public static string getFilterCond(string cond, string sessionKey)
{
AuthInfo auth = AuthModel.GetAuthInfo(sessionKey);
CatBranchDT branchDT = new CatBranchDT();
if (auth != null)
{
CatSalestaffDT staffDT = new CatSalestaffDT();
string branchIds = string.Join(",", branchDT.GetBranchTree(auth.BranchId).ToArray());
DataTable dtStaff = staffDT.GetByCond("BranchID IN (" + branchIds + ")");
string staffIds = string.Join(",", dtStaff.ColToListString("ID").ToArray());
cond += cond == string.Empty ? "" : " AND ";
if (auth.UserRightIds.Contains("1"))
{
cond += "";
}
else if (auth.UserRightIds.Contains("2"))
{
cond += " SaleStaffID in (" + staffIds + ")";
}
else if (auth.UserRightIds.Contains("3"))
{
cond += " SaleStaffID=" + auth.StaffId;
}
}
return(cond);
}
public CatSalestaffRule IsExits(string cond, string message)
{
try
{
DataTable dt = dta.GetByCond(cond);
if (dt != null && dt.Rows.Count > 0)
{
IsPassed = false;
ErrMessage += message;
}
return(this);
}
catch (Exception e)
{
IsPassed = false;
throw e;
}
}
public static AuthInfo GetAuthInfo(string sessionKey)
{
string sessionCond = "SessionID='" + sessionKey + "'";
DataTable dtSession = sessionDT.GetByCond(sessionCond);
if (dtSession != null && dtSession.Rows.Count > 0)
{
string getUserCond = "ID=" + dtSession.Rows[0]["UserID"].ToString();
DataTable dtUser = userDT.GetByCond(getUserCond);
if (dtUser != null && dtSession.Rows.Count > 0)
{
string userId = dtUser.Rows[0]["ID"].ToString();
string getStaffCond = "UserID=" + userId;
DataTable dtStaff = staffDT.GetByCond(getStaffCond);
if (dtStaff != null && dtStaff.Rows.Count > 0)
{
string staffGroupCond = "SaleStaffID=" + dtStaff.Rows[0]["ID"].ToString();
string getUserRoleCond = "UserID=" + userId;
DataTable dtUserRole = userRoleDt.GetByCond(getUserRoleCond);
string getUserRightCond = "RoleID in (" + string.Join(",", dtUserRole.ColToListString("RoleID").ToArray()) + ")";
DataTable dtUserRight = roleRightDT.GetByCond(getUserRightCond);
DataTable dtStaffMgtGroup = staffMgntGroupDT.GetByCond(staffGroupCond);
DataTable dtStaffProductType = staffProducTypeDT.GetByCond(staffGroupCond);
AuthInfo authInfo = new AuthInfo();
authInfo.StaffId = dtStaff.Rows[0]["ID"].ToString();
authInfo.UserId = dtStaff.Rows[0]["UserID"].ToString();
authInfo.BranchId = dtStaff.Rows[0]["BranchID"].ToString();
authInfo.StaffMgntGroupIds = dtStaffMgtGroup.ColToListString("ManagementGroupID");
authInfo.StaffProductTypeIds = dtStaffProductType.ColToListString("ProductTypeID");
authInfo.UserRightIds = dtUserRight.Distinct("RightID").ColToListString("RightID");
return(authInfo);
}
}
}
return(null);
}
