/// <summary>
/// 缓存预热,强制重新缓存
/// 2016-02-26 每个角色的权限也进行缓存起来
/// </summary>
/// <param name="systemCode">系统编号</param>
/// <returns>影响行数</returns>
public static int CachePreheating(string systemCode)
{
int result = 0;
// 把所有的组织机构都缓存起来的代码
BaseRoleManager manager = new BaseRoleManager();
manager.CurrentTableName = systemCode + "Role";
using (IDataReader dataReader = manager.ExecuteReader())
{
while (dataReader.Read())
{
BaseRoleEntity entity = BaseEntity.Create <BaseRoleEntity>(dataReader, false);
if (entity != null)
{
// 设置角色本身的缓存
BaseRoleManager.SetCache(systemCode, entity);
// 重置权限缓存数据
BaseRolePermissionManager.ResetPermissionByCache(systemCode, entity.Id);
result++;
System.Console.WriteLine(result.ToString() + " : " + entity.RealName);
}
}
dataReader.Close();
}
return(result);
}
public static bool CheckPermissionByRoleByCache(string systemCode, string roleId, string permissionCode)
{
string permissionId = string.Empty;
permissionId = BaseModuleManager.GetIdByCodeByCache(systemCode, permissionCode);
// 没有找到相应的权限
if (String.IsNullOrEmpty(permissionId))
{
return(false);
}
string[] permissionIds = BaseRolePermissionManager.GetPermissionIdsByCache(systemCode, new string[] { roleId });
return(Array.IndexOf(permissionIds, permissionId) >= 0);
}
/// <summary>
/// 获取角色权限主键数组
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleId">角色主键</param>
/// <returns>主键数组</returns>
public string[] GetRolePermissionIds(BaseUserInfo userInfo, string roleId)
{
string[] result = null;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
var manager = new BaseRolePermissionManager(dbHelper, userInfo);
result = manager.GetPermissionIds(userInfo.SystemCode, roleId);
});
return(result);
}
public static int RefreshCache(string systemCode)
{
int result = 0;
List <BaseRoleEntity> list = BaseRoleManager.GetEntitiesByCache(systemCode, true);
foreach (var entity in list)
{
// 2016-02-29 吉日嘎拉 强制刷新缓存
BaseRoleEntity roleEntity = BaseRoleManager.GetObjectByCache(systemCode, entity.Id, true);
if (roleEntity != null)
{
BaseRolePermissionManager.ResetPermissionByCache(systemCode, entity.Id);
}
}
return(result);
}
public static int RefreshCache(string systemCode, string roleId)
{
int result = 0;
// 2016-02-29 吉日嘎拉 强制刷新缓存
BaseRoleEntity roleEntity = BaseRoleManager.GetObjectByCache(systemCode, roleId, true);
if (roleEntity != null)
{
string[] systemCodes = BaseSystemManager.GetSystemCodes();
for (int i = 0; i < systemCodes.Length; i++)
{
BaseRolePermissionManager.ResetPermissionByCache(systemCodes[i], roleId);
}
}
return(result);
}
/// <summary>
/// 撤消角色的权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleId">角色主键</param>
/// <param name="revokePermissionId">撤消权限数组</param>
/// <returns>影响的行数</returns>
public int RevokeRolePermissionById(BaseUserInfo userInfo, string roleId, string revokePermissionId)
{
int result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var manager = new BaseRolePermissionManager(dbHelper, userInfo);
// 小心异常,检查一下参数的有效性
if (revokePermissionId != null)
{
result += manager.Revoke(userInfo.SystemCode, roleId, revokePermissionId);
}
});
return(result);
}
/// <summary>
/// 授予角色的权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleId">角色主键</param>
/// <param name="grantPermissionId">授予权限数组</param>
/// <returns>数据主键</returns>
public string GrantRolePermissionById(BaseUserInfo userInfo, string roleId, string grantPermissionId)
{
string result = string.Empty;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
var manager = new BaseRolePermissionManager(dbHelper, userInfo);
// 小心异常,检查一下参数的有效性
if (grantPermissionId != null)
{
result = manager.Grant(userInfo.SystemCode, roleId, grantPermissionId);
}
});
return(result);
}
/// <summary>
/// 撤销角色权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleName">角色名</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>主键</returns>
