//private AssignedPermissionDTO GetAssignedPermissions(MyProjectEntities context, IQueryable<OrganizationPost> posts, SecurityObject securityObject, bool withChildObjects, List<SecurityAction> parentActions = null)
//{
// AssignedPermissionDTO result = new AssignedPermissionDTO();
// var permissions = GetPersmissionByPosts(context, posts, securityObject, (parentActions == null));
// result.SecurityObjectID = securityObject.ID;
// if (permissions != null && permissions.Count > 0)
// {
// foreach (var permission in permissions)
// {
// result.GrantedActions.Add(permission);
// }
// }
// if (parentActions != null && parentActions.Count > 0)
// {
// foreach (var parentAction in parentActions)
// {
// bool add = false;
// if (parentAction == SecurityAction.NoAccess)
// {
// if (!result.GrantedActions.Any(x => x != SecurityAction.NoAccess))
// {
// add = true;
// }
// }
// else if (parentAction == SecurityAction.ReadOnly)
// {
// if (!result.GrantedActions.Any(x => x != SecurityAction.ReadOnly))
// {
// add = true;
// }
// }
// else
// {
// if (!result.GrantedActions.Any(x => x == SecurityAction.NoAccess
// || x == SecurityAction.ReadOnly))
// {
// add = true;
// }
// }
// if (add)
// {
// if (!result.GrantedActions.Any(x => x == parentAction))
// result.GrantedActions.Add(parentAction);
// }
// }
// }
// if (!withChildObjects)
// {
// return result;
// }
// else
// {
// }
// return result;
//}
private List <SecurityObject> GetChildObjects(SecurityObject securityObject)
{
List <SecurityObject> result = null;
DatabaseObjectCategory type = (DatabaseObjectCategory)securityObject.Type;
if (type == DatabaseObjectCategory.Database)
{
result = securityObject.DatabaseInformation.DBSchema.Select(x => x.SecurityObject).ToList();
}
else if (type == DatabaseObjectCategory.Schema)
{
result = securityObject.DatabaseInformation.DBSchema.Select(x => x.SecurityObject).ToList();
}
else if (type == DatabaseObjectCategory.Entity)
{//گزارش و ستون چی؟
if (securityObject.TableDrivedEntity.TableDrivedEntity_Columns.Any())
{
result = securityObject.TableDrivedEntity.TableDrivedEntity_Columns.Select(x => x.Column.SecurityObject).ToList();
}
else
{
result = securityObject.TableDrivedEntity.Table.Column.Select(x => x.SecurityObject).ToList();
}
result.AddRange(securityObject.TableDrivedEntity.Relationship.Select(x => x.SecurityObject).ToList());
}
return(result);
}
//private bool? UserHasPermission(MyProjectEntities context, int userID, string ActionName, Object dbObject)
//{
// var user = context.Users.First(x => x.ID == userID);
// foreach (var role in user.Roles)
// {
// var bFound = (role.Role_Action_Object.Any(
// p => (ActionName == "any" || p.Action.ActionName == ActionName) && p.ObjectID == dbObject.ID));
// if (bFound)
// return true;
// else
// {
// if (dbObject.NeedsExplicitPermission == true)
// return false;
// else
// {
// if (dbObject.ParentID != null)
// return UserHasPermission(context, userID, ActionName, dbObject.Object2);
// else
// return false;
// }
// }
// }
// return false;
//}
//////public bool UserHasRole(int userID, string roleName)
//////{
////// var context = new MyProjectEntities();
////// var user = context.Users.First(x => x.ID == userID);
////// return user.Roles.Any(p => p.RoleName == roleName);
//////}
//public bool? PermissionGranted(List<int> roleIds, string actionName, string objectIdentity, string objectCategory)
//{
//}
public List <ImposePermissionResult> ObjectsHaveSpecificPermissions(DR_Requester requester, List <int> securityObjectIDs, List <SecurityAction> actionNames)
{
List <ImposePermissionResult> result = new List <ImposePermissionResult>();
using (var context = new MyProjectEntities())
{
//var user = context.Users.First(x => x.ID == requester.Identity);
IQueryable <OrganizationPost> organizationPosts = GetDBOrganizationPosts(context, requester);
foreach (var securityObjectID in securityObjectIDs)
{
SecurityObject securityObject = context.SecurityObject.First(x => x.ID == securityObjectID);
var permissoins = GetPersmissionByPosts(context, organizationPosts, securityObject);
ImposePermissionResult item = new ImposePermissionResult();
item.Permitted = permissoins.Any(x => actionNames.Contains(x));
item.ObjectSecurityID = securityObjectID;
result.Add(item);
//if (actionName == SecurityAction.Any)
// item.Permitted = permissoins.Any();
//else
// item.Permitted = permissoins.Any(x => x.Action == actionName);
}
// if (dbObject != null)
// return UserHasPermission(context, requester.Identity, ActionName, dbObject);
// else
// return null;
}
return(result);
}
/// <summary>
/// The get identity.
/// </summary>
/// <param name="username">
/// The username.
/// </param>
/// <returns>
/// The <see cref="UserIdentity" />.
/// </returns>
internal static UserIdentity GetIdentity(string username)
{
using (var context = new OnlineFilesEntities())
{
username = Principal.GetLogin(username);
var userIdentity = new UserIdentity();
// Get the SecurityObject being requested.
SecurityObject userProfile = context.GetUserValidation(username, ConfigurationManager.AppSettings["LDAP_SETTING"]).FirstOrDefault();
if (userProfile == null)
{
throw new Exception("User Not Found");
}
userProfile._MySecurityGroups = context.GetSecurityTokens(userProfile.SecurityObjectId).ToList();
context.SaveChanges();
if (userProfile.HomeFolder == null)
{
Folder homeFolder = Folder.Create(userProfile.FullName, new Guid(), userProfile, true, true);
userProfile.HomeFolder = homeFolder.pk_FolderId;
context.SaveChanges();
}
// Ensure that the SecurityObject's Permissions are loaded.
