/// <summary>
/// 获取某用户对某实例执行某动作时的角色,如用户无执行该动作的权限,返回null
/// </summary>
/// <param name="instance">工作流实例</param>
/// <param name="userId">用户的Id</param>
/// <param name="actionName">执行动作</param>
/// <returns></returns>
public virtual ApprovalRole GetActionRole(WorkflowInstance instance, string userId, string actionName)
{
if (instance == null)
{
throw new ArgumentNullException("instance");
}
if (string.IsNullOrEmpty(userId))
{
throw new ArgumentNullException("userId");
}
if (string.IsNullOrEmpty(actionName))
{
throw new ArgumentNullException("actionName");
}
bool isOwner = IsOwner(instance, userId);
ApprovalEvent approvalEvent = ((StateMachineWorkflowInstance)instance).CurrentState.GetEventByName(actionName);
foreach (EventRole role in approvalEvent.Roles)
{
if (IsAuthorized(userId, approvalEvent, isOwner, role))
{
return(WorkflowUtility.GetUserRoleByName(instance.Workflow, role.Name));
}
}
return(null);
}
/// <summary>
/// Gets the sub unit role list.
/// </summary>
/// <param name="taskStateList">The task state list.</param>
/// <param name="taskName">Name of the task.</param>
/// <returns></returns>
protected override List <StateMachineWorkflowInstance> GetSubUnitRoleList(List <string> taskStateList, string taskName)
{
List <StateMachineWorkflowInstance> instanceList = new List <StateMachineWorkflowInstance>();
foreach (string stateName in taskStateList)
{
ApprovalEvent taskEvent = new ApprovalEvent();
ApprovalState state = Workflow.GetStateByName(stateName);
if (state != null)
{
foreach (ApprovalEvent approvalEvent in state.Events)
{
foreach (EventRole role in approvalEvent.Roles)
{
if (role.Name == Rules.UserRole.Name && taskName == role.TaskName)
{
taskEvent = approvalEvent;
break;
}
}
}
//如果用户为二级单位专办员
if (Rules.IsCreator())
{
//如果该任务只允许立项创建者办理
if (taskEvent.Authorization != Authorization.DenyOwner.ToString())
{
instanceList.AddRange(GetOwnerList(new string[] { stateName }));
}
}
else
{
instanceList.AddRange(GetUnitList(new string[] { stateName }));
}
//非用户创建,但是属于指定专办的实例,且实例为指定状态
if (taskEvent.Authorization == Authorization.DenyOwner.ToString())
{
//其它二级单位专办员获得专办立项列表
List <ApprovalAssignment> assignmentList = WorkflowRuntime.Current.GetService <IApprovalSaveService>().GetAssignmentByToUnit(this.Workflow.Name, UnitCode);
foreach (ApprovalAssignment assignment in assignmentList)
{
StateMachineWorkflowInstance assignInstance = (StateMachineWorkflowInstance)WorkflowRuntime.Current.GetInstance(assignment.WorkflowInstanceId);
if (assignInstance.StateName == stateName)
{
instanceList.Add(assignInstance);
}
}
}
}
}
return(instanceList);
}
/// <summary>
/// 是否对实例动作有触发权限
/// </summary>
/// <param name="userId">The user id.</param>
/// <param name="approvalEvent">The approval event.</param>
/// <param name="instance">The instance.</param>
/// <returns>
/// <c>true</c> if the specified user id is authorized; otherwise, <c>false</c>.
/// </returns>
public virtual bool IsAuthorized(string userId, ApprovalEvent approvalEvent, WorkflowInstance instance)
{
bool isOwner = IsOwner(instance, userId);
foreach (EventRole role in approvalEvent.Roles)
{
if (IsAuthorized(userId, approvalEvent, isOwner, role))
{
return(true);
}
}
return(false);
}
/// <summary>
/// Executes the specified activity.
