public DataSet GetUserApplications(string userValue,
UserValueType userValueType,
RightMaskType rightMask,
DelegationMaskType delegationMask)
{
return(SecurityCheck.GetUserApplications(userValue, userValueType, rightMask, delegationMask));
}
/// <remarks/>
public System.IAsyncResult BeginGetFunctions(string appCodeName, RightMaskType rightMask, System.AsyncCallback callback, object asyncState)
{
return(this.BeginInvoke("GetFunctions", new object[] {
appCodeName,
rightMask
}, callback, asyncState));
}
public DataSet GetUserAllowDelegteRoles(string userValue,
string appCodeName,
UserValueType userValueType,
RightMaskType rightMask)
{
return(SecurityCheck.GetUserAllowDelegteRoles(userValue, appCodeName, userValueType, rightMask));
}
public DataSet GetUserPermissions(string userValue,
string appCodeName,
UserValueType userValueType,
RightMaskType rightMask,
DelegationMaskType delegationMask)
{
return(SecurityCheck.GetUserPermissions(userValue, appCodeName, userValueType, rightMask, delegationMask));
}
public System.Data.DataSet GetFunctions(string appCodeName, RightMaskType rightMask)
{
object[] results = this.Invoke("GetFunctions", new object[] {
appCodeName,
rightMask
});
return((System.Data.DataSet)(results[0]));
}
public DataSet GetRoles(string appCodeName, RightMaskType rightMask)
{
string[] schemaTypes = new string[] { "Roles" };
SchemaObjectCollection objs = SCSnapshotAdapter.Instance.QueryApplicationObjectsByCodeName(schemaTypes, appCodeName, false, DateTime.MinValue);
DataSet ds = new DataSet();
ds.Tables.Add(QueryHelper.GetAppObjectTableBuilder(schemaTypes).Convert(objs));
return(ds);
}
public DataSet GetFunctions(string appCodeName, RightMaskType rightMask)
{
string[] schemaTypes = SchemaInfo.FilterByCategory("Permissions").ToSchemaNames();
SchemaObjectCollection objs = SCSnapshotAdapter.Instance.QueryApplicationObjectsByCodeName(schemaTypes, appCodeName, false, DateTime.MinValue);
DataSet ds = new DataSet();
ds.Tables.Add(QueryHelper.GetAppObjectTableBuilder(schemaTypes).Convert(objs));
return(ds);
}
/// <summary>
/// 得到某个应用的所有表达式
/// </summary>
/// <param name="appCodeName"></param>
/// <param name="rightMask"></param>
/// <returns></returns>
private static DataTable GetAllExpressionsInApp(string appCodeName, RightMaskType rightMask)
{
string sql = string.Format("SELECT E.* FROM APPLICATIONS APP INNER JOIN ROLES R ON APP.ID = R.APP_ID INNER JOIN EXPRESSIONS E ON R.ID = E.ROLE_ID WHERE APP.CODE_NAME = '{0}'",
appCodeName);
switch (rightMask)
{
case RightMaskType.App:
sql += " AND R.CLASSIFY = 'n'";
break;
case RightMaskType.Self:
sql += " AND R.CLASSIFY = 'y'";
break;
}
return(OGUCommonDefine.ExecuteDataset(sql).Tables[0]);
}
/// <summary>
/// 得到用户在某个应用下的角色
/// </summary>
/// <param name="userID"></param>
/// <param name="appCodeName"></param>
/// <param name="rightMask"></param>
/// <returns></returns>
public static DataSet GetUserAppRoles(
string userID,
string appCodeName,
RightMaskType rightMask)
{
IList <string> deptIDs = PrepareUserDepartmentIDs(userID);
DataTable tableExpression = GetAllExpressionsInApp(appCodeName, rightMask);
ExpContext context = new ExpContext();
DataTable userTable = OGUReader.GetObjectsDetail("USERS", userID, SearchObjectColumn.SEARCH_GUID, string.Empty, SearchObjectColumn.SEARCH_NULL, "RANK_CODE").Tables[0];
ExceptionHelper.FalseThrow(userTable.Rows.Count > 0, "不能找到User ID为{0}的用户信息", userID);
context.UserRow = userTable.Rows[0];
context.UserDepts = deptIDs;
context.RankDefine = OGUReader.GetRankDefine(2).Tables[0].Rows;
context.UserGroups = PrepareUserGroupIDs(userID);
return(GetUserRolesDS(tableExpression, context));
}
/// <summary>
/// 得到用户在某个应用下的角色
/// </summary>
/// <param name="userID"></param>
/// <param name="appCodeName"></param>
/// <param name="rightMask"></param>
/// <returns></returns>
public static DataSet GetUserAppRoles(
string userID,
string appCodeName,
RightMaskType rightMask)
{
IList<string> deptIDs = PrepareUserDepartmentIDs(userID);
DataTable tableExpression = GetAllExpressionsInApp(appCodeName, rightMask);
ExpContext context = new ExpContext();
DataTable userTable = OGUReader.GetObjectsDetail("USERS", userID, SearchObjectColumn.SEARCH_GUID, string.Empty, SearchObjectColumn.SEARCH_NULL, "RANK_CODE").Tables[0];
ExceptionHelper.FalseThrow(userTable.Rows.Count > 0, "不能找到User ID为{0}的用户信息", userID);
context.UserRow = userTable.Rows[0];
context.UserDepts = deptIDs;
context.RankDefine = OGUReader.GetRankDefine(2).Tables[0].Rows;
context.UserGroups = PrepareUserGroupIDs(userID);
return GetUserRolesDS(tableExpression, context);
}
private static DataSet GetUserRoles(string userID,
string userAllPath,
string appCodeName,
RightMaskType rightMask,
DelegationMaskType delegationMask)
{
return GetUserRoles(userID, userAllPath, appCodeName, rightMask, delegationMask, string.Empty);
}
public DataSet GetFunctions(string appCodeName, RightMaskType rightMask)
{
return(SecurityCheck.GetFunctions(appCodeName, rightMask));
}
/// <summary>
/// 查询指定人员所拥有的所有应用信息
