public int Add(string moduleId, string permissionItemId)
{
int returnValue = 0;
string[] names = new string[4];
string[] values = new string[4];
names[0] = PiPermissionTable.FieldResourceCategory;
values[0] = PiModuleTable.TableName;
names[1] = PiPermissionTable.FieldResourceId;
values[1] = moduleId;
names[2] = PiPermissionTable.FieldPermissionId;
values[2] = permissionItemId;
names[3] = PiPermissionTable.FieldDeleteMark;
values[3] = "0";
// 检查记录是否重复
if (!this.Exists(names, values))
{
PiPermissionEntity permissionEntity = new PiPermissionEntity
{
ResourceId = moduleId,
ResourceCategory = PiModuleTable.TableName,
Enabled = 1,
DeleteMark = 0,
PermissionId = permissionItemId
};
PiPermissionManager permissionManager = new PiPermissionManager(this.DBProvider, this.UserInfo);
permissionManager.AddEntity(permissionEntity);
returnValue++;
}
return(returnValue);
}
/// <summary>
/// 授予资源的权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="resourceCategory">资源分类</param>
/// <param name="resourceId">资源主键</param>
/// <param name="grantPermissionItemIds">操作权限主键</param>
/// <returns>影响的行数</returns>
public int GrantResourcePermission(UserInfo userInfo, string resourceCategory, string resourceId, string[] grantPermissionItemIds)
{
var returnValue = 0;
var parameter = ParameterUtil.CreateWithMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName, RDIFrameworkMessage.PermissionService_GrantResourcePermission);
ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider =>
{
if (grantPermissionItemIds != null)
{
var permissionManager = new PiPermissionManager(dbProvider, userInfo);
for (int i = 0; i < grantPermissionItemIds.Length; i++)
{
var resourcePermissionEntity = new PiPermissionEntity
{
ResourceCategory = resourceCategory,
ResourceId = resourceId,
PermissionId = grantPermissionItemIds[i],
Enabled = 1,
DeleteMark = 0
};
permissionManager.Add(resourcePermissionEntity);
returnValue++;
}
}
});
return(returnValue);
}
/// <summary>
/// 撤消资源的权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="resourceCategory">资源分类</param>
/// <param name="resourceId">资源主键</param>
/// <param name="revokePermissionItemIds">操作权限主键</param>
/// <returns>影响的行数</returns>
public int RevokeResourcePermission(UserInfo userInfo, string resourceCategory, string resourceId, string[] revokePermissionItemIds)
{
var returnValue = 0;
var parameter = ParameterUtil.CreateWithMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName, RDIFrameworkMessage.PermissionService_RevokeResourcePermission);
ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider =>
{
if (revokePermissionItemIds != null)
{
var permissionManager = new PiPermissionManager(dbProvider, userInfo);
string[] names = new string[3];
string[] values = new string[3];
names[0] = PiPermissionTable.FieldResourceCategory;
values[0] = resourceCategory;
names[1] = PiPermissionTable.FieldResourceId;
values[1] = resourceId;
names[2] = PiPermissionTable.FieldPermissionId;
for (int i = 0; i < revokePermissionItemIds.Length; i++)
{
values[2] = revokePermissionItemIds[i];
// returnValue += permissionManager.SetDeleted(names, values);
returnValue += permissionManager.Delete(names, values);
}
}
});
return(returnValue);
}
/// <summary>
/// 撤销组织机构全部权限
/// </summary>
/// <param name="organizeId">组织机构主键</param>
/// <returns>影响行数</returns>
public int RevokeAll(string organizeId)
{
PiPermissionManager permissionManager = new PiPermissionManager(DBProvider, UserInfo, this.CurrentTableName);
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >
{
new KeyValuePair <string, object>(PiPermissionTable.FieldResourceCategory, this.CurrentTableName),
new KeyValuePair <string, object>(PiPermissionTable.FieldResourceId, organizeId)
};
return(permissionManager.Delete(parameters));
}
public int Revoke(string[] organizeIds, string permissionItemId)
{
int returnValue = 0;
PiPermissionManager permissionManager = new PiPermissionManager(DBProvider, UserInfo, this.CurrentTableName);
for (int i = 0; i < organizeIds.Length; i++)
{
returnValue += this.Revoke(permissionManager, organizeIds[i], permissionItemId);
}
return(returnValue);
}
public int Revoke(string[] userIds, string permissionItemId)
{
int returnValue = 0;
PiPermissionManager permissionManager = new PiPermissionManager(DBProvider, UserInfo);
for (int i = 0; i < userIds.Length; i++)
{
returnValue += this.Revoke(permissionManager, userIds[i], permissionItemId);
}
return(returnValue);
}