context.Entry(userProfile).Collection(so => so.SecurityObjectPermissions).Query().Include(sop => sop.Permission).Load();
userIdentity.LoadUser(userProfile);
return(userIdentity);
}
}
/// <summary>
/// 保存用户信息
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void btnSaveRoleInfo_Click(object sender, EventArgs e)
{
string roleName = this.txtRoleName.Text.Trim().Replace("'", "''");
string roleDesc = this.txtRoleDescri.Text.Trim().Replace("'", "''");
ArrayList secObjs = new ArrayList(20);
foreach (DataListItem item in this.functionList.Items)
{
CheckBox chk = item.FindControl("roleChk") as CheckBox;
if (chk.Checked)
{
Guid funid = new Guid(this.functionList.DataKeys[item.ItemIndex].ToString());
ISecurityObject secObj = new SecurityObject(funid, SecurityObjectType.Function);
secObjs.Add(secObj);
}
}
//New Role
if (this.hiRoleId.Value == string.Empty)
{
IRole role = Role.NewRole(CurrentGroupId,
roleName,
roleDesc,
(SecurityObject[])secObjs.ToArray(typeof(SecurityObject)),
OperatorMethod.Access);
if (role != null)
{
rolePan.Visible = false;
BindRoleList();
ShowMessage("新建角色成功");
}
else
{
ShowMessage("新建角色失败");
}
}
else//Modify Role
{
if (Role.ModifyRole(roleName,
roleDesc,
new Guid(this.hiRoleId.Value),
(SecurityObject[])secObjs.ToArray(typeof(SecurityObject)),
OperatorMethod.Access))
{
rolePan.Visible = false;
BindRoleList();
ShowMessage("修改用户角色成功");
}
else
{
ShowMessage("修改用户角色失败");
}
}
}
public static void setPassword(string pwd)
{
using (var db = new LiteDatabase(dbSec))
{
var rec = db.GetCollection <SecurityObject>(SecurityObject.CollectionName);
// rec.DeleteAll();
SecurityObject dmy = new SecurityObject();
dmy.setPassword(pwd);
rec.Insert(dmy);
}
}
protected void Page_Load(object sender, EventArgs e)
{
PageBar1.PageSize = NowPageCount(); // UIBiz.CommonInfo.PageCount;
PageBar2.PageSize = NowPageCount(); //UIBiz.CommonInfo.PageCount;
isChangePageSize = this.Search_ReSetPageSize1.isChangePageSize;
string showCata = Request.QueryString["showCata"] == null ? "" : Request.QueryString["showCata"];
this.catalogID = Request.QueryString["CatalogID"] == null ? "00000000-0000-0000-0000-000000000000" : Request.QueryString["CatalogID"].ToString();
//分类检索
if (showCata == "1")
{
List <ObjectRule> rules = new List <ObjectRule>(1);
ISecurityObject securityObj = new SecurityObject(new Guid(this.catalogID), SecurityObjectType.Items);
ObjectRule or = new ObjectRule(securityObj, new User(CurrentUser.UserId), OperatorMethod.Deny);
rules.Add(or);
ObjectRule.CheckRules(rules);
// if (!Catalog.GetCataRight(CurrentUser.UserId, new Guid(this.catalogID)))
if (rules[0].IsValidate)
{
ShowMessage("您没有权限浏览此分类!");
Response.Redirect(FormsAuthentication.DefaultUrl, true);
}
// this.cataNav.Visible = true;
this.BindCataNav();
}
//关键字或高级搜索
else
{
this.keyword = Request.QueryString["keyword"] == null ? "" : Request.QueryString["keyword"].ToString();
this.keyword = Server.UrlDecode(this.keyword);
this.beginDate = Request.QueryString["BeginDate"].ToString(); //上传时间起始日期
this.endDate = Request.QueryString["EndDate"].ToString(); //上传时间结束日期
// this.cataNav.Visible = false; ;
}
if (isChangePageSize == "1")
{
this.Search_ReSetPageSize1.isChangePageSize = string.Empty;
_curpage = 0;
}
if (!Page.IsPostBack || isChangePageSize == "1")
{
BindData(PageBar1.PageSize, _curpage);
}
}
protected void btnSearchUser_Click(object sender, EventArgs e)
{
QJVRMS.Business.Group userGroup = new QJVRMS.Business.Group(CurrentGroupId);
DataTable dt = userGroup.SelectUsers(this.txtloginName.Text.Trim(), this.txtUserName.Text.Trim());
Hashtable userRules = new Hashtable();
Dictionary <int, string> methodDict = WebUI.UIBiz.CommonInfo.GetMethodDict();
foreach (DataRow row in dt.Rows)
{
ISecurityObject securityObj = new SecurityObject(new Guid(this.hiCurrentCataId.Value), SecurityObjectType.Items);
List <ObjectRule> rules = new List <ObjectRule>();
User user = new User(new Guid(row["userId"].ToString()));
foreach (KeyValuePair <int, string> methodEntry in methodDict)
{
OperatorMethod method = (OperatorMethod)((int)methodEntry.Key);
ObjectRule rule = new ObjectRule(securityObj, user, method);
rules.Add(rule);
}
userRules.Add(user, rules);
ObjectRule.CheckRules(rules);
}
foreach (KeyValuePair <int, string> methodEntry in methodDict)
{
string mIndex = methodEntry.Key.ToString();
dt.Columns.Add(mIndex, typeof(bool));
}
foreach (DictionaryEntry entry in userRules)
{
User user = entry.Key as User;
List <ObjectRule> rules = entry.Value as List <ObjectRule>;
DataRow[] users = dt.Select("userId='" + user.UserId.ToString() + "'");
foreach (IRule rule in rules)
{
string methodKey = ((int)rule.Method).ToString();
users[0][methodKey] = rule.IsValidate;
}
}
this.userList.DataSource = dt;
this.userList.DataBind();
}
protected void rptCategoryTop_ItemDataBound(object sender, RepeaterItemEventArgs e)
{
if (e.Item.ItemType == ListItemType.Item || e.Item.ItemType == ListItemType.AlternatingItem)
{
Repeater rptCatalogChild = (Repeater)e.Item.FindControl("rptCategoryChild");
DataRowView rowv = (DataRowView)e.Item.DataItem;
//提取分类ID
string CategorieId = Convert.ToString(rowv["CatalogID"]);
//根据分类ID查询该分类下的产品,并绑定产品Repeater
rptCatalogChild.DataSource = Catalog.GetCatalogTableByParentId(new Guid(CategorieId));
rptCatalogChild.DataBind();
HiddenField hf = (HiddenField)e.Item.FindControl("topCatId");
hf.Value = CategorieId;
Role role = new Role(new Guid(this.hiRoleId.Value));
Guid catId = new Guid(CategorieId);
ISecurityObject securityObj = new SecurityObject(catId, SecurityObjectType.Items);
CheckBox chb = (CheckBox)e.Item.FindControl("funTopReadChk");
OperatorMethod method = OperatorMethod.Deny;
ObjectRule rule = new ObjectRule(securityObj, role, method);
rule.CheckValidate();
chb.Checked = rule.IsValidate;
chb = (CheckBox)e.Item.FindControl("funTopUpChk");
method = OperatorMethod.Write;
rule = new ObjectRule(securityObj, role, method);
rule.CheckValidate();
