public static bool CanLogin(DataPersistance dp,
string RoleName, string UserName, string UserPassword)
{
string TrueStr = dp.FormatSqlValue(true);
string FalseStr = dp.FormatSqlValue(false);
dp.ValidateTableDef <User>();
dp.ValidateTableDef <RoleUser>();
string SqlQuery;
if (BaseSecurity.LoginWithRole)
{
SqlQuery = string.Concat(@"SELECT U.UserName
FROM (_System_User AS U INNER JOIN _System_RoleUser AS RU ON
U.UserName=RU.UserName) INNER JOIN _System_Role AS R ON
RU.RoleName=R.RoleName AND RU.ProductName=R.ProductName
WHERE RU.ProductName=@3 AND U.IsActive=", TrueStr,
@" AND U.UserName=@0 AND U.UserPassword=@1
AND (U.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(),
" BETWEEN U.StartDate AND U.EndDate) AND R.IsActive=",
TrueStr, @" AND R.RoleName=@2 AND
(R.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(),
" BETWEEN R.StartDate AND R.EndDate)");
return(dp.Find.IsExists(SqlQuery,
new FieldParam("0", UserName),
new FieldParam("1", UserPassword),
new FieldParam("2", RoleName),
new FieldParam("3", BaseFramework.ProductName)));
}
else
{
SqlQuery = string.Concat(@"SELECT U.UserName
FROM (_System_User AS U INNER JOIN _System_RoleUser AS RU ON
U.UserName=RU.UserName) INNER JOIN _System_Role AS R ON
RU.RoleName=R.RoleName AND RU.ProductName=R.ProductName
WHERE RU.ProductName=@3 AND U.IsActive=", TrueStr,
@" AND U.UserName=@0 AND U.UserPassword=@1
AND (U.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(),
" BETWEEN U.StartDate AND U.EndDate) AND R.IsActive=",
TrueStr, @" AND
(R.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(),
" BETWEEN R.StartDate AND R.EndDate)");
return(dp.Find.IsExists(SqlQuery,
new FieldParam("0", UserName),
new FieldParam("1", UserPassword),
new FieldParam("3", BaseFramework.ProductName)));
}
}
internal static bool IsUserAdminExist(DataPersistance dp)
{
string TrueStr = dp.FormatSqlValue(true);
string FalseStr = dp.FormatSqlValue(false);
string SqlQuery = string.Concat(
@"SELECT U.UserName FROM (_System_User AS U
INNER JOIN _System_RoleUser AS RU ON
U.UserName=RU.UserName) INNER JOIN _System_Role R ON
RU.RoleName=R.RoleName AND RU.ProductName=R.ProductName WHERE
R.ProductName=@0 AND U.IsAdmin=", TrueStr,
" AND U.IsActive=", TrueStr,
" AND (U.UseDateLimit=", FalseStr, " OR ",
dp.GetSqlNow(), @" BETWEEN U.StartDate AND
U.EndDate) AND R.IsActive=", TrueStr,
" AND (R.UseDateLimit=", FalseStr, " OR ",
dp.GetSqlNow(), " BETWEEN R.StartDate AND R.EndDate)");
return(dp.Find.IsExists(SqlQuery,
new FieldParam("0", BaseFramework.ProductName)));
}
internal static DataTable GetListRole(DataPersistance dp,
bool AllRole)
{
dp.ValidateTableDef <Role>();
if (AllRole)
{
return(dp.OpenDataTable(
"SELECT RoleName FROM _System_Role WHERE ProductName=@0 ORDER BY RoleName",
new FieldParam("0", BaseFramework.ProductName)));
}
else
{
return(dp.OpenDataTable(string.Concat(
"SELECT RoleName FROM _System_Role WHERE ProductName=@0 AND IsActive=",
dp.FormatSqlValue(true, DataType.Boolean),
" AND (UseDateLimit=",
dp.FormatSqlValue(false, DataType.Boolean),
" OR ", dp.GetSqlNow(),
" BETWEEN StartDate AND EndDate) ORDER BY RoleName"),
new FieldParam("0", BaseFramework.ProductName)));
}
}