/// <summary>
/// 获取用户的列权限
/// </summary>
/// <param name="userId">用户主键</param>
/// <param name="tableCode">表名</param>
/// <param name="permissionCode">操作权限</param>
/// <returns>有权限的列数组</returns>
public string[] GetColumns(string userId, string tableCode, string permissionCode = "Column.Access")
{
// Column.Edit
string[] returnValue = null;
if (permissionCode.Equals("Column.Deney") || permissionCode.Equals("Column.Edit"))
{
// 按数据权限来过滤数据
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
returnValue = permissionScopeManager.GetResourceScopeIds(userId, tableCode, permissionCode);
}
else if (permissionCode.Equals("Column.Access"))
{
// 1: 用户有权限的列名
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
returnValue = permissionScopeManager.GetResourceScopeIds(userId, tableCode, permissionCode);
// 2: 先获取公开的列名
string[] publicIds = this.GetProperties(new KeyValuePair<string, object>(BaseTableColumnsEntity.FieldTableCode, tableCode), new KeyValuePair<string, object>(BaseTableColumnsEntity.FieldIsPublic, 1), BaseTableColumnsEntity.FieldColumnCode);
returnValue = StringUtil.Concat(returnValue, publicIds);
}
return returnValue;
}
/// <summary>
/// 获取列表
/// </summary>
/// <param name="userInfo">用户</param>
/// <returns>数据表</returns>
public DataTable GetDataTable(BaseUserInfo userInfo)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
DataTable dataTable = new DataTable(BaseItemsEntity.TableName);
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
string tableName = BaseItemsEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "Items";
}
BaseItemsManager itemsManager = new BaseItemsManager(dbHelper, userInfo, tableName);
// 若是系统管理员,那就返回全部数据
if (userInfo.IsAdministrator)
{
dataTable = itemsManager.GetDataTable();
}
else
{
// 按数据权限来过滤数据
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo);
string[] ids = permissionScopeManager.GetResourceScopeIds(userInfo.Id, BaseItemsEntity.TableName, "Resource.ManagePermission");
dataTable = itemsManager.GetDataTable(ids);
}
dataTable.TableName = tableName;
// 添加日志
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.ItemsService_GetDataTable, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return dataTable;
}
/// <summary>
/// 获取用户有权限访问的模块主键
/// </summary>
/// <param name="userId">用户主键</param>
/// <returns>主键数组</returns>
public string[] GetIdsByUser(string userId)
{
// 公开的模块谁都可以访问
string[] openModuleIds = null;
List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldIsPublic, 1));
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldEnabled, 1));
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldDeletionStateCode, 0));
openModuleIds = this.GetIds(parameters);
string[] twoModuleIds = null;
if (!string.IsNullOrEmpty(userId))
{
// 按第一个解决方案进行计算 (用户 ---> 权限 --- 权限 <--- 菜单)
// 获取用户的所有权限ID数组
// BasePermissionManager permissionManager = new BasePermissionManager(DbHelper, UserInfo);
// DataTable dtPermission = permissionManager.GetPermissionByUser(UserInfo.Id);
// string[] permissionItemIds = BaseBusinessLogic.FieldToArray(dtPermission, BasePermissionItemEntity.FieldId);
/*
string[] oneModuleIds = new string[0];
if ((permissionItemIds != null) && (permissionItemIds.Length > 0))
{
// 获取所有跟这个权限有关联的模块ID数组
string sqlQuery = string.Empty;
sqlQuery = " SELECT " + BasePermissionEntity.FieldResourceId
+ " FROM " + BasePermissionEntity.TableName
+ " WHERE " + BasePermissionEntity.FieldResourceCategory + " = '" + BaseModuleEntity.TableName + "' "
+ " AND " + BasePermissionEntity.FieldPermissionItemId + " IN (" + BaseBusinessLogic.ObjectsToList(permissionItemIds) + ")";
dtPermission = DbHelper.Fill(sqlQuery);
oneModuleIds = BaseBusinessLogic.FieldToArray(dtPermission, BasePermissionEntity.FieldResourceId);
}
*/
// 按第二个解决方案进行计算 (用户 ---> 模块访问权限 ---> 菜单)
string tableName = BasePermissionScopeEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "PermissionScope";
}
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, tableName);
// 模块访问,连同用户本身的,还有角色的,全部获取出来
string permissionItemCode = "Resource.AccessPermission";
twoModuleIds = permissionScopeManager.GetResourceScopeIds(userId, BaseModuleEntity.TableName, permissionItemCode);
// 这些模块是有效的才可以
parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldId, twoModuleIds));
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldEnabled, 1));
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldDeletionStateCode, 0));
twoModuleIds = this.GetProperties(parameters, BaseModuleEntity.FieldId);
// 这里应该还缺少组织机构的模块权限,应该补上才对
}
// 返回相应的模块列表
string[] moduleIds = StringUtil.Concat(openModuleIds, twoModuleIds);
return moduleIds;
}
/// <summary>
/// 获取用户的某个资源的权限范围
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <param name="targetCategory">目标类别</param>
/// <param name="permissionItemCode">权限编号</param>
/// <returns>主键数组</returns>
public string[] GetResourceScopeIds(BaseUserInfo userInfo, string userId, string targetCategory, string permissionItemCode)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
string[] returnValue = null;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
string tableName = BasePermissionScopeEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "PermissionScope";
}
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo, tableName);
returnValue = permissionScopeManager.GetResourceScopeIds(userId, targetCategory, permissionItemCode);
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_GetResourceScopeIds, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return returnValue;
}
/// <summary>
/// 获取能访问的字段列表
/// </summary>
/// <param name="tableCode">表名</param>
/// <returns>数据表</returns>
public DataTable GetTableColumns(string userId, string tableCode)
{
// 当前用户对哪些资源有权限(用户自己的权限 + 相应的角色拥有的权限)
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
string[] ids = permissionScopeManager.GetResourceScopeIds(userId, "TableColumns", "ColumnAccess");
// 获取有效的,没删除标志的
string sqlQuery = " SELECT * FROM BaseTableColumns WHERE (DeletionStateCode = 0 AND Enabled = 1) ";
// 是否指定了表名
if (!string.IsNullOrEmpty(tableCode))
{
sqlQuery += " AND (TableCode = '" + tableCode + "') ";
}
// 公开的或者按权限来过滤字段
sqlQuery += " AND (IsPublic = 1 ";
if (ids != null && ids.Length > 0)
{
string idList = StringUtil.ArrayToList(ids);
sqlQuery += " OR Id IN (" + idList + ")";
}
sqlQuery += ") ORDER BY SortCode ";
return DbHelper.Fill(sqlQuery);
}
/// <summary>
/// 按某种权限获取主键列表
/// </summary>
/// <param name="userId">用户主键</param>
/// <param name="resourceCategory">资源分类</param>
/// <param name="permissionItemCode">权限编号</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByPermission(string userId, string resourceCategory, string permissionItemCode = "Resource.ManagePermission")
{
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
string[] ids = permissionScopeManager.GetResourceScopeIds(userId, resourceCategory, permissionItemCode);
DataTable dataTable = this.GetDataTable(ids);
dataTable.DefaultView.Sort = BaseItemDetailsEntity.FieldSortCode;
return dataTable;
}