public int ClearOrganizePermissionScope(string organizeId, string permissionItemCode)
        {
            List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
            parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseOrganizeEntity.TableName));
            parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, organizeId));
            parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));

            BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
            return permissionScopeManager.Delete(parameters);
        }
 public int GrantRoles(string[] userIds, string permissionItemCode, string grantRoleId)
 {
     int returnValue = 0;
     BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
     for (int i = 0; i < userIds.Length; i++)
     {
         this.GrantRole(permissionScopeManager, userIds[i], permissionItemCode, grantRoleId);
         returnValue++;
     }
     return returnValue;
 }
 public int GrantPermissionItemes(string roleId, string permissionItemCode, string[] grantPermissionIds)
 {
     int returnValue = 0;
     BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
     for (int i = 0; i < grantPermissionIds.Length; i++)
     {
         this.GrantPermissionItem(permissionScopeManager, roleId, permissionItemCode, grantPermissionIds[i]);
         returnValue++;
     }
     return returnValue;
 }
 public int GrantModules(string organizeId, string permissionItemCode, string[] grantModuleIds)
 {
     int returnValue = 0;
     BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
     for (int i = 0; i < grantModuleIds.Length; i++)
     {
         this.GrantModule(permissionScopeManager, organizeId, permissionItemCode, grantModuleIds[i]);
         returnValue++;
     }
     return returnValue;
 }
        /// <summary>
        /// 撤消资源的权限范围
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="resourceCategory">资源分类</param>
        /// <param name="resourceId">资源主键</param>
        /// <param name="targetCategory">目标类别</param>
        /// <param name="permissionItemId">权限主键</param>
        /// <returns>影响的行数</returns>
        public int ClearPermissionScopeTarget(BaseUserInfo userInfo, string resourceCategory, string resourceId, string targetCategory, string permissionItemId)
        {
            // 写入调试信息
            #if (DEBUG)
                int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
                LogOnService.UserIsLogOn(userInfo);
            #endif

            int returnValue = 0;
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    string tableName = BasePermissionScopeEntity.TableName;
                    if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
                    {
                        tableName = BaseSystemInfo.SystemCode + "PermissionScope";
                    }
                    BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo, tableName);
                    returnValue = permissionScopeManager.RevokeResourcePermissionScopeTarget(resourceCategory, resourceId, targetCategory, permissionItemId);
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_ClearPermissionScopeTarget, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
                BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif
            return returnValue;
        }
 /// <summary>
 /// 获取用户的列权限
 /// </summary>
 /// <param name="userId">用户主键</param>
 /// <param name="tableCode">表名</param>
 /// <param name="permissionCode">操作权限</param>
 /// <returns>有权限的列数组</returns>
 public string[] GetColumns(string userId, string tableCode, string permissionCode = "Column.Access")
 {
     // Column.Edit
     string[] returnValue = null;
     if (permissionCode.Equals("Column.Deney") || permissionCode.Equals("Column.Edit"))
     {
         // 按数据权限来过滤数据
         BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
         returnValue = permissionScopeManager.GetResourceScopeIds(userId, tableCode, permissionCode);
     }
     else if (permissionCode.Equals("Column.Access"))
     {
         // 1: 用户有权限的列名
         BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
         returnValue = permissionScopeManager.GetResourceScopeIds(userId, tableCode, permissionCode);
         // 2: 先获取公开的列名
         string[] publicIds = this.GetProperties(new KeyValuePair<string, object>(BaseTableColumnsEntity.FieldTableCode, tableCode), new KeyValuePair<string, object>(BaseTableColumnsEntity.FieldIsPublic, 1), BaseTableColumnsEntity.FieldColumnCode);
         returnValue = StringUtil.Concat(returnValue, publicIds);
     }
     return returnValue;
 }
        /// <summary>
        /// 批量删除
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="ids">主键数组</param>
        /// <returns>影响行数</returns>
        public int BatchDeleteConstraint(BaseUserInfo userInfo, string[] ids)
        {
            // 写入调试信息
            #if (DEBUG)
                int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
                LogOnService.UserIsLogOn(userInfo);
            #endif

            int returnValue = 0;
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    BasePermissionScopeManager manager = new BasePermissionScopeManager(dbHelper, userInfo);
                    returnValue = manager.SetDeleted(ids);
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.TableColumnsService_BatchDeleteConstraint, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
                BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif

            return returnValue;
        }
Beispiel #8
0
        /// <summary>
        /// 获取列表
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <returns>数据表</returns>
        public DataTable GetDataTable(BaseUserInfo userInfo)
        {
            // 写入调试信息
            #if (DEBUG)
                int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
                LogOnService.UserIsLogOn(userInfo);
            #endif

