public int ClearOrganizePermissionScope(string organizeId, string permissionItemCode) { List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>(); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseOrganizeEntity.TableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, organizeId)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode))); BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName); return permissionScopeManager.Delete(parameters); }
public int GrantRoles(string[] userIds, string permissionItemCode, string grantRoleId) { int returnValue = 0; BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName); for (int i = 0; i < userIds.Length; i++) { this.GrantRole(permissionScopeManager, userIds[i], permissionItemCode, grantRoleId); returnValue++; } return returnValue; }
public int GrantPermissionItemes(string roleId, string permissionItemCode, string[] grantPermissionIds) { int returnValue = 0; BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); for (int i = 0; i < grantPermissionIds.Length; i++) { this.GrantPermissionItem(permissionScopeManager, roleId, permissionItemCode, grantPermissionIds[i]); returnValue++; } return returnValue; }
public int GrantModules(string organizeId, string permissionItemCode, string[] grantModuleIds) { int returnValue = 0; BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName); for (int i = 0; i < grantModuleIds.Length; i++) { this.GrantModule(permissionScopeManager, organizeId, permissionItemCode, grantModuleIds[i]); returnValue++; } return returnValue; }
/// <summary> /// 撤消资源的权限范围 /// </summary> /// <param name="userInfo">用户</param> /// <param name="resourceCategory">资源分类</param> /// <param name="resourceId">资源主键</param> /// <param name="targetCategory">目标类别</param> /// <param name="permissionItemId">权限主键</param> /// <returns>影响的行数</returns> public int ClearPermissionScopeTarget(BaseUserInfo userInfo, string resourceCategory, string resourceId, string targetCategory, string permissionItemId) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif int returnValue = 0; using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); string tableName = BasePermissionScopeEntity.TableName; if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode)) { tableName = BaseSystemInfo.SystemCode + "PermissionScope"; } BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo, tableName); returnValue = permissionScopeManager.RevokeResourcePermissionScopeTarget(resourceCategory, resourceId, targetCategory, permissionItemId); BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_ClearPermissionScopeTarget, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return returnValue; }
/// <summary> /// 获取用户的列权限 /// </summary> /// <param name="userId">用户主键</param> /// <param name="tableCode">表名</param> /// <param name="permissionCode">操作权限</param> /// <returns>有权限的列数组</returns> public string[] GetColumns(string userId, string tableCode, string permissionCode = "Column.Access") { // Column.Edit string[] returnValue = null; if (permissionCode.Equals("Column.Deney") || permissionCode.Equals("Column.Edit")) { // 按数据权限来过滤数据 BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); returnValue = permissionScopeManager.GetResourceScopeIds(userId, tableCode, permissionCode); } else if (permissionCode.Equals("Column.Access")) { // 1: 用户有权限的列名 BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); returnValue = permissionScopeManager.GetResourceScopeIds(userId, tableCode, permissionCode); // 2: 先获取公开的列名 string[] publicIds = this.GetProperties(new KeyValuePair<string, object>(BaseTableColumnsEntity.FieldTableCode, tableCode), new KeyValuePair<string, object>(BaseTableColumnsEntity.FieldIsPublic, 1), BaseTableColumnsEntity.FieldColumnCode); returnValue = StringUtil.Concat(returnValue, publicIds); } return returnValue; }
/// <summary> /// 批量删除 /// </summary> /// <param name="userInfo">用户</param> /// <param name="ids">主键数组</param> /// <returns>影响行数</returns> public int BatchDeleteConstraint(BaseUserInfo userInfo, string[] ids) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif int returnValue = 0; using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); BasePermissionScopeManager manager = new BasePermissionScopeManager(dbHelper, userInfo); returnValue = manager.SetDeleted(ids); BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.TableColumnsService_BatchDeleteConstraint, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return returnValue; }
