コード例 #1
0
ファイル: PermissionManager.cs プロジェクト: scaperow/-V2.0
        public PermissionCollection InitPermissions(String RoleIndex)
        {
            PermissionCollection permissionCollection = new PermissionCollection();

            if (string.IsNullOrEmpty(RoleIndex))
            {
                return(permissionCollection);
            }

            StringBuilder Sql_Select = new StringBuilder();

            //增加查询条件  Scdel=0  2013-10-17
            Sql_Select.Append("Select Permissions from sys_auth_Roles where Scdel=0 and ID='");
            Sql_Select.Append(RoleIndex);
            Sql_Select.Append("'");

            String Permissions = ExcuteScalar(Sql_Select.ToString()) as String;

            if (Permissions != null)
            {
                String[] Permission = Permissions.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
                permissionCollection = InitPermissions(Permission);
            }

            return(permissionCollection);
        }
コード例 #2
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="applicationId"></param>
        /// <param name="roleCode"></param>
        /// <returns></returns>
        public PermissionCollection GetRolePermissions(int applicationId, int roleID)
        {
            try
            {
                PermissionCollection collection = new PermissionCollection();

                // create sql param
                SqlParameter prmApplicationID = new SqlParameter("@ApplicationID", SqlDbType.Int, 4);
                prmApplicationID.Direction = ParameterDirection.Input;
                prmApplicationID.Value     = applicationId;

                SqlParameter prmRoleID = new SqlParameter("@RoleID", SqlDbType.Int, 4);
                prmRoleID.Direction = ParameterDirection.Input;
                prmRoleID.Value     = roleID;

                using (IDataReader dr = Database.ExecuteReader("UspGetRolePermissions", CommandType.StoredProcedure, prmApplicationID, prmRoleID))
                {
                    while (dr.Read())
                    {
                        Permission permission = Populate(dr);
                        collection.Add(permission);
                    }
                }

                return(collection);
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }
コード例 #3
0
        /// <summary>
        /// Checks the PermissionCollection class to determine if the
        /// indicated operation is allowed for the person identified by
        /// their ID number.
        /// </summary>
        /// <param name="permissions">The collection of permissions to check. These should be object permissions.</param>
        /// <param name="personID">The ID number of the user whose security access we are checking.</param>
        /// <param name="operation">The type of access the user needs to proceed.</param>
        /// <returns>true/false indicating if the operation is allowed.</returns>
        static public bool PermissionsOperationAllowed(PermissionCollection permissions, int personID, OperationType operation)
        {
            RoleCollection roles;
            int            i;

            //
            // Check if the person has direct permission.
            //
            if (permissions.ContainsSubjectOperation(SubjectType.Person, personID, operation) == true)
            {
                return(true);
            }

            //
            // Now check all roles for the given person.
            //
            roles = new RoleCollection(DefaultOrganizationID(), personID);
            for (i = 0; i < roles.Count; i++)
            {
                if (permissions.ContainsSubjectOperation(SubjectType.Role, roles[i].RoleID, operation) == true)
                {
                    return(true);
                }
            }

            return(false);
        }
コード例 #4
0
        /// <summary>
        /// Convert a ProtectionDomain to a String.
        /// </summary>
        public override String ToString()
        {
            String pals = "<no principals>";

            if (Principals_Renamed != null && Principals_Renamed.Length > 0)
            {
                StringBuilder palBuf = new StringBuilder("(principals ");

                for (int i = 0; i < Principals_Renamed.Length; i++)
                {
//JAVA TO C# CONVERTER WARNING: The .NET Type.FullName property will not always yield results identical to the Java Class.getName method:
                    palBuf.Append(Principals_Renamed[i].GetType().FullName + " \"" + Principals_Renamed[i].Name + "\"");
                    if (i < Principals_Renamed.Length - 1)
                    {
                        palBuf.Append(",\n");
                    }
                    else
                    {
                        palBuf.Append(")\n");
                    }
                }
                pals = palBuf.ToString();
            }