            DataTable dataTable = new DataTable(BaseItemsEntity.TableName);
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    string tableName = BaseItemsEntity.TableName;
                    if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
                    {
                        tableName = BaseSystemInfo.SystemCode + "Items";
                    }
                    BaseItemsManager itemsManager = new BaseItemsManager(dbHelper, userInfo, tableName);
                    // 若是系统管理员,那就返回全部数据
                    if (userInfo.IsAdministrator)
                    {
                        dataTable = itemsManager.GetDataTable();
                    }
                    else
                    {
                        // 按数据权限来过滤数据
                        BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo);
                        string[] ids = permissionScopeManager.GetResourceScopeIds(userInfo.Id, BaseItemsEntity.TableName, "Resource.ManagePermission");
                        dataTable = itemsManager.GetDataTable(ids);
                    }
                    dataTable.TableName = tableName;
                    // 添加日志
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.ItemsService_GetDataTable, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
                BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif

            return dataTable;
        }
        /// <summary>
        /// 员工撤销授权
        /// </summary>
        /// <param name="userId">员工主键</param>
        /// <param name="permissionItemId">权限主键</param>
        /// <returns>主键</returns>
        public int RevokeUser(string userId, string permissionItemCode, string revokeUserId)
        {
            BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);

            return(this.RevokeUser(permissionScopeManager, userId, permissionItemCode, revokeUserId));
        }
 /// <summary>
 /// 为了提高授权的运行速度
 /// </summary>
 /// <param name="permissionScopeManager">权限域读写器</param>
 /// <param name="roleId">员工主键</param>
 /// <param name="revokePermissionId">权限主键</param>
 /// <returns>主键</returns>
 private int RevokePermissionItem(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string revokePermissionId)
 {
     List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
     parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
     parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
     parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BasePermissionItemEntity.TableName));
     parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, revokePermissionId));
     parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
     return permissionScopeManager.Delete(parameters);
 }
Beispiel #11
0
        /// <summary>
        /// 按日期获取日志
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="beginDate">开始时间</param>
        /// <param name="endDate">结束时间</param>
        /// <returns>数据表</returns>
        public DataTable GetDataTableByDate(BaseUserInfo userInfo, string beginDate, string endDate, string userId, string moduleId)
        {
            // 写入调试信息
            #if (DEBUG)
                int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
                LogOnService.UserIsLogOn(userInfo);
            #endif

