public static string getFilterCond(string cond, string sessionKey) { AuthInfo auth = AuthModel.GetAuthInfo(sessionKey); CatBranchDT branchDT = new CatBranchDT(); if (auth != null) { CatSalestaffDT staffDT = new CatSalestaffDT(); string branchIds = string.Join(",", branchDT.GetBranchTree(auth.BranchId).ToArray()); DataTable dtStaff = staffDT.GetByCond("BranchID IN (" + branchIds + ")"); string staffIds = string.Join(",", dtStaff.ColToListString("ID").ToArray()); cond += cond == string.Empty ? "" : " AND "; if (auth.UserRightIds.Contains("1")) { cond += ""; } else if (auth.UserRightIds.Contains("2")) { cond += " SaleStaffID in (" + staffIds + ")"; } else if (auth.UserRightIds.Contains("3")) { cond += " SaleStaffID=" + auth.StaffId; } } return(cond); }
public CatSalestaffRule IsExits(string cond, string message) { try { DataTable dt = dta.GetByCond(cond); if (dt != null && dt.Rows.Count > 0) { IsPassed = false; ErrMessage += message; } return(this); } catch (Exception e) { IsPassed = false; throw e; } }
public static AuthInfo GetAuthInfo(string sessionKey) { string sessionCond = "SessionID='" + sessionKey + "'"; DataTable dtSession = sessionDT.GetByCond(sessionCond); if (dtSession != null && dtSession.Rows.Count > 0) { string getUserCond = "ID=" + dtSession.Rows[0]["UserID"].ToString(); DataTable dtUser = userDT.GetByCond(getUserCond); if (dtUser != null && dtSession.Rows.Count > 0) { string userId = dtUser.Rows[0]["ID"].ToString(); string getStaffCond = "UserID=" + userId; DataTable dtStaff = staffDT.GetByCond(getStaffCond); if (dtStaff != null && dtStaff.Rows.Count > 0) { string staffGroupCond = "SaleStaffID=" + dtStaff.Rows[0]["ID"].ToString(); string getUserRoleCond = "UserID=" + userId; DataTable dtUserRole = userRoleDt.GetByCond(getUserRoleCond); string getUserRightCond = "RoleID in (" + string.Join(",", dtUserRole.ColToListString("RoleID").ToArray()) + ")"; DataTable dtUserRight = roleRightDT.GetByCond(getUserRightCond); DataTable dtStaffMgtGroup = staffMgntGroupDT.GetByCond(staffGroupCond); DataTable dtStaffProductType = staffProducTypeDT.GetByCond(staffGroupCond); AuthInfo authInfo = new AuthInfo(); authInfo.StaffId = dtStaff.Rows[0]["ID"].ToString(); authInfo.UserId = dtStaff.Rows[0]["UserID"].ToString(); authInfo.BranchId = dtStaff.Rows[0]["BranchID"].ToString(); authInfo.StaffMgntGroupIds = dtStaffMgtGroup.ColToListString("ManagementGroupID"); authInfo.StaffProductTypeIds = dtStaffProductType.ColToListString("ProductTypeID"); authInfo.UserRightIds = dtUserRight.Distinct("RightID").ColToListString("RightID"); return(authInfo); } } } return(null); }