public int ClearOrganizePermissionScope(string organizeId, string permissionItemCode)
{
List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, organizeId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
return permissionScopeManager.Delete(parameters);
}
public int GrantRoles(string[] userIds, string permissionItemCode, string grantRoleId)
{
int returnValue = 0;
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
for (int i = 0; i < userIds.Length; i++)
{
this.GrantRole(permissionScopeManager, userIds[i], permissionItemCode, grantRoleId);
returnValue++;
}
return returnValue;
}
public int GrantPermissionItemes(string roleId, string permissionItemCode, string[] grantPermissionIds)
{
int returnValue = 0;
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
for (int i = 0; i < grantPermissionIds.Length; i++)
{
this.GrantPermissionItem(permissionScopeManager, roleId, permissionItemCode, grantPermissionIds[i]);
returnValue++;
}
return returnValue;
}
public int GrantModules(string organizeId, string permissionItemCode, string[] grantModuleIds)
{
int returnValue = 0;
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
for (int i = 0; i < grantModuleIds.Length; i++)
{
this.GrantModule(permissionScopeManager, organizeId, permissionItemCode, grantModuleIds[i]);
returnValue++;
}
return returnValue;
}
/// <summary>
/// 撤消资源的权限范围
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="resourceCategory">资源分类</param>
/// <param name="resourceId">资源主键</param>
/// <param name="targetCategory">目标类别</param>
/// <param name="permissionItemId">权限主键</param>
/// <returns>影响的行数</returns>
public int ClearPermissionScopeTarget(BaseUserInfo userInfo, string resourceCategory, string resourceId, string targetCategory, string permissionItemId)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
int returnValue = 0;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
string tableName = BasePermissionScopeEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "PermissionScope";
}
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo, tableName);
returnValue = permissionScopeManager.RevokeResourcePermissionScopeTarget(resourceCategory, resourceId, targetCategory, permissionItemId);
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_ClearPermissionScopeTarget, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return returnValue;
}
/// <summary>
/// 获取用户的列权限
/// </summary>
/// <param name="userId">用户主键</param>
/// <param name="tableCode">表名</param>
/// <param name="permissionCode">操作权限</param>
/// <returns>有权限的列数组</returns>
public string[] GetColumns(string userId, string tableCode, string permissionCode = "Column.Access")
{
// Column.Edit
string[] returnValue = null;
if (permissionCode.Equals("Column.Deney") || permissionCode.Equals("Column.Edit"))
{
// 按数据权限来过滤数据
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
returnValue = permissionScopeManager.GetResourceScopeIds(userId, tableCode, permissionCode);
}
else if (permissionCode.Equals("Column.Access"))
{
// 1: 用户有权限的列名
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
returnValue = permissionScopeManager.GetResourceScopeIds(userId, tableCode, permissionCode);
// 2: 先获取公开的列名
string[] publicIds = this.GetProperties(new KeyValuePair<string, object>(BaseTableColumnsEntity.FieldTableCode, tableCode), new KeyValuePair<string, object>(BaseTableColumnsEntity.FieldIsPublic, 1), BaseTableColumnsEntity.FieldColumnCode);
returnValue = StringUtil.Concat(returnValue, publicIds);
}
return returnValue;
}
/// <summary>
/// 批量删除
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="ids">主键数组</param>
/// <returns>影响行数</returns>
public int BatchDeleteConstraint(BaseUserInfo userInfo, string[] ids)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
int returnValue = 0;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
BasePermissionScopeManager manager = new BasePermissionScopeManager(dbHelper, userInfo);
