protected void dsMain_Selecting(object sender, ObjectDataSourceSelectingEventArgs e) { if (e.ExecutingSelectCount == false) { string where = "1=1"; if (MostSupervisor == false || NormalSupervisior == false) { ConnectiveSqlClauseCollection cscc = WfAclAdapter.Instance.GetAclQueryConditionsByUser(DeluxeIdentity.CurrentUser.ID); string resourceIDList = "SELECT RESOURCE_ID FROM WF.ACL WHERE " + cscc.ToSqlString(TSqlBuilder.Instance); where = "ACI.RESOURCE_ID IN (" + resourceIDList + ")"; //检查是否具有分类授权 WfApplicationAuthCollection authInfo = WfApplicationAuthAdapter.Instance.GetUserApplicationAuthInfo(DeluxeIdentity.Current.User); var builder = authInfo.GetApplicationAndProgramBuilder("APPLICATION_NAME", "PROGRAM_NAME"); if (builder.IsEmpty == false) { where = "(" + where + " OR (" + builder.ToSqlString(TSqlBuilder.Instance) + "))"; } } string fullText = GetFullTextParameter(Request.QueryString["query"]); if (fullText != null) { where += " AND CONTAINS(ACI.*," + fullText + ")"; } e.InputParameters["where"] = where; } }
protected void objectDataSource_Selecting(object sender, ObjectDataSourceSelectingEventArgs e) { e.InputParameters["totalCount"] = LastQueryRowCount; if (e.ExecutingSelectCount == false) { string where = e.InputParameters["where"] as string; if (MostSupervisor == false || NormalSupervisior == false) { //检查是否具有分类授权 WfApplicationAuthCollection authInfo = WfApplicationAuthAdapter.Instance.GetUserApplicationAuthInfo(DeluxeIdentity.Current.User); var builder = authInfo.GetApplicationAndProgramBuilder("APPLICATION_NAME", "PROGRAM_NAME"); if (builder.IsEmpty == false) { if (string.IsNullOrEmpty(where) == false) { where += " AND "; } where += "(" + builder.ToSqlString(TSqlBuilder.Instance) + ")"; e.InputParameters["where"] = where; } else { e.Cancel = true; //没有定义任何权限,不能查询 } } } }
public string GetFilterByQuery(QueryCondition qc) { if (string.IsNullOrEmpty(qc.WhereClause)) { qc.WhereClause = "1 = 1"; } var addition = string.IsNullOrEmpty(qc.WhereClause) ? "1 = 1" : qc.WhereClause; if (RolesDefineConfig.GetConfig().IsCurrentUserInRoles("ProcessAdmin", "AdminFormQuery", "WorkflowQueryAdmin") == false) { ConnectiveSqlClauseCollection cscc = WfAclAdapter.Instance.GetAclQueryConditionsByUser(DeluxeIdentity.CurrentUser.ID); string condition = "RESOURCE_ID IN (SELECT RESOURCE_ID FROM WF.ACL WHERE " + cscc.ToSqlString(TSqlBuilder.Instance) + ")"; //检查是否具有分类授权 WfApplicationAuthCollection authInfo = WfApplicationAuthAdapter.Instance.GetUserApplicationAuthInfo(DeluxeIdentity.Current.User); var cateCondition = authInfo.GetApplicationAndProgramBuilder("APPLICATION_NAME", "PROGRAM_NAME_MCS").ToSqlString(TSqlBuilder.Instance); if (string.IsNullOrEmpty(cateCondition) == false) { condition = "(" + condition + " OR " + cateCondition + ")"; } addition += " AND " + condition; qc.WhereClause = addition; } return(qc.WhereClause); }
public void LoadUserApplicationAuthInfo() { IUser testUser = (IUser)OguObjectSettings.GetConfig().Objects["admin"].Object; WfApplicationAuthCollection authInfo = WfApplicationAuthAdapter.Instance.LoadUserApplicationAuthInfo(testUser); Console.WriteLine(authInfo.Count); }