public int RevokeRolePermission(BaseUserInfo userInfo, string roleName, string permissionCode)
{
int result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
string roleId = BaseRoleManager.GetIdByNameByCache(userInfo.SystemCode, roleName);
string permissionId = BaseModuleManager.GetIdByCodeByCache(userInfo.SystemCode, permissionCode);
if (!String.IsNullOrEmpty(roleId) && !String.IsNullOrEmpty(permissionId))
{
var rolePermissionManager = new BaseRolePermissionManager(dbHelper, userInfo);
result = rolePermissionManager.Revoke(userInfo.SystemCode, roleId, permissionId);
}
});
return(result);
}
/// <summary>
/// 撤消角色的权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleIds">角色主键数组</param>
/// <param name="grantPermissionIds">授予权限数组</param>
/// <param name="revokePermissionIds">撤消权限数组</param>
/// <returns>影响的行数</returns>
public int RevokeRolePermissions(BaseUserInfo userInfo, string[] roleIds, string[] revokePermissionIds)
{
int result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
string tableName = userInfo.SystemCode + "Permission";
var manager = new BaseRolePermissionManager(dbHelper, userInfo, tableName);
// 小心异常,检查一下参数的有效性
if (roleIds != null && revokePermissionIds != null)
{
result += manager.Revoke(userInfo.SystemCode, roleIds, revokePermissionIds);
}
});
return(result);
}
/// <summary>
/// 清除角色权限
///
/// 1.清除角色的用户归属。
/// 2.清除角色的模块权限。
/// 3.清除角色的操作权限。
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="id">主键</param>
/// <returns>数据表</returns>
public int ClearRolePermission(BaseUserInfo userInfo, string id)
{
int result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var userManager = new BaseUserManager(dbHelper, userInfo);
result += userManager.ClearUser(userInfo.SystemCode, id);
var rolePermissionManager = new BaseRolePermissionManager(dbHelper, userInfo);
result += rolePermissionManager.RevokeAll(userInfo.SystemCode, id);
var roleScopeManager = new BaseRoleScopeManager(dbHelper, userInfo);
result += roleScopeManager.RevokeAll(userInfo.SystemCode, id);
});
return(result);
}
/// <summary>
/// 撤销角色权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleName">角色名</param>
/// <param name="permissionItemCode">权限编号</param>
/// <returns>主键</returns>
public int RevokeRolePermission(BaseUserInfo userInfo, string roleName, string permissionItemCode)
{
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
int returnValue = 0;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
BaseRoleManager roleManager = new BaseRoleManager(dbHelper, userInfo);
string roleId = roleManager.GetId(new KeyValuePair <string, object>(BaseRoleEntity.FieldRealName, roleName));
BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo);
string permissionItemId = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode));
if (!String.IsNullOrEmpty(roleId) && !String.IsNullOrEmpty(permissionItemId))
{
BaseRolePermissionManager rolePermissionManager = new BaseRolePermissionManager(dbHelper, userInfo);
returnValue = rolePermissionManager.Revoke(roleId, permissionItemId);
}
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
return(returnValue);
}
/// <summary>
/// 多个角色,都有啥权限?单个角色都有啥权限的循环获取?
/// </summary>
/// <param name="systemCode">系统编号</param>
/// <param name="roleIds">角色主键数组</param>
/// <returns>权限数组</returns>
public static string[] GetPermissionIdsByCache(string systemCode, string[] roleIds)
{
string[] result = null;
string key = string.Empty;
string roleId = string.Empty;
BaseRolePermissionManager rolePermissionManager = null;
string[] permissionIds = null;
using (var readOnlyRedisClient = PooledRedisHelper.GetPermissionReadOnlyClient())
{
for (int i = 0; i < roleIds.Length; i++)
{
// 2016-02-26 吉日嘎拉 若是角色是空的,跳出循环,没必要查了,提高效率
roleId = roleIds[i];
if (string.IsNullOrEmpty(roleId))
{
continue;
}