returnValue = manager.SetDeleted(ids);
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.TableColumnsService_BatchDeleteConstraint, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return returnValue;
}
/// <summary>
/// 获取列表
/// </summary>
/// <param name="userInfo">用户</param>
/// <returns>数据表</returns>
public DataTable GetDataTable(BaseUserInfo userInfo)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
DataTable dataTable = new DataTable(BaseItemsEntity.TableName);
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
string tableName = BaseItemsEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "Items";
}
BaseItemsManager itemsManager = new BaseItemsManager(dbHelper, userInfo, tableName);
// 若是系统管理员,那就返回全部数据
if (userInfo.IsAdministrator)
{
dataTable = itemsManager.GetDataTable();
}
else
{
// 按数据权限来过滤数据
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo);
string[] ids = permissionScopeManager.GetResourceScopeIds(userInfo.Id, BaseItemsEntity.TableName, "Resource.ManagePermission");
dataTable = itemsManager.GetDataTable(ids);
}
dataTable.TableName = tableName;
// 添加日志
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.ItemsService_GetDataTable, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return dataTable;
}
/// <summary>
/// 员工撤销授权
/// </summary>
/// <param name="userId">员工主键</param>
/// <param name="permissionItemId">权限主键</param>
/// <returns>主键</returns>
public int RevokeUser(string userId, string permissionItemCode, string revokeUserId)
{
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
return(this.RevokeUser(permissionScopeManager, userId, permissionItemCode, revokeUserId));
}
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="roleId">员工主键</param>
/// <param name="revokePermissionId">权限主键</param>
/// <returns>主键</returns>
private int RevokePermissionItem(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string revokePermissionId)
{
List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BasePermissionItemEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, revokePermissionId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
return permissionScopeManager.Delete(parameters);
}
/// <summary>
/// 按日期获取日志
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="beginDate">开始时间</param>
/// <param name="endDate">结束时间</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByDate(BaseUserInfo userInfo, string beginDate, string endDate, string userId, string moduleId)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
DataTable dataTable = new DataTable(BaseLogEntity.TableName);
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
BaseLogManager logManager = new BaseLogManager(dbHelper, userInfo);
if (!string.IsNullOrEmpty(userId))
{
dataTable = logManager.GetDataTableByDateByUserIds(new string[] { userId }, BaseLogEntity.FieldProcessId, moduleId, beginDate, endDate);
}
else
{
if (userInfo.IsAdministrator)
{
dataTable = logManager.GetDataTableByDate(BaseLogEntity.FieldProcessId, moduleId, beginDate, endDate);
}
else
{
BasePermissionScopeManager BasePermissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo);
string[] userIds = BasePermissionScopeManager.GetUserIds(userInfo.Id, "Resource.ManagePermission");
dataTable = logManager.GetDataTableByDateByUserIds(userIds, BaseLogEntity.FieldProcessId, moduleId, beginDate, endDate);
}
}
dataTable.TableName = BaseLogEntity.TableName;
// 添加访问日志
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.LogService_GetDataTableByDate, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return dataTable;
}
public int RevokeRoles(string[] userIds, string permissionItemCode, string[] revokeRoleIds)
{
int returnValue = 0;
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
for (int i = 0; i < userIds.Length; i++)
{
for (int j = 0; j < revokeRoleIds.Length; j++)
{
this.RevokeRole(permissionScopeManager, userIds[i], permissionItemCode, revokeRoleIds[j]);
