//
// ResourcePermission 权限判断
//
#region public bool CheckPermissionByUser(string userId, string permissionItemCode, string permissionItemName = null) 是否有相应的权限
/// <summary>
/// 是否有相应的权限
/// </summary>
/// <param name="userId">用户主键</param>
/// <param name="permissionItemCode">权限编号</param>
/// <param name="permissionItemName">权限名称</param>
/// <returns>是否有权限</returns>
public bool CheckPermissionByUser(string userId, string permissionItemCode, string permissionItemName = null)
{
// 若不存在就需要自动能增加一个操作权限项
string tableName = BasePermissionItemEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "PermissionItem";
}
BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(DbHelper, UserInfo, tableName);
string permissionItemId = permissionItemManager.GetIdByAdd(permissionItemCode, permissionItemName);
BasePermissionItemEntity permissionItemEntity = permissionItemManager.GetEntity(permissionItemId);
// 先判断用户类别
if (UserInfo.IsAdministrator)
{
return(true);
}
// 没有找到相应的权限
if (String.IsNullOrEmpty(permissionItemId))
{
return(false);
}
// 这里需要判断,是系统权限?
bool returnValue = false;
BaseUserManager userManager = new BaseUserManager(this.DbHelper, this.UserInfo);
if (!string.IsNullOrEmpty(permissionItemEntity.CategoryCode) && permissionItemEntity.CategoryCode.Equals("System"))
{
// 用户管理员
returnValue = userManager.IsInRoleByCode(userId, "UserAdmin");
if (returnValue)
{
return(returnValue);
}
}
// 这里需要判断,是业务权限?
if (!string.IsNullOrEmpty(permissionItemEntity.CategoryCode) && permissionItemEntity.CategoryCode.Equals("Application"))
{
returnValue = userManager.IsInRoleByCode(userId, "Admin");
if (returnValue)
{
return(returnValue);
}
}
// 判断用户权限
if (this.CheckUserPermission(userId, permissionItemId))
{
return(true);
}
// 判断用户角色权限
if (this.CheckUserRolePermission(userId, permissionItemId))
{
return(true);
}
// 判断用户组织机构权限,这里有开关是为了提高性能用的,
// 下面的函数接着还可以提高性能,可以进行一次判断就可以了,其实不用执行4次判断,浪费I/O,浪费性能。
if (BaseSystemInfo.UseOrganizePermission)
{
if (this.CheckUserOrganizePermission(userId, permissionItemId, this.UserInfo.WorkgroupId))
{
return(true);
}
else if (this.CheckUserOrganizePermission(userId, permissionItemId, this.UserInfo.DepartmentId))
{
return(true);
}
else if (this.CheckUserOrganizePermission(userId, permissionItemId, this.UserInfo.SubCompanyId))
{
return(true);
}
else if (this.CheckUserOrganizePermission(userId, permissionItemId, this.UserInfo.CompanyId))
{
return(true);
}
}
return(false);
}
/// <summary>
/// 是否有相应的权限
/// </summary>
/// <param name="userId">用户主键</param>
/// <param name="permissionItemCode">权限编号</param>
/// <param name="permissionItemName">权限名称</param>
/// <returns>是否有权限</returns>
public bool CheckPermissionByUser(string userId, string permissionItemCode, string permissionItemName = null)
{
// 若不存在就需要自动能增加一个操作权限项
string tableName = BasePermissionItemEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "PermissionItem";
}
BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(DbHelper, UserInfo, tableName);
string permissionItemId = permissionItemManager.GetIdByAdd(permissionItemCode, permissionItemName);
BasePermissionItemEntity permissionItemEntity = permissionItemManager.GetEntity(permissionItemId);
// 先判断用户类别
if (UserInfo.IsAdministrator)
{
return true;
}
// 没有找到相应的权限
if (String.IsNullOrEmpty(permissionItemId))
{
return false;
}
// 这里需要判断,是系统权限?
bool returnValue = false;
BaseUserManager userManager = new BaseUserManager(this.DbHelper, this.UserInfo);
if (!string.IsNullOrEmpty(permissionItemEntity.CategoryCode) && permissionItemEntity.CategoryCode.Equals("System"))
{
// 用户管理员
returnValue = userManager.IsInRoleByCode(userId, "UserAdmin");
if (returnValue)
{
return returnValue;
}
}
// 这里需要判断,是业务权限?
if (!string.IsNullOrEmpty(permissionItemEntity.CategoryCode) && permissionItemEntity.CategoryCode.Equals("Application"))
{
returnValue = userManager.IsInRoleByCode(userId, "Admin");
if (returnValue)
{
return returnValue;
}
}
// 判断用户权限
if (this.CheckUserPermission(userId, permissionItemId))
{
return true;
}
// 判断用户角色权限
if (this.CheckUserRolePermission(userId, permissionItemId))
{
return true;
}
// 判断用户组织机构权限,这里有开关是为了提高性能用的,
// 下面的函数接着还可以提高性能,可以进行一次判断就可以了,其实不用执行4次判断,浪费I/O,浪费性能。
if (BaseSystemInfo.UseOrganizePermission)
{
if (this.CheckUserOrganizePermission(userId, permissionItemId, this.UserInfo.WorkgroupId))
{
return true;
}
else if (this.CheckUserOrganizePermission(userId, permissionItemId, this.UserInfo.DepartmentId))
{
return true;
}
else if (this.CheckUserOrganizePermission(userId, permissionItemId, this.UserInfo.SubCompanyId))
{
return true;
}
else if (this.CheckUserOrganizePermission(userId, permissionItemId, this.UserInfo.CompanyId))
{
return true;
}
}
return false;
}