            DataTable dataTable = new DataTable(BaseLogEntity.TableName);
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    BaseLogManager logManager = new BaseLogManager(dbHelper, userInfo);
                    if (!string.IsNullOrEmpty(userId))
                    {
                        dataTable = logManager.GetDataTableByDateByUserIds(new string[] { userId }, BaseLogEntity.FieldProcessId, moduleId, beginDate, endDate);
                    }
                    else
                    {
                        if (userInfo.IsAdministrator)
                        {
                            dataTable = logManager.GetDataTableByDate(BaseLogEntity.FieldProcessId, moduleId, beginDate, endDate);
                        }
                        else
                        {
                            BasePermissionScopeManager BasePermissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo);
                            string[] userIds = BasePermissionScopeManager.GetUserIds(userInfo.Id, "Resource.ManagePermission");
                            dataTable = logManager.GetDataTableByDateByUserIds(userIds, BaseLogEntity.FieldProcessId, moduleId, beginDate, endDate);
                        }
                    }
                    dataTable.TableName = BaseLogEntity.TableName;
                    // 添加访问日志
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.LogService_GetDataTableByDate, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
                BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif
            return dataTable;
        }
 public int RevokeRoles(string[] userIds, string permissionItemCode, string[] revokeRoleIds)
 {
     int returnValue = 0;
     BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
     for (int i = 0; i < userIds.Length; i++)
     {
         for (int j = 0; j < revokeRoleIds.Length; j++)
         {
             this.RevokeRole(permissionScopeManager, userIds[i], permissionItemCode, revokeRoleIds[j]);
             returnValue++;
         }
     }
     return returnValue;
 }
        /// 获取审核状态表
        /// </summary>
        /// <param name="enabled">审核状态</param>
        /// <param name="startDate"></param>
        /// <param name="paramEnd"></param>
        /// <returns>数据表</returns>
        public DataTable Search(int enabled, DateTime startDate, DateTime endDate)
        {
            string sqlQuery = " SELECT A.*, B." + BaseStaffTable.FieldRealName + " AS StaffFullName "
                            + " ,C." + BaseStaffTable.FieldUserName + " AS AuditName "
                            + "   FROM " + BaseWorkReportTable.TableName + " AS A"
                            + " LEFT JOIN " + BaseStaffTable.TableName + " AS B ON B." + BaseStaffTable.FieldId + "=A." + BaseWorkReportTable.FieldStaffId
                            + " LEFT JOIN " + BaseStaffTable.TableName + " AS C ON C." + BaseStaffTable.FieldId + "=A." + BaseWorkReportTable.FieldAuditStaffId;
            //+ " WHERE A." + BaseWorkReportTable.FieldEnabled + " = ? ";

            // 设置审核状态
            sqlQuery += " WHERE A." + BaseWorkReportTable.FieldEnabled + " = " + enabled;
            if (startDate.ToString().Trim().Length > 0)
            {
                sqlQuery += " AND A." + BaseWorkReportTable.FieldWorkDate + " >= '" + startDate + "'";
            }
            if (endDate.ToString().Trim().Length > 0)
            {
                sqlQuery += " AND A." + BaseWorkReportTable.FieldWorkDate + " <= '" + endDate + "'";
            }
            // 是否系统管理员
            if (!UserInfo.IsAdministrator)
            {
                BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
                string[] staffIds = permissionScopeManager.GetUserIds(UserInfo.Id, "Resource.ManagePermission");
                string staffs = BaseBusinessLogic.ObjectsToList(staffIds);
                sqlQuery += " AND A." + BaseWorkReportTable.FieldStaffId + " IN (" + staffs + ")";
            }
            sqlQuery += " ORDER BY " + BaseWorkReportTable.FieldWorkDate + " DESC ";

            return DbHelper.Fill(sqlQuery);
        }
 /// <summary>
 /// 判断某个时间范围内是否存在
 /// </summary>
 /// <param name="names"></param>
 /// <param name="values"></param>
 /// <param name="startDate"></param>
 /// <param name="endDate"></param>
 /// <returns></returns>
 public bool HasAuthorized(List<KeyValuePair<string, object>> parameters, string startDate, string endDate)
 {
     bool returnValue = false;
     BasePermissionScopeManager manager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo);
     returnValue = manager.Exists(parameters);
     /*
     if (returnValue)
     {
         // 再去判断时间
         string minDate = "1900-01-01 00:00:00";
         string maxDate = "3000-12-31 00:00:00";
         // 不用设置的太大
         string srcStartDate = manager.GetProperty(names, values, BasePermissionScopeEntity.FieldStartDate);
         string srcEndDate = manager.GetProperty(names, values, BasePermissionScopeEntity.FieldEndDate);
         if (string.IsNullOrEmpty(srcStartDate))
         {
             srcStartDate = minDate;
         }
         if (string.IsNullOrEmpty(startDate))
         {
             startDate = minDate;
         }
         if (string.IsNullOrEmpty(srcEndDate))
         {
             srcEndDate = maxDate;
         }
         if (string.IsNullOrEmpty(endDate))
         {
             endDate = maxDate;
         }
         // 满足这样的条件
         // 时间A(Start1-End1),   时间B(Start2-End2)
         // Start1 <Start2   &&   Start2 <End1
         // Start1 <End2   &&   End2 <End1
         // Start2 <Start1   &&   End1 <End2
         if ((CheckDateScope(srcStartDate, startDate) && CheckDateScope(startDate, srcEndDate))
             || (CheckDateScope(srcStartDate, endDate) && CheckDateScope(endDate, srcEndDate))
             || (CheckDateScope(startDate, srcStartDate) && CheckDateScope(srcEndDate, endDate)))
         {
             returnValue = true;
         }
         else
         {
             returnValue = false;
         }
     }
     */
     return returnValue;
 }
        /// <summary>
        /// 获取用户有权限访问的模块主键
        /// </summary>
        /// <param name="userId">用户主键</param>
        /// <returns>主键数组</returns>
        public string[] GetIdsByUser(string userId)
        {
            // 公开的模块谁都可以访问
            string[] openModuleIds = null;

