protected void Page_Load(object sender, System.EventArgs e)
{
Response.Cache.SetNoStore();
string strUserGuid = GetRequestData("userGuid", string.Empty).ToString();
if (strUserGuid.Trim().Length == 0)
{
strUserGuid = LogOnUserInfo.UserGuid;
}
ExceptionHelper.FalseThrow(strUserGuid == LogOnUserInfo.UserGuid, "对不起,用户只能自己来修改口令!");
UserGuid.Value = strUserGuid;
userName.InnerText = LogOnUserInfo.OuUsers[0].UserDisplayName;
if (false == IsPostBack)
{
string strSql = "SELECT GUID, NAME + '(' + VERSION + ')' AS DISPLAYNAME FROM PWD_ARITHMETIC WHERE VISIBLE = 1 ORDER BY SORT_ID";
DataSet ds = InnerCommon.ExecuteDataset(strSql);
DataView dv = new DataView(ds.Tables[0]);
newPwdType.DataSource = dv;
newPwdType.DataTextField = "DISPLAYNAME";
newPwdType.DataValueField = "GUID";
newPwdType.DataBind();
oldPwdType.DataSource = dv;
oldPwdType.DataTextField = "DISPLAYNAME";
oldPwdType.DataValueField = "GUID";
oldPwdType.DataBind();
}
}
private void AddSidelineObjects(string strOrgGuid)
{
string strObjGuid = (string)GetRequestData("objGuid", string.Empty);
DataSet ds, orgDs;
DataRow row;
ds = OGUReader.GetObjectsDetail("USERS",
strObjGuid,
SearchObjectColumn.SEARCH_USER_GUID,
strOrgGuid,
SearchObjectColumn.SEARCH_GUID);
ExceptionHelper.TrueThrow((ds == null) || (ds.Tables.Count == 0) || (ds.Tables[0].Rows.Count == 0),
"对不起,系统中没有找到指定的对象!");
row = ds.Tables[0].Rows[0];
string strSParentGuid = (string)GetRequestData("SParentGuid", string.Empty);
orgDs = OGUReader.GetObjectsDetail("ORGANIZATIONS",
strSParentGuid,
SearchObjectColumn.SEARCH_GUID,
string.Empty,
SearchObjectColumn.SEARCH_NULL);
parentAllPathName.Value = OGUCommonDefine.DBValueToString(orgDs.Tables[0].Rows[0]["ALL_PATH_NAME"]);
row["ALL_PATH_NAME"] = parentAllPathName.Value + "\\" + OGUCommonDefine.DBValueToString(row["OBJ_NAME"]);
row["SIDELINE"] = 1;
row["CREATE_TIME"] = row["END_TIME"] = row["START_TIME"] = row["RANK_NAME"] = DBNull.Value;
userData.Value = InnerCommon.GetXmlDoc(ds).OuterXml;
}
/// <summary>
/// 获得用户sourceID在角色roleID委派中的被委派对象的显示名称
/// </summary>
/// <param name="xmlDoc"></param>
protected void GetRoleDelegationUser(XmlDocument xmlDoc)
{
using (DbContext context = DbContext.GetContext(AppResource.ConnAlias))
{
string strSourceID = xmlDoc.DocumentElement.GetAttribute("sourceID");
string strRoleID = xmlDoc.DocumentElement.GetAttribute("roleID");
string strSQL = "SELECT TARGET_ID, START_TIME, END_TIME FROM DELEGATIONS WHERE SOURCE_ID = "
+ TSqlBuilder.Instance.CheckQuotationMark(strSourceID, true)
+ " AND ROLE_ID = " + TSqlBuilder.Instance.CheckQuotationMark(strRoleID, true);
DataSet ds = InnerCommon.ExecuteDataset(strSQL);
_XmlResult = InnerCommon.GetXmlDoc(ds);
string strTargetID = string.Empty;
if (ds.Tables[0].Rows.Count != 0)
{
strTargetID = ds.Tables[0].Rows[0]["TARGET_ID"].ToString();
}
if (strTargetID != string.Empty)
{
ds = OGUReader.GetObjectsDetail("USERS", strTargetID,
SearchObjectColumn.SEARCH_GUID, string.Empty, SearchObjectColumn.SEARCH_NULL);
string strDisplayName = ds.Tables[0].Rows[0]["DISPLAY_NAME"].ToString();
XmlHelper.AppendNode <string>(_XmlResult.DocumentElement.SelectSingleNode("DELEGATIONS"),
"TARGET_DISPLAYNAME", strDisplayName);
}
}
}
/// <summary>
/// 查询某功能与所有角色的对应关系
/// </summary>
private void DoQueryFuncToRole()
{
XmlElement root = _XmlRequest.DocumentElement;
string strAppID = root.GetAttribute("app_id");
string strFuncID = root.GetAttribute("func_id");
string strSQL = @"SELECT ID,APP_ID,NAME,CODE_NAME,DESCRIPTION,CLASSIFY,SORT_ID,INHERITED,ALLOW_DELEGATE,{1} AS FUNC_ID
FROM ROLES
WHERE APP_ID = {0}
AND ID IN (SELECT ROLE_ID AS ID FROM ROLE_TO_FUNCTIONS WHERE FUNC_ID = {1})
AND CLASSIFY = (SELECT CLASSIFY FROM FUNCTIONS WHERE ID = {1})
union all
SELECT ID,APP_ID,NAME,CODE_NAME,DESCRIPTION,CLASSIFY,SORT_ID,INHERITED,ALLOW_DELEGATE,'' AS FUNC_ID
FROM ROLES
WHERE APP_ID = {0}