//
// 撤销权限的实现部分
//
#region private int Revoke(PiPermissionManager permissionManager, string organizeId, string permissionItemId) 为了提高撤销的运行速度
/// <summary>
/// 为了提高撤销的运行速度
/// </summary>
/// <param name="permissionManager">资源权限读写器</param>
/// <param name="organizeId">组织机构主键</param>
/// <param name="permissionItemId">权限主键</param>
/// <returns>影响行数</returns>
private int Revoke(PiPermissionManager permissionManager, string organizeId, string permissionItemId)
{
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >
{
new KeyValuePair <string, object>(PiPermissionTable.FieldResourceCategory, PiOrganizeTable.TableName),
new KeyValuePair <string, object>(PiPermissionTable.FieldResourceId, organizeId),
new KeyValuePair <string, object>(PiPermissionTable.FieldPermissionId, permissionItemId)
};
return(permissionManager.Delete(parameters));
}
public int Grant(string[] roleIds, string permissionItemId)
{
int returnValue = 0;
PiPermissionManager permissionManager = new PiPermissionManager(DBProvider, UserInfo);
for (int i = 0; i < roleIds.Length; i++)
{
this.Grant(permissionManager, roleIds[i], permissionItemId);
returnValue++;
}
return(returnValue);
}
//
// 撤销权限的实现部分
//
#region private int Revoke(PiPermissionManager permissionManager, string userId, string permissionItemId) 为了提高撤销的运行速度
/// <summary>
/// 为了提高撤销的运行速度
/// </summary>
/// <param name="permissionManager">资源权限读写器</param>
/// <param name="userId">用户主键</param>
/// <param name="permissionItemId">权限主键</param>
/// <returns>影响行数</returns>
private int Revoke(PiPermissionManager permissionManager, string userId, string permissionItemId)
{
string[] names = new string[3];
string[] values = new string[3];
names[0] = PiPermissionTable.FieldResourceCategory;
values[0] = PiUserTable.TableName;
names[1] = PiPermissionTable.FieldResourceId;
values[1] = userId;
names[2] = PiPermissionTable.FieldPermissionId;
values[2] = permissionItemId;
return(permissionManager.Delete(names, values));
}
public int Grant(string organizeId, string[] permissionItemIds)
{
int returnValue = 0;
PiPermissionManager permissionManager = new PiPermissionManager(DBProvider, UserInfo, this.CurrentTableName);
for (int i = 0; i < permissionItemIds.Length; i++)
{
this.Grant(permissionManager, organizeId, permissionItemIds[i]);
returnValue++;
}
return(returnValue);
}
/// <summary>
/// 撤销用户全部权限
/// </summary>
/// <param name="userId">用户主键</param>
/// <returns>影响行数</returns>
public int RevokeAll(string userId)
{
PiPermissionManager permissionManager = new PiPermissionManager(DBProvider, UserInfo);
string[] names = new string[2];
string[] values = new string[2];
names[0] = PiPermissionTable.FieldResourceCategory;
values[0] = PiUserTable.TableName;
names[1] = PiPermissionTable.FieldResourceId;
values[1] = userId;
return(permissionManager.Delete(names, values));
}
public int Delete(string moduleId, string permissionItemId)
{
int returnValue = 0;
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >
{
new KeyValuePair <string, object>(PiPermissionTable.FieldResourceCategory, PiModuleTable.TableName),
new KeyValuePair <string, object>(PiPermissionTable.FieldResourceId, moduleId),
new KeyValuePair <string, object>(PiPermissionTable.FieldPermissionId, permissionItemId)
};
PiPermissionManager manager = new PiPermissionManager(this.DBProvider, this.UserInfo);
returnValue = manager.Delete(parameters);
return(returnValue);
}
public int Revoke(string[] roleIds, string[] permissionItemIds)
{
int returnValue = 0;
PiPermissionManager permissionManager = new PiPermissionManager(DBProvider, UserInfo);
for (int i = 0; i < roleIds.Length; i++)
{
for (int j = 0; j < permissionItemIds.Length; j++)
{
returnValue += this.Revoke(permissionManager, roleIds[i], permissionItemIds[j]);
}
}
return(returnValue);
}
//
// 授予权限的实现部分
//
#region private string Grant(PiPermissionManager permissionManager, string organizeId, string permissionItemId) 为了提高授权的运行速度
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionManager">资源权限读写器</param>
/// <param name="organizeId">组织机构主键</param>
/// <param name="permissionItemId">权限主键</param>
/// <returns>主键</returns>
private string Grant(PiPermissionManager permissionManager, string organizeId, string permissionItemId)
{
string returnValue = string.Empty;
PiPermissionEntity resourcePermission = new PiPermissionEntity
{
ResourceCategory = PiOrganizeTable.TableName,
ResourceId = organizeId,
PermissionId = permissionItemId,