key = "Permission:" + systemCode + ":Role:" + roleId;
List <string> items = null;
HashSet <string> setItems = readOnlyRedisClient.GetAllItemsFromSet(key);
if (setItems.Count == 0)
{
if (rolePermissionManager == null)
{
rolePermissionManager = new Business.BaseRolePermissionManager();
}
permissionIds = rolePermissionManager.GetPermissionIds(systemCode, roleId);
if (permissionIds != null)
{
if (permissionIds.Length > 0)
{
items = new List <string>(permissionIds);
}
else
{
// 2016-02-26 吉日嘎拉 这里是为了防止重复读取,数据库被拖、效率低
items = new List <string>(new string[] { string.Empty });
}
#if ReadOnlyRedis
using (var redisClient = PooledRedisHelper.GetClient())
{
// 2016-02-26 吉日嘎拉 角色权限一般发生变更时,需要有一定的即时性、所以不能缓存太长时间,宁可再次读取一下数据库
redisClient.AddRangeToSet(key, items);
redisClient.ExpireEntryAt(key, DateTime.Now.AddMinutes(20));
}
#else
readOnlyRedisClient.AddRangeToSet(key, items);
readOnlyRedisClient.ExpireEntryAt(key, DateTime.Now.AddMinutes(20));
#endif
}
}
else
{
permissionIds = setItems.ToArray();
}
result = StringUtil.Concat(result, permissionIds);
}
}
return(result);
}
/// <summary>
/// 获取用户的权限主键数组
/// </summary>
/// <param name="systemCode">系统编号</param>
/// <param name="userId">用户主键</param>
/// <param name="companyId">公司主键</param>
/// <param name="useBaseRole">使用基础角色权限</param>
/// <returns>拥有权限数组</returns>
public static string[] GetPermissionIdsByUserByCache(string systemCode, string userId, string companyId = null, bool containPublic = true, bool useBaseRole = false)
{
// 公开的操作权限需要计算
string[] result = null;
int errorMark = 0;
string tableName = BaseModuleEntity.TableName;
if (string.IsNullOrWhiteSpace(systemCode))
{
systemCode = "Base";
}
// 就不需要参合基础的角色了
if (systemCode.Equals("Base"))
{
useBaseRole = false;
}
tableName = systemCode + "Module";
try
{
errorMark = 1;
// 01: 把公开的部分获取出来(把公开的主键数组从缓存里获取出来,减少数据库的读取次数)
if (containPublic)
{
List <BaseModuleEntity> moduleEntities = BaseModuleManager.GetEntitiesByCache(systemCode);
if (moduleEntities != null)
{
result = moduleEntities.Where((t => t.IsPublic == 1 && t.Enabled == 1 && t.DeletionStateCode == 0)).Select(t => t.Id.ToString()).ToArray();
}
}
// 02: 获取用户本身拥有的权限
string[] userPermissionIds = BaseUserPermissionManager.GetPermissionIdsByCache(systemCode, userId);
result = StringUtil.Concat(result, userPermissionIds);
// 03: 用户角色的操作权限
// 用户都在哪些角色里?通过缓存读取?没有角色的,没必要进行运算了
string[] roleIds = BaseUserManager.GetRoleIdsByCache(systemCode, userId, companyId);
if (useBaseRole && !systemCode.Equals("Base", StringComparison.OrdinalIgnoreCase))
{
string[] baseRoleIds = BaseUserManager.GetRoleIdsByCache("Base", userId, companyId);
if (baseRoleIds != null && baseRoleIds.Length > 0)
{
roleIds = StringUtil.Concat(roleIds, baseRoleIds);
}
}
if (roleIds != null && roleIds.Length > 0)
{
string[] userRolePermissionIds = BaseRolePermissionManager.GetPermissionIdsByCache(systemCode, roleIds);
result = StringUtil.Concat(result, userRolePermissionIds);
}
// 04: 按部门(组织机构)获取权限项
if (BaseSystemInfo.UseOrganizePermission && !string.IsNullOrEmpty(companyId))
{
// 2016-02-26 吉日嘎拉,公司权限进行优化简化
string[] organizePermission = BaseOrganizePermissionManager.GetPermissionIdsByCache(systemCode, companyId);
result = StringUtil.Concat(result, organizePermission);
}
}
catch (System.Exception ex)
{
string writeMessage = "BasePermissionManager.GetPermissionIdsByUser:发生时间:" + DateTime.Now
+ System.Environment.NewLine + "errorMark = " + errorMark.ToString()
+ System.Environment.NewLine + "Message:" + ex.Message
+ System.Environment.NewLine + "Source:" + ex.Source
+ System.Environment.NewLine + "StackTrace:" + ex.StackTrace
+ System.Environment.NewLine + "TargetSite:" + ex.TargetSite
+ System.Environment.NewLine;
FileUtil.WriteMessage(writeMessage, BaseSystemInfo.StartupPath + "//Exception//Exception" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
return(result);
}
