Esempio n. 1
0
        /// <summary>
        /// 检查用户对于一批目录是否具有指定权限,返回具有权限的目录Id列表
        /// </summary>
        /// <param name="handle"></param>
        /// <param name="permission"></param>
        /// <param name="toFilterDirIdList"></param>
        /// <returns></returns>
        public List <string> FilterDirIds(LibHandle handle, DMFuncPermissionEnum permission, List <string> toFilterDirIdList)
        {
            if (handle == LibHandleCache.Default.GetSystemHandle() || string.IsNullOrEmpty(handle.UserId) || handle.UserId == "admin")
            {
                return(toFilterDirIdList);//系统用户则直接原样返回
            }
            string           personId       = handle.PersonId;
            DMUserPermission userPermission = DMUserPermissionCache.Default.GetCacheItem(personId);

            if (userPermission.IsUnlimited)
            {
                return(toFilterDirIdList);//用户权限不受限制则直接原样返回
            }
            Dictionary <string, List <string> > dicDirId_DirIds = DirLinkAddress.GetDirIdsForDirs(toFilterDirIdList);

            if (dicDirId_DirIds == null)
            {
                return(new List <string>());
            }

            List <string> resultList = new List <string>();

            try
            {
                //使用每个目录的目录标识列表(含自身和所有父级目录)检查是否可用权限
                resultList = (from item in toFilterDirIdList
                              where dicDirId_DirIds.ContainsKey(item) && userPermission.CheckCan(dicDirId_DirIds[item], string.Empty, permission)
                              select item).ToList();
            }
            catch (Exception exp)
            {
                DMCommonMethod.WriteLog("FilterDocIds", exp.Message);
            }
            return(resultList);
        }
Esempio n. 2
0
 /// <summary>
 /// 检查用户对于指定目录(或及指定文档)是否具有指定的权限
 /// </summary>
 /// <param name="dirId">目录标识,如果文档标识不为空则目录标识可为空</param>
 /// <param name="docId">文档标识,为空则仅判断目录</param>
 /// <param name="func">操作功能项</param>
 /// <returns></returns>
 public bool CheckCan(string dirId, string docId, DMFuncPermissionEnum func)
 {
     if (string.IsNullOrEmpty(dirId) && string.IsNullOrEmpty(docId))
     {
         return(false);//不能两者都为空
     }
     //找到目录或文档的所有上级目录然后再检查权限
     if (string.IsNullOrEmpty(docId))
     {
         DirLinkAddress dirLink = new DirLinkAddress(dirId, new LibDataAccess());
         if (dirLink.DirType == DirTypeEnum.Private)
         {
             return(true);
         }
         List <string> dirIds = dirLink.ParentDirIdList;
         dirIds.Add(dirId);//将本级目录标识加入
         return(CheckCan(dirIds, string.Empty, func));
     }
     else
     {
         DirLinkAddress dirLink = new DirLinkAddress(false, docId, new LibDataAccess(), true);
         if (dirLink.DirType == DirTypeEnum.Private)
         {
             return(true);
         }
         return(CheckCan(dirLink.ParentDirIdList, docId, func));
     }
 }
Esempio n. 3
0
 /// <summary>
 /// 检查用户是否具有指定文件的下周权限,如有则返回待下载的临时文件地址
 /// </summary>
 /// <param name="userHandle"></param>
 /// <param name="docId"></param>
 /// <returns></returns>
 public static string CheckAndGetDownloadTempFile(string userHandle, string docId, int modifyId, out string downloadName)
 {
     downloadName = string.Empty;
     try
     {
         LibHandle libHandle = LibHandleCache.Default.GetCurrentHandle(userHandle) as LibHandle;
         if (libHandle == null)
         {
             return(string.Empty);//用户句柄无效
         }
         if (DMPermissionControl.Default.HasPermission(libHandle, string.Empty, docId, DMFuncPermissionEnum.Download) == false)
         {
             return(string.Empty);
         }
         DirLinkAddress dirlink = new DirLinkAddress(docId);
         downloadName = dirlink.DocName;
         //复制一份到临时目录
         string tempPath    = Path.Combine(GetDMRootTempPath(), string.Format("{0}_{1}", DateTime.Now.Ticks.ToString(), downloadName));
         string docFullPath = dirlink.GetDocFullPath(modifyId);
         if (File.Exists(docFullPath))
         {
             File.Copy(docFullPath, tempPath);
             return(tempPath);
         }
         return(string.Empty);
     }
     catch (Exception exp)
     {
         WriteLog("DMCommonMethod.CheckAndGetDownloadTempFile", string.Format("DocId:{0},Error:{1}", docId, exp.ToString()));
         return(string.Empty);
     }
 }
Esempio n. 4
0
        /// <summary>
        /// 获取用户对于指定文档的权限集合
        /// </summary>
        /// <param name="userHandle">用户会话标识</param>
        /// <param name="docId"></param>
        /// <returns></returns>
        public List <DMFuncPermissionEnum> GetPermissionOf(string userHandle, string docId)
        {
            if (string.IsNullOrEmpty(userHandle) || string.IsNullOrEmpty(docId))
            {
                return(new List <DMFuncPermissionEnum>());//参数非法,返回空
            }
            LibHandle libHandle = LibHandleCache.Default.GetCurrentHandle(userHandle) as LibHandle;