chb.Checked = rule.IsValidate;
chb = (CheckBox)e.Item.FindControl("funTopEditChk");
method = OperatorMethod.Modify;
rule = new ObjectRule(securityObj, role, method);
rule.CheckValidate();
chb.Checked = rule.IsValidate;
chb = (CheckBox)e.Item.FindControl("funTopDownChk");
method = OperatorMethod.Download;
rule = new ObjectRule(securityObj, role, method);
rule.CheckValidate();
chb.Checked = rule.IsValidate;
}
}
private static void DownloadAdsGroups()
{
using (var context = new OnlineFilesEntities())
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
using (var groupPrincipal = new GroupPrincipalEx(ctx))
using (PrincipalSearcher search = new PrincipalSearcher(groupPrincipal))
{
int max = search.FindAll().Count();
int c = 0;
foreach (var gp in search.FindAll().Select(found => found as GroupPrincipalEx))
{
Console.WriteLine("Processing " + c + " of " + max);
c++;
if (gp != null)
{
if (gp.IsSecurityGroup != true && gp.GroupScope == GroupScope.Local)
{
continue;
}
var so = context.SecurityObjects.FirstOrDefault(d => d.ActiveDirectoryId == gp.Guid);
if (so == null)
{
so = new SecurityObject
{
ActiveDirectoryId = gp.Guid,
FullName = gp.Name,
Username = gp.SamAccountName,
EmailAddress = gp.EmailAddress ?? "",
IsGroup = true,
LastLogInOn = DateTime.Now,
IsActive = true,
HomeFolder = null
};
context.SecurityObjects.Add(so);
}
else
{
so.IsGroup = true;
so.FullName = gp.Name;
so.Username = gp.SamAccountName;
so.EmailAddress = gp.EmailAddress ?? "";
}
}
context.SaveChanges();
}
}
}
public BusinessMessageResponse AddSecurityObjectList(SaveListRequest<SecurityObjectInfo> SecurityObjectInfo)
{
var response = new BusinessMessageResponse();
try {
List<SecurityObject> allSecurityObjects = GetAllSecurityObjectList(true).List;
SaveListRequest<SecurityObject> saveRq = new SaveListRequest<SecurityObject>();
saveRq.List = new List<SecurityObject>();
foreach (SecurityObjectInfo pti in SecurityObjectInfo.List) {
Predicate<SecurityObject> find = new Predicate<SecurityObject>(
delegate(SecurityObject match) {
return match.DisplayName == pti.Name;
});
SecurityObject found = allSecurityObjects.Find(find);
if (found == null) {
// this Security Object doesn't exist, add it
SecurityObject newObject = new SecurityObject();
newObject.DisplayName = pti.Name;
newObject.ParentID = findSecurityObjectParentId(pti.Parent, ref allSecurityObjects);
saveRq.List.Add(newObject);
}
else {
// this Security Object does exist
}
}
response = SaveSecurityObjectList(saveRq);
}
catch (Exception ex) {
return ErrorHandler.Handle(ex);
}
return response;
}
private List <Tuple <int, SecurityAction> > GetPersmissionByPost(MyProjectEntities context, SecuritySubject securitySubject, SecurityObject securityObject, int level, bool goUpward = true, List <Tuple <int, SecurityAction> > distantactions = null)
{
if (distantactions == null)
{
distantactions = new List <Tuple <int, SecurityAction> >();
}
//کش شود cache
//if(cachedItem!=null)
var actions = GetAssignedPermissions(context, securityObject, securitySubject);
foreach (var action in actions)
{
distantactions.Add(new Tuple <int, SecurityAction>(level, action));
}
if (goUpward == true)
{
SecurityObject parentSecurityObject = null;
var type = (DatabaseObjectCategory)securityObject.Type;
if (type == DatabaseObjectCategory.Schema)
{
parentSecurityObject = securityObject.DBSchema.DatabaseInformation.SecurityObject;
}
else if (type == DatabaseObjectCategory.Entity)
{
parentSecurityObject = securityObject.TableDrivedEntity.Table.DBSchema.SecurityObject;
}
//else if (securityObject.ColumnID != null)
// parentSecurityObject = securityObject.Column..Table.DBSchema.SecurityObject.First();
if (parentSecurityObject != null)
{
GetPersmissionByPost(context, securitySubject, parentSecurityObject, level + 1, goUpward, distantactions);
}
//else
// return new List<ActionDTO>();
}
return(distantactions);
}
/// <summary>
/// The load user.
/// </summary>
/// <param name="data">
/// The data.
/// </param>
private void LoadUser(SecurityObject data)
{
if (data != null)
{
UserId = data.SecurityObjectId;
Name = data.Username;
IsAuthenticated = true;
AuthenticationType = "Membership";
Permissions.AddRange(data.SecurityObjectPermissions.Select(sop => sop.Permission).ToList());
UserProfile = data;
}
else
{
Name = string.Empty;
IsAuthenticated = false;
AuthenticationType = string.Empty;
Permissions = new List <Permission>();
UserProfile = new SecurityObject();
}
}
/// <summary>
/// 判断某个用户对某个资源是否具有某个操作权限
/// </summary>
/// <param name="userId"></param>
/// <param name="resourceId"></param>
/// <returns></returns>
public bool IsUserResource(Guid userId, Guid resourceId, int method)
{
bool _b = false;
DataSet ds = this.GetResourceCatalogByItemId(resourceId.ToString());
int icount = ds.Tables[0].Rows.Count;
List <ObjectRule> rules = new List <ObjectRule>(icount);
foreach (DataRow dr in ds.Tables[0].Rows)
{
ISecurityObject securityObj = new SecurityObject(new Guid(dr["CatalogId"].ToString()), SecurityObjectType.Items);
ObjectRule or = new ObjectRule(securityObj, new User(userId), (OperatorMethod)method);
rules.Add(or);
}
ObjectRule.CheckRules(rules);
foreach (ObjectRule obj in rules)
{
_b = _b || obj.IsValidate;
}
return(_b);
}
//private IQueryable<ConditionalPermission> GetConditionalPermissions(MyProjectEntities context, int entityID, int securitySubjectID)
//{
// return
//}
public AssignedPermissionDTO GetAssignedPermissions(DR_Requester requester, int securityObjectID, bool withChildObjects)
{
AssignedPermissionDTO result = new AssignedPermissionDTO();
//var cachedItem = CacheManager.GetCacheManager().GetCachedItem(CacheItemType.Permission, requester.Identity.ToString(), securityObjectID.ToString(), withChildObjects.ToString());
//if (cachedItem != null)
// return (cachedItem as AssignedPermissionDTO);
using (var context = new MyProjectEntities())
{
SecurityObject securityObject = context.SecurityObject.First(x => x.ID == securityObjectID);