AND ID NOT IN
(SELECT ROLE_ID AS ID FROM ROLE_TO_FUNCTIONS WHERE FUNC_ID = {1})
AND CLASSIFY = (SELECT CLASSIFY FROM FUNCTIONS WHERE ID = {1})
ORDER BY SORT_ID" ;
strSQL = string.Format(strSQL,
TSqlBuilder.Instance.CheckQuotationMark(strAppID, true),
TSqlBuilder.Instance.CheckQuotationMark(strFuncID, true));
#if DEBUG
Debug.WriteLine(strSQL.ToString());
#endif
_XmlResult = InnerCommon.GetXmlDoc(InnerCommon.ExecuteDataset(strSQL));
}
private void DoQueryFuncSetToFunc()
{
XmlElement root = _XmlRequest.DocumentElement;
string strAppID = TSqlBuilder.Instance.CheckQuotationMark(root.GetAttribute("app_id"), true);
string strFuncSetID = TSqlBuilder.Instance.CheckQuotationMark(root.GetAttribute("func_set_id"), true);
string strSQL = @"SELECT FUNC_ID INTO #FUNC_IDS
FROM FUNC_SET_TO_FUNCS
WHERE FUNC_SET_ID = {0};
SELECT FUNC_ID INTO #FUNC_IDS2 FROM FUNC_SET_TO_FUNCS
WHERE FUNC_ID IN (SELECT ID FROM FUNCTIONS WHERE APP_ID = {1});
SELECT *, 0 AS TYPE, {0} AS FUNC_SET_ID FROM FUNCTIONS
WHERE ID IN (SELECT * FROM #FUNC_IDS)
AND APP_ID = {1}
AND CLASSIFY = (SELECT CLASSIFY FROM FUNCTION_SETS WHERE ID = {0})
UNION ALL
SELECT *, 0 AS TYPE, '' AS FUNC_SET_ID FROM FUNCTIONS
WHERE ID NOT IN (SELECT * FROM #FUNC_IDS2)
AND APP_ID = {1}
AND CLASSIFY = (SELECT CLASSIFY FROM FUNCTION_SETS WHERE ID = {0})
ORDER BY FUNC_SET_ID DESC, SORT_ID" ;
strSQL = string.Format(strSQL, strFuncSetID, strAppID);
_XmlResult = InnerCommon.GetXmlDoc(InnerCommon.ExecuteDataset(strSQL));
}
private void DoQueryExpScope()
{
XmlElement root = _XmlRequest.DocumentElement;
string strAppID = TSqlBuilder.Instance.CheckQuotationMark(root.GetAttribute("app_id"), true);
string strExpID = TSqlBuilder.Instance.CheckQuotationMark(root.GetAttribute("exp_id"), true);
string strSQL = @"SELECT SCOPE_ID INTO #SCOPE_IDS
FROM EXP_TO_SCOPES
WHERE EXP_ID = {1}
SELECT * , {1} AS EXP_ID
FROM SCOPES
WHERE APP_ID = {0}
AND ID IN (SELECT * FROM #SCOPE_IDS)
UNION ALL
SELECT * , '' AS EXP_ID
FROM SCOPES
WHERE APP_ID = {0}
AND ID NOT IN (SELECT * FROM #SCOPE_IDS)
ORDER BY EXP_ID DESC, DESCRIPTION " ;
strSQL = string.Format(strSQL, strAppID, strExpID);
_XmlResult = InnerCommon.GetXmlDoc(InnerCommon.ExecuteDataset(strSQL));
}
protected void DoQueryObj()
{
XmlElement root = _XmlRequest.DocumentElement;
string strTable = root.GetAttribute("type");
string strAppID = root.GetAttribute("app_id");
string strObjID = root.GetAttribute("id");
string strAnd;
if (strTable == "APPLICATIONS")
{
strAnd = string.Empty;
}
else
{
strAnd = string.Format(" AND APP_ID = {0}", TSqlBuilder.Instance.CheckQuotationMark(strAppID, true));
}
string strSQL = @"SELECT *
FROM {0}
WHERE ID = {1}
{2}" ;
strSQL = string.Format(strSQL, strTable, TSqlBuilder.Instance.CheckQuotationMark(strObjID, true), strAnd);
_XmlResult = InnerCommon.GetXmlDoc(InnerCommon.ExecuteDataset(strSQL));
}
private void GetUsersInGroupsInPage()
{
XmlElement root = _XmlRequest.DocumentElement;
string strGroupGuid = root.GetAttribute("GUID");
string strAttrs = OGUCommonDefine.CombinateAttr(root.GetAttribute("extAttr"));
int iPageNo = Convert.ToInt32(root.GetAttribute("PageNo"));
int iPageSize = Convert.ToInt32(root.GetAttribute("PageSize"));
string strSortColumn = root.GetAttribute("PageSort");
string strSearchName = root.GetAttribute("SearchName");
DataSet ds = OGUReader.GetUsersInGroups(strGroupGuid,
SearchObjectColumn.SEARCH_GUID,
strSearchName,
strSortColumn,
strAttrs,
iPageNo,
iPageSize);
_XmlResult = InnerCommon.GetXmlDocAttr(ds.Tables[0], "OBJECTCLASS");
_XmlResult.DocumentElement.SetAttribute("GetCount",
OGUReader.GetUsersInGroups(strGroupGuid,
SearchObjectColumn.SEARCH_GUID,
strSearchName,
strSortColumn,
0,
0).Tables[0].Rows.Count.ToString());
}
private void InsertOrgOrGroups(DataRow oRow, string strObjClass)
{
string strParent, strSelfAllPathName, strRootGuid, strInnerSort;