            // Check if policy is set; we don't want to load
            // the policy prematurely here
            PermissionCollection pc = Policy.Set && SeeAllp() ? MergePermissions(): Permissions;

            return("ProtectionDomain " + " " + Codesource + "\n" + " " + Classloader + "\n" + " " + pals + "\n" + " " + pc + "\n");
        }
コード例 #5
0
        public static PermissionCollection GetPermissions(this SecurableObject secObj)
        {
            Type   secType = secObj.GetType();
            string name    = secType.Name.Equals("ListItem") ? "DisplayName" : "Title";

            secObj.Context.Load(secObj, s => s.HasUniqueRoleAssignments, s => s.RoleAssignments);
            try
            {
                secObj.Context.ExecuteQuery();
            }
            catch (ServerException)
            {
                return(null);
            }

            bool?check = secObj.IsPropertyAvailable("HasUniqueRoleAssignments")
                   ? (bool?)secObj.HasUniqueRoleAssignments
                   : null;

            if (!check.HasValue)
            {
                return(null);
            }

            //if (!(secObj is Web))
            //{
            //    MethodInfo genMeth = typeof(ClientObjectExtensions)
            //        .GetMethod("GetClientObjectExpression", BindingFlags.Static | BindingFlags.NonPublic)
            //            .MakeGenericMethod(secType);

            //    object nameExpression = genMeth.Invoke(null, new object[]
            //    {
            //        secObj, name
            //    });
            //    object idExpression = genMeth.Invoke(null, new object[]
            //    {
            //        secObj, "Id"
            //    });

            //    MethodInfo genLoad = typeof(ClientObjectExtensions)
            //        .GetMethod("SpecialLoad", BindingFlags.NonPublic | BindingFlags.Static)
            //            .MakeGenericMethod(secType);

            //    genLoad.Invoke(secObj, new object[]
            //    {
            //        secObj, nameExpression
            //    });
            //    genLoad.Invoke(secObj, new object[]
            //    {
            //        secObj, idExpression
            //    });
            //    secObj.Context.ExecuteQuery();
            //}
            PermissionCollection permissions = PermissionCollection.ResolvePermissions(secObj);

            //ValueTuple<string, object> tuple = GetNameAndIdValue(secObj, name);
            return(permissions);
        }
コード例 #6
0
        public static void CreateOrUpgrade()
        {
            using (ConnectorBase conn = ConnectorBase.NewInstance())
            {
                conn.BeginTransaction();

                foreach (TableSchema schema in Schemas)
                {
                    if (!conn.CheckIfTableExists(schema.SchemaName))
                    {
                        try { new Query(schema).CreateTable().Execute(conn); }
                        catch { }
                        try
                        {
                            if (schema.Indexes.Count > 0 || schema.ForeignKeys.Count > 0)
                            {
                                conn.ExecuteScript(new Query(schema).CreateIndexes().ToString());
                            }
                        }
                        catch { }
                    }
                    else
                    {
                        foreach (TableSchema.Column col in schema.Columns)
                        {
                            try { new Query(schema).AddColumn(col).Execute(conn); }
                            catch { }
                            try { new Query(schema).ChangeColumn(col).Execute(conn); }
                            catch { }
                        }
                        foreach (TableSchema.Index idx in schema.Indexes)
                        {
                            try { new Query(schema).CreateIndex(idx).Execute(conn); }
                            catch { }
                        }
                        foreach (TableSchema.ForeignKey key in schema.ForeignKeys)
                        {
                            try { new Query(schema).CreateForeignKey(key).Execute(conn); }
                            catch { }
                        }
                    }
                }

                foreach (string key in Permissions.SystemPermissionKeys)
                {
                    try
                    {
                        if (PermissionCollection.Where(Permission.Columns.Key, key).Count == 0)
                        {
                            new Permission(key).Save(conn);
                        }
                    }
                    catch { }
                }
                conn.CommitTransaction();
            }
        }
コード例 #7
0
ファイル: PermissionService.cs プロジェクト: 842549829/Pool
        private static IEnumerable <Menu> getCompanyPermissions(Guid company, UserRole userRole, Website website)
        {
            var repository          = Factory.CreatePermissionRepository();
            var userRolePermitMenus = repository.QueryPermitMenusOfUserRole(userRole, website);
            var allowableMenus      = repository.QueryCompanyPermitMenus(company, website, PermissionType.Allowable);
            var forbiddenMenus      = repository.QueryCompanyPermitMenus(company, website, PermissionType.Forbidden);
            var permitMenus         = PermissionCollection.Union(userRolePermitMenus, allowableMenus);

            return(PermissionCollection.Subtract(permitMenus, forbiddenMenus));
        }
コード例 #8
0
ファイル: PermissionService.cs プロジェクト: 842549829/Pool
        private static PermissionCollection QueryPermissionOfCommonUser(Guid company, UserRole userRole, Guid user, Website website)
        {
            var repository          = Factory.CreatePermissionRepository();
            var userPermissionRoles = repository.QueryPermissionRolesOfUser(user, website);
            var userPermissions     = PermissionCollection.Union(userPermissionRoles);
            var companyPermissions  = getCompanyPermissions(company, userRole, website);
            var finalPermissions    = PermissionCollection.Intersact(userPermissions, companyPermissions);