            List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
            parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldIsPublic, 1));
            parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldEnabled, 1));
            parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldDeletionStateCode, 0));

            openModuleIds = this.GetIds(parameters);

            string[] twoModuleIds = null;

            if (!string.IsNullOrEmpty(userId))
            {
                // 按第一个解决方案进行计算 (用户 ---> 权限 --- 权限 <--- 菜单)
                // 获取用户的所有权限ID数组
                // BasePermissionManager permissionManager = new BasePermissionManager(DbHelper, UserInfo);
                // DataTable dtPermission = permissionManager.GetPermissionByUser(UserInfo.Id);
                // string[] permissionItemIds = BaseBusinessLogic.FieldToArray(dtPermission, BasePermissionItemEntity.FieldId);

                /*
                string[] oneModuleIds = new string[0];
                if ((permissionItemIds != null) && (permissionItemIds.Length > 0))
                {
                    // 获取所有跟这个权限有关联的模块ID数组
                    string sqlQuery = string.Empty;
                    sqlQuery = " SELECT " + BasePermissionEntity.FieldResourceId
                                + "   FROM " + BasePermissionEntity.TableName
                                + "  WHERE " + BasePermissionEntity.FieldResourceCategory + " = '" + BaseModuleEntity.TableName + "' "
                                + "        AND " + BasePermissionEntity.FieldPermissionItemId + " IN (" + BaseBusinessLogic.ObjectsToList(permissionItemIds) + ")";

                    dtPermission = DbHelper.Fill(sqlQuery);
                    oneModuleIds = BaseBusinessLogic.FieldToArray(dtPermission, BasePermissionEntity.FieldResourceId);
                }
                */

                // 按第二个解决方案进行计算 (用户 ---> 模块访问权限 ---> 菜单)
                string tableName = BasePermissionScopeEntity.TableName;
                if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
                {
                    tableName = BaseSystemInfo.SystemCode + "PermissionScope";
                }
                BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, tableName);
                // 模块访问,连同用户本身的,还有角色的,全部获取出来
                string permissionItemCode = "Resource.AccessPermission";
                twoModuleIds = permissionScopeManager.GetResourceScopeIds(userId, BaseModuleEntity.TableName, permissionItemCode);

                // 这些模块是有效的才可以
                parameters = new List<KeyValuePair<string, object>>();
                parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldId, twoModuleIds));
                parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldEnabled, 1));
                parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldDeletionStateCode, 0));
                twoModuleIds = this.GetProperties(parameters, BaseModuleEntity.FieldId);

                // 这里应该还缺少组织机构的模块权限,应该补上才对
            }
            // 返回相应的模块列表
            string[] moduleIds = StringUtil.Concat(openModuleIds, twoModuleIds);
            return moduleIds;
        }
Beispiel #16
0
        /// <summary>
        /// 查询日志
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="search">查询</param>
        /// <param name="OnlyOnLine">是否在线</param>
        /// <returns>数据表</returns>
        public DataTable Search(BaseUserInfo userInfo, string searchValue, bool OnlyOnLine)
        {
            // 写入调试信息
            #if (DEBUG)
            int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
            LogOnService.UserIsLogOn(userInfo);
            #endif