            if (libHandle == null)
            {
                return(new List <DMFuncPermissionEnum>());//用户句柄无效
            }
            List <DMFuncPermissionEnum> listPer = new List <DMFuncPermissionEnum>();

            //添加所有权限
            listPer.AddRange(new DMFuncPermissionEnum[] {
                DMFuncPermissionEnum.Browse,
                DMFuncPermissionEnum.Add,
                DMFuncPermissionEnum.Edit,
                DMFuncPermissionEnum.Delete,
                DMFuncPermissionEnum.Read,
                DMFuncPermissionEnum.Print,
                DMFuncPermissionEnum.Download,
                DMFuncPermissionEnum.Move,
                DMFuncPermissionEnum.SetVersion,
                DMFuncPermissionEnum.Subscribe,
                DMFuncPermissionEnum.Lend,
                DMFuncPermissionEnum.Link,
                DMFuncPermissionEnum.Associate,
                DMFuncPermissionEnum.Comment,
                DMFuncPermissionEnum.Rename,
                DMFuncPermissionEnum.Replace,
                DMFuncPermissionEnum.Fallback,
            });
            DirLinkAddress dirLink = new DirLinkAddress(docId);

            if (libHandle.UserId.Equals("admin") || (DirTypeEnum)dirLink.DirType == DirTypeEnum.Private || libHandle == LibHandleCache.Default.GetSystemHandle())
            {
                return(listPer);//具有所有权限
            }
            DMUserPermission userPer = DMUserPermissionCache.Default.GetCacheItem(libHandle.PersonId);

            listPer = (from item in listPer
                       where userPer.CheckCan(dirLink.ParentDirIdList, docId, item)             //筛选
                       select item).ToList();
            return(listPer);
        }
Esempio n. 5
0
        /// <summary>
        /// 检查用户对于一批文档是否具有指定权限,返回具有权限的文档Id列表
        /// </summary>
        /// <param name="handle"></param>
        /// <param name="permission"></param>
        /// <param name="toFilterDocIdList"></param>
        /// <returns></returns>
        public List <string> FilterDocIds(LibHandle handle, DMFuncPermissionEnum permission, List <string> toFilterDocIdList)
        {
            if (handle == LibHandleCache.Default.GetSystemHandle() || string.IsNullOrEmpty(handle.UserId) || handle.UserId == "admin")
            {
                return(toFilterDocIdList);//系统用户则直接原样返回
            }
            string           personId       = handle.PersonId;
            DMUserPermission userPermission = DMUserPermissionCache.Default.GetCacheItem(personId);

            if (userPermission.IsUnlimited)
            {
                return(toFilterDocIdList);//用户权限不受限制则直接原样返回
            }
            Dictionary <string, List <DocInfo> > dicDocId_DirIds = DirLinkAddress.GetParentDirIdsForDocs(toFilterDocIdList);

            if (dicDocId_DirIds == null)
            {
                return(null);
            }

