/// <summary>
/// 获取用户权限
/// </summary>
/// <param name="strUserName"></param>
/// <param name="strPassword"></param>
/// <returns></returns>
public DataTable GetLoginUserRole(string strUserName, string strPassword)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("SELECT * from LoginUser lu where lu.IsValid = 'Y' and lu.UserName=@UserName and lu.Password=@Password;");
OleDbParameter[] parameters =
{
new OleDbParameter("@UserName", OleDbType.VarChar, 100),
new OleDbParameter("@Password", OleDbType.VarChar, 100)
};
parameters[0].Value = strUserName;
parameters[1].Value = strPassword;
DataSet ds = OledbHelper.Query(strSql.ToString(), parameters);
if (ds != null && ds.Tables.Count > 0 && ds.Tables[0].Rows.Count > 0)
{
return(ds.Tables[0]);
}
return(null);
}
/// <summary>
/// 通过用户权限获取所有客户数据
/// </summary>
/// <param name="strUserName"></param>
/// <param name="strPassword"></param>
/// <returns></returns>
public DataSet GetAllCustomer(string strUserName, string strPassword)
{
LoginUserDAL dal = new LoginUserDAL();
DataTable dt = dal.GetLoginUserRole(strUserName, strPassword);
if (dt != null || IsNotHaveUNPW == "0")
{
StringBuilder strSql = new StringBuilder();
OleDbParameter[] parameters = { new OleDbParameter("@LID", OleDbType.VarChar, 100) };
strSql.Append(@"SELECT c.ID
, l.UserName
, c.FullName
, c.Phone
, c.Address
, c.Gender
, c.CreateTime
, c.UpdateTime
, c.IsValid
, c.Remarks
, c.Account
, c.AccountRemarks
, c.ConsumptionTime
FROM Customer As c
LEFT JOIN LoginUser l on c.LID = l.UID");
if (IsNotHaveUNPW == "0")
{
parameters = null;
}
else if (!DefaultHighestAuthority.Equals(dt.Rows[0]["Authority"].ToString()))
{
strSql.Append(" where c.LID = @LID");
parameters[0].Value = dt.Rows[0]["UID"];
}
strSql.Append(" Order By c.CreateTime desc;");
return(OledbHelper.Query(strSql.ToString(), parameters));
}
return(null);
}