            DataTable dataTable = new DataTable(BaseLogEntity.TableName);
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    BaseLogManager logManager = new BaseLogManager(dbHelper, userInfo);
                    BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo);
                    string[] userIds = permissionScopeManager.GetUserIds(userInfo.Id, "Resource.ManagePermission");
                    dataTable = logManager.Search(userIds,searchValue, OnlyOnLine, true);
                    dataTable.TableName = BaseLogEntity.TableName;
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.UserService_Search, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
            BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif

            return dataTable;
        }
Beispiel #17
0
        /// <summary>
        /// 获取用户访问情况日志
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <returns>数据表</returns>
        public DataTable GetLogGeneral(BaseUserInfo userInfo)
        {
            // 写入调试信息
            #if (DEBUG)
                int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
                LogOnService.UserIsLogOn(userInfo);
            #endif

            DataTable dataTable = new DataTable(BaseLogEntity.TableName);
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo);
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    if (userInfo.IsAdministrator)
                    {
                        dataTable = userManager.GetDataTable();
                    }
                    else
                    {
                        BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo);
                        string[] userIds = permissionScopeManager.GetUserIds(userInfo.Id, "Resource.ManagePermission");
                        dataTable = userManager.GetDataTableByIds(userIds);
                    }
                    dataTable.TableName = BaseLogEntity.TableName;
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.LogService_GetLogGeneral, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
                BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif
            return dataTable;
        }
 public int RevokeUsers(string userId, string permissionItemCode, string[] revokeUserIds)
 {
     int returnValue = 0;
     BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
     for (int i = 0; i < revokeUserIds.Length; i++)
     {
         this.RevokeUser(permissionScopeManager, userId, permissionItemCode, revokeUserIds[i]);
         returnValue++;
     }
     return returnValue;
 }
        /// <summary>
        /// 为了提高授权的运行速度
        /// </summary>
        /// <param name="permissionScopeManager">权限域读写器</param>
        /// <param name="Id">主键</param>
        /// <param name="userId">员工主键</param>
        /// <param name="grantUserId">权限主键</param>
        /// <returns>主键</returns>
        private string GrantUser(BasePermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantUserId)
        {
            string returnValue = string.Empty;

            List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
            parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseUserEntity.TableName));
            parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, userId));
            parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseUserEntity.TableName));
            parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, grantUserId));
            parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));

            if (!this.Exists(parameters))
            {
                BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
                resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
                resourcePermissionScopeEntity.ResourceCategory = BaseUserEntity.TableName;
                resourcePermissionScopeEntity.ResourceId = userId;
                resourcePermissionScopeEntity.TargetCategory = BaseUserEntity.TableName;
                resourcePermissionScopeEntity.TargetId = grantUserId;
                resourcePermissionScopeEntity.Enabled = 1;
                resourcePermissionScopeEntity.DeletionStateCode = 0;
                return permissionScopeManager.Add(resourcePermissionScopeEntity);
            }

            return returnValue;
        }
 public int RevokeModules(string[] roleIds, string permissionItemCode, string revokeModuleId)
 {
     int returnValue = 0;
     BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
     for (int i = 0; i < roleIds.Length; i++)
     {
         this.RevokeModule(permissionScopeManager, roleIds[i], permissionItemCode, revokeModuleId);
         returnValue++;
     }
     return returnValue;
 }
 /// <summary>
 /// 员工撤销授权
 /// </summary>
 /// <param name="userId">员工主键</param>
 /// <param name="permissionItemId">权限主键</param>
 /// <returns>主键</returns>
 public int RevokeRole(string userId, string permissionItemCode, string revokeRoleId)
 {
     BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
     return this.RevokeRole(permissionScopeManager, userId, permissionItemCode, revokeRoleId);
 }
Beispiel #22
0
        /// <summary>
        /// 获取列表
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <returns>数据表</returns>
        public DataTable GetDataTable(BaseUserInfo userInfo)
        {
            // 写入调试信息
            #if (DEBUG)
                int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
                LogOnService.UserIsLogOn(userInfo);
            #endif