DataRow row = PrepareForInsert(oRow, out strParent, out strSelfAllPathName, out strRootGuid, out strInnerSort);
string strGuid = Guid.NewGuid().ToString();
InsertSqlClauseBuilder ic = new InsertSqlClauseBuilder();
ic.AppendItem("GUID", strGuid);
ic.AppendItem("PARENT_GUID", strRootGuid);
for (int i = 2; i < oRow.Table.Columns.Count; i++)
{
string strRealColumnName = _DataColumns[ContainsValue(2, oRow.Table.Columns[i].ColumnName)][0];
if (strRealColumnName == "NAME" && strObjClass == "ORGANIZATIONS")
{
ic.AppendItem("RANK_CODE", GetRankCode(strObjClass, (string)oRow[i]));
}
else
{
if (strRealColumnName == "GUID" || strRealColumnName.IndexOf("GUID") >= 0)
{
continue;
}
else
{
if (CheckXsdExist(strRealColumnName, strObjClass))
{
ic.AppendItem(strRealColumnName, oRow[i]);
}
}
}
}
if (ContainsValue(0, "NAME") < 0 && strObjClass == "ORGANIZATIONS")
{
ic.AppendItem("RANK_CODE", GetRankCode(strObjClass, string.Empty));
}
if (ContainsValue(0, "ALL_PATH_NAME") < 0)
{
ic.AppendItem("ALL_PATH_NAME", strSelfAllPathName);
}
ic.AppendItem("INNER_SORT", strInnerSort);
ic.AppendItem("GLOBAL_SORT", OGUCommonDefine.DBValueToString(row["GLOBAL_SORT"]) + strInnerSort);
ic.AppendItem("ORIGINAL_SORT", OGUCommonDefine.DBValueToString(row["ORIGINAL_SORT"]) + strInnerSort);
ic.AppendItem("STATUS", "1");
string strSql = "INSERT INTO " + strObjClass + ic.ToSqlString(TSqlBuilder.Instance) + ";\n";
_StrBuild.Append(strSql);
InnerCommon.ExecuteDataset(strSql);
if (strObjClass == "ORGANIZATIONS")
{
_RootHash.Add(strSelfAllPathName, strGuid);
}
}
/// <summary>
/// 根据查询条件获取系统中符合条件的数据对象
/// </summary>
///
//2009-05-08
private void QueryOGUByCondition2()
{
XmlNode root = _XmlRequest.DocumentElement.FirstChild;
string strRootOrg = XmlHelper.GetSingleNodeValue <string>(root, "ALL_PATH_NAME", string.Empty);
string strLikeName = XmlHelper.GetSingleNodeValue <string>(root, "name", "*");
bool bFirstPerson = (root.SelectSingleNode("firstPerson") != null);
string strOrgAccessRankCN = string.Empty;
string strUserAccessRankCN = string.Empty;
int iQueryType = (int)ListObjectType.GROUPS;
if (root.SelectSingleNode("USERS") != null)
{
iQueryType = (int)(ListObjectType.USERS | ListObjectType.SIDELINE);
strUserAccessRankCN = XmlHelper.GetSingleNodeValue <string>(root, "RANK_CODE", string.Empty);
}
else
{
if (root.SelectSingleNode("ORGANIZATIONS") != null)
{
iQueryType = (int)ListObjectType.ORGANIZATIONS;
strOrgAccessRankCN = XmlHelper.GetSingleNodeValue <string>(root, "RANK_CODE", string.Empty);
}
}
string strAttr = OGUCommonDefine.CombinateAttr(string.Empty);
using (DbContext context = DbContext.GetContext(AccreditResource.ConnAlias))
{
string strOrgGuid = string.Empty;
string strSql = string.Empty;
if (strRootOrg.Length > 0)
{
strSql = "SELECT GUID FROM ORGANIZATIONS WHERE ALL_PATH_NAME = "
+ TSqlBuilder.Instance.CheckQuotationMark(strRootOrg, true);
Database database = DatabaseFactory.Create(context);
object obj = database.ExecuteScalar(CommandType.Text, strSql);
ExceptionHelper.TrueThrow(obj == null, "系统中没有找到指定的根对象(“" + strRootOrg + "”)!");
strOrgGuid = obj.ToString();
}
else
{
strOrgGuid = OGUCommonDefine.DBValueToString(OGUReader.GetRootDSE().Tables[0].Rows[0]["GUID"]);
}
DataSet ds = OGUReader.QueryOGUByCondition2(strOrgGuid, SearchObjectColumn.SEARCH_GUID, strLikeName, true,
strAttr, iQueryType, ListObjectDelete.COMMON, 0, string.Empty, -1);
_XmlResult = InnerCommon.GetXmlDocAttr(ds.Tables[0], "OBJECTCLASS");
Debug.WriteLine(_XmlResult.OuterXml, "Result");
}
}
/// <summary>
/// 查询应用(app_id)中包含用户(UserID)的所有角色
/// </summary>
/// <param name="xmlDoc"></param>
/// <remarks>
/// <code>
/// <getAppDelegationRoles logonName="userLogonName" appID="app_id" appCodeName="app_code_name"></getAppDelegationRoles>
/// </code>
/// </remarks>
protected void GetAppDelegationRoles(XmlDocument xmlDoc)
{