            return(new PermissionCollection(finalPermissions));
        }
コード例 #9
0
        /// <summary>
        /// Determines if the personID has access to perform the
        /// indicated operation on the person field in question.
        /// </summary>
        /// <param name="personID">The ID number of the person whose security access we are checking.</param>
        /// <param name="field">The ID number of the PersonField that the user wants access to.</param>
        /// <param name="operation">The type of access the user needs to proceed.</param>
        /// <returns>true/false indicating if the operation is allowed.</returns>
        static public bool PersonFieldOperationAllowed(int personID, int field, OperationType operation)
        {
            PermissionCollection permissions;

            //
            // Load the permissions.
            //
            permissions = new PermissionCollection(ObjectType.PersonField, field);

            return(PermissionsOperationAllowed(permissions, personID, operation));
        }
コード例 #10
0
        /// <summary>
        /// Determines if the personID has access to perform the
        /// indicated operation on the profile in question.
        /// </summary>
        /// <param name="personID">The ID number of the person whose security access we are checking.</param>
        /// <param name="profileID">The ID number of the profile the user wants access to.</param>
        /// <param name="operation">The type of access the user needs to proceed.</param>
        /// <returns>true/false indicating if the operation is allowed.</returns>
        static public bool ProfileOperationAllowed(int personID, int profileID, OperationType operation)
        {
            PermissionCollection permissions;

            //
            // Load the permissions.
            //
            permissions = new PermissionCollection(ObjectType.Tag, profileID);

            return(PermissionsOperationAllowed(permissions, personID, operation));
        }
コード例 #11
0
        /// <summary>
        /// Determines if the personID has access to perform the indicated operation
        /// on the small group cluster in question.
        /// </summary>
        /// <param name="personID">The ID number of the person whose security access we are checkin.</param>
        /// <param name="clusterID">The ID number of the profile the user wants access to.</param>
        /// <param name="operation">The type of access the user needs to proceed.</param>
        /// <returns>true/false indicating if the operation is allowed.</returns>
        static public bool GroupClusterOperationAllowed(int personID, int clusterID, OperationType operation)
        {
            PermissionCollection permissions;

            //
            // Load the permissions.
            //
            permissions = new PermissionCollection(ObjectType.Group_Cluster, clusterID);

            return(PermissionsOperationAllowed(permissions, personID, operation));
        }
コード例 #12
0
        /// <summary>
        /// 
        /// </summary>
        /// <param name="argument"></param>
        public override void Execute(string argument)
        {
            string[] args = argument.Split(new char[] { ' ' }, StringSplitOptions.RemoveEmptyEntries);

            ExceptionHelper.FalseThrow(args.Length > 1, "查询人员的角色对应的权限必须提供应用的CodeName和角色的CodeName");

            IApplication app = AppAdminMechanism.Instance.GetAllApplications().Find(a => a.CodeName == args[0]);

            (app != null).FalseThrow("不能找到CodeName为{0}的应用", args[0]);

            PermissionCollection permissions = AppAdminMechanism.Instance.GetRolesPermissions(app, args[1]);

            permissions.ForEach(permission => OutputHelper.OutputPermissionInfo(permission));
        }
コード例 #13
0
 internal override void Detach()
 {
     base.Detach();
     if (!base.DeepDetached)
     {
         PermissionCollection permissions = base.Document.Permissions;
         Permission           permission  = permissions.FindById(this.Id);
         if (permission != null)
         {
             permission.method_0(null);
             permissions.Remove(permission);
         }
     }
 }
コード例 #14
0
ファイル: Permission.cs プロジェクト: dekkerb115/Bam.Net
 public ActionResult Save(Bam.Net.UserAccounts.Data.Permission[] values)
 {
     try
     {
         PermissionCollection saver = new PermissionCollection();
         saver.AddRange(values);
         saver.Save();
         return(Json(new { Success = true, Message = "", Dao = "" }));
     }
     catch (Exception ex)
     {
         return(GetErrorResult(ex));
     }
 }
コード例 #15
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="iResourceID"></param>
        /// <param name="strUserName"></param>
        /// <param name="strRoleCode"></param>
        /// <returns></returns>
        public PermissionCollection GetPermissionOnResourceByUserRole(int iResourceID, string strUserName, string strRoleCode, bool bIsAllowed)
        {
            try
            {
                PermissionCollection collection = new PermissionCollection();