var organizationPosts = GetDBOrganizationPosts(context, requester);
//if (organizationPosts.Any(x => x.OrganizationType_RoleType.RoleType.IsSuperAdmin == true))
// requester.SkipSecurity = true;
if (requester.SkipSecurity == true)
{
result.GrantedActions.Add(SecurityAction.ArchiveEdit);
result.GrantedActions.Add(SecurityAction.LetterEdit);
//result.GrantedActions.Add(SecurityAction.ArchiveMenuAccess);
result.GrantedActions.Add(SecurityAction.EditAndDelete);
//result.GrantedActions.Add(SecurityAction.MenuAccess);
}
else
{
var allowedActions = GetPersmissionByPosts(context, organizationPosts, securityObject, true);
result.GrantedActions = allowedActions;
result.SecurityObjectID = securityObjectID;
}
if (withChildObjects)
{
var childObjects = GetChildObjects(securityObject);
if (childObjects != null)
{
SetChildPermissions(requester, context, result, childObjects, organizationPosts);
}
}
// result = GetAssignedPermissions(context, organizationPosts, securityObject, withChildObjects);
}
CacheManager.GetCacheManager().AddCacheItem(result, CacheItemType.Permission, requester.Identity.ToString(), securityObjectID.ToString(), withChildObjects.ToString());
return(result);
}
protected void rptCategoryChild_ItemDataBound(object sender, RepeaterItemEventArgs e)
{
if (e.Item.ItemType == ListItemType.Item || e.Item.ItemType == ListItemType.AlternatingItem)
{
DataRowView rowv = (DataRowView)e.Item.DataItem;
string CategorieId = Convert.ToString(rowv["CatalogID"]);
Role role = new Role(new Guid(this.hiRoleId.Value));
HiddenField hf = (HiddenField)e.Item.FindControl("childCatId");
hf.Value = CategorieId;
Guid catId = new Guid(CategorieId);
ISecurityObject securityObj = new SecurityObject(catId, SecurityObjectType.Items);
CheckBox chb = (CheckBox)e.Item.FindControl("funChildReadChk");
OperatorMethod method = OperatorMethod.Deny;
ObjectRule rule = new ObjectRule(securityObj, role, method);
rule.CheckValidate();
chb.Checked = rule.IsValidate;
chb = (CheckBox)e.Item.FindControl("funChildUpChk");
method = OperatorMethod.Write;
rule = new ObjectRule(securityObj, role, method);
rule.CheckValidate();
chb.Checked = rule.IsValidate;
chb = (CheckBox)e.Item.FindControl("funChildEditChk");
method = OperatorMethod.Modify;
rule = new ObjectRule(securityObj, role, method);
rule.CheckValidate();
chb.Checked = rule.IsValidate;
chb = (CheckBox)e.Item.FindControl("funChildDownChk");
method = OperatorMethod.Download;
rule = new ObjectRule(securityObj, role, method);
rule.CheckValidate();
chb.Checked = rule.IsValidate;
}
}
public AssignedPermissionDTO GetSubSystemAssignedPermissions(DR_Requester requester, string objectName)
{
AssignedPermissionDTO result = new AssignedPermissionDTO();
var cachedItem = CacheManager.GetCacheManager().GetCachedItem(CacheItemType.Permission, requester.Identity.ToString(), objectName);
if (cachedItem != null)
{
return(cachedItem as AssignedPermissionDTO);
}
using (var context = new MyProjectEntities())
{
var organizationPosts = GetDBOrganizationPosts(context, requester);
SecurityObject securityObject = context.SubSystems.FirstOrDefault(x => x.Name == objectName)?.SecurityObject;
if (securityObject != null)
{
var allowedActions = GetPersmissionByPosts(context, organizationPosts, securityObject, true);
result.GrantedActions = allowedActions;
result.SecurityObjectID = securityObject.ID;
}
}
CacheManager.GetCacheManager().AddCacheItem(result, CacheItemType.Permission, requester.Identity.ToString(), objectName);
return(result);
}
private SecurityObjectDTO ToSecurityObjectDTO(SecurityObject item)
{
SecurityObjectDTO result = new SecurityObjectDTO();
result.ID = item.ID;
result.Type = (DatabaseObjectCategory)item.Type;
if (result.Type == DatabaseObjectCategory.Database)
{
result.Name = item.DatabaseInformation.Name;
}
else if (result.Type == DatabaseObjectCategory.Schema)
{
result.Name = item.DBSchema.Name;
}
else if (result.Type == DatabaseObjectCategory.Relationship)
{
result.Name = item.Relationship.Name;
}
else if (result.Type == DatabaseObjectCategory.Entity)
{
result.Name = item.TableDrivedEntity.Name;
}
else if (result.Type == DatabaseObjectCategory.Column)
{
result.Name = item.Column.Name;
}
else if (result.Type == DatabaseObjectCategory.Report)
{
result.Name = item.EntityReport.Title;
}
else if (result.Type == DatabaseObjectCategory.Command)
{
result.Name = item.EntityCommand.Title;
}
return(result);
}
private void RenderPrivileges(SecurityObject secObject, RadTabItem tabItem)
{
int rowHeight = 20;
int rowIndex = 0;
tabItem.Style = (Style)Application.Current.Resources["InnerTabItem"];
ScrollViewer sv = new ScrollViewer();
sv.VerticalScrollBarVisibility = ScrollBarVisibility.Auto;
sv.HorizontalScrollBarVisibility = ScrollBarVisibility.Hidden;
//sv.Margin = new Thickness(3);
sv.Background = (SolidColorBrush)Application.Current.Resources["PanelDarkBackground"];
sv.BorderBrush = (SolidColorBrush)Application.Current.Resources["PanelDarkBackground"];
Grid grid = new Grid();
grid.Background = (SolidColorBrush)Application.Current.Resources["PanelDarkBackground"];
sv.Content = grid;
tabItem.Content = sv;
foreach (var privilege in mPrivileges)
{
grid.RowDefinitions.Add(new RowDefinition() { Height = new GridLength(rowHeight) });
CheckBox checkBox = new CheckBox();
grid.Children.Add(checkBox);
checkBox.Content = privilege.Name;
Grid.SetRow(checkBox, rowIndex);
Grid.SetColumn(checkBox, 0);
rowIndex++;
RolePrivilegeViewModel rolePrivilegeViewModel;
//Check set privileges
var rolePrivilege = mRole.RolePrivileges.FirstOrDefault(x => x.SecObjectId == secObject.Id && x.PrivilegeId == privilege.Id);
if (rolePrivilege != null)
{
rolePrivilegeViewModel = new RolePrivilegeViewModel(rolePrivilege);
rolePrivilegeViewModel.HasAccess = true;
}
else
{
rolePrivilege = new RolePrivilege();
rolePrivilege.RoleId = mRoleId;
rolePrivilege.SecObjectId = secObject.Id;