            List <string> resultList = new List <string>();
            Dictionary <string, List <string> > tempDic = new Dictionary <string, List <string> >();

            foreach (KeyValuePair <string, List <DocInfo> > item in dicDocId_DirIds)
            {
                foreach (DocInfo temp in item.Value)
                {
                    if (temp.DirType == DirTypeEnum.Private && temp.CreatorId == personId)
                    {
                        if (!resultList.Contains(item.Key))
                        {
                            resultList.Add(item.Key);
                            break;
                        }
                    }
                    else
                    {
                        if (tempDic.ContainsKey(item.Key))
                        {
                            tempDic[item.Key].Add(temp.DirId);
                        }
                        else
                        {
                            tempDic.Add(item.Key, new List <string>()
                            {
                                temp.DirId
                            });
                        }
                    }
                }
            }
            try {
                //使用每个文档的标识和父目录标识列表检查是否可用权限
                resultList.AddRange((from item in toFilterDocIdList
                                     where tempDic.ContainsKey(item) && userPermission.CheckCan(tempDic[item], item, permission)
                                     select item).ToList());
            }
            catch (Exception exp)
            {
                DMCommonMethod.WriteLog("FilterDocIds", exp.Message);
            }
            return(resultList);
        }
Esempio n. 6
0
        /// <summary>
        /// 检查是否可以浏览指定目录
        /// 如果目录自身有管理或浏览权限、或者目录下的某个目录(无论是子目录还是孙目录等)有管理或者浏览权限、或者下面的某个文档有浏览或管理权限,则可以浏览
        /// </summary>
        /// <param name="dirId"></param>
        /// <returns></returns>
        public bool CheckDirCanBrowse(string dirId, DirLinkAddress dirLink = null)
        {
            try
            {
                if (string.IsNullOrEmpty(dirId))
                {
                    return(false);
                }
                if (dirLink == null)
                {
                    dirLink = new DirLinkAddress(dirId, new LibDataAccess());
                }

                //合并权限
                int           mergePermission = 0;
                List <string> dirIdList       = dirLink.SubDirIdList;
                dirIdList.Add(dirId);

                dirLink.GetDocIds();//文档编号列表需要单独获取
                List <string> docIdList = dirLink.DocIdList;

                lock (this._LockObjOfDicDirAndDoc)
                {
                    foreach (string itemId in dirIdList)
                    {
                        if (this._DicDirectoryPowers.ContainsKey(itemId))
                        {
                            mergePermission |= this._DicDirectoryPowers[itemId];  //按位或
                            if ((mergePermission & (int)DMFuncPermissionEnum.Manage) == (int)DMFuncPermissionEnum.Manage)
                            {
                                return(true);
                            }
                            if ((mergePermission & (int)DMFuncPermissionEnum.Browse) == (int)DMFuncPermissionEnum.Browse)
                            {
                                return(true);
                            }
                        }
                    }
                    foreach (string itemId in docIdList)
                    {
                        if (this._DicDocumentPowers.ContainsKey(itemId))
                        {
                            mergePermission |= this._DicDocumentPowers[itemId];  //按位或
                            if ((mergePermission & (int)DMFuncPermissionEnum.Manage) == (int)DMFuncPermissionEnum.Manage)
                            {
                                return(true);
                            }
                            if ((mergePermission & (int)DMFuncPermissionEnum.Browse) == (int)DMFuncPermissionEnum.Browse)
                            {
                                return(true);
                            }
                        }
                    }
                }
                return(false);
            }
            catch (Exception exp)
            {
                DMCommonMethod.WriteLog("DMUserPermission.CheckDirCanBrowse", string.Format("DirId:{0}\r\nError:{1}", dirId, exp.ToString()));
                return(false);
            }
        }