// // 授予授权范围的实现部分 // #region private string GrantOrganize(BasePermissionScopeManager permissionScopeManager, string id, string roleId, string grantOrganizeId) 为了提高授权的运行速度 /// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="permissionScopeManager">权限域读写器</param> /// <param name="Id">主键</param> /// <param name="roleId">员工主键</param> /// <param name="grantOrganizeId">权限主键</param> /// <returns>主键</returns> private string GrantOrganize(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string grantOrganizeId) { string returnValue = string.Empty; List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, grantOrganizeId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode))); // Nick Deng 优化数据权限设置,没有权限和其他任意一种权限互斥 // 即当没有权限时,该角色对应该数据权限的其他权限都应删除 // 当该角色拥有对应该数据权限的其他权限时,删除该角色的没有权限的权限 BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity(); DataTable dt = new DataTable(); if (!this.Exists(parameters)) { resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode)); resourcePermissionScopeEntity.ResourceCategory = BaseRoleEntity.TableName; resourcePermissionScopeEntity.ResourceId = roleId; resourcePermissionScopeEntity.TargetCategory = BaseOrganizeEntity.TableName; resourcePermissionScopeEntity.TargetId = grantOrganizeId; resourcePermissionScopeEntity.Enabled = 1; resourcePermissionScopeEntity.DeletionStateCode = 0; returnValue = permissionScopeManager.Add(resourcePermissionScopeEntity); if (grantOrganizeId != ((int)PermissionScope.None).ToString()) { parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, ((int)PermissionScope.None).ToString())); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode))); if (this.Exists(parameters)) { dt = permissionScopeManager.GetDataTable(parameters); if (dt != null && dt.Rows.Count > 0) { permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString()); } } } else { parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode))); dt = permissionScopeManager.GetDataTable(parameters); for (int i = 0; i < dt.Rows.Count; i++) { if (dt.Rows[i]["TargetId"].ToString() != ((int)PermissionScope.None).ToString()) { permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString()); } } } } return(returnValue); }
/// <summary> /// 获取用户的件约束表达式 /// </summary> /// <param name="userInfo">用户</param> /// <param name="tableName">表名</param> /// <returns>主键</returns> public string GetUserConstraint(string tableName, string permissionCode = "Resource.AccessPermission") { string returnValue = string.Empty; // 这里是获取用户的条件表达式 // 1: 首先用户在哪些角色里是有效的? // 2: 这些角色都有哪些哪些条件约束? // 3: 组合约束条件? // 4:用户本身的约束条件? string permissionId = string.Empty; BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.UserInfo); permissionId = permissionItemManager.GetIdByAdd(permissionCode); BaseUserManager manager = new BaseUserManager(this.DbHelper, this.UserInfo); string[] roleIds = manager.GetAllRoleIds(UserInfo.Id); if (roleIds == null || roleIds.Length == 0) { return returnValue; } BasePermissionScopeManager scopeManager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo); List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>(); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleIds)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, "Table")); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, tableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, permissionId)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldEnabled, 1)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0)); DataTable dtPermissionScope = scopeManager.GetDataTable(parameters); string permissionConstraint = string.Empty; foreach (DataRow dataRow in dtPermissionScope.Rows) { permissionConstraint = dataRow[BasePermissionScopeEntity.FieldPermissionConstraint].ToString(); permissionConstraint = permissionConstraint.Trim(); if (!string.IsNullOrEmpty(permissionConstraint)) { returnValue += " AND " + permissionConstraint; } } if (!string.IsNullOrEmpty(returnValue)) { returnValue = returnValue.Substring(5); // 解析替换约束表达式标准函数 returnValue = ConstraintUtil.PrepareParameter(this.UserInfo, returnValue); } return returnValue; }
/// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="permissionScopeManager">权限域读写器</param> /// <param name="Id">主键</param> /// <param name="roleId">员工主键</param> /// <param name="grantOrganizeId">权限主键</param> /// <returns>主键</returns> private string GrantOrganize(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string grantOrganizeId) { string returnValue = string.Empty; List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>(); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleId)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, grantOrganizeId)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode))); // Nick Deng 优化数据权限设置,没有权限和其他任意一种权限互斥 // 即当没有权限时,该角色对应该数据权限的其他权限都应删除 // 当该角色拥有对应该数据权限的其他权限时,删除该角色的没有权限的权限 BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity(); DataTable dt = new DataTable(); if (!this.Exists(parameters)) { resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode)); resourcePermissionScopeEntity.ResourceCategory = BaseRoleEntity.TableName; resourcePermissionScopeEntity.ResourceId = roleId; resourcePermissionScopeEntity.TargetCategory = BaseOrganizeEntity.TableName; resourcePermissionScopeEntity.TargetId = grantOrganizeId; resourcePermissionScopeEntity.Enabled = 1; resourcePermissionScopeEntity.DeletionStateCode = 0; returnValue = permissionScopeManager.Add(resourcePermissionScopeEntity); if (grantOrganizeId != ((int)PermissionScope.None).ToString()) { parameters = new List<KeyValuePair<string, object>>(); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleId)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, ((int)PermissionScope.None).ToString())); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode))); if (this.Exists(parameters)) { dt = permissionScopeManager.GetDataTable(parameters); if (dt != null && dt.Rows.Count > 0) { permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString()); } } } else { parameters = new List<KeyValuePair<string, object>>(); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleId)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode))); dt = permissionScopeManager.GetDataTable(parameters); for (int i = 0; i < dt.Rows.Count; i++) { if (dt.Rows[i]["TargetId"].ToString() != ((int)PermissionScope.None).ToString()) permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString()); } } } return returnValue; }
public BasePermissionScopeEntity GetConstraintEntity(string resourceCategory, string resourceId, string tableName, string permissionCode = "Resource.AccessPermission") { BasePermissionScopeEntity entity = null; string permissionId = string.Empty; BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.UserInfo); permissionId = permissionItemManager.GetIdByAdd(permissionCode); List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>(); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, resourceCategory)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, resourceId)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, "Table")); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, tableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, permissionId)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0)); // 1:先获取是否有这样的主键,若有进行更新操作。 BasePermissionScopeManager manager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo); DataTable dt = manager.GetDataTable(parameters); if (dt.Rows.Count > 0) { entity = new BasePermissionScopeEntity(dt); } return entity; }