string strLogonName = xmlDoc.DocumentElement.GetAttribute("logonName");
string strAppCodeName = xmlDoc.DocumentElement.GetAttribute("appCodeName");
DataSet ds = SecurityCheck.GetUserAllowDelegteRoles(strLogonName, strAppCodeName,
UserValueType.LogonName, RightMaskType.All);
_XmlResult = InnerCommon.GetXmlDoc(ds);
}
protected void Page_Load(object sender, System.EventArgs e)
{
string strXSDPath = Server.MapPath(Request.ApplicationPath) + @"/xsd/";
XmlDocument sqlXml = GetXMLDocument("GetDBSchema");
using (DbContext context = DbContext.GetContext(AccreditResource.ConnAlias))
{
string strSqlTable = sqlXml.DocumentElement.SelectSingleNode("QueryTable").InnerText;
string strSqlColumn = sqlXml.DocumentElement.SelectSingleNode("QueryColumns").InnerText;
DataSet dsTables = InnerCommon.ExecuteDataset(strSqlTable);
foreach (DataRow row in dsTables.Tables[0].Rows) //each table
{
if (row["opk_id"] is DBNull)
{
continue;
}
string strSql = "SELECT TOP 1 * FROM ["
+ TSqlBuilder.Instance.CheckQuotationMark(OGUCommonDefine.DBValueToString(row["name"]), false) + "]";
DataSet ds = InnerCommon.ExecuteDataset(strSql);
XmlDocument xmlDoc = XmlHelper.CreateDomDocument(ds.GetXmlSchema());
strSql = string.Format(strSqlColumn,
TSqlBuilder.Instance.CheckQuotationMark(OGUCommonDefine.DBValueToString(row["opk_id"]), true),
TSqlBuilder.Instance.CheckQuotationMark(OGUCommonDefine.DBValueToString(row["id"]), true));
DataSet tableInfo = InnerCommon.ExecuteDataset(strSql);
foreach (DataRow infoRow in tableInfo.Tables[0].Rows)
{
XmlElement elem = (XmlElement)InnerCommon.GetXSDColumnNode(xmlDoc, OGUCommonDefine.DBValueToString(infoRow["name"]));
elem.SetAttribute("size", OGUCommonDefine.DBValueToString(infoRow["prec"]));
elem.SetAttribute("caption", OGUCommonDefine.DBValueToString(infoRow["description"]));
elem.SetAttribute("allowNull", OGUCommonDefine.DBValueToString(infoRow["isnullable"]) == "0" ? "false" : "true");
elem.SetAttribute("isKey", infoRow["keyno"] is DBNull ? "false" : "true");
elem.SetAttribute("imeMode", OGUCommonDefine.DBValueToString(infoRow["type"]).ToUpper() == "NVARCHAR" ? "active" : "inactive");
}
XmlElement root = xmlDoc.DocumentElement;
while (root.FirstChild != null && root.GetAttribute("name") != "Table")
{
root = (XmlElement)root.FirstChild;
}
if (root.GetAttribute("name") == "Table")
{
root.SetAttribute("name", OGUCommonDefine.DBValueToString(row["name"]));
}
xmlDoc.Save(strXSDPath + OGUCommonDefine.DBValueToString(row["name"]) + ".xsd");
}
}
}
protected void Page_Load(object sender, System.EventArgs e)
{
// 在此处放置用户代码以初始化页面
string sortID = GetRequestData("sortID", "0").ToString();
string strSql = @"SELECT * FROM SYS_USER_LOGON WHERE ID = " + TSqlBuilder.Instance.CheckQuotationMark(sortID, true);
XmlDocument doc = InnerCommon.GetXmlDoc(InnerCommon.ExecuteDataset(strSql));
SetControlValue(doc.DocumentElement.FirstChild);
}
/// <summary>
/// 查询角色、功能或功能集合的信息
/// </summary>
/// <param name="xmlDoc"></param>
protected void GetObjInfo(XmlDocument xmlDoc)
{
XmlElement root = xmlDoc.DocumentElement;
string strTableName = root.GetAttribute("type");
string strID = root.GetAttribute("id");
string strSQL = "SELECT * FROM " + TSqlBuilder.Instance.CheckQuotationMark(strTableName, false)
+ " WHERE ID = " + TSqlBuilder.Instance.CheckQuotationMark(strID, true);
DataSet ds = InnerCommon.ExecuteDataset(strSQL);
_XmlResult = InnerCommon.GetXmlDoc(ds);
}
/// <summary>
/// 查询某应用下的所有服务范围
/// </summary>
private void DoQueryAppScope()
{
XmlElement root = _XmlRequest.DocumentElement;
string strAppID = root.GetAttribute("app_id");
string strSQL = "SELECT ID,APP_ID,NAME,CODE_NAME, EXPRESSION,DESCRIPTION,CLASSIFY,SORT_ID,INHERITED "
+ " FROM SCOPES "
+ " WHERE APP_ID = " + TSqlBuilder.Instance.CheckQuotationMark(strAppID, true)
+ " ORDER BY DESCRIPTION";
_XmlResult = InnerCommon.GetXmlDoc(InnerCommon.ExecuteDataset(strSQL));
