);
}
if (idType >= 0)
{
strSql = strSql + " AND IdType = @IdType ";
cmdParams.AddInParameter("@IdType", DbType.Int32, idType);
}
return(DBHelper.ExecuteSql(strSql, cmdParams));
}
public static void AddNodePermissionToRoles(string roles, int nodeId, OperateCode operateCode)
{
foreach (string str in roles.Split(split, StringSplitOptions.RemoveEmptyEntries))
{
AddNodePermissionToRoles(DataConverter.CLng(str), nodeId, operateCode);
}
}
public static void AddNodePermissionToRoles(int roleId, OperateCode operateCode, string nodeIds)
{
foreach (string str in nodeIds.Split(split, StringSplitOptions.RemoveEmptyEntries))
{
AddNodePermissionToRoles(roleId, DataConverter.CLng(str), operateCode);
}
}
public static void BusinessAccessCheck(OperateCode operateCode, int nodeId)
{
if (!AccessCheckNodePermission(operateCode, nodeId))
{
throw new CustomException(PEExceptionType.ExceedAuthority);
}
}
public static void BusinessAccessCheck(OperateCode operateCode)
{
if (!AccessCheck(operateCode))
{
throw new CustomException(PEExceptionType.ExceedAuthority);
}
}
public static bool AddFieldPermissions(int roleId, OperateCode operateCode, string modelIds, string fieldNames)
{
if (!DataValidator.IsValidId(modelIds))
{
return(false);
}
string[] strArray = modelIds.Split(split, StringSplitOptions.RemoveEmptyEntries);
string[] strArray2 = fieldNames.Split(split, StringSplitOptions.RemoveEmptyEntries);
int length = strArray.Length;
if (strArray.Length != strArray2.Length)
{
return(false);
}
if (strArray.Length == 0)
{
length = 1;
strArray[0] = modelIds;
strArray2[0] = DataSecurity.FilterBadChar(fieldNames);
}
else
{
length = strArray.Length;
}
for (int i = 0; i < length; i++)
{
if (!AddFieldPermissionToRoles(roleId, DataConverter.CLng(strArray[i]), DataSecurity.FilterBadChar(strArray2[i]), operateCode))
{
return(false);
}
}
return(true);
}
public string GetRoleNodeId(int roleId, OperateCode operateCode, int idType)
{
string strCommand = "SELECT DISTINCT NodeID FROM PE_GroupNodePermissions WHERE GroupID = @GroupID AND OperateCode = @OperateCode AND IdType = @idType";
Parameters cmdParams = new Parameters();
cmdParams.AddInParameter("@GroupID", DbType.Int32, roleId);
cmdParams.AddInParameter("@OperateCode", DbType.Int32, operateCode);
cmdParams.AddInParameter("idType", DbType.Int32, idType);
StringBuilder builder = new StringBuilder();
using (NullableDataReader reader = DBHelper.ExecuteReader(CommandType.Text, strCommand, cmdParams))
{
while (reader.Read())
{
if (builder.Length > 0)
{
builder.Append("," + reader.GetInt32("NodeID").ToString());
}
else
{
builder.Append(reader.GetInt32("NodeID").ToString());
}
}
}
return(builder.ToString());
}
public static void BusinessAccessCheck(OperateCode operateCode, int modelId, string fieldName)
{
if (!AccessCheckFieldPermission(operateCode, modelId, fieldName))
{
throw new CustomException(PEExceptionType.ExceedAuthority);
}
}
public static void BusinesssAccessCheckSpecial(OperateCode operateCode, int specialId)
{
if (!AccessCheck(OperateCode.SpecialManage) && !AccessCheckSpecialPermission(operateCode, specialId))
{
throw new CustomException(PEExceptionType.ExceedAuthority);
}
}
public static string GetRoleNodeId(string roleId, OperateCode operateCode)
{
if (!DataValidator.IsValidId(roleId))
{
return(string.Empty);
}
return(dal.GetRoleNodeId(roleId, operateCode));
}
public bool AccessCheckNodePermissions(string nodeId, OperateCode operateCode)
{
string strSql = "SELECT nodeId PE_Role_Node_Permissions WHERE NodeId IN (" + DBHelper.ToValidId(nodeId) + ") AND OperateCode = @OperateCode";
Parameters cmdParams = new Parameters();
cmdParams.AddInParameter("@OperateCode", DbType.Int32, operateCode);
return(DBHelper.ExistsSql(strSql, cmdParams));
}
public static bool AccessCheckNodePermissions(string nodeId, OperateCode operateCode)
{
if (!DataValidator.IsValidId(nodeId))
{
return(false);
}
return(dal.AccessCheckNodePermissions(nodeId, operateCode));
}
public IList <string> GetRoleListByOperateCode(OperateCode operateCode)
{
Parameters parms = new Parameters();
parms.AddInParameter("@OperateCode", DbType.Int32, operateCode);
string strSqlText = "SELECT RoleId FROM PE_Roles_Permissions WHERE OperateCode = @OperateCode";
return(CreateRoleList(parms, strSqlText));
}
public static bool AddSpecialPermissions(int id, OperateCode operateCode, string specialIds, int idType)
{
dal.DeleteSpecialPermissions(id, 0, OperateCode.None, idType);
foreach (string str in specialIds.Split(split, StringSplitOptions.RemoveEmptyEntries))
{
AddSpecialPermission(id, operateCode, DataConverter.CLng(str), idType);
}
return(true);
}
public static bool AddSpecialPermissions(string groupIds, OperateCode operateCode, int specialId, int idType)
{
dal.DeleteSpecialPermissions(0, specialId, operateCode, -1);