rolePrivilege.PrivilegeId = privilege.Id;
rolePrivilegeViewModel = new RolePrivilegeViewModel(rolePrivilege);
rolePrivilegeViewModel.HasAccess = false;
}
mRolePrivilegesViewModel.Add(rolePrivilegeViewModel);
//Bind
System.Windows.Data.Binding checkBoxBinding = new System.Windows.Data.Binding("HasAccess");
checkBoxBinding.Mode = System.Windows.Data.BindingMode.TwoWay;
checkBoxBinding.Source = rolePrivilegeViewModel;
checkBox.SetBinding(CheckBox.IsCheckedProperty, checkBoxBinding);
}
}
public bool SetRules(string rulesStr, string secObjStr, string opersStr)
{
SerializeObjectFactory sof = new SerializeObjectFactory();
List <ObjectRule> rules = (List <ObjectRule>)sof.DesializeFromBase64(rulesStr);
SecurityObject secObj = (SecurityObject)sof.DesializeFromBase64(secObjStr);
ArrayList opers = (ArrayList)sof.DesializeFromBase64(opersStr);
string sqlRuleFormat = "insert into AccessControlLIst (ObjectId,ObjectType,OperatorId,OperatorMethod)"
+ " values ('{0}',{1},'{2}',{3});";
StringBuilder sqlBuilder = new StringBuilder();
sqlBuilder.Append("Begin Tran Begin try {0}");
string sqlRuleDelFormat = "Delete from AccessControlLIst Where ObjectId='{0}' and OperatorId='{1}' and OperatorMethod={2};";
StringBuilder sqlDelBuilder = new StringBuilder();
// if (rules.Count != 0)
// {
foreach (ObjectRule rule in rules)
{
string sqlTemp = string.Empty;
string objId = rule.SecurityObject.ObjectId.ToString();
string objType = ((int)rule.SecurityObject.ObjectType).ToString();
string operId = rule.Operator.OperatorId.ToString();
string method = ((int)rule.Method).ToString();
if (rule.IsValidate)
{
sqlTemp = string.Format(sqlRuleFormat, objId, objType, operId, method);
sqlBuilder.Append(sqlTemp);
sqlTemp = string.Format(sqlRuleDelFormat, objId, operId, method);
sqlDelBuilder.Append(sqlTemp);
}
else
{
sqlTemp = string.Format(sqlRuleDelFormat, objId, operId, method);
sqlDelBuilder.Append(sqlTemp);
}
}
// }
//else
//{
// foreach (IOperator oper in opers)
// {
// sqlDelBuilder.Append(string.Format(sqlRuleDelFormat, secObj.ObjectId.ToString(), oper.OperatorId.ToString()));
// }
//}
sqlBuilder.Append(" Commit End Try Begin Catch IF @@TRANCOUNT > 0 Rollback DECLARE @ErrMsg nvarchar(4000), @ErrSeverity int"
+ " SELECT @ErrMsg = ERROR_MESSAGE(),"
+ " @ErrSeverity = ERROR_SEVERITY()"
+ " RAISERROR(@ErrMsg, @ErrSeverity, 1)"
+ " End Catch");
string finalSql = sqlBuilder.ToString();
finalSql = string.Format(finalSql, sqlDelBuilder.ToString());
try
{
SqlHelper.ExecuteNonQuery(CommonInfo.ConQJVRMS, CommandType.Text, finalSql);
return(true);
}
catch (Exception ex)
{
LogWriter.WriteExceptionLog(ex);
return(false);
}
}
public object CreateRealObject(IModel model, ISecurityObjectRepository securityObjectRepository)
{
Type targetType = SecurityObject.GetType();
RealObject = Activator.CreateInstance(SecurityObject.GetType());
IEntityType entityType = model.FindEntityType(targetType);
IEnumerable <PropertyInfo> properiesInfo = targetType.GetRuntimeProperties();
IEnumerable <INavigation> navigations = entityType.GetNavigations();
IReadOnlyList <IProperty> primaryKeyProperties = entityType.FindPrimaryKey().Properties;
foreach (PropertyInfo propertyInfo in properiesInfo)
{
object defaultValue = propertyInfo.GetValue(RealObject);
defaultValueDictionary[propertyInfo.Name] = defaultValue;
if (navigations.Any(p => p.Name == propertyInfo.Name))
{
INavigation navigation = navigations.First(p => p.Name == propertyInfo.Name);
if (navigation.IsCollection())
{
IClrCollectionAccessor collectionAccessor = navigation.GetCollectionAccessor();
IEnumerable realObjectListPropertyValue = (IEnumerable)propertyInfo.GetValue(RealObject);
IEnumerable securityObjectListPropertyValue = (IEnumerable)propertyInfo.GetValue(SecurityObject);
if (securityObjectListPropertyValue != null && realObjectListPropertyValue != null)
{
foreach (object objectInListProperty in securityObjectListPropertyValue)
{
SecurityObjectBuilder metadata = securityObjectRepository.GetObjectMetaData(objectInListProperty);
if (metadata == null)
{
metadata = new SecurityObjectBuilder();
securityObjectRepository.RegisterBuilder(metadata);
metadata.SecurityObject = objectInListProperty;
metadata.CreateRealObject(model, securityObjectRepository);
}
collectionAccessor.Add(RealObject, metadata.RealObject);
}
}
}
else
{
object realValue = propertyInfo.GetValue(SecurityObject);
if (!Equals(realValue, null))
{
SecurityObjectBuilder metadata = securityObjectRepository.GetObjectMetaData(realValue);
if (metadata == null)
{
metadata = new SecurityObjectBuilder();
securityObjectRepository.RegisterBuilder(metadata);
metadata.SecurityObject = realValue;
metadata.CreateRealObject(model, securityObjectRepository);
}
if (propertyInfo.SetMethod != null)
{
propertyInfo.SetValue(RealObject, metadata.RealObject);
}
}
}
}
else
{
bool isGeneratedPrimaryKey = false;
foreach (IProperty primaryKeyProperty in primaryKeyProperties)
{
if ((propertyInfo.Name == primaryKeyProperty.Name) && primaryKeyProperty.RequiresValueGenerator)
{
isGeneratedPrimaryKey = true;
}
}
if (propertyInfo.SetMethod != null && !isGeneratedPrimaryKey)
{
object securityValue = propertyInfo.GetValue(SecurityObject);
propertyInfo.SetValue(RealObject, securityValue);
}
}
}
return(RealObject);
}
public WebDavSqlStoreItemLockInstance(SecurityObject so, string path, WebDavLockScope lockscope, WebDavLockType locktype, string owner, double?requestedlocktimeout, Guid?token, XmlDocument requestdocument, int depth, IWebDavStoreItemLock lockSystem, DateTime?createdate = null)
: base(path, lockscope, locktype, owner, requestedlocktimeout, token, requestdocument, depth, lockSystem, createdate)
{
SoOwner = so;
}
private static void DownloadAdsGroups()
{
using (var context = new OnlineFilesEntities())
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
using (var groupPrincipal = new GroupPrincipalEx(ctx))
using (PrincipalSearcher search = new PrincipalSearcher(groupPrincipal))