/// </summary>
/// <param name="userValue">用户身份标识(由userValueType参数指定类型)</param>
/// <param name="userValueType">用户身份标识类型(UserValueType.LogonName:登录名, UserValueType.AllPath:全路径)</param>
/// <param name="rightMask">权限类型</param>
/// <returns></returns>
public static DataSet GetUserApplications(string userValue, UserValueType userValueType, RightMaskType rightMask)
{
return GetUserApplications(userValue, userValueType, rightMask, DelegationMaskType.All);
}
public System.Data.DataSet GetFunctions(string appCodeName, RightMaskType rightMask)
{
object[] results = this.Invoke("GetFunctions", new object[] {
appCodeName,
rightMask});
return ((System.Data.DataSet)(results[0]));
}
public System.Data.DataSet GetUserAllowDelegteRoles(string userValue, string appCodeName, UserValueType userValueType, RightMaskType rightMask)
{
object[] results = this.Invoke("GetUserAllowDelegteRoles", new object[] {
userValue,
appCodeName,
userValueType,
rightMask});
return ((System.Data.DataSet)(results[0]));
}
private static string GetValidDelegations_SqlStr(string appCodeName,
string roleCodeNames,
RightMaskType rightMask,
string userID,
string strFieldName)
{
string strAppFilter = string.Empty;
if (appCodeName != string.Empty)
strAppFilter = string.Format("AND APP_ID IN ( SELECT ID FROM APPLICATIONS WHERE CODE_NAME = {0} )",
TSqlBuilder.Instance.CheckQuotationMark(appCodeName, true));
string strRoleFilter = string.Empty;
if (roleCodeNames != string.Empty)
strRoleFilter = string.Format(" AND CODE_NAME IN ({0}) ", OGUCommonDefine.AddMulitStrWithQuotationMark(roleCodeNames));
string strRightFilter = string.Empty;
if (rightMask == RightMaskType.App)
{
strRightFilter = "AND CLASSIFY = 'n' ";
}
else if (rightMask == RightMaskType.Self)
{
strRightFilter = "AND CLASSIFY = 'y' ";
}
string strUserFilter = string.Empty;
if (strFieldName != string.Empty)
strUserFilter = string.Format(" AND {0} = {1} ", strFieldName, OGUCommonDefine.AddMulitStrWithQuotationMark(userID));
string strReturn = string.Format(@"
SELECT DISTINCT SOURCE_ID, TARGET_ID, ROLE_ID FROM DELEGATIONS
WHERE ROLE_ID IN
(SELECT ID FROM ROLES
WHERE ALLOW_DELEGATE = 'y'
{0}
{1}
{2})
AND GETDATE() BETWEEN START_TIME AND END_TIME
{3} ", strAppFilter, strRoleFilter, strRightFilter, strUserFilter);
#if DEBUG
Debug.WriteLine(strReturn);
#endif
return strReturn;
}
/// <remarks/>
public System.IAsyncResult BeginGetUserAllowDelegteRoles(string userValue, string appCodeName, UserValueType userValueType, RightMaskType rightMask, System.AsyncCallback callback, object asyncState)
{
return(this.BeginInvoke("GetUserAllowDelegteRoles", new object[] {
userValue,
appCodeName,
userValueType,
rightMask
}, callback, asyncState));
}
//找到对于委派者,有效的委派
private static string GetValidDelegationsForSource_SqlStr(string userID, string appCodeName, string roleCodeNames, RightMaskType rightMask)
{
return GetValidDelegations_SqlStr(appCodeName, roleCodeNames, rightMask, userID, "SOURCE_ID");
}
//找出对于指定应用中指定角色,有效的委派
private static string GetValidDelegationsForAppRole_SqlStr(string appCodeName, string roleCodeNames, RightMaskType rightMask)
{
return GetValidDelegations_SqlStr(appCodeName, roleCodeNames, rightMask, string.Empty, string.Empty);
}
/// <summary>
/// 找到对于被委派者,有效的委派
/// </summary>
/// <param name="userID"></param>
/// <param name="appCodeName"></param>
/// <param name="rightMask"></param>
/// <param name="roleCodeNames"></param>
/// <returns></returns>
private static string GetValidDelegationsForTarget_SqlStr(string userID, string appCodeName, string roleCodeNames, RightMaskType rightMask)
{
return GetValidDelegations_SqlStr(appCodeName, roleCodeNames, rightMask, userID, "TARGET_ID");
}
/// <summary>
/// 得到用户所在的表达式IDs(包括委派),本函数进行原始权限和委派权限的相关处理,细节处理由其重载函数完成
/// </summary>
/// <param name="userID"></param>
/// <param name="appCodeName"></param>
/// <param name="userAllPath"></param>
/// <param name="rightMask"></param>
/// <param name="delegationMask"></param>
/// <param name="roleCodeNames">角色范围限定,由角色的code_name串表示</param>
/// <returns></returns>
private static string GetUserExpressionIDs_SqlStr(string userID,
string userAllPath,
string appCodeName,
RightMaskType rightMask,
DelegationMaskType delegationMask,
string roleCodeNames)
{
if (userID == string.Empty)
return string.Empty;
//原始的权限对应的表达式IDs
string strExpIDs_O = string.Empty;
//委派的权限对应的表达式IDs
string strExpIDs_D = string.Empty;
string strSql = string.Empty;
DataTable expDT = null;
if ((delegationMask & DelegationMaskType.Original) != DelegationMaskType.None)
{
strSql = GetUserExpressionIDs_SqlStr2(userID, userAllPath, appCodeName, rightMask, string.Empty);
if (strSql != string.Empty)
{
expDT = OGUCommonDefine.ExecuteDataset(strSql).Tables[0];
foreach (DataRow row in expDT.Rows)
{
if (row[0].ToString() == string.Empty)
continue;
if (strExpIDs_O == string.Empty)
strExpIDs_O = "'" + row[0].ToString() + "'";
else
strExpIDs_O += ",'" + row[0].ToString() + "'";
}
}
else
return string.Empty;
}
string strSql2 = string.Empty;
//读委派权限类人员??
