/// <summary>
/// 某个用户是否对某个模块Url有访问权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <param name="moduleUrl">模块Url</param>
/// <returns>是否有权限</returns>
public bool IsUrlAuthorizedByUser(BaseUserInfo userInfo, string userId, string moduleUrl)
{
var result = false;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
// 是否超级管理员
// 是超级管理员,就不用继续判断权限了
var userEntity = BaseUserManager.GetEntityByCache(userId);
if (userEntity != null)
{
result = BaseUserManager.IsAdministrator(userId);
if (!result)
{
var tableName = userInfo.SystemCode + "Module";
var moduleManager = new BaseModuleManager(dbHelper, userInfo, tableName);
List <BaseModuleEntity> entityList = null;
// moduleManager.GetList(userId);
// 这里需要改进,只读到第一个就可以返回了,没必要全部列表都计算一边
var count = entityList.Count(entity => !string.IsNullOrEmpty(entity.NavigateUrl) &&
(entity.NavigateUrl.Equals(moduleUrl, StringComparison.OrdinalIgnoreCase) || moduleUrl.StartsWith(entity.NavigateUrl)));
result = count > 0;
}
}
});
return(result);
}
/// <summary>
/// 获取用户实体
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="id">主键</param>
/// <returns>实体</returns>
public BaseUserEntity GetEntityByCache(BaseUserInfo userInfo, string id)
{
BaseUserEntity entity = null;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
// var userManager = new BaseUserManager(dbHelper, userInfo);
// 判断是否已经登录的用户?
// if (userManager.UserIsLogon(userInfo))
// {
entity = BaseUserManager.GetEntityByCache(id);
// }
});
return(entity);
}
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="systemCode">系统编号</param>
/// <param name="userId">用户主键</param>
/// <param name="permissionId">权限主键</param>
/// <param name="chekExists">判断是否存在</param>
/// <returns>主键</returns>
public string GrantUser(string systemCode, string userId, string permissionId, bool chekExists = true)
{
var result = string.Empty;
if (!ValidateUtil.IsInt(userId) && string.IsNullOrEmpty(permissionId))
{
return(result);
}
CurrentTableName = systemCode + "Permission";
var currentId = string.Empty;
// 判断是否已经存在这个权限,若已经存在就不重复增加了
if (chekExists)
{
var whereParameters = new List <KeyValuePair <string, object> >
{
new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceCategory, BaseUserEntity.CurrentTableName),
new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceId, userId),
new KeyValuePair <string, object>(BasePermissionEntity.FieldPermissionId, permissionId)
};
currentId = GetId(whereParameters);
if (!string.IsNullOrEmpty(currentId))
{
var parameters = new List <KeyValuePair <string, object> >
{
new KeyValuePair <string, object>(BasePermissionEntity.FieldEnabled, 1),
new KeyValuePair <string, object>(BasePermissionEntity.FieldDeleted, 0),
new KeyValuePair <string, object>(BasePermissionEntity.FieldUpdateUserId, UserInfo.UserId),
new KeyValuePair <string, object>(BasePermissionEntity.FieldUpdateBy, UserInfo.RealName),
new KeyValuePair <string, object>(BasePermissionEntity.FieldUpdateTime, DateTime.Now)
};
// 更新状态,设置为有效、并取消删除,权限也不是天天变动的,所以可以更新一下
SetProperty(currentId, parameters);
result = currentId;
}
}
if (string.IsNullOrEmpty(currentId))
{
var permissionEntity = new BasePermissionEntity
{
ResourceCategory = BaseUserEntity.CurrentTableName,
ResourceId = userId.ToString(),
PermissionId = permissionId,
Enabled = 1
};
// 2015-07-03 吉日嘎拉 若是没有公司相关的信息,就把公司区分出来,每个公司可以看每个公司的数据
if (permissionEntity.CompanyId > 0)
{
var entity = BaseUserManager.GetEntityByCache(userId);
if (entity != null)
{
permissionEntity.CompanyId = entity.CompanyId;
permissionEntity.CompanyName = entity.CompanyName;
}
}
var permissionManager = new BasePermissionManager(DbHelper, UserInfo, CurrentTableName);
result = permissionManager.Add(permissionEntity, true, false);
}
// 2015-09-21 吉日嘎拉 这里增加变更日志
var tableName = systemCode + "UserPermission";
var sqlBuilder = new SqlBuilder(DbHelper);
sqlBuilder.BeginInsert(BaseChangeLogEntity.CurrentTableName);
sqlBuilder.SetValue(BaseChangeLogEntity.FieldTableName, tableName);
if (DbHelper.CurrentDbType == CurrentDbType.Oracle)
{