/// <summary> /// 获取列表 /// </summary> /// <param name="userInfo">用户</param> /// <returns>数据表</returns> public DataTable GetDataTable(BaseUserInfo userInfo) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif DataTable dataTable = new DataTable(BaseItemsEntity.TableName); using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); string tableName = BaseItemsEntity.TableName; if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode)) { tableName = BaseSystemInfo.SystemCode + "Items"; } BaseItemsManager itemsManager = new BaseItemsManager(dbHelper, userInfo, tableName); // 若是系统管理员,那就返回全部数据 if (userInfo.IsAdministrator) { dataTable = itemsManager.GetDataTable(); } else { // 按数据权限来过滤数据 BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo); string[] ids = permissionScopeManager.GetResourceScopeIds(userInfo.Id, BaseItemsEntity.TableName, "Resource.ManagePermission"); dataTable = itemsManager.GetDataTable(ids); } dataTable.TableName = tableName; // 添加日志 BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.ItemsService_GetDataTable, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return dataTable; }
/// <summary> /// 员工撤销授权 /// </summary> /// <param name="userId">员工主键</param> /// <param name="permissionItemId">权限主键</param> /// <returns>主键</returns> public int RevokeUser(string userId, string permissionItemCode, string revokeUserId) { BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName); return(this.RevokeUser(permissionScopeManager, userId, permissionItemCode, revokeUserId)); }
/// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="permissionScopeManager">权限域读写器</param> /// <param name="roleId">员工主键</param> /// <param name="revokePermissionId">权限主键</param> /// <returns>主键</returns> private int RevokePermissionItem(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string revokePermissionId) { List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>(); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, roleId)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BasePermissionItemEntity.TableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, revokePermissionId)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode))); return permissionScopeManager.Delete(parameters); }
/// <summary> /// 按日期获取日志 /// </summary> /// <param name="userInfo">用户</param> /// <param name="beginDate">开始时间</param> /// <param name="endDate">结束时间</param> /// <returns>数据表</returns> public DataTable GetDataTableByDate(BaseUserInfo userInfo, string beginDate, string endDate, string userId, string moduleId) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif DataTable dataTable = new DataTable(BaseLogEntity.TableName); using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); BaseLogManager logManager = new BaseLogManager(dbHelper, userInfo); if (!string.IsNullOrEmpty(userId)) { dataTable = logManager.GetDataTableByDateByUserIds(new string[] { userId }, BaseLogEntity.FieldProcessId, moduleId, beginDate, endDate); } else { if (userInfo.IsAdministrator) { dataTable = logManager.GetDataTableByDate(BaseLogEntity.FieldProcessId, moduleId, beginDate, endDate); } else { BasePermissionScopeManager BasePermissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo); string[] userIds = BasePermissionScopeManager.GetUserIds(userInfo.Id, "Resource.ManagePermission"); dataTable = logManager.GetDataTableByDateByUserIds(userIds, BaseLogEntity.FieldProcessId, moduleId, beginDate, endDate); } } dataTable.TableName = BaseLogEntity.TableName; // 添加访问日志 BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.LogService_GetDataTableByDate, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return dataTable; }
public int RevokeRoles(string[] userIds, string permissionItemCode, string[] revokeRoleIds) { int returnValue = 0; BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName); for (int i = 0; i < userIds.Length; i++) { for (int j = 0; j < revokeRoleIds.Length; j++) { this.RevokeRole(permissionScopeManager, userIds[i], permissionItemCode, revokeRoleIds[j]); returnValue++; } } return returnValue; }