if ((delegationMask & DelegationMaskType.Delegated) != DelegationMaskType.None)
{
strSql2 = GetValidDelegationsForTarget_SqlStr(userID, appCodeName, roleCodeNames, rightMask);
DataSet ds = OGUCommonDefine.ExecuteDataset(strSql2);
if (ds.Tables[0].Rows.Count > 0)
{
foreach (DataRow row in ds.Tables[0].Rows)
{
//委派人 在 相应的角色 中, 才能证明被委派在此角色中。 所以设置了row["ROLE_ID"].ToString()参数。
strSql2 = GetUserExpressionIDs_SqlStr2(row["SOURCE_ID"].ToString(),
string.Empty,
appCodeName,
rightMask,
row["ROLE_ID"].ToString());
if (strSql2 != string.Empty)
{
expDT = OGUCommonDefine.ExecuteDataset(strSql2).Tables[0];
foreach (DataRow row2 in expDT.Rows)
{
if (row2[0].ToString() == string.Empty)
continue;
if (strExpIDs_D == string.Empty)
strExpIDs_D = "'" + row2[0].ToString() + "'";
else
strExpIDs_D += ",'" + row2[0].ToString() + "'";
}
}
}
}
}
//合并结果
// strRoleIDs_O += "," + strRoleIDs_D ;
if (strExpIDs_O != string.Empty && strExpIDs_D != string.Empty)
strSql = string.Format("{0},{1}", strExpIDs_O, strExpIDs_D);
else if (strExpIDs_O == string.Empty && strExpIDs_D == string.Empty)
strSql = string.Empty;
else
strSql = strExpIDs_O + strExpIDs_D;
return strSql;
}
/// <summary>
///
/// </summary>
/// <param name="userID"></param>
/// <param name="appCodeName"></param>
/// <param name="userAllPath"></param>
/// <param name="rightMask"></param>
/// <param name="delegationMask"></param>
/// <param name="roleCodeNames">角色范围限定,由角色的code_name串表示</param>
/// <returns></returns>
private static string GetUserRoles_SqlStr(string userID,
string userAllPath,
string appCodeName,
RightMaskType rightMask,
DelegationMaskType delegationMask,
string roleCodeNames)
{
string strSql = GetUserExpressionIDs_SqlStr(userID, userAllPath, appCodeName, rightMask, delegationMask, roleCodeNames);
if (strSql != string.Empty)
strSql = string.Format(@"
SELECT DISTINCT R.ID, R.APP_ID, R.NAME, R.CODE_NAME, R.DESCRIPTION, R.CLASSIFY, R.SORT_ID, R.ALLOW_DELEGATE, R.INHERITED
FROM ROLES R, EXPRESSIONS E
WHERE R.ID = E.ROLE_ID
AND E.ID IN ({0})", strSql);
return strSql;
}
public DataSet GetUserPermissions(string userValue, string appCodeName, UserValueType userValueType, RightMaskType rightMask, DelegationMaskType delegationMask)
{
string[] schemaTypes = SchemaInfo.FilterByCategory("Roles").ToSchemaNames();
string[] userIDs = OGUReaderService.SplitObjectValues(userValue);
SCObjectAndRelationCollection users = OGUReaderService.GetSearchAdapter(GetSearchOUIDType(userValueType), SchemaInfo.FilterByCategory("Users").ToSchemaNames(), userIDs, false).QueryObjectsAndRelations();
SchemaObjectCollection roles = SCSnapshotAdapter.Instance.QueryUserBelongToPermissions(schemaTypes, appCodeName, users.ToIDArray(), false, DateTime.MinValue);
DataSet ds = new DataSet();
ds.Tables.Add(QueryHelper.GetAppObjectTableBuilder(schemaTypes).Convert(roles));
return(ds);
}
//added by yangrui 2005.1
/// <summary>
/// 得到一个用户所在的表达式(不包括委派的权限)
/// </summary>
/// <param name="userID"></param>
/// <param name="appCodeName"></param>
/// <param name="userAllPath"></param>
/// <param name="rightMask"></param>
/// <param name="strRoleID">角色Guid,为空时,指所有角色</param>
/// <returns>没有符合情况时,返回空串</returns>
private static string GetUserExpressionIDs_SqlStr2(string userID,
string userAllPath,
string appCodeName,
RightMaskType rightMask,
string strRoleID)
{
if (userID == string.Empty)
return string.Empty;
string strSql = string.Empty;
//得到用户Guid, 所在部门的Guid等
if (userAllPath == string.Empty)
{
strSql = string.Format(@"
SELECT DISTINCT OU.USER_GUID, OU.PARENT_GUID PARENT_GUID, OU.GLOBAL_SORT, RD.SORT_ID
FROM USERS U
INNER JOIN OU_USERS OU ON U.GUID = OU.USER_GUID
LEFT JOIN RANK_DEFINE RD ON U.RANK_CODE = RD.CODE_NAME
WHERE U.GUID = {0}", TSqlBuilder.Instance.CheckQuotationMark(userID, true));
}
else
{
strSql = string.Format(@"
SELECT DISTINCT OU.USER_GUID, OU.PARENT_GUID PARENT_GUID, OU.GLOBAL_SORT, RD.SORT_ID
FROM USERS U
INNER JOIN OU_USERS OU ON U.GUID = OU.USER_GUID
LEFT JOIN RANK_DEFINE RD ON U.RANK_CODE = RD.CODE_NAME
WHERE U.GUID IN ({0}) AND OU.ALL_PATH_NAME IN ({1})",
OGUCommonDefine.AddMulitStrWithQuotationMark(userID),
OGUCommonDefine.AddMulitStrWithQuotationMark(userAllPath));
}
// switch (userValueType)
// {
// case UserValueType.AllPath:
// strSql = string.Format(@"
//SELECT OU.USER_GUID, OU.PARENT_GUID, OU.GLOBAL_SORT, RD.SORT_ID
//FROM USERS U
// INNER JOIN OU_USERS OU
// ON U.GUID = OU.USER_GUID
// LEFT JOIN RANK_DEFINE RD
// ON U.RANK_CODE = RD.CODE_NAME
//WHERE ALL_PATH_NAME = {0}", TSqlBuilder.Instance.CheckQuotationMark(userValue));
// break;