{
int max = search.FindAll().Count();
int c = 0;
foreach (var gp in search.FindAll().Select(found => found as GroupPrincipalEx))
{
Console.WriteLine("Processing " + c + " of " + max);
c++;
if (gp != null)
{
if (gp.IsSecurityGroup != true && gp.GroupScope == GroupScope.Local)
continue;
var so = context.SecurityObjects.FirstOrDefault(d => d.ActiveDirectoryId == gp.Guid);
if (so == null)
{
so = new SecurityObject
{
ActiveDirectoryId = gp.Guid,
FullName = gp.Name,
Username = gp.SamAccountName,
EmailAddress = gp.EmailAddress ?? "",
IsGroup = true,
LastLogInOn = DateTime.Now,
IsActive = true,
HomeFolder = null
};
context.SecurityObjects.Add(so);
}
else
{
so.IsGroup = true;
so.FullName = gp.Name;
so.Username = gp.SamAccountName;
so.EmailAddress = gp.EmailAddress ?? "";
}
}
context.SaveChanges();
}
}
}
private List <SecurityAction> GetAssignedPermissions(MyProjectEntities context, SecurityObject securityObject, SecuritySubject securitySubject)
{
//var cachedItem = CacheManager.GetCacheManager().GetCachedItem(CacheItemType.Permission, securitySubject.ID + "_" + securityObject.ID);
//if (cachedItem != null)
// return cachedItem as List<SecurityAction>;
List <SecurityAction> result = new List <SecurityAction>();
//RoleType roleType = null;
//if (securitySubject.OrganizationType_RoleType != null)
// roleType = securitySubject.OrganizationType_RoleType.RoleType;
//else if (securitySubject.RoleType != null)
// roleType = securitySubject.RoleType;
//else if (securitySubject.OrganizationPost != null)
// roleType = securitySubject.OrganizationPost.OrganizationType_RoleType.RoleType;
//if (roleType!=null &&roleType.IsSuperAdmin == true)
// {
// result.Add(SecurityAction.ArchiveEdit);
// result.Add(SecurityAction.ArchiveMenuAccess);
// result.Add(SecurityAction.ArchiveView);
// result.Add(SecurityAction.EditAndDelete);
// result.Add(SecurityAction.MenuAccess);
// }
// else
// {
var dbPermission = (securitySubject.Permission.FirstOrDefault(p => p.SecurityObjectID == securityObject.ID));
if (dbPermission != null)
{
foreach (var dbAction in dbPermission.Permission_Action)
{
var dbActionType = (SecurityAction)Enum.Parse(typeof(SecurityAction), dbAction.Action);
result.Add(dbActionType);
}
}
//}
CacheManager.GetCacheManager().AddCacheItem(result, CacheItemType.Permission, securitySubject.ID + "_" + securityObject.ID);
return(result);
}
private List <SecurityAction> GetPersmissionByPosts(MyProjectEntities context, IQueryable <OrganizationPost> posts, SecurityObject securityObject, bool goUpward = true)
{
var actions = new List <SecurityAction>();
//بهتر است راه حل کلی برای ذخیره دسترسی های کلی تر مانند نوع سازمان و یا آبجکتهای بالاتر مانن دیتابیس پیاده شود که هر دفعه خوانده نشوند
var objectCategory = (DatabaseObjectCategory)securityObject.Type;
var possibleActionTree = GetActionsByCategory(objectCategory);
//////////////////////////////// فعلا برای سرعت بیشتر
//return GetAllActions();
List <List <SecurityAction> > AllPostAccess = new List <List <SecurityAction> >();
foreach (var post in posts)
{
List <SecurityAction> postAccess;
var postActions = GetPersmissionByPost(context, post.SecuritySubject, securityObject, 0, goUpward);
var finalPostActions = GetPossibleActions(postActions, GetActionsByCategory(objectCategory));
//اولویت دسترسی های تعریف شده برای پست بالاتر از همه است
if (finalPostActions.Any())
{
postAccess = finalPostActions;
}
else
{
var orgTypeRoleTypeActions = GetPersmissionByPost(context, post.OrganizationType_RoleType.SecuritySubject, securityObject, 0, goUpward);
var organizationActions = GetPersmissionByPost(context, post.Organization.SecuritySubject, securityObject, 0, goUpward);
var finalOrgTypeRoleTypeActions = GetPossibleActions(orgTypeRoleTypeActions, GetActionsByCategory(objectCategory));
var finalOrganizationActions = GetPossibleActions(organizationActions, GetActionsByCategory(objectCategory));
if (finalOrgTypeRoleTypeActions.Any())
{
//جمع سازمان و نوع نقش/نوع سازمان که همسطح هستند
postAccess = Combination(new List <List <SecurityAction> >()
{
finalOrgTypeRoleTypeActions, finalOrganizationActions
}, possibleActionTree);
}
else
{
var roleTypeActions = GetPersmissionByPost(context, post.OrganizationType_RoleType.RoleType.SecuritySubject, securityObject, 0, goUpward);
var finalRoleTypeActions = GetPossibleActions(roleTypeActions, GetActionsByCategory(objectCategory));
if (finalOrganizationActions.Any())
{
//ادغام سازمان و نوع نقش
//اداغام دسترسی ها موازی برای موضوعات موازی
postAccess = Combination(new List <List <SecurityAction> >()
{
finalOrganizationActions, finalRoleTypeActions
}, possibleActionTree);
}
else
{
//ادغام نوع سازمان و نوع نقش
var organizationTypeActions = GetPersmissionByPost(context, post.OrganizationType_RoleType.OrganizationType.SecuritySubject, securityObject, 0, goUpward);
var finalOrganizationTypeActions = GetPossibleActions(organizationTypeActions, GetActionsByCategory(objectCategory));
postAccess = Combination(new List <List <SecurityAction> >()
{
finalRoleTypeActions, finalOrganizationTypeActions
}, possibleActionTree);
}
}
}
AllPostAccess.Add(postAccess);
}
return(Combination(AllPostAccess, possibleActionTree));
}
//设定权限
protected void btnSetRoleFun_Click(object sender, EventArgs e)
{
List <ObjectRule> rules = new List <ObjectRule>(100);
Role role = null;
SecurityObject secObj = null;
Guid objId = new Guid(this.hiCurrentCataId.Value);
secObj = new SecurityObject(objId, SecurityObjectType.Items);
ArrayList opers = new ArrayList(100);
foreach (GridViewRow row in roleGroupList.Rows)
{
Guid roleId = new Guid(roleGroupList.DataKeys[row.RowIndex].Value.ToString());
role = new Role();
role.RoleId = roleId;
opers.Add(role);
ObjectRule newRule;
CheckBox chkRead = row.FindControl("funReadChk") as CheckBox;
newRule = new ObjectRule(secObj, role, OperatorMethod.Deny);
rules.Add(newRule);
newRule.IsValidate = chkRead.Checked;