/// 获取审核状态表 /// </summary> /// <param name="enabled">审核状态</param> /// <param name="startDate"></param> /// <param name="paramEnd"></param> /// <returns>数据表</returns> public DataTable Search(int enabled, DateTime startDate, DateTime endDate) { string sqlQuery = " SELECT A.*, B." + BaseStaffTable.FieldRealName + " AS StaffFullName " + " ,C." + BaseStaffTable.FieldUserName + " AS AuditName " + " FROM " + BaseWorkReportTable.TableName + " AS A" + " LEFT JOIN " + BaseStaffTable.TableName + " AS B ON B." + BaseStaffTable.FieldId + "=A." + BaseWorkReportTable.FieldStaffId + " LEFT JOIN " + BaseStaffTable.TableName + " AS C ON C." + BaseStaffTable.FieldId + "=A." + BaseWorkReportTable.FieldAuditStaffId; //+ " WHERE A." + BaseWorkReportTable.FieldEnabled + " = ? "; // 设置审核状态 sqlQuery += " WHERE A." + BaseWorkReportTable.FieldEnabled + " = " + enabled; if (startDate.ToString().Trim().Length > 0) { sqlQuery += " AND A." + BaseWorkReportTable.FieldWorkDate + " >= '" + startDate + "'"; } if (endDate.ToString().Trim().Length > 0) { sqlQuery += " AND A." + BaseWorkReportTable.FieldWorkDate + " <= '" + endDate + "'"; } // 是否系统管理员 if (!UserInfo.IsAdministrator) { BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); string[] staffIds = permissionScopeManager.GetUserIds(UserInfo.Id, "Resource.ManagePermission"); string staffs = BaseBusinessLogic.ObjectsToList(staffIds); sqlQuery += " AND A." + BaseWorkReportTable.FieldStaffId + " IN (" + staffs + ")"; } sqlQuery += " ORDER BY " + BaseWorkReportTable.FieldWorkDate + " DESC "; return DbHelper.Fill(sqlQuery); }
/// <summary> /// 判断某个时间范围内是否存在 /// </summary> /// <param name="names"></param> /// <param name="values"></param> /// <param name="startDate"></param> /// <param name="endDate"></param> /// <returns></returns> public bool HasAuthorized(List<KeyValuePair<string, object>> parameters, string startDate, string endDate) { bool returnValue = false; BasePermissionScopeManager manager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo); returnValue = manager.Exists(parameters); /* if (returnValue) { // 再去判断时间 string minDate = "1900-01-01 00:00:00"; string maxDate = "3000-12-31 00:00:00"; // 不用设置的太大 string srcStartDate = manager.GetProperty(names, values, BasePermissionScopeEntity.FieldStartDate); string srcEndDate = manager.GetProperty(names, values, BasePermissionScopeEntity.FieldEndDate); if (string.IsNullOrEmpty(srcStartDate)) { srcStartDate = minDate; } if (string.IsNullOrEmpty(startDate)) { startDate = minDate; } if (string.IsNullOrEmpty(srcEndDate)) { srcEndDate = maxDate; } if (string.IsNullOrEmpty(endDate)) { endDate = maxDate; } // 满足这样的条件 // 时间A(Start1-End1), 时间B(Start2-End2) // Start1 <Start2 && Start2 <End1 // Start1 <End2 && End2 <End1 // Start2 <Start1 && End1 <End2 if ((CheckDateScope(srcStartDate, startDate) && CheckDateScope(startDate, srcEndDate)) || (CheckDateScope(srcStartDate, endDate) && CheckDateScope(endDate, srcEndDate)) || (CheckDateScope(startDate, srcStartDate) && CheckDateScope(srcEndDate, endDate))) { returnValue = true; } else { returnValue = false; } } */ return returnValue; }
/// <summary> /// 获取用户有权限访问的模块主键 /// </summary> /// <param name="userId">用户主键</param> /// <returns>主键数组</returns> public string[] GetIdsByUser(string userId) { // 公开的模块谁都可以访问 string[] openModuleIds = null; List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>(); parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldIsPublic, 1)); parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldEnabled, 1)); parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldDeletionStateCode, 0)); openModuleIds = this.GetIds(parameters); string[] twoModuleIds = null; if (!string.IsNullOrEmpty(userId)) { // 按第一个解决方案进行计算 (用户 ---> 权限 --- 权限 <--- 菜单) // 获取用户的所有权限ID数组 // BasePermissionManager permissionManager = new BasePermissionManager(DbHelper, UserInfo); // DataTable dtPermission = permissionManager.GetPermissionByUser(UserInfo.Id); // string[] permissionItemIds = BaseBusinessLogic.FieldToArray(dtPermission, BasePermissionItemEntity.FieldId); /* string[] oneModuleIds = new string[0]; if ((permissionItemIds != null) && (permissionItemIds.Length > 0)) { // 获取所有跟这个权限有关联的模块ID数组 string sqlQuery = string.Empty; sqlQuery = " SELECT " + BasePermissionEntity.FieldResourceId + " FROM " + BasePermissionEntity.TableName + " WHERE " + BasePermissionEntity.FieldResourceCategory + " = '" + BaseModuleEntity.TableName + "' " + " AND " + BasePermissionEntity.FieldPermissionItemId + " IN (" + BaseBusinessLogic.ObjectsToList(permissionItemIds) + ")"; dtPermission = DbHelper.Fill(sqlQuery); oneModuleIds = BaseBusinessLogic.FieldToArray(dtPermission, BasePermissionEntity.FieldResourceId); } */ // 按第二个解决方案进行计算 (用户 ---> 模块访问权限 ---> 菜单) string tableName = BasePermissionScopeEntity.TableName; if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode)) { tableName = BaseSystemInfo.SystemCode + "PermissionScope"; } BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, tableName); // 模块访问,连同用户本身的,还有角色的,全部获取出来 