            DataTable dataTable = new DataTable(BaseModuleEntity.TableName);
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    BaseFolderManager folderManager = new BaseFolderManager(dbHelper, userInfo);
                    // 检查相应的系统必备文件夹
                    folderManager.FolderCheck();
                    if (userInfo.IsAdministrator)
                    {
                        dataTable = folderManager.GetDataTable(BaseFolderEntity.FieldSortCode);
                    }
                    else
                    {
                        // 数据权限部分,部门的权限部分。
                        BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo);
                        string[] ids = permissionScopeManager.GetOrganizeIds(userInfo.Id, "Resource.ManagePermission");
                        // 获取安全等级,比自己小的。
                        string commandText = string.Format(@"SELECT *
                                                               FROM BaseFolder
                                                              WHERE (DeletionStateCode = 0
                                                                    AND Enabled = 1
                                                                    AND (IsPublic = 1
                                                                         OR Id = 'UserSpace'
                                                                         OR Id = 'CompanyFile'
                                                                         OR Id = '{0}'
                                                                         OR Id = '{1}'
                                                                         OR Id = '{2}'
                                                                         OR CreateUserId = '{3}')) ", userInfo.Id, userInfo.DepartmentId, userInfo.CompanyId, userInfo.Id);
                        if (ids != null && ids.Length > 0)
                        {
                            commandText += " OR ID IN (" + BaseBusinessLogic.ObjectsToList(ids) + ") ";
                        }
                        dataTable = folderManager.Fill(commandText);
                    }
                    dataTable.DefaultView.Sort = BaseFolderEntity.FieldSortCode;
                    dataTable.TableName = BaseFolderEntity.TableName;
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
                BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif

            return dataTable;
        }
        /// <summary>
        /// 获得用户授权范围
        /// </summary>
        /// <param name="staffId">员工主键</param>
        /// <returns>数据表</returns>
        public DataTable GetDataTableByUser(string userId, string permissionItemCode)
        {
            DataTable returnValue = new DataTable(this.CurrentTableName);
            List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
            // 这里需要判断,是系统权限?
            bool isRole = false;
            BaseUserManager userManager = new BaseUserManager(this.DbHelper, this.UserInfo);
            // 用户管理员
            isRole = userManager.IsInRoleByCode(userId, "UserAdmin");
            if (isRole)
            {

                parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldCategoryCode, "System"));
                parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldEnabled, 1));
                parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0));
                returnValue = this.GetDataTable(parameters, BasePermissionItemEntity.FieldSortCode);
                returnValue.TableName = this.CurrentTableName;
                return returnValue;
            }

            // 这里需要判断,是业务权限?
            isRole = userManager.IsInRoleByCode(userId, "Admin");
            if (isRole)
            {
                parameters = new List<KeyValuePair<string, object>>();
                parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldCategoryCode, "Application"));
                parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldEnabled, 1));
                parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0));
                returnValue = this.GetDataTable(parameters, BasePermissionItemEntity.FieldSortCode);
                returnValue.TableName = this.CurrentTableName;
                return returnValue;
            }

            BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
            string[] permissionItemIds = permissionScopeManager.GetTreeResourceScopeIds(userId, BasePermissionItemEntity.TableName, permissionItemCode, true);
            // 有效的,未被删除的
            parameters = new List<KeyValuePair<string, object>>();
            parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldId, permissionItemIds));
            parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldEnabled, 1));
            parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0));