foreach (string str in groupIds.Split(split, StringSplitOptions.RemoveEmptyEntries))
{
AddSpecialPermission(DataConverter.CLng(str), operateCode, specialId, idType);
}
return(true);
}
public void AddPermissionToRoles(int roleId, OperateCode operateCode)
{
string strSql = "INSERT INTO PE_Roles_Permissions(RoleId, OperateCode) VALUES (@RoleId, @OperateCode)";
Parameters cmdParams = new Parameters();
cmdParams.AddInParameter("@RoleId", DbType.Int32, roleId);
cmdParams.AddInParameter("@OperateCode", DbType.Int32, operateCode);
DBHelper.ExecuteSql(strSql, cmdParams);
}
public IList <int> GetRoleListByOperateCodeNode(OperateCode operateCode, string nodeId, int idType)
{
Parameters parms = new Parameters();
parms.AddInParameter("@OperateCode", DbType.Int32, operateCode);
parms.AddInParameter("@IdType", DbType.Int32, idType);
string strSqlText = "SELECT GroupID FROM PE_GroupNodePermissions WHERE OperateCode = @OperateCode AND IdType=@IdType AND NodeID IN (" + DBHelper.ToValidId(nodeId) + ")";
return(CreateRoleList(parms, strSqlText));
}
public static bool AddNodePermissions(int id, OperateCode operateCode, string nodeIds, int idType)
{
string[] strArray = nodeIds.Split(split, StringSplitOptions.RemoveEmptyEntries);
dal.DeleteNodePermissions(id, -2, operateCode, idType);
foreach (string str in strArray)
{
AddNodePermission(id, operateCode, DataConverter.CLng(str), idType);
}
return(true);
}
public static bool AccessCheck(OperateCode operateCode, int nodeId)
{
int idType = 0;
if (PEContext.Current.User.UserInfo.IsInheritGroupRole)
{
idType = 1;
}
return(CheckRole(dal.GetRoleListByOperateCodeNode(operateCode, nodeId, idType)));
}
public static IList <int> GetRoleListByOperateCodeFieldName(OperateCode operateCode, int modelId, string fieldName)
{
int idType = 0;
if (PEContext.Current.User.UserInfo.IsInheritGroupRole)
{
idType = 1;
}
return(dal.GetRoleListByOperateCodeFieldName(operateCode, modelId, fieldName, idType));
}
public IList <string> GetRoleListByOperateCodeSpecialId(OperateCode operateCode, int specialId)
{
Parameters parms = new Parameters();
parms.AddInParameter("@OperateCode", DbType.Int32, operateCode);
parms.AddInParameter("@SpecialId", DbType.Int32, specialId);
string strSqlText = "SELECT RoleId FROM PE_Role_Special_Permissions WHERE OperateCode = @OperateCode AND SpecialId = @SpecialId";
return(CreateRoleList(parms, strSqlText));
}
public static bool AccessCheckSpecial(OperateCode operateCode, int specialId)
{
int idType = 0;
if (PEContext.Current.User.UserInfo.IsInheritGroupRole)
{
idType = 1;
}
return(CheckRole(dal.GetGroupListByOperateCodeSpecialId(operateCode, specialId, idType)));
}
public bool DeleteSpecialPermissionsBySpecialId(int specialId, OperateCode operateCode)
{
Parameters cmdParams = new Parameters();
cmdParams.AddInParameter("@SpecialID", DbType.Int32, specialId);
cmdParams.AddInParameter("@OperateCode", DbType.Int32, operateCode);
string strSql = "DELETE FROM PE_GroupSpecialPermissions WHERE SpecialID = @SpecialID AND OperateCode = @OperateCode";
return(DBHelper.ExecuteSql(strSql, cmdParams));
}
public IList <string> GetRoleListByOperateCodeFieldName(OperateCode operateCode, int modelId, string fieldName)
{
Parameters parms = new Parameters();
parms.AddInParameter("@OperateCode", DbType.Int32, operateCode);
parms.AddInParameter("@ModelID", DbType.Int32, modelId);
parms.AddInParameter("@FieldName", DbType.String, fieldName);
string strSqlText = "SELECT RoleId FROM PE_Role_Field_Permissions WHERE OperateCode = @OperateCode AND ModelID = @ModelID AND FieldName = @FieldName";
return(CreateRoleList(parms, strSqlText));
}
public IList <int> GetGroupListByOperateCodeSpecialId(OperateCode operateCode, int specialId, int idType)
{
Parameters parms = new Parameters();
parms.AddInParameter("@OperateCode", DbType.Int32, operateCode);
parms.AddInParameter("@SpecialId", DbType.Int32, specialId);
parms.AddInParameter("@IdType", DbType.Int32, idType);
string strSqlText = "SELECT GroupID FROM PE_GroupSpecialPermissions WHERE OperateCode = @OperateCode AND IdType=@IdType AND SpecialId = @SpecialId";
return(CreateRoleList(parms, strSqlText));
}
public bool AddSpecialPermissions(int id, OperateCode operateCode, int specialId, int idType)
{
Parameters cmdParams = new Parameters();
cmdParams.AddInParameter("@GroupID", DbType.Int32, id);
cmdParams.AddInParameter("@OperateCode", DbType.Int32, operateCode);
cmdParams.AddInParameter("@SpecialID", DbType.Int32, specialId);
cmdParams.AddInParameter("@IdType", DbType.Int32, idType);
string strSql = "INSERT INTO PE_GroupSpecialPermissions(GroupID, OperateCode, SpecialID, IdType) VALUES (@GroupID, @OperateCode, @SpecialID, @IdType)";
return(DBHelper.ExecuteSql(strSql, cmdParams));
}