// case UserValueType.Guid:
// strSql = string.Format(@"
//SELECT OU.USER_GUID, OU.PARENT_GUID PARENT_GUID, OU.GLOBAL_SORT, RD.SORT_ID
//FROM USERS U
// INNER JOIN OU_USERS OU
// ON U.GUID = OU.USER_GUID
// LEFT JOIN RANK_DEFINE RD
// ON U.RANK_CODE = RD.CODE_NAME
//WHERE U.GUID = {0}", TSqlBuilder.Instance.CheckQuotationMark(userValue));
// break;
// case UserValueType.ICCode:
// strSql = string.Format(@"
//SELECT OU.USER_GUID, OU.PARENT_GUID PARENT_GUID, OU.GLOBAL_SORT, RD.SORT_ID
//FROM USERS U
// INNER JOIN OU_USERS OU
// ON U.GUID = OU.USER_GUID
// LEFT JOIN RANK_DEFINE RD
// ON U.RANK_CODE = RD.CODE_NAME
//WHERE U.IC_CARD = {0}", TSqlBuilder.Instance.CheckQuotationMark(userValue));
// break;
// case UserValueType.LogonName:
// strSql = string.Format(@"
//SELECT OU.USER_GUID, OU.PARENT_GUID PARENT_GUID, OU.GLOBAL_SORT, RD.SORT_ID
//FROM USERS U
// INNER JOIN OU_USERS OU
// ON U.GUID = OU.USER_GUID
// LEFT JOIN RANK_DEFINE RD
// ON U.RANK_CODE = RD.CODE_NAME
//WHERE U.LOGON_NAME = {0}", TSqlBuilder.Instance.CheckQuotationMark(userValue));
// break;
// case UserValueType.PersonID:
// strSql = string.Format(@"
//SELECT OU.USER_GUID, OU.PARENT_GUID PARENT_GUID, OU.GLOBAL_SORT, RD.SORT_ID
//FROM USERS U
// INNER JOIN OU_USERS OU
// ON U.GUID = OU.USER_GUID
// LEFT JOIN RANK_DEFINE RD
// ON U.RANK_CODE = RD.CODE_NAME
//WHERE U.PERSON_ID = {0}", TSqlBuilder.Instance.CheckQuotationMark(userValue));
// break;
// }
//把用户的基本信息写入表变量
strSql = string.Format(@"
DECLARE @USER_TABLE TABLE
(
[USER_GUID] [nvarchar] (36) NOT NULL ,
[PARENT_GUID] [nvarchar] (36) NOT NULL ,
[GLOBAL_SORT] [nvarchar] (255) NOT NULL ,
[SORT_ID] [int] NOT NULL
);
INSERT INTO @USER_TABLE {0}
", strSql);
//找到符合条件的表达式,并存入表变量
//过滤表达式对应的角色类型
string strTemp = string.Empty;
if (rightMask == RightMaskType.App)
strTemp += " AND ROLE_ID IN ( SELECT ID FROM ROLES WHERE CLASSIFY = 'n')";
else if (rightMask == RightMaskType.Self)
strTemp += " AND ROLE_ID IN ( SELECT ID FROM ROLES WHERE CLASSIFY = 'y')";
//简单查询被授权对象过滤条件
string strExp = string.Empty;
if (strTemp == string.Empty && appCodeName == string.Empty)
{
strExp += string.Format(@" WHERE ( CLASSIFY = 1 OR CLASSIFY = 2 OR (CLASSIFY = 0 AND EXPRESSION LIKE '%{0}%')) ", userID);
}
else
{
strExp += @"
SELECT DISTINCT E.EXPRESSION, E.CLASSIFY, E.ID, E.ROLE_ID
FROM EXPRESSIONS E
INNER JOIN ROLES R ON E.ROLE_ID = R.ID";
strExp = " WHERE 1=1";
if (appCodeName != string.Empty)
strExp += string.Format(@"
AND ROLE_ID IN ( SELECT ID FROM ROLES WHERE ROLES.APP_ID IN (SELECT ID FROM APPLICATIONS WHERE CODE_NAME IN ({0})))",
OGUCommonDefine.AddMulitStrWithQuotationMark(appCodeName));
strExp += string.Format("\n AND ( CLASSIFY = 1 OR CLASSIFY = 2 OR (CLASSIFY = 0 AND EXPRESSION LIKE '%{0}%'))", userID);
if (strTemp != string.Empty)
strExp += strTemp;
}
if (strRoleID != string.Empty)
strExp += string.Format(" AND ROLE_ID = {0}", TSqlBuilder.Instance.CheckQuotationMark(strRoleID, true));
//解析表达式,并将解析结果写入表变量中,作为其后表连接的依据
string strReturnSql = string.Empty;
strReturnSql = string.Format(" {0} \n {1} \n",
strSql, ParseExpsToTable_SqlStr2(strExp));
//则找出机构的排序串
strReturnSql += @"
DECLARE @ORG_SORT TABLE
(
[GLOBAL_SORT] [nvarchar] (255) NOT NULL,
[EXP_GUID] [nvarchar] (36) NOT NULL,
[SORT_ID] [int] NOT NULL
);
INSERT INTO @ORG_SORT
SELECT DISTINCT O.GLOBAL_SORT, T.ID, T.SORT_ID
FROM ORGANIZATIONS O
INNER JOIN @EXP_TABLE T ON O.GUID = T.OBJ_GUID
WHERE T.CLASSIFY = '1' AND @DPT_COUNT > 0 ";
strReturnSql += "\n SELECT '' ID \n";
strReturnSql += string.Format("\n UNION {0}", GetExpressionsForUser_SqlStr("USERS"));
strReturnSql += string.Format("\n UNION {0}", GetExpressionsForUser_SqlStr("ORGANIZATIONS"));
strReturnSql += string.Format("\n UNION {0}", GetExpressionsForUser_SqlStr("GROUPS"));
return strReturnSql;
}
/// <summary>
/// 生成语句:查询指定应用中,指定类别的所有功能
/// </summary>
/// <param name="appCodeName"></param>
/// <param name="rightMask">rightMask(掩码): 1:自授权; 2:应用授权; 3:全部 </param>
/// <returns></returns>
private static string GetFunctions_SqlStr(string appCodeName, RightMaskType rightMask)
{
string strSql = @"
SELECT F.ID, F.APP_ID, F.NAME, F.CODE_NAME, F.DESCRIPTION, F.SORT_ID, F.CLASSIFY, F.INHERITED
FROM FUNCTIONS F, APPLICATIONS A
WHERE F.APP_ID = A.ID
AND A.CODE_NAME = {0}
";
strSql = string.Format(strSql, TSqlBuilder.Instance.CheckQuotationMark(appCodeName, true));
//ExceptionHelper.TrueThrow<ApplicationException>((rightMask & RightMaskType.All) == RightMaskType.None, "请正确设定要查询的功能类型!");
string strTypeCondition = string.Empty;
rightMask = rightMask & RightMaskType.All;
switch (rightMask)