}
private void DoQueryRoleToExp()
{
using (DbContext context = DbContext.GetContext(AppResource.ConnAlias))
{
XmlElement root = _XmlRequest.DocumentElement;
string strAppID = root.GetAttribute("app_id");
string strRoleID = root.GetAttribute("role_id");
//string strSQL = "SELECT ID, ROLE_ID, NAME, EXPRESSION, DESCRIPTION, SORT_ID, INHERITED, CLASSIFY "
// + " FROM EXPRESSIONS "
// + " WHERE ROLE_ID = " + TSqlBuilder.Instance.CheckQuotationMark(strRoleID)
// + " ORDER BY CLASSIFY DESC, DESCRIPTION, SORT_ID";
string strSQL = string.Format("SELECT CODE_NAME FROM APPLICATIONS WHERE ID = {0}; SELECT CODE_NAME FROM ROLES WHERE ID={1}",
TSqlBuilder.Instance.CheckQuotationMark(strAppID, true), TSqlBuilder.Instance.CheckQuotationMark(strRoleID, true));
DataSet ds = InnerCommon.ExecuteDataset(strSQL);
string strAppCodeName = string.Empty;
string strRoleCodeName = string.Empty;
if (ds.Tables[0].Rows.Count > 0)
{
strAppCodeName = ds.Tables[0].Rows[0]["CODE_NAME"].ToString();
}
if (ds.Tables[1].Rows.Count > 0)
{
strRoleCodeName = ds.Tables[1].Rows[0]["CODE_NAME"].ToString();
}
//如果不是总管理员,则得到机构管理范围
string strOrgRoot = string.Empty;
if (false == SecurityCheck.IsAdminUser(LogOnUserInfo.UserLogOnName))
{
ds = SecurityCheck.GetUserFunctionsScopes(LogOnUserInfo.UserLogOnName, strAppCodeName, "ADD_OBJECT_FUNC,DELETE_OBJECT_FUNC,MODIFY_OBJECT_FUNC");
for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
{
if (strOrgRoot == string.Empty)
{
strOrgRoot += ds.Tables[0].Rows[i]["DESCRIPTION"].ToString();
}
else
{
strOrgRoot += "," + ds.Tables[0].Rows[i]["DESCRIPTION"].ToString();
}
}
if (strOrgRoot == string.Empty)
{
strOrgRoot = "NoOrgRoot";
}
}
ds = SecurityCheck.GetChildrenInRoles(strOrgRoot, strAppCodeName, strRoleCodeName, false, false, false);
_XmlResult = InnerCommon.GetXmlDoc(ds);
}
}
/// <summary>
/// 查询某应用下某类型的所有角色
/// </summary>
private void DoQueryRole()
{
XmlElement root = _XmlRequest.DocumentElement;
string strAppID = root.GetAttribute("app_id");
string strClassify = root.GetAttribute("classify");
string strSQL = "SELECT ID,APP_ID,NAME,CODE_NAME,DESCRIPTION,CLASSIFY,SORT_ID,INHERITED,ALLOW_DELEGATE "
+ " FROM ROLES WHERE APP_ID = " + TSqlBuilder.Instance.CheckQuotationMark(strAppID, true)
+ " AND CLASSIFY = " + TSqlBuilder.Instance.CheckQuotationMark(strClassify, true)
+ " ORDER BY SORT_ID";
_XmlResult = InnerCommon.GetXmlDoc(InnerCommon.ExecuteDataset(strSQL));
}
/// <summary>
///
/// </summary>
private void GetSecretariesOfLeaders()
{
XmlElement root = _XmlRequest.DocumentElement;
string strLeaderGuid = root.GetAttribute("GUID");
string strAttrs = OGUCommonDefine.CombinateAttr(root.GetAttribute("extAttr"));
DataSet ds = OGUReader.GetSecretariesOfLeaders(strLeaderGuid,
SearchObjectColumn.SEARCH_GUID,
strAttrs,
(int)ListObjectDelete.COMMON);
_XmlResult = InnerCommon.GetXmlDocAttr(ds.Tables[0], "OBJECTCLASS");
}
private DataRow PrepareForInsert(DataRow oRow, out string strParent, out string strSelfAllPathName, out string strRootGuid, out string strInnerSort)
{
strParent = _RootAllPathName;
if (ContainsValue(0, "ALL_PATH_NAME") >= 0)
{
strSelfAllPathName = (string)oRow[_DataColumns[ContainsValue(0, "ALL_PATH_NAME")][2]];
strParent = strSelfAllPathName.Substring(0, strSelfAllPathName.LastIndexOf("\\"));
}
else
{
strSelfAllPathName = strParent + "\\" + (string)oRow[_DataColumns[ContainsValue(0, "OBJ_NAME")][2]];
}
//strRootGuid = (string)_RootHash[strParent];
// string strSql = @"
// UPDATE ORGANIZATIONS
// SET CHILDREN_COUNTER = CHILDREN_COUNTER + 1, MODIFY_TIME = GETDATE()
// WHERE GUID = {0} ;
//
// SELECT *
// FROM ORGANIZATIONS
// WHERE GUID = {0}";
//
// strSql = string.Format(strSql, TSqlBuilder.Instance.CheckQuotationMark(strRootGuid));
string strSql = @"
UPDATE ORGANIZATIONS
SET CHILDREN_COUNTER = CHILDREN_COUNTER + 1, MODIFY_TIME = GETDATE()
