/// <summary> /// 某个用户是否有相应的操作权限 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <param name="permissionItemCode">权限编号</param> /// <param name="permissionItemName">权限名称</param> /// <returns>是否有权限</returns> public bool IsAuthorizedByUser(BaseUserInfo userInfo, string userId, string permissionItemCode, string permissionItemName = null) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif bool returnValue = false; using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); if (string.IsNullOrEmpty(userId)) { userId = userInfo.Id; } #if (!DEBUG) // 是超级管理员,就不用继续判断权限了 BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo); returnValue = userManager.IsAdministrator(userId); if (returnValue) { return(returnValue); } #endif BasePermissionManager permissionManager = new BasePermissionManager(dbHelper, userInfo); returnValue = permissionManager.CheckPermissionByUser(userId, permissionItemCode, permissionItemName); BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_IsAuthorizedByUser, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return(returnValue); }
/// <summary> /// 授予资源的权限 /// </summary> /// <param name="userInfo">用户</param> /// <param name="resourceCategory">资源分类</param> /// <param name="resourceId">资源主键</param> /// <param name="grantPermissionItemIds">权限主键</param> /// <returns>影响的行数</returns> public int GrantResourcePermission(BaseUserInfo userInfo, string resourceCategory, string resourceId, string[] grantPermissionItemIds) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif int returnValue = 0; using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); BaseRoleScopeManager roleScopeManager = new BaseRoleScopeManager(dbHelper, userInfo); // 小心异常,检查一下参数的有效性 if (grantPermissionItemIds != null) { BasePermissionManager permissionManager = new BasePermissionManager(dbHelper, userInfo); for (int i = 0; i < grantPermissionItemIds.Length; i++) { BasePermissionEntity resourcePermissionEntity = new BasePermissionEntity(); resourcePermissionEntity.ResourceCategory = resourceCategory; resourcePermissionEntity.ResourceId = resourceId; resourcePermissionEntity.PermissionId = int.Parse(grantPermissionItemIds[i]); resourcePermissionEntity.Enabled = 1; resourcePermissionEntity.DeletionStateCode = 0; permissionManager.Add(resourcePermissionEntity); returnValue++; } } BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_GrantResourcePermission, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return(returnValue); }
/// <summary> /// 撤消资源的权限 /// </summary> /// <param name="userInfo">用户</param> /// <param name="resourceCategory">资源分类</param> /// <param name="resourceId">资源主键</param> /// <param name="revokePermissionItemIds">权限主键</param> /// <returns>影响的行数</returns> public int RevokeResourcePermission(BaseUserInfo userInfo, string resourceCategory, string resourceId, string[] revokePermissionItemIds) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif int returnValue = 0; using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); // BaseRoleScopeManager manager = new BaseRoleScopeManager(dbHelper, userInfo); // 小心异常,检查一下参数的有效性 if (revokePermissionItemIds != null) { BasePermissionManager permissionManager = new BasePermissionManager(dbHelper, userInfo); for (int i = 0; i < revokePermissionItemIds.Length; i++) { List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceCategory, resourceCategory)); parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceId, resourceId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldPermissionItemId, revokePermissionItemIds[i])); // returnValue += permissionManager.SetDeleted(parameters); returnValue += permissionManager.Delete(parameters); } } BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_RevokeResourcePermission, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return(returnValue); }
/// <summary> /// 获得某个用户的所有权限列表 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <returns>数据表</returns> public DataTable GetPermissionDTByUser(BaseUserInfo userInfo, string userId) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif DataTable dataTable = new DataTable(BasePermissionItemEntity.TableName); using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); string tableName = BasePermissionItemEntity.TableName; if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode)) { tableName = BaseSystemInfo.SystemCode + "PermissionItem"; } // 是否超级管理员 BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo); BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo, tableName); if (userManager.IsAdministrator(userId)) { dataTable = permissionItemManager.GetDataTable(); } else { tableName = BasePermissionEntity.TableName; if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode)) { tableName = BaseSystemInfo.SystemCode + "Permission"; } BasePermissionManager permissionManager = new BasePermissionManager(dbHelper, userInfo, tableName); string[] ids = permissionManager.GetPermissionIdsByUser(userId); // 若是以前赋予的权限,后来有些权限设置为无效了,那就不应该再获取哪些无效的权限才对。 // bug修正:没有赋值DataTable,导致返回值空 dataTable = permissionItemManager.GetDataTable( new KeyValuePair <string, object>(BasePermissionItemEntity.FieldId, ids) , new KeyValuePair <string, object>(BasePermissionItemEntity.FieldEnabled, 1) , new KeyValuePair <string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0)); } dataTable.TableName = tableName; BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_GetPermissionDTByUser, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return(dataTable); }
/// <summary> /// 有某个操作权限的所有用户列表 /// 反向通知有权限的用户 /// </summary> /// <param name="permissionItemCode">操作权限编号</param> /// <param name="permissionItemName">操作权限名称</param> /// <returns>用户主键数组</returns> public string[] GetPermissionUserIds(string permissionItemCode, string permissionItemName = null) { var permissionManager = new BasePermissionManager(UserCenterDbHelper, UserInfo); return(permissionManager.GetUserIds(permissionItemCode, permissionItemName)); }