{
case RightMaskType.Self:
strTypeCondition = " AND F.CLASSIFY = 'y'";
break;
case RightMaskType.App:
strTypeCondition = " AND F.CLASSIFY = 'n'";
break;
case RightMaskType.All:
strTypeCondition = "";
break;
}
return strSql + strTypeCondition;
}
//查询指定用户,在指定应用中所拥有的可委派角色
private static DataSet GetUserAllowDelegteRoles(string userID, string userAllPath, string appCodeName, RightMaskType rightMask)
{
string strSql = @"
SELECT R.ID, R.APP_ID, R.NAME, R.CODE_NAME, R.DESCRIPTION, R.CLASSIFY, R.SORT_ID, R.ALLOW_DELEGATE, R.INHERITED
FROM ROLES R
WHERE 1>1 ";
if (userID != string.Empty)
{
//得到所有相应角色
string strSql2 = GetUserRoles_SqlStr(userID, userAllPath, appCodeName, rightMask, DelegationMaskType.Original, string.Empty);
if (strSql2 != string.Empty)
{
strSql = @"
SELECT R.ID, R.APP_ID, R.NAME, R.CODE_NAME, R.DESCRIPTION, R.CLASSIFY, R.SORT_ID, R.ALLOW_DELEGATE, R.INHERITED,
D.ROLE_ID, D.SOURCE_ID, D.TARGET_ID, D.START_TIME, D.END_TIME
FROM ({0} AND ALLOW_DELEGATE = 'y') AS R
LEFT OUTER JOIN DELEGATIONS D
ON R.ID = D.ROLE_ID AND D.SOURCE_ID IN ( {1} )";
strSql = string.Format(strSql, strSql2, OGUCommonDefine.AddMulitStrWithQuotationMark(userID));
strSql += "\n ORDER BY CLASSIFY DESC, SORT_ID";
}
}
return OGUCommonDefine.ExecuteDataset(strSql);
}
/// <summary>
/// 查询指定应用中,指定类别的所有角色
/// </summary>
/// <param name="appCodeName">应用的英文标识</param>
/// <param name="rightMask">权限类型</param>
/// <returns></returns>
public static DataSet GetRoles(string appCodeName, RightMaskType rightMask)
{
string cacheKey = InnerCacheHelper.BuildCacheKey(appCodeName, rightMask);
DataSet result;
//if (false == GetRolesQueue.Instance.TryGetValue(cacheKey, out result))
//{
// lock (typeof(GetRolesQueue))//.CacheQueueSync)
// {
if (false == GetRolesQueue.Instance.TryGetValue(cacheKey, out result))
{
using (DbContext context = DbContext.GetContext(CommonResource.AppConnAlias))
{
string strSql = GetRoles_SqlStr(appCodeName, rightMask);
strSql += "\n ORDER BY R.CLASSIFY DESC, R.SORT_ID";
result = OGUCommonDefine.ExecuteDataset(strSql);
}
GetRolesQueue.Instance.Add(cacheKey, result, InnerCacheHelper.PrepareDependency());
}
// }
//}
return result;
}
//查询指定人员,在指定应用具有的权限(功能)
private static DataSet GetUserPermissions(string userID, string userAllPath, string appCodeName, RightMaskType rightMask, DelegationMaskType delegationMask)
{
string strSql = GetUserPermissions_SqlStr(userID, userAllPath, appCodeName, rightMask, delegationMask);
strSql += "\n ORDER BY APP_ID, CLASSIFY DESC, SORT_ID";
return OGUCommonDefine.ExecuteDataset(strSql);
}
public System.Data.DataSet GetUserApplications(string userValue, UserValueType userValueType, RightMaskType rightMask, DelegationMaskType delegationMask)
{
object[] results = this.Invoke("GetUserApplications", new object[] {
userValue,
userValueType,
rightMask,
delegationMask});
return ((System.Data.DataSet)(results[0]));
}
//生成语句:查询指定人员,在指定应用具有的权限(功能)
private static string GetUserPermissions_SqlStr(string userID, string userAllPath, string appCodeName, RightMaskType rightMask, DelegationMaskType delegationMask)
{
//得到人员所拥有的角色
string strSql = GetUserRoles_SqlStr(userID, userAllPath, appCodeName, rightMask, delegationMask, string.Empty);
if (strSql != string.Empty)
{
strSql = string.Format(@"
SELECT DISTINCT F.ID, F.APP_ID, F.NAME, F.CODE_NAME, F.DESCRIPTION, F.SORT_ID, F.CLASSIFY, F.INHERITED
FROM FUNCTIONS F, ROLE_TO_FUNCTIONS RTF
WHERE F.ID = RTF.FUNC_ID
AND RTF.ROLE_ID IN (SELECT ID FROM ({0}) AS T1) ", strSql);
}
else
strSql = "SELECT F.ID, F.APP_ID, F.NAME, F.CODE_NAME, F.DESCRIPTION, F.SORT_ID, F.CLASSIFY, F.INHERITED FROM FUNCTIONS F WHERE 1>1";
return strSql;
}
/// <summary>
/// 得到某个应用的所有表达式
/// </summary>
/// <param name="appCodeName"></param>
/// <param name="rightMask"></param>
/// <returns></returns>
private static DataTable GetAllExpressionsInApp(string appCodeName, RightMaskType rightMask)
{
string sql = string.Format("SELECT E.* FROM APPLICATIONS APP INNER JOIN ROLES R ON APP.ID = R.APP_ID INNER JOIN EXPRESSIONS E ON R.ID = E.ROLE_ID WHERE APP.CODE_NAME = '{0}'",
appCodeName);
switch (rightMask)
{
case RightMaskType.App:
sql += " AND R.CLASSIFY = 'n'";
break;
case RightMaskType.Self:
sql += " AND R.CLASSIFY = 'y'";
break;
}
return OGUCommonDefine.ExecuteDataset(sql).Tables[0];
}
//查询指定人员的应用角色信息
private static DataSet GetUserApplicationsRoles(string userID, string userAllPath, RightMaskType rightMask, DelegationMaskType delegationMask)
{
//modified by yangrui 2005.1
string strSql = GetUserRoles_SqlStr(userID, userAllPath, string.Empty, rightMask, delegationMask, string.Empty);