WHERE ALL_PATH_NAME = {0} ;
SELECT *
FROM ORGANIZATIONS
WHERE ALL_PATH_NAME = {0}" ;
strSql = string.Format(strSql, TSqlBuilder.Instance.CheckQuotationMark(strParent, true));
DataSet ds = InnerCommon.ExecuteDataset(strSql);
ExceptionHelper.TrueThrow(((ds == null) || (ds.Tables.Count == 0) || (ds.Tables[0].Rows.Count == 0)), "对不起,系统中没有找到部门对象" + strParent + "!");
DataRow row = ds.Tables[0].Rows[0];
string strChildCounter = OGUCommonDefine.DBValueToString(row["CHILDREN_COUNTER"]);
strInnerSort = AccreditResource.OriginalSortDefault.Substring(0, AccreditResource.OriginalSortDefault.Length - strChildCounter.Length) + strChildCounter;
strRootGuid = (string)_RootHash[strParent];
if (string.IsNullOrEmpty(strRootGuid))
{
_RootHash.Add(strParent, row["GUID"].ToString());
strRootGuid = (string)_RootHash[strParent];
}
return(row);
}
protected void Page_Load(object sender, System.EventArgs e)
{
// 在此处放置用户代码以初始化页面
Response.Cache.SetNoStore();
secFrm.Value = Request.QueryString["secFrm"];
string strSql = @"SELECT DISTINCT DISPLAYNAME
FROM APP_LOG_TYPE
WHERE VISIBLE = 'y'
AND CODE_NAME <> 'appall'
ORDER BY DISPLAYNAME" ;
HiddenXml.DocumentContent = InnerCommon.GetXmlDoc(InnerCommon.ExecuteDataset(strSql)).DocumentElement.OuterXml;
}
/// <summary>
/// 查询userID在应用的角色中存在的所有应用
/// </summary>
/// <param name="xmlDoc"></param>
/// <remarks>
/// <code>
/// <getDelegationApps logonName="userlogonname" idType="logonName" appID="application_id"></getDelegationApps>
/// </code>
/// </remarks>
protected void GetDelegationApplications(XmlDocument xmlDoc)
{
string strLogonName = xmlDoc.DocumentElement.GetAttribute("logonName");
DataSet ds = SecurityCheck.GetUserApplicationsForDelegation(strLogonName, UserValueType.LogonName, RightMaskType.All);
_XmlResult = InnerCommon.GetXmlDoc(ds);
ds = OGUReader.GetObjectsDetail("USERS", strLogonName, SearchObjectColumn.SEARCH_LOGON_NAME,
string.Empty, SearchObjectColumn.SEARCH_NULL);
string strDisplayName = ds.Tables[0].Rows[0]["DISPLAY_NAME"].ToString();
_XmlResult.DocumentElement.SetAttribute("displayName", strDisplayName);
}
protected void Page_Load(object sender, System.EventArgs e)
{
Response.Cache.SetNoStore();
string strParentGuid = (string)GetRequestData("parentGuid", string.Empty).ToString();
string strOPType = (string)GetRequestData("opType", string.Empty);
ExceptionHelper.TrueThrow(strOPType == string.Empty, "对不起,系统传输数据缺少“opType”!");
if (false == IsPostBack)
{
using (DbContext context = DbContext.GetContext(AccreditResource.ConnAlias))
{
InitPageObject();
switch (strOPType)
{
case "Update":
string strObjGuid = (string)GetRequestData("objGuid", string.Empty);
ExceptionHelper.TrueThrow(string.IsNullOrEmpty(strObjGuid), "对不起,系统传输数据缺少“objGuid”!");
DataSet ds = OGUReader.GetObjectsDetail("ORGANIZATIONS",
strObjGuid,
SearchObjectColumn.SEARCH_GUID,
strParentGuid,
SearchObjectColumn.SEARCH_GUID);
ExceptionHelper.TrueThrow((ds == null) || (ds.Tables.Count == 0) || (ds.Tables[0].Rows.Count == 0),
"对不起,系统中没有找到指定的对象!");
organizationData.Value = InnerCommon.GetXmlDoc(ds).OuterXml;
string strAllPathName = OGUCommonDefine.DBValueToString(ds.Tables[0].Rows[0]["ALL_PATH_NAME"]);
if (strAllPathName.LastIndexOf("\\") >= 0)
{
parentAllPathName.Value = strAllPathName.Substring(0, strAllPathName.LastIndexOf("\\"));
}
break;
case "Insert":
string strSql = "SELECT ALL_PATH_NAME FROM ORGANIZATIONS WHERE GUID = "
+ TSqlBuilder.Instance.CheckQuotationMark(strParentGuid, true);
parentAllPathName.Value = InnerCommon.ExecuteScalar(strSql).ToString();
break;
default: ExceptionHelper.TrueThrow(true, "对不起,系统传输数据“opType”不正确!");
break;
}
}
CheckPermission(strOPType);
}
}
/// <summary>
///
/// </summary>
private void GetObjectsDetail()
{
XmlElement root = _XmlRequest.DocumentElement;
string strValueType = root.GetAttribute("valueType");
SearchObjectColumn soc = OGUCommonDefine.GetSearchObjectColumn(strValueType);