returnValue++;
}
}
return returnValue;
}
/// 获取审核状态表
/// </summary>
/// <param name="enabled">审核状态</param>
/// <param name="startDate"></param>
/// <param name="paramEnd"></param>
/// <returns>数据表</returns>
public DataTable Search(int enabled, DateTime startDate, DateTime endDate)
{
string sqlQuery = " SELECT A.*, B." + BaseStaffTable.FieldRealName + " AS StaffFullName "
+ " ,C." + BaseStaffTable.FieldUserName + " AS AuditName "
+ " FROM " + BaseWorkReportTable.TableName + " AS A"
+ " LEFT JOIN " + BaseStaffTable.TableName + " AS B ON B." + BaseStaffTable.FieldId + "=A." + BaseWorkReportTable.FieldStaffId
+ " LEFT JOIN " + BaseStaffTable.TableName + " AS C ON C." + BaseStaffTable.FieldId + "=A." + BaseWorkReportTable.FieldAuditStaffId;
//+ " WHERE A." + BaseWorkReportTable.FieldEnabled + " = ? ";
// 设置审核状态
sqlQuery += " WHERE A." + BaseWorkReportTable.FieldEnabled + " = " + enabled;
if (startDate.ToString().Trim().Length > 0)
{
sqlQuery += " AND A." + BaseWorkReportTable.FieldWorkDate + " >= '" + startDate + "'";
}
if (endDate.ToString().Trim().Length > 0)
{
sqlQuery += " AND A." + BaseWorkReportTable.FieldWorkDate + " <= '" + endDate + "'";
}
// 是否系统管理员
if (!UserInfo.IsAdministrator)
{
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
string[] staffIds = permissionScopeManager.GetUserIds(UserInfo.Id, "Resource.ManagePermission");
string staffs = BaseBusinessLogic.ObjectsToList(staffIds);
sqlQuery += " AND A." + BaseWorkReportTable.FieldStaffId + " IN (" + staffs + ")";
}
sqlQuery += " ORDER BY " + BaseWorkReportTable.FieldWorkDate + " DESC ";
return DbHelper.Fill(sqlQuery);
}
/// <summary>
/// 判断某个时间范围内是否存在
/// </summary>
/// <param name="names"></param>
/// <param name="values"></param>
/// <param name="startDate"></param>
/// <param name="endDate"></param>
/// <returns></returns>
public bool HasAuthorized(List<KeyValuePair<string, object>> parameters, string startDate, string endDate)
{
bool returnValue = false;
BasePermissionScopeManager manager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo);
returnValue = manager.Exists(parameters);
/*
if (returnValue)
{
// 再去判断时间
string minDate = "1900-01-01 00:00:00";
string maxDate = "3000-12-31 00:00:00";
// 不用设置的太大
string srcStartDate = manager.GetProperty(names, values, BasePermissionScopeEntity.FieldStartDate);
string srcEndDate = manager.GetProperty(names, values, BasePermissionScopeEntity.FieldEndDate);
if (string.IsNullOrEmpty(srcStartDate))
{
srcStartDate = minDate;
}
if (string.IsNullOrEmpty(startDate))
{
startDate = minDate;
}
if (string.IsNullOrEmpty(srcEndDate))
{
srcEndDate = maxDate;
}
if (string.IsNullOrEmpty(endDate))
{
endDate = maxDate;
}
// 满足这样的条件
// 时间A(Start1-End1), 时间B(Start2-End2)
// Start1 <Start2 && Start2 <End1
// Start1 <End2 && End2 <End1
// Start2 <Start1 && End1 <End2
if ((CheckDateScope(srcStartDate, startDate) && CheckDateScope(startDate, srcEndDate))
|| (CheckDateScope(srcStartDate, endDate) && CheckDateScope(endDate, srcEndDate))
|| (CheckDateScope(startDate, srcStartDate) && CheckDateScope(srcEndDate, endDate)))
{
returnValue = true;
}
else
{
returnValue = false;
}
}
*/
return returnValue;
}
/// <summary>
/// 获取用户有权限访问的模块主键
/// </summary>
/// <param name="userId">用户主键</param>
/// <returns>主键数组</returns>
public string[] GetIdsByUser(string userId)
{
// 公开的模块谁都可以访问
string[] openModuleIds = null;
List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldIsPublic, 1));
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldEnabled, 1));
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldDeletionStateCode, 0));
openModuleIds = this.GetIds(parameters);
string[] twoModuleIds = null;
if (!string.IsNullOrEmpty(userId))
{
// 按第一个解决方案进行计算 (用户 ---> 权限 --- 权限 <--- 菜单)
// 获取用户的所有权限ID数组
// BasePermissionManager permissionManager = new BasePermissionManager(DbHelper, UserInfo);
// DataTable dtPermission = permissionManager.GetPermissionByUser(UserInfo.Id);