if (strSql == string.Empty)
{
strSql = @"
SELECT DISTINCT A.NAME APP_NAME, A.CODE_NAME APP_CODE_NAME, A.RESOURCE_LEVEL APP_RESOURCE_LEVEL, R.ID, R.APP_ID, R.NAME, R.CODE_NAME,
R.DESCRIPTION, R.CLASSIFY, R.SORT_ID, R.ALLOW_DELEGATE, R.INHERITED
FROM APPLICATIONS A
INNER JOIN ROLES R ON R.APP_ID = A.ID
WHERE 1>1 ";
}
else
{
strSql = string.Format(@"
SELECT DISTINCT A.NAME APP_NAME, A.CODE_NAME APP_CODE_NAME, A.RESOURCE_LEVEL APP_RESOURCE_LEVEL, R.ID, R.APP_ID, R.NAME, R.CODE_NAME,
R.DESCRIPTION, R.CLASSIFY, R.SORT_ID, R.ALLOW_DELEGATE, R.INHERITED
FROM ({0}) AS R
INNER JOIN APPLICATIONS A ON R.APP_ID = A.ID ", strSql);
strSql += "\n ORDER BY RESOURCE_LEVEL, CLASSIFY DESC, R.SORT_ID";
}
return OGUCommonDefine.ExecuteDataset(strSql);
}
/// <summary>
/// 查询指定人员所拥有的所有可进行委派操作的应用信息
/// </summary>
/// <param name="userValue">用户身份标识(由userValueType参数指定类型)</param>
/// <param name="userValueType">用户身份标识类型(UserValueType.LogonName:登录名, UserValueType.AllPath:全路径)</param>
/// <param name="rightMask">权限类型</param>
/// <returns></returns>
public static DataSet GetUserApplicationsForDelegation(string userValue, UserValueType userValueType, RightMaskType rightMask)
{
string cacheKey = InnerCacheHelper.BuildCacheKey(userValue, userValueType, rightMask);
DataSet result;
//if (false == GetUserApplicationsForDelegationQueue.Instance.TryGetValue(cacheKey, out result))
//{
// lock (typeof(GetUserApplicationsForDelegationQueue))//.CacheQueueSync)
// {
if (false == GetUserApplicationsForDelegationQueue.Instance.TryGetValue(cacheKey, out result))
{
using (DbContext context = DbContext.GetContext(CommonResource.AppConnAlias))
{
string strUserIDs = string.Empty;
strUserIDs = GetUserGuids(userValue, userValueType);
if (userValueType == UserValueType.AllPath)
{
result = GetUserApplicationsForDelegation(strUserIDs, userValue, rightMask);
}
else
{
result = GetUserApplicationsForDelegation(strUserIDs, string.Empty, rightMask);
}
}
GetUserApplicationsForDelegationQueue.Instance.Add(cacheKey, result, InnerCacheHelper.PrepareDependency());
}
// }
//}
return result;
}
public DataSet GetUserRoles2(string userValue, string appCodeName, UserValueType userValueType, RightMaskType rightMask, DelegationMaskType delegationMask, bool includeMatrixUsers)
{
string[] schemaTypes = SchemaInfo.FilterByCategory("Roles").ToSchemaNames();
string[] userIDs = OGUReaderService.SplitObjectValues(userValue);
SCObjectAndRelationCollection users = OGUReaderService.GetSearchAdapter(GetSearchOUIDType(userValueType), SchemaInfo.FilterByCategory("Users").ToSchemaNames(), userIDs, false).QueryObjectsAndRelations();
SchemaObjectCollection roles = SCSnapshotAdapter.Instance.QueryUserBelongToRoles(schemaTypes, appCodeName, users.ToIDArray(), false, DateTime.MinValue);
if (includeMatrixUsers)
{
List <string> matachedRoleIDs = GetUserRoleIDsInMatrix(users.ToIDArray(), appCodeName);
//过滤掉已经在之前查询过的角色
matachedRoleIDs = matachedRoleIDs.FindAll(rID => roles.ContainsKey(rID) == false);
if (matachedRoleIDs.Count > 0)
{
InSqlClauseBuilder matrixRoleBuilder = new InSqlClauseBuilder("ID");
matrixRoleBuilder.AppendItem(matachedRoleIDs.ToArray());
SchemaObjectCollection rolesInMatrix = SchemaObjectAdapter.Instance.Load(matrixRoleBuilder, DateTime.MinValue);
rolesInMatrix.ForEach(rMatrix => roles.AddNotExistsItem(rMatrix, (r) => string.Compare(r.ID, rMatrix.ID, true) == 0));
}
}
DataSet ds = new DataSet();
ds.Tables.Add(QueryHelper.GetAppObjectTableBuilder(schemaTypes).Convert(roles));
return(ds);
}
/// <summary>
/// 查询指定人员,在指定应用具有的权限(功能)
/// </summary>
/// <param name="userValue">用户身份标识(由userValueType参数指定类型)</param>
/// <param name="appCodeName">应用的英文标识</param>
/// <param name="userValueType">用户身份标识类型(UserValueType.LogonName:登录名, UserValueType.AllPath:全路径)</param>
/// <param name="rightMask">权限类型</param>
/// <returns></returns>
public static DataSet GetUserPermissions(string userValue, string appCodeName, UserValueType userValueType, RightMaskType rightMask)
{
return GetUserPermissions(userValue, appCodeName, userValueType, rightMask, DelegationMaskType.All);
}
/// <summary>
/// 查询指定应用中,指定类别的所有功能
/// </summary>
/// <param name="appCodeName">应用的英文标识</param>
/// <param name="rightMask">权限类型</param>
/// <returns></returns>
public static DataSet GetFunctions(string appCodeName, RightMaskType rightMask)
{
string cacheKey = InnerCacheHelper.BuildCacheKey(appCodeName, rightMask);
DataSet result;
//if (false == GetFunctionsQueue.Instance.TryGetValue(cacheKey, out result))
//{
// lock (typeof(GetFunctionsQueue))//.CacheQueueSync)