                // create sql param
                SqlParameter prmResourceID = new SqlParameter("@ResourceID", SqlDbType.Int, 4);
                prmResourceID.Direction = ParameterDirection.Input;
                prmResourceID.Value     = iResourceID;

                SqlParameter prmUserName = new SqlParameter("@UserName", SqlDbType.VarChar, 50);
                prmUserName.Direction = ParameterDirection.Input;
                prmUserName.Value     = strUserName;
                if (string.IsNullOrEmpty(strUserName))
                {
                    prmUserName.Value = DBNull.Value;
                }


                SqlParameter prmRoleCode = new SqlParameter("@RoleCode", SqlDbType.VarChar, 50);
                prmRoleCode.Direction = ParameterDirection.Input;
                prmRoleCode.Value     = strRoleCode;

                SqlParameter prmIsAllowed = new SqlParameter("@IsAllowed", SqlDbType.Bit);
                prmIsAllowed.Direction = ParameterDirection.Input;
                prmIsAllowed.Value     = bIsAllowed;

                if (string.IsNullOrEmpty(strRoleCode))
                {
                    prmRoleCode.Value = DBNull.Value;
                }

                using (IDataReader dr = Database.ExecuteReader("UspGetPermissionOnResourceByUserRole", CommandType.StoredProcedure
                                                               , prmResourceID, prmUserName, prmRoleCode, prmIsAllowed))
                {
                    while (dr.Read())
                    {
                        Permission permission = Populate(dr);
                        collection.Add(permission);
                    }
                }
                return(collection);
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }
コード例 #16
0
ファイル: AssignForm.cs プロジェクト: luiesszhang/Role
 private void comboBox1_SelectedIndexChanged(object sender, EventArgs e)
 {
     if (comboBox1.SelectedIndex > -1)
     {
         User user = comboBox1.SelectedItem as User;
         if (user != null)
         {
             listBox1.Items.Clear();
             PermissionCollection ps = user.GetAllPermissionsByUser();
             foreach (Permission per in ps)
             {
                 listBox1.Items.Add(per);
             }
             label5.Text = "查看权限(" + ps.Count + ")";
         }
     }
 }
コード例 #17
0
ファイル: User.cs プロジェクト: mshivjiani/HCMS
        public bool HasPermission(enumPermission permissionEnumID)
        {
            bool permissionOK = false;

            if (base.ValidateKeyField(this._userID))
            {
                try
                {
                    PermissionCollection permissions = this.GetPermissions();
                    permissionOK = permissions.Contains((int)permissionEnumID);
                }
                catch (Exception ex)
                {
                    HandleException(ex);
                }
            }

            return(permissionOK);
        }
コード例 #18
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="applicationId"></param>
        /// <param name="operationCode"></param>
        /// <param name="username"></param>
        /// <returns></returns>
        public bool CheckRolePermission(int resourceId, int operationCode, int roleID)
        {
            try
            {
                PermissionCollection collection = new PermissionCollection();

                // create sql param
                SqlParameter prmResourceID = new SqlParameter("@ResourceID", SqlDbType.Int, 4);
                prmResourceID.Direction = ParameterDirection.Input;
                prmResourceID.Value     = resourceId;

                SqlParameter prmOperationCode = new SqlParameter("@OperationCode", SqlDbType.Int, 4);
                prmOperationCode.Direction = ParameterDirection.Input;
                prmOperationCode.Value     = operationCode;

                SqlParameter prmObjectName = new SqlParameter("@ObjectName", SqlDbType.VarChar, 128);
                prmObjectName.Direction = ParameterDirection.Input;
                prmObjectName.Value     = roleID.ToString();

                SqlParameter prmObjectType = new SqlParameter("@ObjectType", SqlDbType.Int, 4);
                prmObjectType.Direction = ParameterDirection.Input;
                prmObjectType.Value     = 1; // roleID

                SqlParameter prmAllow = new SqlParameter("@Allow", SqlDbType.Bit, 1);
                prmAllow.Direction = ParameterDirection.Output;

