/// <summary>
/// 某个用户是否有相应的操作权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <param name="permissionItemCode">权限编号</param>
/// <param name="permissionItemName">权限名称</param>
/// <returns>是否有权限</returns>
public bool IsAuthorizedByUser(BaseUserInfo userInfo, string userId, string permissionItemCode, string permissionItemName = null)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
bool returnValue = false;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
if (string.IsNullOrEmpty(userId))
{
userId = userInfo.Id;
}
#if (!DEBUG)
// 是超级管理员,就不用继续判断权限了
BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo);
returnValue = userManager.IsAdministrator(userId);
if (returnValue)
{
return(returnValue);
}
#endif
BasePermissionManager permissionManager = new BasePermissionManager(dbHelper, userInfo);
returnValue = permissionManager.CheckPermissionByUser(userId, permissionItemCode, permissionItemName);
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_IsAuthorizedByUser, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return(returnValue);
}