/// </summary>
/// <param name="activity">The activity.</param>
protected override void ExecuteActivity(Activity activity)
{
activity.OnInitialize(this);
//执行当前动作
activity.OnExecute(this);
//如果工作流动作完成,那么移动到下一步状态
if (activity.ExecutionStatus == ActivityExecutionStatus.Closed)
{
//添加当前动作到动作列表中
executedActivities.Add(activity);
if (activity is IBranchAction)
{
//分支动作,需要获取分支执行后选定的状态
IBranchAction branch = (IBranchAction)activity;
MoveOn(branch.GetSelectedState());
}
else
{
//顺序动作,从动作针对的事件名称中获取状态
ApprovalEvent currentEvent = CurrentState.GetEventByName(activity.EventName);
MoveOn(currentEvent.NextStateNames[0]);
}
}
//保存
Save();
if (this.stateRecordNames.Count > 0)
{
WorkflowRuntime.Current.OnWorkflowExecuted(new StateChangedEventArgs(this, this.stateRecordNames[stateRecordNames.Count - 1], stateName));
}
//如果是子流程的执行完成,那么还有判断其父流程是否也已经执行完毕,如果执行完毕,那么设置其父流程的下一步状态
if (this.CurrentStatus == WorkflowExecutionStatus.Closed && parentId != null && parentId != Guid.Empty)
{
StateMachineWorkflowInstance parentInstance = (StateMachineWorkflowInstance)WorkflowRuntime.Current.GetInstance(parentId);
parentInstance.OnChildFinished(this);
}
else if (this.CurrentStatus == WorkflowExecutionStatus.Aborted)
{
WorkflowRuntime.Current.OnWorkflowTerminated(new StateChangedEventArgs(this, this.stateRecordNames[stateRecordNames.Count - 1], stateName));
}
if (IsEnd())
{
WorkflowRuntime.Current.OnWorkflowCompleted(new StateChangedEventArgs(this, this.stateRecordNames[stateRecordNames.Count - 1], stateName));
}
}
/// <summary>
/// 判断某用户是否具有对指定实例进行指定动作的执行权限
/// </summary>
/// <param name="instance">工作流实例</param>
/// <param name="actionName">执行动作</param>
/// <returns></returns>
public virtual bool CanDoAction(WorkflowInstance instance, string actionName)
{
if (instance == null)
{
throw new ArgumentNullException("instance");
}
if (string.IsNullOrEmpty(actionName))
{
throw new ArgumentNullException("actionName");
}
IUserInRole userInRole = WorkflowRuntime.Current.GetService <IIdentityService>().GetUserInRole();
IUserIdentity userIdentity = WorkflowRuntime.Current.GetService <IIdentityService>().GetUserIdentity();
if (GetActionRole(instance, userIdentity.GetUserId(), actionName) != null)
{
return(true);
}
ApprovalEvent approvalEvent = ((StateMachineWorkflowInstance)instance).CurrentState.GetEventByName(actionName);
IApprovalSaveService approvalService = WorkflowRuntime.Current.GetService <IApprovalSaveService>();
List <ApprovalAgent> agentList = approvalService.GetValidAgentInfoByToUser(userIdentity.GetUserId());
if (agentList != null && agentList.Count > 0)
{
foreach (ApprovalAgent agentInfo in agentList)
{
foreach (EventRole role in approvalEvent.Roles)
{
if (IsAuthorized(agentInfo.SetUserId, approvalEvent, instance))
{
return(true);
}
}
}
}
return(false);
}
/// <summary>
/// Determines whether the specified user id is authorized.
/// </summary>
/// <param name="userId">The user id.</param>
/// <param name="approvalEvent">The approval event.</param>
/// <param name="isOwner">if set to <c>true</c> [is owner].</param>
/// <param name="role">The role.</param>
/// <returns>
/// <c>true</c> if the specified user id is authorized; otherwise, <c>false</c>.
/// </returns>
public virtual bool IsAuthorized(string userId, ApprovalEvent approvalEvent, bool isOwner, EventRole role)
{
IUserInRole userInRole = WorkflowRuntime.Current.GetService <IIdentityService>().GetUserInRole();
return(userInRole.IsUserInRole(userId, role.Name) && ((isOwner && approvalEvent.Authorization == Authorization.OwnerOnly.ToString()) || (!isOwner && approvalEvent.Authorization == Authorization.DenyOwner.ToString()) || approvalEvent.Authorization == Authorization.All.ToString()));
}