// string[] permissionItemIds = BaseBusinessLogic.FieldToArray(dtPermission, BasePermissionItemEntity.FieldId);
/*
string[] oneModuleIds = new string[0];
if ((permissionItemIds != null) && (permissionItemIds.Length > 0))
{
// 获取所有跟这个权限有关联的模块ID数组
string sqlQuery = string.Empty;
sqlQuery = " SELECT " + BasePermissionEntity.FieldResourceId
+ " FROM " + BasePermissionEntity.TableName
+ " WHERE " + BasePermissionEntity.FieldResourceCategory + " = '" + BaseModuleEntity.TableName + "' "
+ " AND " + BasePermissionEntity.FieldPermissionItemId + " IN (" + BaseBusinessLogic.ObjectsToList(permissionItemIds) + ")";
dtPermission = DbHelper.Fill(sqlQuery);
oneModuleIds = BaseBusinessLogic.FieldToArray(dtPermission, BasePermissionEntity.FieldResourceId);
}
*/
// 按第二个解决方案进行计算 (用户 ---> 模块访问权限 ---> 菜单)
string tableName = BasePermissionScopeEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "PermissionScope";
}
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, tableName);
// 模块访问,连同用户本身的,还有角色的,全部获取出来
string permissionItemCode = "Resource.AccessPermission";
twoModuleIds = permissionScopeManager.GetResourceScopeIds(userId, BaseModuleEntity.TableName, permissionItemCode);
// 这些模块是有效的才可以
parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldId, twoModuleIds));
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldEnabled, 1));
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldDeletionStateCode, 0));
twoModuleIds = this.GetProperties(parameters, BaseModuleEntity.FieldId);
// 这里应该还缺少组织机构的模块权限,应该补上才对
}
// 返回相应的模块列表
string[] moduleIds = StringUtil.Concat(openModuleIds, twoModuleIds);
return moduleIds;
}
/// <summary>
/// 查询日志
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="search">查询</param>
/// <param name="OnlyOnLine">是否在线</param>
/// <returns>数据表</returns>
public DataTable Search(BaseUserInfo userInfo, string searchValue, bool OnlyOnLine)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
DataTable dataTable = new DataTable(BaseLogEntity.TableName);
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
BaseLogManager logManager = new BaseLogManager(dbHelper, userInfo);
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo);
string[] userIds = permissionScopeManager.GetUserIds(userInfo.Id, "Resource.ManagePermission");
dataTable = logManager.Search(userIds,searchValue, OnlyOnLine, true);
dataTable.TableName = BaseLogEntity.TableName;
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.UserService_Search, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return dataTable;
}
/// <summary>
/// 获取用户访问情况日志
/// </summary>
/// <param name="userInfo">用户</param>
/// <returns>数据表</returns>
public DataTable GetLogGeneral(BaseUserInfo userInfo)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
DataTable dataTable = new DataTable(BaseLogEntity.TableName);
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo);
try
{
dbHelper.Open(UserCenterDbConnection);
if (userInfo.IsAdministrator)
{
dataTable = userManager.GetDataTable();
}
else
{
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo);
string[] userIds = permissionScopeManager.GetUserIds(userInfo.Id, "Resource.ManagePermission");
dataTable = userManager.GetDataTableByIds(userIds);
}
dataTable.TableName = BaseLogEntity.TableName;
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.LogService_GetLogGeneral, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return dataTable;
}
public int RevokeUsers(string userId, string permissionItemCode, string[] revokeUserIds)
{
int returnValue = 0;
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
for (int i = 0; i < revokeUserIds.Length; i++)
{
this.RevokeUser(permissionScopeManager, userId, permissionItemCode, revokeUserIds[i]);
returnValue++;
}
return returnValue;
}
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="userId">员工主键</param>
/// <param name="grantUserId">权限主键</param>
/// <returns>主键</returns>