// {
if (false == GetFunctionsQueue.Instance.TryGetValue(cacheKey, out result))
{
string strSql = GetFunctions_SqlStr(appCodeName, rightMask);
strSql += "\n ORDER BY F.CLASSIFY DESC, F.SORT_ID";
result = OGUCommonDefine.ExecuteDataset(strSql);
GetFunctionsQueue.Instance.Add(cacheKey, result, InnerCacheHelper.PrepareDependency());
}
// }
//}
return result;
}
public System.Data.DataSet GetUserPermissions2(string userValue, string appCodeName, UserValueType userValueType, RightMaskType rightMask, DelegationMaskType delegationMask, bool includeMatrixUsers)
{
object[] results = this.Invoke("GetUserPermissions2", new object[] {
userValue,
appCodeName,
userValueType,
rightMask,
delegationMask,
includeMatrixUsers
});
return((System.Data.DataSet)(results[0]));
}
//2009-6-11修改人员角色信息入口,返回dataset结果,子方法为拼sql语句
/// <summary>
/// 查询指定用户,在指定应用中所拥有的角色
/// </summary>
/// <param name="userID"></param>
/// <param name="appCodeName"></param>
/// <param name="userAllPath"></param>
/// <param name="rightMask"></param>
/// <param name="delegationMask"></param>
/// <param name="roleCodeNames">角色范围限定,由角色的code_name串表示</param>
/// <returns></returns>
private static DataSet GetUserRoles(string userID,
string userAllPath,
string appCodeName,
RightMaskType rightMask,
DelegationMaskType delegationMask,
string roleCodeNames)
{
//沈峥优化,根据OA常用情况,去掉了Deligate的判断,如果appCodeName为空,走优化分支
DataSet result = null;
if (string.IsNullOrEmpty(userAllPath))
result = ExtSecurityCheck.GetUserAppRoles(userID, appCodeName, RightMaskType.All);
else
{
string strSql = string.Empty;
if (appCodeName != string.Empty)
strSql = GetUserRoles_SqlStr(userID, userAllPath, appCodeName, rightMask, delegationMask, roleCodeNames);
if (strSql != string.Empty)
strSql += "\n ORDER BY R.CLASSIFY DESC, R.SORT_ID";
else
strSql = @"
SELECT R.ID, R.APP_ID, R.NAME, R.CODE_NAME, R.DESCRIPTION, R.CLASSIFY, R.SORT_ID, R.ALLOW_DELEGATE, R.INHERITED
FROM ROLES R
WHERE 1>1";
result = OGUCommonDefine.ExecuteDataset(strSql);
}
return result;
}
public DataSet GetUserPermissions2(string userValue, string appCodeName, UserValueType userValueType, RightMaskType rightMask, DelegationMaskType delegationMask, bool includeMatrixUsers)
{
string[] schemaTypes = SchemaInfo.FilterByCategory("Roles").ToSchemaNames();
string[] userIDs = OGUReaderService.SplitObjectValues(userValue);
SCObjectAndRelationCollection users = OGUReaderService.GetSearchAdapter(GetSearchOUIDType(userValueType), SchemaInfo.FilterByCategory("Users").ToSchemaNames(), userIDs, false).QueryObjectsAndRelations();
SchemaObjectCollection permissions = SCSnapshotAdapter.Instance.QueryUserBelongToPermissions(schemaTypes, appCodeName, users.ToIDArray(), false, DateTime.MinValue);
if (includeMatrixUsers)
{
string[] permissionTypes = SchemaInfo.FilterByCategory("Permissions").ToSchemaNames();
List <string> roleIDsInMatrix = GetUserRoleIDsInMatrix(users.ToIDArray(), appCodeName);
SCObjectAndRelationCollection permissionsInMatrixRelation = SCSnapshotAdapter.Instance.QueryObjectAndRelationByParentIDs(permissionTypes, roleIDsInMatrix.ToArray(), false, true, false, DateTime.MinValue);
InSqlClauseBuilder inBuilder = new InSqlClauseBuilder("ID");
List <string> permissionInMatrixIDs = new List <string>();
foreach (SCObjectAndRelation pim in permissionsInMatrixRelation)
{
if (permissions.ContainsKey(pim.ID) == false)
{
inBuilder.AppendItem(pim.ID);
}
}
if (inBuilder.IsEmpty == false)
{
SchemaObjectCollection permissionsInMatrix = SchemaObjectAdapter.Instance.Load(inBuilder, DateTime.MinValue);
permissions.CopyFrom(permissionsInMatrix);
}
}
DataSet ds = new DataSet();
ds.Tables.Add(QueryHelper.GetAppObjectTableBuilder(schemaTypes).Convert(permissions));
return(ds);
}
public System.Data.DataSet GetUserApplications(string userValue, UserValueType userValueType, RightMaskType rightMask, DelegationMaskType delegationMask)
{
object[] results = this.Invoke("GetUserApplications", new object[] {
userValue,
userValueType,
rightMask,
delegationMask
});
return((System.Data.DataSet)(results[0]));
}
/// <summary>
/// 查询指定用户,在指定应用中所拥有的角色
/// </summary>
/// <param name="userValue">用户身份标识(由userValueType参数指定类型)</param>
/// <param name="appCodeName">应用的英文标识</param>
/// <param name="userValueType">用户身份标识类型(UserValueType.LogonName:登录名, UserValueType.AllPath:全路径)</param>
/// <param name="rightMask">权限类型</param>
/// <param name="delegationMask">委派类型</param>
/// <returns></returns>
public static DataSet GetUserRoles(string userValue,
string appCodeName,
UserValueType userValueType,
RightMaskType rightMask,