CheckBox chkWrite = row.FindControl("funUpChk") as CheckBox;
newRule = new ObjectRule(secObj, role, OperatorMethod.Write);
rules.Add(newRule);
newRule.IsValidate = chkWrite.Checked;
CheckBox chkEdit = row.FindControl("funEditChk") as CheckBox;
newRule = new ObjectRule(secObj, role, OperatorMethod.Modify);
rules.Add(newRule);
newRule.IsValidate = chkEdit.Checked;
CheckBox chkDownload = row.FindControl("funDownChk") as CheckBox;
newRule = new ObjectRule(secObj, role, OperatorMethod.Download);
rules.Add(newRule);
newRule.IsValidate = chkDownload.Checked;
//针对当前类的子类设置权限(子类应自动继承父类权限)
DataTable childCatalog = Catalog.GetCatalogTableByParentId(objId);
foreach (DataRow cata in childCatalog.Rows)
{
SecurityObject cSecObj = new SecurityObject(new Guid(cata["catalogId"].ToString()),
SecurityObjectType.Items);
ObjectRule cOrRead = new ObjectRule(cSecObj, role, OperatorMethod.Deny);
cOrRead.IsValidate = chkRead.Checked;
ObjectRule cOrWrite = new ObjectRule(cSecObj, role, OperatorMethod.Write);
cOrWrite.IsValidate = chkWrite.Checked;
ObjectRule cOrEdit = new ObjectRule(cSecObj, role, OperatorMethod.Modify);
cOrEdit.IsValidate = chkEdit.Checked;
ObjectRule cOrDown = new ObjectRule(cSecObj, role, OperatorMethod.Download);
cOrDown.IsValidate = chkDownload.Checked;
rules.Add(cOrRead);
rules.Add(cOrWrite);
rules.Add(cOrEdit);
rules.Add(cOrDown);
}
}
if (ObjectRule.SetRules(rules, secObj, opers))
{
ShowMessage("角色权限设置成功");
}
else
{
ShowMessage("角色权限设置失败");
}
}
private static void DownloadAdsUsers()
{
using (var context = new OnlineFilesEntities())
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
using (var filter = new UserPrincipal(ctx))
{
using (PrincipalSearcher search = new PrincipalSearcher(filter))
{
int max = search.FindAll().Count();
int c = 0;
foreach (var principal in search.FindAll())
{
Console.WriteLine("Processing " + c + " of " + max);
c++;
var user = principal as UserPrincipal;
if (user == null)
{
continue;
}
if (user.StructuralObjectClass == "group" && user.Enabled != true)
{
continue;
}
var so = context.SecurityObjects
.FirstOrDefault(d => d.ActiveDirectoryId == user.Guid);
if (so == null)
{
so = new SecurityObject
{
ActiveDirectoryId = user.Guid,
FullName = user.Name,
Username = user.SamAccountName,
EmailAddress = user.EmailAddress ?? "",
IsGroup = false,
LastLogInOn = DateTime.Now,
IsActive = true,
HomeFolder = null
};
context.SecurityObjects.Add(so);
}
else
{
so.IsGroup = false;
so.FullName = user.Name;
so.Username = user.SamAccountName;
so.EmailAddress = user.EmailAddress ?? "";
}
context.SaveChanges();
context.SecurityObjectMemberships.RemoveRange(context.SecurityObjectMemberships.Where(d => d.SecurityObjectId == so.SecurityObjectId));
context.SaveChanges();
try
{
foreach (Principal grp in user.GetGroups())
{
var og = context.SecurityObjects.FirstOrDefault(d => d.ActiveDirectoryId == grp.Guid);
if (og != null)
{
context.SecurityObjectMemberships.Add(new SecurityObjectMembership {
OwnerSecurityObject = so, GroupSecurityObjectId = og.SecurityObjectId
});
}
}
}
catch (Exception)
{
}
context.SaveChanges();
}
}
}
}
protected void btnSetUserFun_Click(object sender, EventArgs e)
{
List <ObjectRule> rules = new List <ObjectRule>(100);
User user = null;
SecurityObject secObj = null;
Guid objId = new Guid(this.hiCurrentCataId.Value);
secObj = new SecurityObject(objId, SecurityObjectType.Items);
ArrayList opers = new ArrayList(100);
foreach (GridViewRow row in userList.Rows)
{
Guid userId = new Guid(userList.DataKeys[row.RowIndex].Value.ToString());
user = new User(userId);
opers.Add(user);
ObjectRule newRule;
CheckBox chk = row.FindControl("funUpChk") as CheckBox;
newRule = new ObjectRule(secObj, user, OperatorMethod.Write);
rules.Add(newRule);
if (chk.Checked)
{
newRule.IsValidate = true;
}
else
{
newRule.IsValidate = false;
}
CheckBox echk = row.FindControl("funEditChk") as CheckBox;
newRule = new ObjectRule(secObj, user, OperatorMethod.Modify);
rules.Add(newRule);
if (echk.Checked)
{
newRule.IsValidate = true;
}
else
{
newRule.IsValidate = false;
}
CheckBox dchk = row.FindControl("funReadChk") as CheckBox;
newRule = new ObjectRule(secObj, user, OperatorMethod.Deny);
rules.Add(newRule);
if (dchk.Checked)
{
newRule.IsValidate = true;
}
else
{
newRule.IsValidate = false;
}
CheckBox downChk = row.FindControl("funDownChk") as CheckBox;
newRule = new ObjectRule(secObj, user, OperatorMethod.Download);
rules.Add(newRule);
newRule.IsValidate = downChk.Checked;
//针对当前类的子类设置权限(子类应自动继承父类权限)
DataTable childCatalog = Catalog.GetCatalogTableByParentId(objId);
foreach (DataRow cata in childCatalog.Rows)
{
SecurityObject cSecObj = new SecurityObject(new Guid(cata["catalogId"].ToString()),
SecurityObjectType.Items);
ObjectRule cOrUp = new ObjectRule(cSecObj, user, OperatorMethod.Write);
cOrUp.IsValidate = chk.Checked;
rules.Add(cOrUp);
ObjectRule cOrEdit = new ObjectRule(cSecObj, user, OperatorMethod.Modify);
cOrEdit.IsValidate = echk.Checked;
rules.Add(cOrEdit);
ObjectRule cOrDeny = new ObjectRule(cSecObj, user, OperatorMethod.Deny);
cOrDeny.IsValidate = dchk.Checked;
rules.Add(cOrDeny);
ObjectRule cOrDown = new ObjectRule(cSecObj, user, OperatorMethod.Download);
cOrDown.IsValidate = downChk.Checked;
rules.Add(cOrDown);
}
}
if (ObjectRule.SetRules(rules, secObj, opers))
{
ShowMessage("用户权限设置成功");
}
else
{
ShowMessage("用户权限设置失败");
}
}
private static void DownloadAdsUsers()
{
using (var context = new OnlineFilesEntities())
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
using (var filter = new UserPrincipal(ctx))
{
using (PrincipalSearcher search = new PrincipalSearcher(filter))
{
int max = search.FindAll().Count();
int c = 0;
foreach (var principal in search.FindAll())
{
Console.WriteLine("Processing " + c + " of " + max);
c++;
var user = principal as UserPrincipal;
if (user == null)
continue;
if (user.StructuralObjectClass == "group" && user.Enabled != true)
continue;
var so = context.SecurityObjects