            returnValue = this.GetDataTable(parameters, BasePermissionItemEntity.FieldSortCode);
            returnValue.TableName = this.CurrentTableName;
            return returnValue;
        }
 public int RevokePermissionItems(string[] roleIds, string permissionItemCode, string[] revokePermissionIds)
 {
     int returnValue = 0;
     BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
     for (int i = 0; i < roleIds.Length; i++)
     {
         for (int j = 0; j < revokePermissionIds.Length; j++)
         {
             this.RevokePermissionItem(permissionScopeManager, roleIds[i], permissionItemCode, revokePermissionIds[j]);
             returnValue++;
         }
     }
     return returnValue;
 }
 /// <summary>
 /// 员工撤销授权
 /// </summary>
 /// <param name="roleId">员工主键</param>
 /// <param name="permissionItemId">权限主键</param>
 /// <returns>主键</returns>
 public int RevokePermissionItem(string roleId, string permissionItemCode, string revokePermissionId)
 {
     BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
     return this.RevokePermissionItem(permissionScopeManager, roleId, permissionItemCode, revokePermissionId);
 }
 public int RevokePermissionItems(string[] userIds, string permissionItemCode, string revokePermissionId)
 {
     int returnValue = 0;
     BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
     for (int i = 0; i < userIds.Length; i++)
     {
         this.RevokePermissionItem(permissionScopeManager, userIds[i], permissionItemCode, revokePermissionId);
         returnValue++;
     }
     return returnValue;
 }
 /// <summary>
 /// 为了提高授权的运行速度
 /// </summary>
 /// <param name="permissionScopeManager">权限域读写器</param>
 /// <param name="Id">主键</param>
 /// <param name="roleId">员工主键</param>
 /// <param name="grantPermissionId">权限主键</param>
 /// <returns>主键</returns>
 private string GrantPermissionItem(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string grantPermissionId)
 {
     string returnValue = string.Empty;
     BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
     resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
     resourcePermissionScopeEntity.ResourceCategory = BaseRoleEntity.TableName;
     resourcePermissionScopeEntity.ResourceId = roleId;
     resourcePermissionScopeEntity.TargetCategory = BasePermissionItemEntity.TableName;
     resourcePermissionScopeEntity.TargetId = grantPermissionId;
     resourcePermissionScopeEntity.Enabled = 1;
     resourcePermissionScopeEntity.DeletionStateCode = 0;
     return permissionScopeManager.Add(resourcePermissionScopeEntity);
 }
 public int GrantPermissionItems(string[] userIds, string permissionItemCode, string[] grantPermissionIds)
 {
     int returnValue = 0;
     BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
     for (int i = 0; i < userIds.Length; i++)
     {
         for (int j = 0; j < grantPermissionIds.Length; j++)
         {
             this.GrantPermissionItem(permissionScopeManager, userIds[i], permissionItemCode, grantPermissionIds[j]);
             returnValue++;
         }
     }
     return returnValue;
 }
 /// <summary>
 /// 员工授予权限
 /// </summary>
 /// <param name="roleId">员工主键</param>
 /// <param name="permissionItemId">权限主键</param>
 /// <param name="organizeId">权组织机构限主键</param>
 /// <returns>主键</returns>
 public string GrantPermissionItem(string roleId, string permissionItemCode, string grantPermissionId)
 {
     BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
     return this.GrantPermissionItem(permissionScopeManager, roleId, permissionItemCode, grantPermissionId);
 }
 /// <summary>
 /// 为了提高授权的运行速度
 /// </summary>
 /// <param name="permissionScopeManager">权限域读写器</param>
 /// <param name="Id">主键</param>
 /// <param name="userId">员工主键</param>
 /// <param name="grantModuleId">权限主键</param>
 /// <returns>主键</returns>
 private string GrantModule(BasePermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantModuleId)
 {
     string returnValue = string.Empty;
     BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
     string permissionId = this.GetIdByCode(permissionItemCode);
     if (string.IsNullOrEmpty(permissionId))
     {
         return string.Empty;
     }
     resourcePermissionScopeEntity.PermissionId = int.Parse(permissionId);
     resourcePermissionScopeEntity.ResourceCategory = BaseUserEntity.TableName;
     resourcePermissionScopeEntity.ResourceId = userId;
     resourcePermissionScopeEntity.TargetCategory = BaseModuleEntity.TableName;
     resourcePermissionScopeEntity.TargetId = grantModuleId;
     resourcePermissionScopeEntity.Enabled = 1;
     resourcePermissionScopeEntity.DeletionStateCode = 0;
     return permissionScopeManager.Add(resourcePermissionScopeEntity);
 }
 /// <summary>
 /// 员工授予权限
 /// </summary>
 /// <param name="userId">员工主键</param>
 /// <param name="permissionItemId">权限主键</param>
 /// <param name="organizeId">权组织机构限主键</param>
 /// <returns>主键</returns>
 public string GrantModule(string userId, string permissionItemCode, string grantModuleId)
 {
     BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
     return this.GrantModule(permissionScopeManager, userId, permissionItemCode, grantModuleId);
 }
        /// <summary>
        /// 员工授予权限
        /// </summary>
        /// <param name="userId">员工主键</param>
        /// <param name="permissionItemId">权限主键</param>
        /// <param name="organizeId">权组织机构限主键</param>
        /// <returns>主键</returns>
        public string GrantUser(string userId, string permissionItemCode, string grantUserId)
        {
            BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);

            return(this.GrantUser(permissionScopeManager, userId, permissionItemCode, grantUserId));
        }