private string GrantUser(BasePermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantUserId)
{
string returnValue = string.Empty;
List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseUserEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, userId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseUserEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, grantUserId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
if (!this.Exists(parameters))
{
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
resourcePermissionScopeEntity.ResourceCategory = BaseUserEntity.TableName;
resourcePermissionScopeEntity.ResourceId = userId;
resourcePermissionScopeEntity.TargetCategory = BaseUserEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantUserId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
return permissionScopeManager.Add(resourcePermissionScopeEntity);
}
return returnValue;
}
public int RevokeModules(string[] roleIds, string permissionItemCode, string revokeModuleId)
{
int returnValue = 0;
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
for (int i = 0; i < roleIds.Length; i++)
{
this.RevokeModule(permissionScopeManager, roleIds[i], permissionItemCode, revokeModuleId);
returnValue++;
}
return returnValue;
}
/// <summary>
/// 员工撤销授权
/// </summary>
/// <param name="userId">员工主键</param>
/// <param name="permissionItemId">权限主键</param>
/// <returns>主键</returns>
public int RevokeRole(string userId, string permissionItemCode, string revokeRoleId)
{
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
return this.RevokeRole(permissionScopeManager, userId, permissionItemCode, revokeRoleId);
}
/// <summary>
/// 获取列表
/// </summary>
/// <param name="userInfo">用户</param>
/// <returns>数据表</returns>
public DataTable GetDataTable(BaseUserInfo userInfo)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
DataTable dataTable = new DataTable(BaseModuleEntity.TableName);
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
BaseFolderManager folderManager = new BaseFolderManager(dbHelper, userInfo);
// 检查相应的系统必备文件夹
folderManager.FolderCheck();
if (userInfo.IsAdministrator)
{
dataTable = folderManager.GetDataTable(BaseFolderEntity.FieldSortCode);
}
else
{
// 数据权限部分,部门的权限部分。
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo);
string[] ids = permissionScopeManager.GetOrganizeIds(userInfo.Id, "Resource.ManagePermission");
// 获取安全等级,比自己小的。
string commandText = string.Format(@"SELECT *
FROM BaseFolder
WHERE (DeletionStateCode = 0
AND Enabled = 1
AND (IsPublic = 1
OR Id = 'UserSpace'
OR Id = 'CompanyFile'
OR Id = '{0}'
OR Id = '{1}'
OR Id = '{2}'
OR CreateUserId = '{3}')) ", userInfo.Id, userInfo.DepartmentId, userInfo.CompanyId, userInfo.Id);
if (ids != null && ids.Length > 0)
{
commandText += " OR ID IN (" + BaseBusinessLogic.ObjectsToList(ids) + ") ";
}
dataTable = folderManager.Fill(commandText);
}
dataTable.DefaultView.Sort = BaseFolderEntity.FieldSortCode;
dataTable.TableName = BaseFolderEntity.TableName;
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return dataTable;
}
/// <summary>
/// 获得用户授权范围
/// </summary>
/// <param name="staffId">员工主键</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByUser(string userId, string permissionItemCode)
{
DataTable returnValue = new DataTable(this.CurrentTableName);
List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
// 这里需要判断,是系统权限?
bool isRole = false;
BaseUserManager userManager = new BaseUserManager(this.DbHelper, this.UserInfo);
// 用户管理员
isRole = userManager.IsInRoleByCode(userId, "UserAdmin");
if (isRole)
{
parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldCategoryCode, "System"));
parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldEnabled, 1));
parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0));
returnValue = this.GetDataTable(parameters, BasePermissionItemEntity.FieldSortCode);
returnValue.TableName = this.CurrentTableName;
return returnValue;
}
// 这里需要判断,是业务权限?