.FirstOrDefault(d => d.ActiveDirectoryId == user.Guid);
if (so == null)
{
so = new SecurityObject
{
ActiveDirectoryId = user.Guid,
FullName = user.Name,
Username = user.SamAccountName,
EmailAddress = user.EmailAddress ?? "",
IsGroup = false,
LastLogInOn = DateTime.Now,
IsActive = true,
HomeFolder = null
};
context.SecurityObjects.Add(so);
}
else
{
so.IsGroup = false;
so.FullName = user.Name;
so.Username = user.SamAccountName;
so.EmailAddress = user.EmailAddress ?? "";
}
context.SaveChanges();
context.SecurityObjectMemberships.RemoveRange(context.SecurityObjectMemberships.Where(d => d.SecurityObjectId == so.SecurityObjectId));
context.SaveChanges();
try
{
foreach (Principal grp in user.GetGroups())
{
var og = context.SecurityObjects.FirstOrDefault(d => d.ActiveDirectoryId == grp.Guid);
if (og != null)
context.SecurityObjectMemberships.Add(new SecurityObjectMembership {OwnerSecurityObject = so, GroupSecurityObjectId = og.SecurityObjectId});
}
}
catch (Exception)
{
}
context.SaveChanges();
}
}
}
}
/// <summary>
/// 绑定用户组定义功能
/// </summary>
void BindRoleControlList()
{
Dictionary <int, string> methodDict = WebUI.UIBiz.CommonInfo.GetMethodDict();
//注意修改 当为superadmin时
RoleCollection roles = Role.GetRoleCollection(CurrentGroupId);
Hashtable roleRules = new Hashtable();
foreach (Role role in roles)
{
ISecurityObject securityObj = new SecurityObject(new Guid(this.hiCurrentCataId.Value), SecurityObjectType.Items);
List <ObjectRule> rules = new List <ObjectRule>();
foreach (KeyValuePair <int, string> methodEntry in methodDict)
{
OperatorMethod method = (OperatorMethod)((int)methodEntry.Key);
ObjectRule rule = new ObjectRule(securityObj, role, method);
rules.Add(rule);
}
roleRules.Add(role, rules);
ObjectRule.CheckRules(rules);
}
DataTable roleMethod = new DataTable();
DataColumn dc = new DataColumn("roleName");
roleMethod.Columns.Add(dc);
dc = new DataColumn("roleId");
roleMethod.Columns.Add(dc);
foreach (KeyValuePair <int, string> methodEntry in methodDict)
{
string mIndex = methodEntry.Key.ToString();
roleMethod.Columns.Add(mIndex, typeof(bool));
}
//foreach (KeyValuePair<int, string> methodEntry in methodDict)
//{
// TemplateField field = new TemplateField();
// // CheckBoxField field = new CheckBoxField();
// WebUI.UIBiz.GridViewTempla template = new WebUI.UIBiz.GridViewTempla(ListItemType.Item, string.Empty);
// field.HeaderText = methodEntry.Value.ToString();
// // field.DataField = methodEntry.Key.ToString();
// // field.ReadOnly = false;
// field.ItemTemplate = template;
// roleGroupList.Columns.Add(field);
// DataColumn methodDc = new DataColumn(methodEntry.Key.ToString());
// roleMethod.Columns.Add(methodDc);
//}
foreach (DictionaryEntry entry in roleRules)
{
Role role = entry.Key as Role;
List <ObjectRule> rules = entry.Value as List <ObjectRule>;
DataRow dr = roleMethod.NewRow();
dr["roleName"] = role.RoleName;
dr["roleId"] = role.RoleId.ToString();
foreach (IRule rule in rules)
{
string methodKey = ((int)rule.Method).ToString();
dr[methodKey] = rule.IsValidate;
}
roleMethod.Rows.Add(dr);
}
DataView dv = roleMethod.DefaultView;
dv.Sort = "RoleName";
roleGroupList.DataSource = dv;
roleGroupList.DataBind();
// TemplateColumn roleColumn = new TemplateColumn();
}
protected void btnSetRoles_Click(object sender, EventArgs e)
{
List <ObjectRule> rules = new List <ObjectRule>();
Role role = null;
SecurityObject secObj = null;
ObjectRule newRule;
//设置大分类的角色权限
foreach (RepeaterItem item in rptCategoryTop.Items)
{
if (item.ItemType == ListItemType.Item || item.ItemType == ListItemType.AlternatingItem)
{
HiddenField hf = (HiddenField)item.FindControl("topCatId");
string CategorieId = hf.Value;
Guid objId = new Guid(CategorieId);
secObj = new SecurityObject(objId, SecurityObjectType.Items);
role = new Role(new Guid(this.hiRoleId.Value));
CheckBox chkRead = item.FindControl("funTopReadChk") as CheckBox;
newRule = new ObjectRule(secObj, role, OperatorMethod.Deny);
newRule.IsValidate = chkRead.Checked;
rules.Add(newRule);
CheckBox chkUp = item.FindControl("funTopUpChk") as CheckBox;
newRule = new ObjectRule(secObj, role, OperatorMethod.Write);
newRule.IsValidate = chkUp.Checked;
rules.Add(newRule);
CheckBox chkEdit = item.FindControl("funTopEditChk") as CheckBox;
newRule = new ObjectRule(secObj, role, OperatorMethod.Modify);
newRule.IsValidate = chkEdit.Checked;
rules.Add(newRule);
CheckBox chkDown = item.FindControl("funTopDownChk") as CheckBox;
newRule = new ObjectRule(secObj, role, OperatorMethod.Download);
newRule.IsValidate = chkDown.Checked;
rules.Add(newRule);
//寻找小类
Repeater rptCatalogChild = (Repeater)item.FindControl("rptCategoryChild");
foreach (RepeaterItem itemChild in rptCatalogChild.Items)
{
HiddenField hfChild = (HiddenField)itemChild.FindControl("childCatId");
string childCategorieId = hfChild.Value;
Guid objChildId = new Guid(childCategorieId);
secObj = new SecurityObject(objChildId, SecurityObjectType.Items);
CheckBox chkReadChild = itemChild.FindControl("funChildReadChk") as CheckBox;
newRule = new ObjectRule(secObj, role, OperatorMethod.Deny);
newRule.IsValidate = chkReadChild.Checked;
rules.Add(newRule);
CheckBox chkUpChild = itemChild.FindControl("funChildUpChk") as CheckBox;
newRule = new ObjectRule(secObj, role, OperatorMethod.Write);
newRule.IsValidate = chkUpChild.Checked;
rules.Add(newRule);
CheckBox chkEditChild = itemChild.FindControl("funChildEditChk") as CheckBox;
newRule = new ObjectRule(secObj, role, OperatorMethod.Modify);
newRule.IsValidate = chkEditChild.Checked;
rules.Add(newRule);
CheckBox chkDownChild = itemChild.FindControl("funChildDownChk") as CheckBox;
newRule = new ObjectRule(secObj, role, OperatorMethod.Download);
newRule.IsValidate = chkDownChild.Checked;
rules.Add(newRule);
}
}
}
ArrayList opers = new ArrayList(100);
if (ObjectRule.SetRules(rules, secObj, opers))
{
ShowMessage("角色权限设置成功");
}
else
{
ShowMessage("角色权限设置失败");
}
}
