/// <summary>
/// 授予资源的权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="resourceCategory">资源分类</param>
/// <param name="resourceId">资源主键</param>
/// <param name="grantPermissionIds">权限主键</param>
/// <returns>影响的行数</returns>
public int GrantResourcePermission(BaseUserInfo userInfo, string resourceCategory, string resourceId, string[] grantPermissionIds)
{
var result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var manager = new BaseRoleScopeManager(dbHelper, userInfo);
// 小心异常,检查一下参数的有效性
if (grantPermissionIds != null)
{
var permissionManager = new BasePermissionManager(dbHelper, userInfo);
for (var i = 0; i < grantPermissionIds.Length; i++)
{
var resourcePermissionEntity = new BasePermissionEntity
{
ResourceCategory = resourceCategory,
ResourceId = resourceId,
PermissionId = grantPermissionIds[i],
Enabled = 1,
Deleted = 0
};
permissionManager.Add(resourcePermissionEntity);
result++;
}
}
});
return(result);
}
/// <summary>
/// 授予资源的权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="resourceCategory">资源分类</param>
/// <param name="resourceId">资源主键</param>
/// <param name="grantPermissionItemIds">权限主键</param>
/// <returns>影响的行数</returns>
public int GrantResourcePermission(BaseUserInfo userInfo, string resourceCategory, string resourceId, string[] grantPermissionItemIds)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
int returnValue = 0;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
BaseRoleScopeManager roleScopeManager = new BaseRoleScopeManager(dbHelper, userInfo);
// 小心异常,检查一下参数的有效性
if (grantPermissionItemIds != null)
{
BasePermissionManager permissionManager = new BasePermissionManager(dbHelper, userInfo);
for (int i = 0; i < grantPermissionItemIds.Length; i++)
{
BasePermissionEntity resourcePermissionEntity = new BasePermissionEntity();
resourcePermissionEntity.ResourceCategory = resourceCategory;
resourcePermissionEntity.ResourceId = resourceId;
resourcePermissionEntity.PermissionId = int.Parse(grantPermissionItemIds[i]);
resourcePermissionEntity.Enabled = 1;
resourcePermissionEntity.DeletionStateCode = 0;
permissionManager.Add(resourcePermissionEntity);
returnValue++;
}
}
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_GrantResourcePermission, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return(returnValue);
}
/// <summary>
/// 设置角色某个权限的组织机构范围
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleId">角色主键</param>
/// <param name="permissionOrganizationScope">组织机构范围</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>影响的行数</returns>
public string SetRoleOrganizationScope(BaseUserInfo userInfo, string roleId, PermissionOrganizationScope permissionOrganizationScope, string permissionCode)
{
var result = string.Empty;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var roleOrganizationScopeManager = new BaseRoleScopeManager(dbHelper, userInfo);
result = roleOrganizationScopeManager.SetRoleOrganizationScope(userInfo.SystemCode, roleId, permissionOrganizationScope, permissionCode, false);
});
return(result);
}
//////////////////////////////////////////////////////////////////////////////////////////////////////
/// 角色组织机构范围权限(省市县区域)关联相关
//////////////////////////////////////////////////////////////////////////////////////////////////////
/// <summary>
/// 获取角色的某个权限域的组织范围
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleId">角色主键</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>主键数组</returns>
public PermissionOrganizeScope GetRoleOrganizeScope(BaseUserInfo userInfo, string roleId, string permissionCode)
{
PermissionOrganizeScope result = PermissionOrganizeScope.OnlyOwnData;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
BaseRoleScopeManager roleOrganizeScopeManager = new BaseRoleScopeManager(dbHelper, userInfo);
bool containChild = false;
result = roleOrganizeScopeManager.GetRoleOrganizeScope(roleId, out containChild, permissionCode);
});
return(result);
}
/// <summary>
/// 获取用户模块权限范围主键数组
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleId">角色主键</param>
/// <param name="permissionCode">操作权限编号</param>
/// <returns>主键数组</returns>
public string[] GetRoleScopeModuleIds(BaseUserInfo userInfo, string roleId, string permissionCode)
{