Enabled = 1
};
// 防止不允许为NULL的错误发生
return(permissionManager.Add(resourcePermission));
}
public int Grant(string[] userIds, string permissionItemId)
{
int returnValue = 0;
CiSequenceManager sequenceManager = new CiSequenceManager(DBProvider);
string[] sequenceIds = sequenceManager.GetBatchSequence(PiPermissionTable.TableName, userIds.Length);
PiPermissionManager permissionManager = new PiPermissionManager(DBProvider, UserInfo);
for (int i = 0; i < userIds.Length; i++)
{
this.Grant(permissionManager, sequenceIds[i], userIds[i], permissionItemId);
returnValue++;
}
return(returnValue);
}
/// <summary>
/// 指定角色是否有相应的权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleId">角色主键</param>
/// <param name="permissionItemCode">权限编号</param>
/// <returns>是否有权限,true:是,false:否</returns>
public bool IsAuthorizedByRoleId(UserInfo userInfo, string roleId, string permissionItemCode)
{
var returnValue = false;
var parameter = ParameterUtil.CreateWithMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName, RDIFrameworkMessage.PermissionService_IsAuthorizedByRoleId);
ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider =>
{
// 是超级管理员,就不用继续判断权限了
returnValue = roleId.Equals("Administrators");
if (!returnValue)
{
returnValue = new PiPermissionManager(dbProvider, userInfo).CheckPermissionByRole(roleId, permissionItemCode);
}
});
return(returnValue);
}
//
// 授予权限的实现部分
//
#region private string Grant(PiPermissionManager permissionManager, string id, string userId, string permissionItemId) 为了提高授权的运行速度
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionManager">资源权限读写器</param>
/// <param name="id">主键</param>
/// <param name="userId">用户主键</param>
/// <param name="permissionItemId">权限主键</param>
/// <returns>主键</returns>
private string Grant(PiPermissionManager permissionManager, string id, string userId, string permissionItemId)
{
string returnValue = string.Empty;
PiPermissionEntity resourcePermissionEntity = new PiPermissionEntity
{
ResourceCategory = PiUserTable.TableName,
ResourceId = userId,
PermissionId = permissionItemId,
Enabled = 1
};
//存在相同的就不要再次重复授予了,以免产生垃圾数据
if (!this.Exists(new string[] { PiPermissionTable.FieldResourceCategory, PiPermissionTable.FieldResourceId, PiPermissionTable.FieldPermissionId, PiPermissionTable.FieldDeleteMark },
new object[] { PiUserTable.TableName, userId, permissionItemId, 0 }))
{
returnValue = permissionManager.Add(resourcePermissionEntity);
}
return(returnValue);
}
/// <summary>
/// 指定用户是否有相应的操作权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <param name="permissionItemCode">权限编号</param>
/// <param name="permissionItemName">权限名称</param>
/// <returns>是否有权限,true:是,false:否</returns>
public bool IsAuthorizedByUserId(UserInfo userInfo, string userId, string permissionItemCode, string permissionItemName = null)
{
var returnValue = false;
var parameter = ParameterUtil.CreateWithLog(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider =>
{
if (string.IsNullOrEmpty(userId))
{
userId = userInfo.Id;
}
#if (!DEBUG)
// 是超级管理员,就不用继续判断权限了
returnValue = new PiUserManager(dbProvider, userInfo).IsAdministrator(userId);
#endif
if (!returnValue)
{
returnValue = new PiPermissionManager(dbProvider, userInfo).CheckPermissionByUser(userId, permissionItemCode, permissionItemName);
}
});
return(returnValue);
}
/// <summary>
/// 撤销组织机构权限
/// </summary>
/// <param name="organizeId">组织机构主键</param>
/// <param name="permissionItemId">权限主键</param>
/// <returns>影响行数</returns>
public int Revoke(string organizeId, string permissionItemId)
{
PiPermissionManager permissionManager = new PiPermissionManager(DBProvider, UserInfo, this.CurrentTableName);
return(this.Revoke(permissionManager, organizeId, permissionItemId));
}
/// <summary>
/// 撤销员工权限
/// </summary>
/// <param name="userId">用户主键</param>
/// <param name="permissionItemId">权限主键</param>
/// <returns>影响行数</returns>
public int Revoke(string userId, string permissionItemId)
{
PiPermissionManager permissionManager = new PiPermissionManager(DBProvider, UserInfo);
return(this.Revoke(permissionManager, userId, permissionItemId));
}
/// <summary>
/// 用户授予权限
/// </summary>
/// <param name="userId">用户主键</param>
/// <param name="permissionItemId">权限主键</param>
public string Grant(string userId, string permissionItemId)
{
PiPermissionManager permissionManager = new PiPermissionManager(DBProvider, UserInfo);
return(this.Grant(permissionManager, string.Empty, userId, permissionItemId));
}