isRole = userManager.IsInRoleByCode(userId, "Admin");
if (isRole)
{
parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldCategoryCode, "Application"));
parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldEnabled, 1));
parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0));
returnValue = this.GetDataTable(parameters, BasePermissionItemEntity.FieldSortCode);
returnValue.TableName = this.CurrentTableName;
return returnValue;
}
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
string[] permissionItemIds = permissionScopeManager.GetTreeResourceScopeIds(userId, BasePermissionItemEntity.TableName, permissionItemCode, true);
// 有效的,未被删除的
parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldId, permissionItemIds));
parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldEnabled, 1));
parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0));
returnValue = this.GetDataTable(parameters, BasePermissionItemEntity.FieldSortCode);
returnValue.TableName = this.CurrentTableName;
return returnValue;
}
public int RevokePermissionItems(string[] roleIds, string permissionItemCode, string[] revokePermissionIds)
{
int returnValue = 0;
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
for (int i = 0; i < roleIds.Length; i++)
{
for (int j = 0; j < revokePermissionIds.Length; j++)
{
this.RevokePermissionItem(permissionScopeManager, roleIds[i], permissionItemCode, revokePermissionIds[j]);
returnValue++;
}
}
return returnValue;
}
/// <summary>
/// 员工撤销授权
/// </summary>
/// <param name="roleId">员工主键</param>
/// <param name="permissionItemId">权限主键</param>
/// <returns>主键</returns>
public int RevokePermissionItem(string roleId, string permissionItemCode, string revokePermissionId)
{
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
return this.RevokePermissionItem(permissionScopeManager, roleId, permissionItemCode, revokePermissionId);
}
public int RevokePermissionItems(string[] userIds, string permissionItemCode, string revokePermissionId)
{
int returnValue = 0;
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
for (int i = 0; i < userIds.Length; i++)
{
this.RevokePermissionItem(permissionScopeManager, userIds[i], permissionItemCode, revokePermissionId);
returnValue++;
}
return returnValue;
}
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="roleId">员工主键</param>
/// <param name="grantPermissionId">权限主键</param>
/// <returns>主键</returns>
private string GrantPermissionItem(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string grantPermissionId)
{
string returnValue = string.Empty;
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
resourcePermissionScopeEntity.ResourceCategory = BaseRoleEntity.TableName;
resourcePermissionScopeEntity.ResourceId = roleId;
resourcePermissionScopeEntity.TargetCategory = BasePermissionItemEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantPermissionId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
return permissionScopeManager.Add(resourcePermissionScopeEntity);
}
public int GrantPermissionItems(string[] userIds, string permissionItemCode, string[] grantPermissionIds)
{
int returnValue = 0;
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
for (int i = 0; i < userIds.Length; i++)
{
for (int j = 0; j < grantPermissionIds.Length; j++)
{
this.GrantPermissionItem(permissionScopeManager, userIds[i], permissionItemCode, grantPermissionIds[j]);
returnValue++;
}
}
return returnValue;
}
/// <summary>
/// 员工授予权限
/// </summary>
/// <param name="roleId">员工主键</param>
/// <param name="permissionItemId">权限主键</param>
/// <param name="organizeId">权组织机构限主键</param>
/// <returns>主键</returns>
public string GrantPermissionItem(string roleId, string permissionItemCode, string grantPermissionId)
{
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
return this.GrantPermissionItem(permissionScopeManager, roleId, permissionItemCode, grantPermissionId);
}
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="userId">员工主键</param>
/// <param name="grantModuleId">权限主键</param>
/// <returns>主键</returns>
private string GrantModule(BasePermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantModuleId)
{
string returnValue = string.Empty;
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
string permissionId = this.GetIdByCode(permissionItemCode);
if (string.IsNullOrEmpty(permissionId))
{
return string.Empty;
}
resourcePermissionScopeEntity.PermissionId = int.Parse(permissionId);
resourcePermissionScopeEntity.ResourceCategory = BaseUserEntity.TableName;
resourcePermissionScopeEntity.ResourceId = userId;
resourcePermissionScopeEntity.TargetCategory = BaseModuleEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantModuleId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
return permissionScopeManager.Add(resourcePermissionScopeEntity);
}
/// <summary>
/// 员工授予权限
/// </summary>
/// <param name="userId">员工主键</param>
/// <param name="permissionItemId">权限主键</param>
/// <param name="organizeId">权组织机构限主键</param>
/// <returns>主键</returns>
public string GrantModule(string userId, string permissionItemCode, string grantModuleId)
{
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName);
return this.GrantModule(permissionScopeManager, userId, permissionItemCode, grantModuleId);
}
/// <summary>
/// 员工授予权限
/// </summary>
/// <param name="userId">员工主键</param>
/// <param name="permissionItemId">权限主键</param>
/// <param name="organizeId">权组织机构限主键</param>
/// <returns>主键</returns>
public string GrantUser(string userId, string permissionItemCode, string grantUserId)
{
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
return(this.GrantUser(permissionScopeManager, userId, permissionItemCode, grantUserId));
}