string permissionItemCode = "Resource.AccessPermission"; twoModuleIds = permissionScopeManager.GetResourceScopeIds(userId, BaseModuleEntity.TableName, permissionItemCode); // 这些模块是有效的才可以 parameters = new List<KeyValuePair<string, object>>(); parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldId, twoModuleIds)); parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldEnabled, 1)); parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldDeletionStateCode, 0)); twoModuleIds = this.GetProperties(parameters, BaseModuleEntity.FieldId); // 这里应该还缺少组织机构的模块权限,应该补上才对 } // 返回相应的模块列表 string[] moduleIds = StringUtil.Concat(openModuleIds, twoModuleIds); return moduleIds; }
/// <summary> /// 查询日志 /// </summary> /// <param name="userInfo">用户</param> /// <param name="search">查询</param> /// <param name="OnlyOnLine">是否在线</param> /// <returns>数据表</returns> public DataTable Search(BaseUserInfo userInfo, string searchValue, bool OnlyOnLine) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif DataTable dataTable = new DataTable(BaseLogEntity.TableName); using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); BaseLogManager logManager = new BaseLogManager(dbHelper, userInfo); BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo); string[] userIds = permissionScopeManager.GetUserIds(userInfo.Id, "Resource.ManagePermission"); dataTable = logManager.Search(userIds,searchValue, OnlyOnLine, true); dataTable.TableName = BaseLogEntity.TableName; BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.UserService_Search, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return dataTable; }
/// <summary> /// 获取用户访问情况日志 /// </summary> /// <param name="userInfo">用户</param> /// <returns>数据表</returns> public DataTable GetLogGeneral(BaseUserInfo userInfo) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif DataTable dataTable = new DataTable(BaseLogEntity.TableName); using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo); try { dbHelper.Open(UserCenterDbConnection); if (userInfo.IsAdministrator) { dataTable = userManager.GetDataTable(); } else { BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo); string[] userIds = permissionScopeManager.GetUserIds(userInfo.Id, "Resource.ManagePermission"); dataTable = userManager.GetDataTableByIds(userIds); } dataTable.TableName = BaseLogEntity.TableName; BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.LogService_GetLogGeneral, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return dataTable; }
public int RevokeUsers(string userId, string permissionItemCode, string[] revokeUserIds) { int returnValue = 0; BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName); for (int i = 0; i < revokeUserIds.Length; i++) { this.RevokeUser(permissionScopeManager, userId, permissionItemCode, revokeUserIds[i]); returnValue++; } return returnValue; }
/// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="permissionScopeManager">权限域读写器</param> /// <param name="Id">主键</param> /// <param name="userId">员工主键</param> /// <param name="grantUserId">权限主键</param> /// <returns>主键</returns> private string GrantUser(BasePermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantUserId) { string returnValue = string.Empty; List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>(); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseUserEntity.TableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldResourceId, userId)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseUserEntity.TableName)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldTargetId, grantUserId)); parameters.Add(new KeyValuePair<string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode))); if (!this.Exists(parameters)) { BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity(); resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode)); resourcePermissionScopeEntity.ResourceCategory = BaseUserEntity.TableName; resourcePermissionScopeEntity.ResourceId = userId; resourcePermissionScopeEntity.TargetCategory = BaseUserEntity.TableName; resourcePermissionScopeEntity.TargetId = grantUserId; resourcePermissionScopeEntity.Enabled = 1; resourcePermissionScopeEntity.DeletionStateCode = 0; return permissionScopeManager.Add(resourcePermissionScopeEntity); } return returnValue; }
public int RevokeModules(string[] roleIds, string permissionItemCode, string revokeModuleId) { int returnValue = 0; BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName); for (int i = 0; i < roleIds.Length; i++) { this.RevokeModule(permissionScopeManager, roleIds[i], permissionItemCode, revokeModuleId); returnValue++; } return returnValue; }