string[] result = null;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var tableName = userInfo.SystemCode + "PermissionScope";
var manager = new BaseRoleScopeManager(dbHelper, userInfo, tableName);
result = manager.GetModuleIds(userInfo.SystemCode, roleId, permissionCode);
});
return(result);
}
/// <summary>
/// 清除角色权限范围
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleId">主键</param>
/// <returns>数据表</returns>
public int ClearRolePermissionScope(BaseUserInfo userInfo, string roleId, string permissionCode)
{
int result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
string tableName = userInfo.SystemCode + "PermissionScope";
var manager = new BaseRoleScopeManager(dbHelper, userInfo, tableName);
result = manager.ClearRolePermissionScope(roleId, permissionCode);
});
return(result);
}
/// <summary>
/// 授予角色的授权权限范围
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleId">角色主键</param>
/// <param name="revokePermissionIds">撤消的权限主键数组</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>影响的行数</returns>
public int RevokeRolePermissionScopes(BaseUserInfo userInfo, string roleId, string[] revokePermissionIds, string permissionCode)
{
var result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
// 小心异常,检查一下参数的有效性
if (revokePermissionIds != null)
{
var manager = new BaseRoleScopeManager(dbHelper, userInfo);
result += manager.RevokePermissions(userInfo.SystemCode, roleId, revokePermissionIds, permissionCode);
}
});
return(result);
}
/// <summary>
/// 授予用户模块的权限范围
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleId">角色主键</param>
/// <param name="grantModuleId">授予模块主键</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>影响的行数</returns>
public string GrantRoleModuleScope(BaseUserInfo userInfo, string roleId, string grantModuleId, string permissionCode)
{
var result = string.Empty;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var tableName = userInfo.SystemCode + "PermissionScope";
var manager = new BaseRoleScopeManager(dbHelper, userInfo, tableName);
// 小心异常,检查一下参数的有效性
if (grantModuleId != null)
{
result = manager.GrantModule(userInfo.SystemCode, roleId, grantModuleId, permissionCode);
}
});
return(result);
}
/// <summary>
/// 授予角色的某个权限域的组织范围
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleId">角色主键</param>
/// <param name="grantOrganizationIds">授予组织主键数组</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>影响的行数</returns>
public int GrantRoleOrganizationScopes(BaseUserInfo userInfo, string roleId, string[] grantOrganizationIds, string permissionCode)
{
var result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var tableName = userInfo.SystemCode + "PermissionScope";
var manager = new BaseRoleScopeManager(dbHelper, userInfo, tableName);
// 小心异常,检查一下参数的有效性
if (grantOrganizationIds != null)
{
result += manager.GrantOrganizations(userInfo.SystemCode, roleId, grantOrganizationIds, permissionCode);
}
});
return(result);
}
/// <summary>
/// 撤消用户模块的权限范围
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="roleId">角色主键</param>
/// <param name="revokeModuleId">撤消模块主键数组</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>影响的行数</returns>
public int RevokeRoleModuleScope(BaseUserInfo userInfo, string roleId, string revokeModuleId, string permissionCode)
{
int result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
string tableName = userInfo.SystemCode + "PermissionScope";
var manager = new BaseRoleScopeManager(dbHelper, userInfo, tableName);
// 小心异常,检查一下参数的有效性
if (revokeModuleId != null)
{
result += manager.RevokeModule(roleId, revokeModuleId, permissionCode);
}
});
return(result);
}
/// <summary>
/// 清除角色权限
///
/// 1.清除角色的用户归属。
/// 2.清除角色的模块权限。
/// 3.清除角色的操作权限。
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="id">主键</param>
/// <returns>数据表</returns>
public int ClearRolePermission(BaseUserInfo userInfo, string id)
{
var result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var userManager = new BaseUserManager(dbHelper, userInfo);
result += userManager.ClearUser(userInfo.SystemCode, id);
var rolePermissionManager = new BasePermissionManager(dbHelper, userInfo);
result += rolePermissionManager.RevokeRoleAll(userInfo.SystemCode, id);
var roleScopeManager = new BaseRoleScopeManager(dbHelper, userInfo);
result += roleScopeManager.RevokeAll(userInfo.SystemCode, id);
});
return(result);
}