string strValue = root.GetAttribute("oValues");
string strExtAttr = root.GetAttribute("extAttrs");
DataSet ds = OGUReader.GetObjectsDetail(string.Empty, strValue, soc, string.Empty, SearchObjectColumn.SEARCH_NULL, strExtAttr);
_XmlResult = InnerCommon.GetXmlDocAttr(ds.Tables[0], "OBJECTCLASS");
#if DEBUG
Debug.WriteLine(_XmlResult.OuterXml, "Result");
#endif
}
private void CheckAllPathNameInSystem(string strAllPathName)
{
string strSql = @"
SELECT * FROM ORGANIZATIONS WHERE ALL_PATH_NAME = {0};
SELECT * FROM GROUPS WHERE ALL_PATH_NAME = {0};
SELECT * FROM OU_USERS WHERE ALL_PATH_NAME = {0};" ;
strSql = string.Format(strSql, TSqlBuilder.Instance.CheckQuotationMark(strAllPathName, true));
DataSet ds = InnerCommon.ExecuteDataset(strSql);
foreach (DataTable table in ds.Tables)
{
ExceptionHelper.TrueThrow(table.Rows.Count > 0,
"对不起,系统中已经存在您命名的对象"" + strAllPathName + ""!\n\n请修改"对象名称"后再保存!");
}
}
protected void Page_Load(object sender, System.EventArgs e)
{
// 在此处放置用户代码以初始化页面
string sortID = GetRequestData("sortID", "0").ToString();
string strSql = @"SELECT UOL.*, ALT.DISPLAYNAME AS APP_DISPLAYNAME, AOT.DISPLAYNAME AS OP_DISPLAYNAME
FROM USER_OPEATION_LOG UOL, APP_LOG_TYPE ALT, APP_OPERATION_TYPE AOT
WHERE ALT.GUID = AOT.APP_GUID
AND UOL.APP_GUID = ALT.GUID
AND UOL.OP_GUID = AOT.GUID
AND UOL.ID = " + TSqlBuilder.Instance.CheckQuotationMark(sortID, true);
XmlDocument doc = InnerCommon.GetXmlDoc(InnerCommon.ExecuteDataset(strSql));
SetControlValue(doc.DocumentElement.FirstChild);
}
private bool CheckXsdExist(string strColumnName, string strObjClass)
{
XmlDocument xsdDoc;
bool bResult = false;
switch (strObjClass)
{
case "ORGANIZATIONS":
case "GROUPS":
case "USERS":
case "OU_USERS":
xsdDoc = GetXSDDocument(strObjClass);
bResult = InnerCommon.GetXSDColumnNode(xsdDoc, strColumnName) != null;
break;
}
return(bResult);
}
/// <summary>
/// 查询某应用下某种类型的所有功能
/// </summary>
private void DoQueryFunction()
{
XmlElement root = _XmlRequest.DocumentElement;
string strAppID = root.GetAttribute("app_id");
string strClassify = root.GetAttribute("classify");
string strFuncSetID = root.GetAttribute("parent_id");
string strSQL = string.Empty;
if (strFuncSetID == string.Empty)
{
strSQL = "SELECT ID,APP_ID,NAME,CODE_NAME,DESCRIPTION,SORT_ID,CHILDREN_COUNT,RESOURCE_LEVEL,LOWEST_SET,INHERITED,CLASSIFY,1 AS TYPE "
+ " FROM FUNCTION_SETS "
+ " WHERE APP_ID = " + TSqlBuilder.Instance.CheckQuotationMark(strAppID, true)
+ " AND CLASSIFY = " + TSqlBuilder.Instance.CheckQuotationMark(strClassify, true)
+ " AND LEN(RESOURCE_LEVEL) = 3";
strSQL += " union all SELECT ID,APP_ID,NAME,CODE_NAME,DESCRIPTION,SORT_ID,0 AS CHILDREN_COUNT,'' AS RESOURCE_LEVEL,'' "
+ "AS LOWEST_SET,INHERITED,CLASSIFY,0 AS TYPE"
+ " FROM FUNCTIONS "
+ " WHERE APP_ID = " + TSqlBuilder.Instance.CheckQuotationMark(strAppID, true)
+ " AND CLASSIFY = " + TSqlBuilder.Instance.CheckQuotationMark(strClassify, true)
+ " AND ID NOT IN (SELECT FUNC_ID AS ID FROM FUNC_SET_TO_FUNCS)"
+ " ORDER BY TYPE DESC, SORT_ID";
}
else
{
strSQL = "SELECT ID,APP_ID,NAME,CODE_NAME,DESCRIPTION,SORT_ID,CHILDREN_COUNT,RESOURCE_LEVEL,LOWEST_SET,INHERITED,CLASSIFY,1 AS TYPE "
+ " FROM FUNCTION_SETS "
+ " WHERE APP_ID = " + TSqlBuilder.Instance.CheckQuotationMark(strAppID, true)
+ " AND CLASSIFY = " + TSqlBuilder.Instance.CheckQuotationMark(strClassify, true)
+ " AND LEN(RESOURCE_LEVEL) = LEN((SELECT RESOURCE_LEVEL FROM FUNCTION_SETS WHERE ID = "
+ TSqlBuilder.Instance.CheckQuotationMark(strFuncSetID, true) + ")) + 3"
+ " AND RESOURCE_LEVEL LIKE (SELECT RESOURCE_LEVEL FROM FUNCTION_SETS WHERE ID = "
+ TSqlBuilder.Instance.CheckQuotationMark(strFuncSetID, true) + ") + '%'";
strSQL += " union all SELECT ID,APP_ID,NAME,CODE_NAME,DESCRIPTION,SORT_ID,0 AS CHILDREN_COUNT,'' AS RESOURCE_LEVEL,'' AS LOWEST_SET,INHERITED,CLASSIFY,0 AS TYPE "