sqlBuilder.SetFormula(BaseChangeLogEntity.FieldId, BaseChangeLogEntity.CurrentTableName + "_SEQ.NEXTVAL");
}
sqlBuilder.SetValue(BaseChangeLogEntity.FieldRecordKey, userId);
sqlBuilder.SetValue(BaseChangeLogEntity.FieldColumnName, "授权");
sqlBuilder.SetValue(BaseChangeLogEntity.FieldColumnDescription, new BaseModuleManager().GetNameByCache(systemCode, permissionId));
sqlBuilder.SetValue(BaseChangeLogEntity.FieldOldValue, null);
sqlBuilder.SetValue(BaseChangeLogEntity.FieldNewValue, permissionId);
sqlBuilder.EndInsert();
return(result);
}
/// <summary>
/// 获取权限审核
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="startDate">开始日期</param>
/// <param name="endDate">结束日期</param>
/// <param name="companyId">公司主键</param>
/// <param name="userId">用户主键</param>
/// <param name="permissionId">权限主键</param>
/// <param name="recordCount">记录数</param>
/// <param name="pageNo">当前页</param>
/// <param name="pageSize">每页显示条数</param>
/// <returns>数据表</returns>
public DataTable PermissionMonitor(BaseUserInfo userInfo, DateTime startDate, DateTime endDate, string companyId, string userId, string permissionId, out int recordCount, int pageNo = 1, int pageSize = 20)
{
DataTable result = null;
recordCount = 0;
var myRecordCount = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
var condition = string.Empty;
var dbParameters = new List <KeyValuePair <string, object> >();
if (!string.IsNullOrEmpty(condition))
{
condition += " AND ";
}
condition += BasePermissionEntity.FieldCreateTime + " >= " + DbUtil.GetParameter(BaseSystemInfo.UserCenterDbType, "startDate");
dbParameters.Add(new KeyValuePair <string, object>("startDate", startDate));
if (!string.IsNullOrEmpty(condition))
{
condition += " AND ";
}
condition += BasePermissionEntity.FieldCreateTime + " <= " + DbUtil.GetParameter(BaseSystemInfo.UserCenterDbType, "endDate");
dbParameters.Add(new KeyValuePair <string, object>("endDate", endDate));
var tableName = BasePermissionEntity.CurrentTableName;
if (userInfo != null)
{
tableName = userInfo.SystemCode + "Permission";
}
myRecordCount = dbHelper.GetCount(tableName, condition, dbHelper.MakeParameters(dbParameters));
result = DbUtil.GetDataTableByPage(dbHelper, tableName, "*", pageNo, pageSize, condition, dbHelper.MakeParameters(dbParameters), BasePermissionEntity.FieldCreateTime + " DESC");
if (!result.Columns.Contains("ResourceCategoryName"))
{
result.Columns.Add("ResourceCategoryName".ToUpper());
}
if (!result.Columns.Contains("PermissionName"))
{
result.Columns.Add("PermissionName".ToUpper());
}
if (!result.Columns.Contains("PermissionCode"))
{
result.Columns.Add("PermissionCode".ToUpper());
}
if (!result.Columns.Contains("ResourceName"))
{
result.Columns.Add("ResourceName".ToUpper());
}
if (!result.Columns.Contains("CompanyName"))
{
result.Columns.Add("CompanyName".ToUpper());
}
foreach (DataRow dr in result.Rows)
{
var id = dr["PermissionId"].ToString();
var moduleEntity = new BaseModuleManager().GetEntityByCache(userInfo, id);
if (moduleEntity != null)
{
dr["PermissionName"] = moduleEntity.Name;
dr["PermissionCode"] = moduleEntity.Code;
}
if (dr["ResourceCategory"].ToString().Equals(BaseUserEntity.CurrentTableName))
{
id = dr["ResourceId"].ToString();
var userEntity = BaseUserManager.GetEntityByCache(id);
if (userEntity != null)
{
dr["ResourceName"] = userEntity.RealName;
dr["CompanyName"] = userEntity.CompanyName;
dr["ResourceCategoryName"] = "用户";
}
}
else if (dr["ResourceCategory"].ToString().Equals(BaseOrganizationEntity.CurrentTableName))
{
id = dr["ResourceId"].ToString();
var organizationEntity = BaseOrganizationManager.GetEntityByCache(id);
if (organizationEntity != null)
{
dr["ResourceName"] = organizationEntity.Name;
dr["ResourceCategoryName"] = "网点";
}
}
else if (dr["ResourceCategory"].ToString().Equals(BaseRoleEntity.CurrentTableName))
{
id = dr["ResourceId"].ToString();
var roleEntity = BaseRoleManager.GetEntityByCache(userInfo, id);
if (roleEntity != null)
{
dr["ResourceName"] = roleEntity.Name;
dr["ResourceCategoryName"] = "角色";
}
}
}
});
recordCount = myRecordCount;
return(result);
}