//
// 授予授权范围的实现部分
//
#region private string GrantOrganize(BasePermissionScopeManager permissionScopeManager, string id, string roleId, string grantOrganizeId) 为了提高授权的运行速度
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="roleId">员工主键</param>
/// <param name="grantOrganizeId">权限主键</param>
/// <returns>主键</returns>
private string GrantOrganize(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string grantOrganizeId)
{
string returnValue = string.Empty;
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, grantOrganizeId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
// Nick Deng 优化数据权限设置,没有权限和其他任意一种权限互斥
// 即当没有权限时,该角色对应该数据权限的其他权限都应删除
// 当该角色拥有对应该数据权限的其他权限时,删除该角色的没有权限的权限
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
DataTable dt = new DataTable();
if (!this.Exists(parameters))
{
resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
resourcePermissionScopeEntity.ResourceCategory = BaseRoleEntity.TableName;
resourcePermissionScopeEntity.ResourceId = roleId;
resourcePermissionScopeEntity.TargetCategory = BaseOrganizeEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantOrganizeId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
returnValue = permissionScopeManager.Add(resourcePermissionScopeEntity);
if (grantOrganizeId != ((int)PermissionScope.None).ToString())
{
parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, ((int)PermissionScope.None).ToString()));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
if (this.Exists(parameters))
{
dt = permissionScopeManager.GetDataTable(parameters);
if (dt != null && dt.Rows.Count > 0)
{
permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString());
}
}
}
else
{
parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
dt = permissionScopeManager.GetDataTable(parameters);
for (int i = 0; i < dt.Rows.Count; i++)
{
if (dt.Rows[i]["TargetId"].ToString() != ((int)PermissionScope.None).ToString())
{
permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString());
}
}
}
}
return(returnValue);
}
/// <summary>
/// 获取用户的件约束表达式
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="tableName">表名</param>
/// <returns>主键</returns>
public string GetUserConstraint(string tableName, string permissionCode = "Resource.AccessPermission")
{
string returnValue = string.Empty;
// 这里是获取用户的条件表达式
// 1: 首先用户在哪些角色里是有效的?
// 2: 这些角色都有哪些哪些条件约束?
// 3: 组合约束条件?
// 4:用户本身的约束条件?
string permissionId = string.Empty;
BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.UserInfo);
permissionId = permissionItemManager.GetIdByAdd(permissionCode);
BaseUserManager manager = new BaseUserManager(this.DbHelper, this.UserInfo);
string[] roleIds = manager.GetAllRoleIds(UserInfo.Id);
if (roleIds == null || roleIds.Length == 0)
{
return returnValue;
}
BasePermissionScopeManager scopeManager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo);
List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleIds));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, "Table"));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, tableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, permissionId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldEnabled, 1));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0));
DataTable dtPermissionScope = scopeManager.GetDataTable(parameters);
string permissionConstraint = string.Empty;
foreach (DataRow dataRow in dtPermissionScope.Rows)
{
permissionConstraint = dataRow[BasePermissionScopeEntity.FieldPermissionConstraint].ToString();
permissionConstraint = permissionConstraint.Trim();
if (!string.IsNullOrEmpty(permissionConstraint))
{
returnValue += " AND " + permissionConstraint;
}
}
if (!string.IsNullOrEmpty(returnValue))
{
returnValue = returnValue.Substring(5);
// 解析替换约束表达式标准函数
returnValue = ConstraintUtil.PrepareParameter(this.UserInfo, returnValue);
}
return returnValue;
}
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="roleId">员工主键</param>
/// <param name="grantOrganizeId">权限主键</param>
/// <returns>主键</returns>
private string GrantOrganize(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string grantOrganizeId)
{
string returnValue = string.Empty;
List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, grantOrganizeId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
// Nick Deng 优化数据权限设置,没有权限和其他任意一种权限互斥
// 即当没有权限时,该角色对应该数据权限的其他权限都应删除
// 当该角色拥有对应该数据权限的其他权限时,删除该角色的没有权限的权限
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
DataTable dt = new DataTable();
if (!this.Exists(parameters))
{
resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
resourcePermissionScopeEntity.ResourceCategory = BaseRoleEntity.TableName;
resourcePermissionScopeEntity.ResourceId = roleId;
resourcePermissionScopeEntity.TargetCategory = BaseOrganizeEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantOrganizeId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
returnValue = permissionScopeManager.Add(resourcePermissionScopeEntity);
if (grantOrganizeId != ((int)PermissionScope.None).ToString())
{
parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, ((int)PermissionScope.None).ToString()));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
if (this.Exists(parameters))
{
dt = permissionScopeManager.GetDataTable(parameters);
if (dt != null && dt.Rows.Count > 0)
{
permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString());
}
}
}
else
{
parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
dt = permissionScopeManager.GetDataTable(parameters);
for (int i = 0; i < dt.Rows.Count; i++)
{
if (dt.Rows[i]["TargetId"].ToString() != ((int)PermissionScope.None).ToString())
permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString());
}
}
}
return returnValue;
}
public BasePermissionScopeEntity GetConstraintEntity(string resourceCategory, string resourceId, string tableName, string permissionCode = "Resource.AccessPermission")
{
BasePermissionScopeEntity entity = null;
string permissionId = string.Empty;
BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.UserInfo);
permissionId = permissionItemManager.GetIdByAdd(permissionCode);
List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, resourceCategory));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, resourceId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, "Table"));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, tableName));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, permissionId));
parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0));
// 1:先获取是否有这样的主键,若有进行更新操作。
BasePermissionScopeManager manager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo);
DataTable dt = manager.GetDataTable(parameters);
if (dt.Rows.Count > 0)
{
entity = new BasePermissionScopeEntity(dt);
}
return entity;
}