+ " FROM FUNCTIONS "
+ " WHERE APP_ID = " + TSqlBuilder.Instance.CheckQuotationMark(strAppID, true)
+ " AND CLASSIFY = " + TSqlBuilder.Instance.CheckQuotationMark(strClassify, true)
+ " AND ID IN (SELECT FUNC_ID AS ID FROM FUNC_SET_TO_FUNCS WHERE FUNC_SET_ID = " + TSqlBuilder.Instance.CheckQuotationMark(strFuncSetID, true) + ")"
+ " ORDER BY SORT_ID;";
}
_XmlResult = InnerCommon.GetXmlDoc(InnerCommon.ExecuteDataset(strSQL));
}
/// <summary>
/// 根据查询条件查询系统中符合条件的所有对象
/// </summary>
private void QueryObjForOGUInput()
{
XmlElement root = (XmlElement)_XmlRequest.DocumentElement.FirstChild;
string strLikeName = root.GetAttribute("likeName");
ExceptionHelper.TrueThrow(strLikeName.Length == 0, "对不起,查询条件不能为空!");
int iListType = 0;
string strQueryObjMask = root.GetAttribute("queryObjMask");
if (strQueryObjMask.Length == 0)
{
iListType = (int)ListObjectType.USERS;
}
else
{
iListType = int.Parse(strQueryObjMask);
}
string strRootOrg = root.GetAttribute("rootOrg");
if (strRootOrg.Length == 0)
{
strRootOrg = AccreditSection.GetConfig().AccreditSettings.OguRootName;
}
string strOrgAccessLevel = root.GetAttribute("orgAccessLevel");
string strUserAccesslevel = root.GetAttribute("userAccessLevel");
string strAttr = root.GetAttribute("extAttr");
DataSet ds = OGUReader.QueryOGUByCondition(strRootOrg,
SearchObjectColumn.SEARCH_ALL_PATH_NAME,
strLikeName,
false,
strOrgAccessLevel,
strUserAccesslevel,
strAttr,
iListType);
_XmlResult = InnerCommon.GetXmlDocAttr(ds.Tables[0], "OBJECTCLASS");
Debug.WriteLine(_XmlResult.OuterXml, "Result");
}
private void UpdateObjects(string strOrgGuid)
{
string strObjGuid = (string)GetRequestData("objGuid", string.Empty);
DataSet ds = OGUReader.GetObjectsDetail("USERS",
strObjGuid,
SearchObjectColumn.SEARCH_USER_GUID,
strOrgGuid,
SearchObjectColumn.SEARCH_GUID);
ExceptionHelper.TrueThrow((ds == null) || (ds.Tables.Count == 0) || (ds.Tables[0].Rows.Count == 0),
"对不起,系统中没有找到指定的对象!");
userData.Value = InnerCommon.GetXmlDoc(ds).OuterXml;
string strAllPathName = OGUCommonDefine.DBValueToString(ds.Tables[0].Rows[0]["ALL_PATH_NAME"]);
if (strAllPathName.LastIndexOf("\\") >= 0)
{
parentAllPathName.Value = strAllPathName.Substring(0, strAllPathName.LastIndexOf("\\"));
}
}
private void DoQueryFuncSetToRole()
{
XmlElement root = _XmlRequest.DocumentElement;
string strAppID = root.GetAttribute("app_id");
string strFuncSetID = root.GetAttribute("func_set_id");
string strSQL = @"SELECT FUNC_ID INTO #FUNC_IDS
FROM FUNC_SET_TO_FUNCS
WHERE FUNC_SET_ID IN(
SELECT ID FROM FUNCTION_SETS
WHERE APP_ID = {0}
AND RESOURCE_LEVEL LIKE (SELECT RESOURCE_LEVEL FROM FUNCTION_SETS WHERE ID = {1} ) + '%'
AND CLASSIFY = (SELECT CLASSIFY FROM FUNCTION_SETS WHERE ID = {1}));
SELECT ID INTO #ROLE_IDS
FROM ROLES
WHERE APP_ID = {0}
AND (SELECT COUNT(DISTINCT FUNC_ID) FROM ROLE_TO_FUNCTIONS WHERE ROLE_TO_FUNCTIONS.ROLE_ID = ROLES.ID AND FUNC_ID IN (SELECT * FROM #FUNC_IDS)) = (SELECT COUNT(*) FROM #FUNC_IDS)
AND (SELECT COUNT(*) FROM #FUNC_IDS) > 0;
SELECT ID,APP_ID,NAME,CODE_NAME,DESCRIPTION,CLASSIFY,SORT_ID,INHERITED,ALLOW_DELEGATE, {1} AS FUNC_ID FROM ROLES
WHERE ID IN (SELECT * FROM #ROLE_IDS)
AND APP_ID = {0}
AND CLASSIFY = ( SELECT CLASSIFY FROM FUNCTION_SETS WHERE ID = {1} )
UNION ALL
SELECT ID,APP_ID,NAME,CODE_NAME,DESCRIPTION,CLASSIFY,SORT_ID,INHERITED,ALLOW_DELEGATE,'' AS FUNC_ID FROM ROLES
WHERE ID NOT IN (SELECT * FROM #ROLE_IDS)
AND APP_ID = {0}
AND CLASSIFY = ( SELECT CLASSIFY FROM FUNCTION_SETS WHERE ID = {1} )
ORDER BY SORT_ID;
SELECT * FROM FUNCTIONS WHERE ID IN (SELECT * FROM #FUNC_IDS)" ;
strSQL = string.Format(strSQL, TSqlBuilder.Instance.CheckQuotationMark(strAppID, true), TSqlBuilder.Instance.CheckQuotationMark(strFuncSetID, true));
#if DEBUG
Debug.Write(strSQL.ToString());
#endif
_XmlResult = InnerCommon.GetXmlDoc(InnerCommon.ExecuteDataset(strSQL));
}