/// <summary> /// 员工撤销授权 /// </summary> /// <param name="userId">员工主键</param> /// <param name="permissionItemId">权限主键</param> /// <returns>主键</returns> public int RevokeRole(string userId, string permissionItemCode, string revokeRoleId) { BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName); return this.RevokeRole(permissionScopeManager, userId, permissionItemCode, revokeRoleId); }
/// <summary> /// 获取列表 /// </summary> /// <param name="userInfo">用户</param> /// <returns>数据表</returns> public DataTable GetDataTable(BaseUserInfo userInfo) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif DataTable dataTable = new DataTable(BaseModuleEntity.TableName); using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); BaseFolderManager folderManager = new BaseFolderManager(dbHelper, userInfo); // 检查相应的系统必备文件夹 folderManager.FolderCheck(); if (userInfo.IsAdministrator) { dataTable = folderManager.GetDataTable(BaseFolderEntity.FieldSortCode); } else { // 数据权限部分,部门的权限部分。 BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper, userInfo); string[] ids = permissionScopeManager.GetOrganizeIds(userInfo.Id, "Resource.ManagePermission"); // 获取安全等级,比自己小的。 string commandText = string.Format(@"SELECT * FROM BaseFolder WHERE (DeletionStateCode = 0 AND Enabled = 1 AND (IsPublic = 1 OR Id = 'UserSpace' OR Id = 'CompanyFile' OR Id = '{0}' OR Id = '{1}' OR Id = '{2}' OR CreateUserId = '{3}')) ", userInfo.Id, userInfo.DepartmentId, userInfo.CompanyId, userInfo.Id); if (ids != null && ids.Length > 0) { commandText += " OR ID IN (" + BaseBusinessLogic.ObjectsToList(ids) + ") "; } dataTable = folderManager.Fill(commandText); } dataTable.DefaultView.Sort = BaseFolderEntity.FieldSortCode; dataTable.TableName = BaseFolderEntity.TableName; BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return dataTable; }
/// <summary> /// 获得用户授权范围 /// </summary> /// <param name="staffId">员工主键</param> /// <returns>数据表</returns> public DataTable GetDataTableByUser(string userId, string permissionItemCode) { DataTable returnValue = new DataTable(this.CurrentTableName); List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>(); // 这里需要判断,是系统权限? bool isRole = false; BaseUserManager userManager = new BaseUserManager(this.DbHelper, this.UserInfo); // 用户管理员 isRole = userManager.IsInRoleByCode(userId, "UserAdmin"); if (isRole) { parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldCategoryCode, "System")); parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldEnabled, 1)); parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0)); returnValue = this.GetDataTable(parameters, BasePermissionItemEntity.FieldSortCode); returnValue.TableName = this.CurrentTableName; return returnValue; } // 这里需要判断,是业务权限? isRole = userManager.IsInRoleByCode(userId, "Admin"); if (isRole) { parameters = new List<KeyValuePair<string, object>>(); parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldCategoryCode, "Application")); parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldEnabled, 1)); parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0)); returnValue = this.GetDataTable(parameters, BasePermissionItemEntity.FieldSortCode); returnValue.TableName = this.CurrentTableName; return returnValue; } BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); string[] permissionItemIds = permissionScopeManager.GetTreeResourceScopeIds(userId, BasePermissionItemEntity.TableName, permissionItemCode, true); // 有效的,未被删除的 parameters = new List<KeyValuePair<string, object>>(); parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldId, permissionItemIds)); parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldEnabled, 1)); parameters.Add(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0)); returnValue = this.GetDataTable(parameters, BasePermissionItemEntity.FieldSortCode); returnValue.TableName = this.CurrentTableName; return returnValue; }
public int RevokePermissionItems(string[] roleIds, string permissionItemCode, string[] revokePermissionIds) { int returnValue = 0; BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); for (int i = 0; i < roleIds.Length; i++) { for (int j = 0; j < revokePermissionIds.Length; j++) { this.RevokePermissionItem(permissionScopeManager, roleIds[i], permissionItemCode, revokePermissionIds[j]); returnValue++; } } return returnValue; }