public void AppProgramWhereBuilderTest() { WfApplicationAuthCollection auth = new WfApplicationAuthCollection(); auth.Add(PrepareData("秘书服务", "部门通知")); auth.Add(PrepareData("秘书服务", "集团通知")); string sql = auth.GetApplicationAndProgramBuilder("APPLICATION_NAME", "PROGRAM_NAME").ToSqlString(TSqlBuilder.Instance); Console.WriteLine(sql); Assert.IsTrue(sql.IndexOf("(APPLICATION_NAME = N'秘书服务' AND PROGRAM_NAME = N'部门通知') OR (APPLICATION_NAME = N'秘书服务' AND PROGRAM_NAME = N'集团通知')") >= 0); Assert.IsTrue(sql.IndexOf("TENANT_CODE") >= 0); }
public void AppProgramWhereBuilderTest() { WfApplicationAuthCollection auth = new WfApplicationAuthCollection(); auth.Add(PrepareData("秘书服务", "部门通知")); auth.Add(PrepareData("秘书服务", "集团通知")); string sql = auth.GetApplicationAndProgramBuilder("APPLICATION_NAME", "PROGRAM_NAME").ToSqlString(TSqlBuilder.Instance); Console.WriteLine(sql); Assert.IsTrue(sql.IndexOf("(APPLICATION_NAME = N'秘书服务' AND PROGRAM_NAME = N'部门通知') OR (APPLICATION_NAME = N'秘书服务' AND PROGRAM_NAME = N'集团通知')") >= 0); Assert.IsTrue(sql.IndexOf("TENANT_CODE") >= 0); }
protected void ObjectDataSourceSelecting(object sender, ObjectDataSourceSelectingEventArgs e) { if (e.ExecutingSelectCount == false) { e.InputParameters["authType"] = (WfApplicationAuthType)int.Parse(this.rdoList.SelectedValue); if (views.ActiveViewIndex == 1) { if (string.IsNullOrEmpty(this.lastUser.Value)) { e.Cancel = true; } else { e.InputParameters["appName"] = null; e.InputParameters["programName"] = null; e.InputParameters["authType"] = WfApplicationAuthType.None; WfApplicationAuthCollection authInfo = WfApplicationAuthAdapter.Instance.GetUserApplicationAuthInfo(new OguUser(lastUser.Value)); string condition = "1=2"; if (authInfo.Count > 0) { ConnectiveSqlClauseCollection allMatch = new ConnectiveSqlClauseCollection(LogicOperatorDefine.Or); foreach (var item in authInfo) { WhereSqlClauseBuilder where = new WhereSqlClauseBuilder(); where.AppendItem("APPLICATION_NAME", item.ApplicationName); where.AppendItem("PROGRAM_NAME", item.ProgramName); where.AppendItem("AUTH_TYPE", item.AuthType); allMatch.Add(where); } condition = allMatch.ToSqlString(TSqlBuilder.Instance); } else { e.Cancel = true; } e.InputParameters["where"] = condition; } } } }
private static string GetCurrentUserAppAuthInfoScript() { string isAdmin = "false"; string appAuthInfo = "[]"; if (DeluxePrincipal.IsAuthenticated) { if (RolesDefineConfig.GetConfig().IsCurrentUserInRoles(DeluxeIdentity.CurrentUser, "ProcessAdmin")) { isAdmin = "true"; } WfApplicationAuthCollection authInfo = WfApplicationAuthAdapter.Instance.GetUserApplicationAuthInfo(DeluxeIdentity.CurrentUser); appAuthInfo = JSONSerializerExecute.Serialize(authInfo); } string script = ResourceHelper.LoadStringFromResource(Assembly.GetExecutingAssembly(), "MCS.Web.WebControls.Workflow.Abstract.currentUserPermissions.js"); script = script.Replace("$_currentUserIsAdmin$", isAdmin); script = script.Replace("$_currentUserAppAuthInfoString$", appAuthInfo); return(script); }