public UserRightInfo Insert(UserRightInfo userRight)
{
#region Parameter
var prm = new SqlParameter[6];
prm[0] = new SqlParameter("@ID", SqlDbType.Int, 4);
prm[0].Direction = ParameterDirection.Output;
prm[1] = new SqlParameter("@MenuID", userRight.MenuID);
prm[2] = new SqlParameter("@AdminID", userRight.AdminID);
prm[3] = new SqlParameter("@UserRead", userRight.UserRead);
prm[4] = new SqlParameter("@UserEdit", userRight.UserEdit);
prm[5] = new SqlParameter("@UserDelete", userRight.UserDelete);
#endregion
#region Execute
try
{
DataHelper.ExecuteNonQuery(STORE_INSERT, prm);
}
catch (Exception ex)
{
Utility.LogEvent(ex);
throw new Exception("Hiện tại server đạng bận, xin vui lòng truy vấn lại sau.");
}
userRight.ID = (int)prm[0].Value;
#endregion
return(userRight);
}
public UserRightInfo Update(UserRightInfo userRight)
{
#region Parameter
var prm = new SqlParameter[6];
prm[0] = new SqlParameter("@ID", userRight.ID);
prm[1] = new SqlParameter("@MenuID", userRight.MenuID);
prm[2] = new SqlParameter("@AdminID", userRight.AdminID);
prm[3] = new SqlParameter("@UserRead", userRight.UserRead);
prm[4] = new SqlParameter("@UserEdit", userRight.UserEdit);
prm[5] = new SqlParameter("@UserDelete", userRight.UserDelete);
#endregion
#region Execute
try
{
DataHelper.ExecuteNonQuery(STORE_UPDATE, prm);
}
catch (Exception ex)
{
Utility.LogEvent(ex);
throw new Exception("Hiện tại server đạng bận, xin vui lòng truy vấn lại sau.");
}
#endregion
return(userRight);
}
public UserRightInfo CheckRightAdmin()
{
var right = new UserRightInfo();
if (HttpContext.Current.Session[Constant.SessionNameAccountAdmin] != null &&
HttpContext.Current.Session[Constant.SessionNameAccountAdmin].ToString() != string.Empty)
{
string sCurr = HttpContext.Current.Request.Url.AbsoluteUri;
string linkCur = sCurr.Substring(sCurr.LastIndexOf("/") + 1);
linkCur = linkCur.Substring(0, linkCur.IndexOf(".aspx") + 5);
var objAdmin = (AdminInfo)HttpContext.Current.Session[Constant.SessionNameAccountAdmin];
if (objAdmin.Status == 2)
{
right.UserEdit = true;
right.UserRead = true;
right.UserDelete = true;
}
else
{
var prm = new SqlParameter[2];
prm[0] = new SqlParameter("@AdminID", objAdmin.ID);
prm[1] = new SqlParameter("@Link", linkCur);
DataTable dt =
DataHelper.ExecuteQueryToDataSet(STORE_GET_RIGHT_BY_MENUID, prm, CommandType.StoredProcedure).
Tables[0];
if (dt != null && dt.Rows.Count > 0)
{
right.UserRead = (bool)dt.Rows[0]["UserRead"];
right.UserEdit = (bool)dt.Rows[0]["UserEdit"];
right.UserDelete = (bool)dt.Rows[0]["UserDelete"];
}
else
{
right.UserRead = false;
right.UserEdit = false;
right.UserDelete = false;
}
}
if (!right.UserRead)
{
HttpContext.Current.Response.Redirect(Utility.UrlRoot + Config.PathNotRight, true);
}
}
else
{
HttpContext.Current.Response.Redirect(Utility.UrlRoot + Config.LoginAdmin, true);
}
return(right);
}
public List <UserRightInfo> GetRight(DataTable dt)
{
if (dt != null && dt.Rows.Count > 0)
{
var listUserRight = new List <UserRightInfo>();
foreach (DataRow dr in dt.Rows)
{
var userRight = new UserRightInfo();
//ID
if (dr[FieldNames.UserRight.ID] != null && dr[FieldNames.UserRight.ID].ToString() != "")
{
userRight.ID = (int)dr[FieldNames.UserRight.ID];
}
//MenuID
if (dr[FieldNames.UserRight.MenuID] != null && dr[FieldNames.UserRight.MenuID].ToString() != "")
{
userRight.MenuID = (int)dr[FieldNames.UserRight.MenuID];
}
//AdminID
if (dr[FieldNames.UserRight.AdminID] != null && dr[FieldNames.UserRight.AdminID].ToString() != "")
{
userRight.AdminID = (int)dr[FieldNames.UserRight.AdminID];
}
//UserRead
if (dr[FieldNames.UserRight.UserRead] != null && dr[FieldNames.UserRight.UserRead].ToString() != "")
{
userRight.UserRead = (bool)dr[FieldNames.UserRight.UserRead];
}
//UserEdit
if (dr[FieldNames.UserRight.UserEdit] != null && dr[FieldNames.UserRight.UserEdit].ToString() != "")
{
userRight.UserEdit = (bool)dr[FieldNames.UserRight.UserEdit];
}
//UserDelete
if (dr[FieldNames.UserRight.UserDelete] != null &&
dr[FieldNames.UserRight.UserDelete].ToString() != "")
{
userRight.UserDelete = (bool)dr[FieldNames.UserRight.UserDelete];
}
listUserRight.Add(userRight);
}
return(listUserRight);
}
return(null);
}
public bool FindByFatherID(UserRightInfo _right)
{
return(_right.FatherRightID == FindStr);
}
public bool FindByID(UserRightInfo _right)
{
return(_right.RightID == FindStr);
}
public TObj_RightItem(UserRightInfo _data)
{
this.children = new TObj_RightItemList();
this.owner = null;
RightInfo = _data;
}
public TObj_RightItem()
{
this.children = new TObj_RightItemList();
this.owner = null;
RightInfo = new UserRightInfo();
}
protected void btPhanQuyen_Click(object sender, EventArgs e)
{
if (!UserRightImpl.CheckRightAdminnistrator().UserEdit)
{
Response.Redirect(Utility.UrlRoot + Config.PathNotRight, false);
return;
}
if (ddlUser.Text.Equals("0"))
{
lbMess.Text = "<p><font color='red'>Bạn phải chọn username phân quyền trước.</font></p>";
return;
}
try
{
int menuIndex = ddlMenu.SelectedIndex;
int i = 0;
UserRightImpl obj = new UserRightImpl();
foreach (GridViewRow row in grvView.Rows)
{
var chkRead = (CheckBox)row.FindControl("chkRead");
var chkEdit = (CheckBox)row.FindControl("chkEdit");
var chkDelete = (CheckBox)row.FindControl("chkDelete");
UserRightInfo item = new UserRightInfo();
item.MenuID = int.Parse(grvView.DataKeys[row.RowIndex].Value.ToString());
if (_adminID == 0)
{
_adminID = int.Parse(ddlUser.Text.ToString());
}
item.AdminID = _adminID;
item.UserRead = chkRead.Checked;
if (menuIndex == 1)
{
item.UserEdit = chkEdit.Checked;
item.UserDelete = chkDelete.Checked;
}
else
{
item.UserEdit = true;
item.UserDelete = true;
}
UserRightInfo item2 = obj.GetRightByMenuAndAdmin(item.MenuID, item.AdminID);
if (item2 != null)
{
item.ID = item2.ID;
obj.Update(item);
}
else
{
obj.Insert(item);
}
}
}
catch
{
Response.Redirect(Utility.UrlRoot + Config.PathError, false);
return;
}
}