/// <summary> /// 员工撤销授权 /// </summary> /// <param name="roleId">员工主键</param> /// <param name="permissionItemId">权限主键</param> /// <returns>主键</returns> public int RevokePermissionItem(string roleId, string permissionItemCode, string revokePermissionId) { BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); return this.RevokePermissionItem(permissionScopeManager, roleId, permissionItemCode, revokePermissionId); }
public int RevokePermissionItems(string[] userIds, string permissionItemCode, string revokePermissionId) { int returnValue = 0; BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); for (int i = 0; i < userIds.Length; i++) { this.RevokePermissionItem(permissionScopeManager, userIds[i], permissionItemCode, revokePermissionId); returnValue++; } return returnValue; }
/// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="permissionScopeManager">权限域读写器</param> /// <param name="Id">主键</param> /// <param name="roleId">员工主键</param> /// <param name="grantPermissionId">权限主键</param> /// <returns>主键</returns> private string GrantPermissionItem(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string grantPermissionId) { string returnValue = string.Empty; BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity(); resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode)); resourcePermissionScopeEntity.ResourceCategory = BaseRoleEntity.TableName; resourcePermissionScopeEntity.ResourceId = roleId; resourcePermissionScopeEntity.TargetCategory = BasePermissionItemEntity.TableName; resourcePermissionScopeEntity.TargetId = grantPermissionId; resourcePermissionScopeEntity.Enabled = 1; resourcePermissionScopeEntity.DeletionStateCode = 0; return permissionScopeManager.Add(resourcePermissionScopeEntity); }
public int GrantPermissionItems(string[] userIds, string permissionItemCode, string[] grantPermissionIds) { int returnValue = 0; BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); for (int i = 0; i < userIds.Length; i++) { for (int j = 0; j < grantPermissionIds.Length; j++) { this.GrantPermissionItem(permissionScopeManager, userIds[i], permissionItemCode, grantPermissionIds[j]); returnValue++; } } return returnValue; }
/// <summary> /// 员工授予权限 /// </summary> /// <param name="roleId">员工主键</param> /// <param name="permissionItemId">权限主键</param> /// <param name="organizeId">权组织机构限主键</param> /// <returns>主键</returns> public string GrantPermissionItem(string roleId, string permissionItemCode, string grantPermissionId) { BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); return this.GrantPermissionItem(permissionScopeManager, roleId, permissionItemCode, grantPermissionId); }
/// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="permissionScopeManager">权限域读写器</param> /// <param name="Id">主键</param> /// <param name="userId">员工主键</param> /// <param name="grantModuleId">权限主键</param> /// <returns>主键</returns> private string GrantModule(BasePermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantModuleId) { string returnValue = string.Empty; BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity(); string permissionId = this.GetIdByCode(permissionItemCode); if (string.IsNullOrEmpty(permissionId)) { return string.Empty; } resourcePermissionScopeEntity.PermissionId = int.Parse(permissionId); resourcePermissionScopeEntity.ResourceCategory = BaseUserEntity.TableName; resourcePermissionScopeEntity.ResourceId = userId; resourcePermissionScopeEntity.TargetCategory = BaseModuleEntity.TableName; resourcePermissionScopeEntity.TargetId = grantModuleId; resourcePermissionScopeEntity.Enabled = 1; resourcePermissionScopeEntity.DeletionStateCode = 0; return permissionScopeManager.Add(resourcePermissionScopeEntity); }
/// <summary> /// 员工授予权限 /// </summary> /// <param name="userId">员工主键</param> /// <param name="permissionItemId">权限主键</param> /// <param name="organizeId">权组织机构限主键</param> /// <returns>主键</returns> public string GrantModule(string userId, string permissionItemCode, string grantModuleId) { BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, this.CurrentTableName); return this.GrantModule(permissionScopeManager, userId, permissionItemCode, grantModuleId); }
/// <summary> /// 员工授予权限 /// </summary> /// <param name="userId">员工主键</param> /// <param name="permissionItemId">权限主键</param> /// <param name="organizeId">权组织机构限主键</param> /// <returns>主键</returns> public string GrantUser(string userId, string permissionItemCode, string grantUserId) { BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); return(this.GrantUser(permissionScopeManager, userId, permissionItemCode, grantUserId)); }