DelegationMaskType delegationMask)
{
string cacheKey = InnerCacheHelper.BuildCacheKey(userValue, appCodeName, userValueType, rightMask, delegationMask);
DataSet result;
if (false == GetUserRolesQueue.Instance.TryGetValue(cacheKey, out result))
{
using (DbContext context = DbContext.GetContext(CommonResource.AppConnAlias))
{
string strUserIDs = GetUserGuids(userValue, userValueType);
if (userValueType == UserValueType.AllPath)
{
result = GetUserRoles(strUserIDs, userValue, appCodeName, rightMask, delegationMask);
}
else
{
result = GetUserRoles(strUserIDs, string.Empty, appCodeName, rightMask, delegationMask);
}
}
GetUserRolesQueue.Instance.Add(cacheKey, result, InnerCacheHelper.PrepareDependency());
}
// }
//}
return result;
}
/// <remarks/>
public System.IAsyncResult BeginGetUserApplications(string userValue, UserValueType userValueType, RightMaskType rightMask, DelegationMaskType delegationMask, System.AsyncCallback callback, object asyncState)
{
return(this.BeginInvoke("GetUserApplications", new object[] {
userValue,
userValueType,
rightMask,
delegationMask
}, callback, asyncState));
}
//生成语句:查询指定人员的应用角色信息
private static string GetUserApplications_SqlStr(string userID, string userAllPath, RightMaskType rightMask, DelegationMaskType delegationMask)
{
//modified by yangrui 2005.1
string strSql = GetUserRoles_SqlStr(userID, userAllPath, String.Empty, rightMask, delegationMask, string.Empty);
if (strSql != string.Empty)
{
strSql = string.Format(@"
SELECT DISTINCT A.ID, A.NAME, A.CODE_NAME, A.DESCRIPTION, A.SORT_ID, A.RESOURCE_LEVEL, A.CHILDREN_COUNT, A.ADD_SUBAPP, A.USE_SCOPE, A.INHERITED_STATE
FROM APPLICATIONS A
WHERE ID IN (SELECT APP_ID FROM ({0}) AS T1)", strSql);
}
else
{
strSql = @"
SELECT A.ID, A.NAME, A.CODE_NAME, A.DESCRIPTION, A.SORT_ID, A.RESOURCE_LEVEL, A.CHILDREN_COUNT, A.ADD_SUBAPP, A.USE_SCOPE, A.INHERITED_STATE
FROM APPLICATIONS A
WHERE 1>1";
}
return strSql;
}
/// <summary>
/// 生成语句:查询指定应用中,指定类别的所有角色
/// </summary>
/// <param name="appCodeName"></param>
/// <param name="rightMask"></param>
/// <returns></returns>
private static string GetRoles_SqlStr(string appCodeName, RightMaskType rightMask)
{
string strSql = @"
SELECT R.ID, R.APP_ID, R.NAME, R.CODE_NAME, R.DESCRIPTION, R.CLASSIFY, R.SORT_ID, R.ALLOW_DELEGATE, R.INHERITED
FROM ROLES R, APPLICATIONS A
WHERE R.APP_ID = A.ID
AND A.CODE_NAME = {0}
";
strSql = string.Format(strSql, TSqlBuilder.Instance.CheckQuotationMark(appCodeName, true));
ExceptionHelper.TrueThrow<ApplicationException>((rightMask & RightMaskType.All) == RightMaskType.None,
"请正确设定要查询的角色类型!");
string strTypeCondition = string.Empty;
rightMask = rightMask & RightMaskType.All;
switch (rightMask)
{
case RightMaskType.Self:
strTypeCondition = " AND R.CLASSIFY = 'y'";
break;
case RightMaskType.App:
strTypeCondition = " AND R.CLASSIFY = 'n'";
break;
case RightMaskType.All:
strTypeCondition = "";
break;
}
return strSql + strTypeCondition;
}
//查询指定人员的应用角色信息
private static DataSet GetUserApplicationsForDelegation(string userID, string userAllPath, RightMaskType rightMask)
{
string strSql = GetUserApplicationsForDelegation_SqlStr(userID, userAllPath, rightMask);
strSql += "\n ORDER BY RESOURCE_LEVEL, SORT_ID";
return OGUCommonDefine.ExecuteDataset(strSql);
}
//生成语句:查询指定人员的应用角色信息
private static string GetUserApplicationsForDelegation_SqlStr(string userID, string userAllPath, RightMaskType rightMask)
{
//得到用户所有应用所在的表达式
string strSql = GetUserExpressionIDs_SqlStr2(userID, userAllPath, string.Empty, rightMask, string.Empty);
string expIDs = string.Empty;
if (strSql != string.Empty)
{
DataTable expDT = OGUCommonDefine.ExecuteDataset(strSql).Tables[0];
expIDs = GetColumnValue(expDT, "ID");
}
strSql = string.Format(@"
SELECT DISTINCT A.ID, A.NAME, A.CODE_NAME, A.DESCRIPTION, A.SORT_ID, A.RESOURCE_LEVEL, A.CHILDREN_COUNT, A.ADD_SUBAPP, A.USE_SCOPE, A.INHERITED_STATE
FROM APPLICATIONS A
WHERE ID IN (SELECT APP_ID FROM ROLES WHERE ALLOW_DELEGATE = 'y' AND ID IN (SELECT ROLE_ID FROM EXPRESSIONS WHERE ID IN ({0})) )",
OGUCommonDefine.AddMulitStrWithQuotationMark(expIDs));
return strSql;
}
public System.Data.DataSet GetUserAllowDelegteRoles(string userValue, string appCodeName, UserValueType userValueType, RightMaskType rightMask)
{
object[] results = this.Invoke("GetUserAllowDelegteRoles", new object[] {
userValue,
appCodeName,
userValueType,
rightMask
});
return((System.Data.DataSet)(results[0]));
}
public DataSet GetFunctions(string appCodeName, RightMaskType rightMask)
{
return SecurityCheck.GetFunctions(appCodeName, rightMask);
}
