//
// 授予授权范围的实现部分
//
#region private string GrantUser(BasePermissionScopeManager permissionScopeManager, string id, string userId, string grantUserId) 为了提高授权的运行速度
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="userId">员工主键</param>
/// <param name="grantUserId">权限主键</param>
/// <returns>主键</returns>
private string GrantUser(BasePermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantUserId)
{
string returnValue = string.Empty;
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseUserEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, userId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseUserEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, grantUserId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
if (!this.Exists(parameters))
{
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
resourcePermissionScopeEntity.ResourceCategory = BaseUserEntity.TableName;
resourcePermissionScopeEntity.ResourceId = userId;
resourcePermissionScopeEntity.TargetCategory = BaseUserEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantUserId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
return(permissionScopeManager.Add(resourcePermissionScopeEntity));
}
return(returnValue);
}
//
// 授予授权范围的实现部分
//
#region private string GrantModule(BasePermissionScopeManager permissionScopeManager, string id, string organizeId, string grantModuleId) 为了提高授权的运行速度
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="organizeId">员工主键</param>
/// <param name="grantModuleId">权限主键</param>
/// <returns>主键</returns>
private string GrantModule(BasePermissionScopeManager permissionScopeManager, string organizeId, string permissionItemCode, string grantModuleId)
{
string returnValue = string.Empty;
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
resourcePermissionScopeEntity.ResourceCategory = BaseOrganizeEntity.TableName;
resourcePermissionScopeEntity.ResourceId = organizeId;
resourcePermissionScopeEntity.TargetCategory = BaseModuleEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantModuleId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
return(permissionScopeManager.Add(resourcePermissionScopeEntity));
}
//
// 授予授权范围的实现部分
//
#region private string GrantModule(BasePermissionScopeManager permissionScopeManager, string id, string userId, string grantModuleId) 为了提高授权的运行速度
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="userId">员工主键</param>
/// <param name="grantModuleId">权限主键</param>
/// <returns>主键</returns>
private string GrantModule(BasePermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantModuleId)
{
string returnValue = string.Empty;
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
string permissionId = this.GetIdByCode(permissionItemCode);
if (string.IsNullOrEmpty(permissionId))
{
return(string.Empty);
}
resourcePermissionScopeEntity.PermissionId = int.Parse(permissionId);
resourcePermissionScopeEntity.ResourceCategory = BaseUserEntity.TableName;
resourcePermissionScopeEntity.ResourceId = userId;
resourcePermissionScopeEntity.TargetCategory = BaseModuleEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantModuleId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
return(permissionScopeManager.Add(resourcePermissionScopeEntity));
}
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="roleId">员工主键</param>
/// <param name="grantPermissionId">权限主键</param>
/// <returns>主键</returns>
private string GrantPermissionItem(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string grantPermissionId)
{
string returnValue = string.Empty;
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
resourcePermissionScopeEntity.ResourceCategory = BaseRoleEntity.TableName;
resourcePermissionScopeEntity.ResourceId = roleId;
resourcePermissionScopeEntity.TargetCategory = BasePermissionItemEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantPermissionId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
return permissionScopeManager.Add(resourcePermissionScopeEntity);
}
//
// 授予授权范围的实现部分
//
#region private string GrantOrganize(BasePermissionScopeManager permissionScopeManager, string id, string roleId, string grantOrganizeId) 为了提高授权的运行速度
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="roleId">员工主键</param>
/// <param name="grantOrganizeId">权限主键</param>
/// <returns>主键</returns>
private string GrantOrganize(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string grantOrganizeId)
{
string returnValue = string.Empty;
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, grantOrganizeId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
// Nick Deng 优化数据权限设置,没有权限和其他任意一种权限互斥
// 即当没有权限时,该角色对应该数据权限的其他权限都应删除
// 当该角色拥有对应该数据权限的其他权限时,删除该角色的没有权限的权限
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
DataTable dt = new DataTable();
if (!this.Exists(parameters))
{
resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
resourcePermissionScopeEntity.ResourceCategory = BaseRoleEntity.TableName;
resourcePermissionScopeEntity.ResourceId = roleId;
resourcePermissionScopeEntity.TargetCategory = BaseOrganizeEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantOrganizeId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
returnValue = permissionScopeManager.Add(resourcePermissionScopeEntity);
if (grantOrganizeId != ((int)PermissionScope.None).ToString())
{
parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, ((int)PermissionScope.None).ToString()));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
if (this.Exists(parameters))
{
dt = permissionScopeManager.GetDataTable(parameters);
if (dt != null && dt.Rows.Count > 0)
{
permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString());
}
}
}
else
{
parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
dt = permissionScopeManager.GetDataTable(parameters);
for (int i = 0; i < dt.Rows.Count; i++)
{
if (dt.Rows[i]["TargetId"].ToString() != ((int)PermissionScope.None).ToString())
{
permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString());
}
}
}
}
return(returnValue);
}
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="userId">员工主键</param>
/// <param name="grantUserId">权限主键</param>
/// <returns>主键</returns>
private string GrantUser(BasePermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantUserId)
{
string returnValue = string.Empty;
List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseUserEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, userId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseUserEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, grantUserId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
if (!this.Exists(parameters))
{
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
resourcePermissionScopeEntity.ResourceCategory = BaseUserEntity.TableName;
resourcePermissionScopeEntity.ResourceId = userId;
resourcePermissionScopeEntity.TargetCategory = BaseUserEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantUserId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
return permissionScopeManager.Add(resourcePermissionScopeEntity);
}
return returnValue;
}
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="userId">员工主键</param>
/// <param name="grantModuleId">权限主键</param>
/// <returns>主键</returns>
private string GrantModule(BasePermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantModuleId)
{
string returnValue = string.Empty;
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
string permissionId = this.GetIdByCode(permissionItemCode);
if (string.IsNullOrEmpty(permissionId))
{
return string.Empty;
}
resourcePermissionScopeEntity.PermissionId = int.Parse(permissionId);
resourcePermissionScopeEntity.ResourceCategory = BaseUserEntity.TableName;
resourcePermissionScopeEntity.ResourceId = userId;
resourcePermissionScopeEntity.TargetCategory = BaseModuleEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantModuleId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
return permissionScopeManager.Add(resourcePermissionScopeEntity);
}
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="roleId">员工主键</param>
/// <param name="grantOrganizeId">权限主键</param>
/// <returns>主键</returns>
private string GrantOrganize(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string grantOrganizeId)
{
string returnValue = string.Empty;
List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, grantOrganizeId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
// Nick Deng 优化数据权限设置,没有权限和其他任意一种权限互斥
// 即当没有权限时,该角色对应该数据权限的其他权限都应删除
// 当该角色拥有对应该数据权限的其他权限时,删除该角色的没有权限的权限
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
DataTable dt = new DataTable();
if (!this.Exists(parameters))
{
resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
resourcePermissionScopeEntity.ResourceCategory = BaseRoleEntity.TableName;
resourcePermissionScopeEntity.ResourceId = roleId;
resourcePermissionScopeEntity.TargetCategory = BaseOrganizeEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantOrganizeId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
returnValue = permissionScopeManager.Add(resourcePermissionScopeEntity);
if (grantOrganizeId != ((int)PermissionScope.None).ToString())
{
parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, ((int)PermissionScope.None).ToString()));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
if (this.Exists(parameters))
{
dt = permissionScopeManager.GetDataTable(parameters);
if (dt != null && dt.Rows.Count > 0)
{
permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString());
}
}
}
else
{
parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
dt = permissionScopeManager.GetDataTable(parameters);
for (int i = 0; i < dt.Rows.Count; i++)
{
if (dt.Rows[i]["TargetId"].ToString() != ((int)PermissionScope.None).ToString())
permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString());
}
}
}
return returnValue;
}
/// <summary>
/// 设置约束条件
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="resourceCategory">资源类别</param>
/// <param name="resourceId">资源主键</param>
/// <param name="tableName">表名</param>
/// <param name="constraint">约束</param>
/// <param name="enabled">有效</param>
/// <param name="permissionCode">操作权限项</param>
/// <returns>主键</returns>
public string SetConstraint(string resourceCategory, string resourceId, string tableName, string permissionCode, string constraint, bool enabled = true)
{
string returnValue = string.Empty;
string permissionId = string.Empty;
BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.UserInfo);
permissionId = permissionItemManager.GetIdByAdd(permissionCode);
List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, resourceCategory));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, resourceId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, "Table"));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, tableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, permissionId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0));
BasePermissionScopeManager manager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo);
// 1:先获取是否有这样的主键,若有进行更新操作。
// 2:若没有进行添加操作。
returnValue = manager.GetId(parameters);
if (!string.IsNullOrEmpty(returnValue))
{
parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionConstraint, constraint));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldEnabled, enabled ? 1 : 0));
manager.SetProperty(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldId, returnValue), parameters);
}
else
{
BasePermissionScopeEntity entity = new BasePermissionScopeEntity();
entity.ResourceCategory = resourceCategory;
entity.ResourceId = resourceId;
entity.TargetCategory = "Table";
entity.TargetId = tableName;
entity.PermissionConstraint = constraint;
entity.PermissionId = int.Parse(permissionId);
entity.DeletionStateCode = 0;
entity.Enabled = enabled ? 1: 0;
returnValue = manager.Add(entity);
}
return returnValue;
}
