public List <PlayerPiece> GetPlayerPiecesBasedOnControlType(EntityControlType controlType)
{
var playerPieces = new List <PlayerPiece>();
for (int row = 0; row < Rows; row++)
{
for (int column = 0; column < Columns; column++)
{
if (ChessBoardCells[row, column].IsOccupied)
{
Entity entity = ChessBoardCells[row, column].Entity;
if (entity.ControlType == controlType)
{
var playerPiece = new PlayerPiece
{
EntityID = entity.ID,
};
playerPiece.CurrentPosition = new ChessBoardPosition
{
CurrentRow = row,
CurrentColumn = column,
};
playerPieces.Add(playerPiece);
}
}
}
}
return(playerPieces);
}
internal static int GetSelfPrivilegeLevelByEntityControlType(EntityControlType entityControlType,
string userName, IList <string> roles, ExtendedIdentityDbContext db)
{
return(db.Roles.Where(m => roles.Contains(m.Name)).Max(m => m.PrivilegeLevel));
//return PrivilegeLevelByEntityControlType.GetDefaultPrivilegeLevelByEntityControlType(entityControlType);
}
public IQueryable//<YuShang.ERP.Entities.Orders.OrderContract>
BuildQueryWithEntityControl(IOwinContext owinContext,
ExtendedIdentityDbContext db, IQueryable tempDbQuery,
//IQueryable<YuShang.ERP.Entities.Orders.OrderContract> tempDbQuery,
EntityControlType entityControlType, string userName)
{
IList <string> roles = null;
bool highLevelPeople = PrivilegeManager.Instance.IsHighLevelPrivilege(
owinContext, userName, entityControlType, out roles);
if (highLevelPeople == false && roles != null && roles.Count > 0)
{//需要加入条件,控制访问者只能看到其下级的数据
if (entityControlType == EntityControlType.OrderContract)
{
BasicOrderContractEntityPrivilegeStrategy strategy
= this.GetOrderContractEntityTypeStrategy();
return(strategy.AddEntityControlCondition(db, entityControlType,
tempDbQuery as IQueryable <OrderContract>, userName, roles));
}
else if (entityControlType == EntityControlType.SaleContract)
{
BasicSaleContractEntityPrivilegeStrategy strategy
= this.GetSaleContractEntityTypeStrategy();
return(strategy.AddEntityControlCondition(db, entityControlType,
tempDbQuery as IQueryable <SaleContract>, userName, roles));
}
}
return(tempDbQuery);
}
public static int GetDefaultPrivilegeLevelByEntityControlType(EntityControlType type)
{
if (type == EntityControlType.OrderContract)
{
return(DEFAULT_LEVEL_ORDER_CONTRACT);
}
else if (type == EntityControlType.SaleContract)
{
return(DEFAULT_LEVEL_SALE_CONTRACT);
}
return(50);
}
private IQueryable <OrderContract> AddEntityPrivilegeControlConditions(
ExtendedIdentityDbContext db, IQueryable <OrderContract> tempDbQuery,
EntityControlType entityControlType, string userName)
{
var temp1 = PrivilegeManager.Instance.BuildQueryWithEntityControl(OwinContext,
db, tempDbQuery, entityControlType, userName);
if (temp1 != null && temp1 is IQueryable <OrderContract> )
{
tempDbQuery = temp1 as IQueryable <OrderContract>;
}
return(tempDbQuery);
}
/// <summary>
/// 简单一点,只对权限数据加入数据Level的限制
/// </summary>
/// <param name="db"></param>
/// <param name="entityControlType"></param>
/// <param name="tempDbQuery"></param>
/// <param name="userName"></param>
/// <param name="roles"></param>
/// <returns></returns>
internal IQueryable <SaleContract> AddEntityControlCondition(
ExtendedIdentityDbContext db, EntityControlType entityControlType,
IQueryable <SaleContract> tempDbQuery, string userName, IList <string> roles)
{
//int level = PrivilegeLevelByEntityControlType.GetDefaultPrivilegeLevelByEntityControlType(entityControlType);
int selfLevel = PrivilegeManager.GetSelfPrivilegeLevelByEntityControlType(
entityControlType, userName, roles, db);
tempDbQuery = tempDbQuery.Where(m => ((m.OperatorSysUser == userName && m.EntityPrivLevRequired <= selfLevel) ||
m.EntityPrivLevRequired < selfLevel));
//简单的规则就是:一般的用户只能看到小于自己数据权限级别的数据;
//或者自己录入的数据但是权限小于等于自己的
return(tempDbQuery);
}
private IList <string> GetHighLevelRoleNameByConfig(EntityControlType type)
{
return(new List <string>(new string[] { "系统管理员", "Boss" }));
}