                Database.ExecuteNonQuery("UspCheckPermission", CommandType.StoredProcedure
                                         , prmResourceID
                                         , prmOperationCode
                                         , prmObjectName
                                         , prmObjectType
                                         , prmAllow);

                bool isAllow = bool.Parse(prmAllow.Value.ToString());

                return(isAllow);
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }
コード例 #19
0
        internal static PermissionCollection GetCollection(DataTable dataItems)
        {
            PermissionCollection listCollection = new PermissionCollection();
            Permission           current        = null;

            if (dataItems != null)
            {
                for (int i = 0; i < dataItems.Rows.Count; i++)
                {
                    current = new Permission(dataItems.Rows[i]);
                    listCollection.Add(current);
                }
            }
            else
            {
                throw new Exception("You cannot create a Permission collection from a null data table.");
            }

            return(listCollection);
        }
コード例 #20
0
 /// <summary>
 /// Creates a new ProtectionDomain qualified by the given CodeSource,
 /// Permissions, ClassLoader and array of Principals. If the
 /// permissions object is not null, then {@code setReadOnly()}
 /// will be called on the passed in Permissions object.
 /// The permissions granted to this domain are dynamic; they include
 /// both the static permissions passed to this constructor, and any
 /// permissions granted to this domain by the current Policy at the
 /// time a permission is checked.
 /// <para>
 /// This constructor is typically used by
 /// <seealso cref="SecureClassLoader ClassLoaders"/>
 /// and <seealso cref="DomainCombiner DomainCombiners"/> which delegate to
 /// {@code Policy} to actively associate the permissions granted to
 /// this domain. This constructor affords the
 /// Policy provider the opportunity to augment the supplied
 /// PermissionCollection to reflect policy changes.
 /// </para>
 /// <para>
 ///
 /// </para>
 /// </summary>
 /// <param name="codesource"> the CodeSource associated with this domain </param>
 /// <param name="permissions"> the permissions granted to this domain </param>
 /// <param name="classloader"> the ClassLoader associated with this domain </param>
 /// <param name="principals"> the array of Principals associated with this
 /// domain. The contents of the array are copied to protect against
 /// subsequent modification. </param>
 /// <seealso cref= Policy#refresh </seealso>
 /// <seealso cref= Policy#getPermissions(ProtectionDomain)
 /// @since 1.4 </seealso>
 public ProtectionDomain(CodeSource codesource, PermissionCollection permissions, ClassLoader classloader, Principal[] principals)
 {
     if (!InstanceFieldsInitialized)
     {
         InitializeInstanceFields();
         InstanceFieldsInitialized = true;
     }
     this.Codesource = codesource;
     if (permissions != null)
     {
         this.Permissions_Renamed = permissions;
         this.Permissions_Renamed.SetReadOnly();
         if (permissions is Permissions && ((Permissions)permissions).AllPermission != null)
         {
             HasAllPerm = true;
         }
     }
     this.Classloader        = classloader;
     this.Principals_Renamed = (principals != null ? principals.clone(): new Principal[0]);
     StaticPermissions       = false;
 }
コード例 #21
0
ファイル: User.cs プロジェクト: mshivjiani/HCMS
        public PermissionCollection GetPermissions()
        {
            PermissionCollection childDataCollection = null;

            if (base.ValidateKeyField(this._userID))
            {
                try
                {
                    DataTable dt = ExecuteDataTable("spr_GetPermissionsByUserID", this._userID);

                    // fill collection list
                    childDataCollection = Permission.GetCollection(dt);
                }
                catch (Exception ex)
                {
                    HandleException(ex);
                }
            }

            return(childDataCollection);
        }
コード例 #22
0
        private void comboBox8_SelectedIndexChanged(object sender, EventArgs e)
        {
            KellPermission.User user = users[comboBox8.SelectedIndex];
            textBox1.Text = user.UserName;
            textBox2.Text = user.Password;
            textBox3.Text = user.Description;
            foreach (KellPermission.Department d in deps)
            {
                if (user.Departments.Contains(d))
                {
                    comboBox1.SelectedItem = d.Name;
                    break;
                }
            }
            bool have = false;

            foreach (KellPermission.Project p in prjs)
            {
                if (user.Projects.Contains(p))
                {
                    comboBox2.SelectedItem = p.Name;
                    have = true;
                    break;
                }
            }
            if (!have)
            {
                comboBox2.SelectedIndex = 0;
            }
            label14.Text = string.Format("用户[{0}]具有的权限:", user.UserName);
            listBox1.Items.Clear();
            PermissionCollection ps = user.GetAllPermissions();

            foreach (Permission p in ps)
            {
                listBox1.Items.Add(p);
            }
            selectUser = comboBox8.SelectedIndex;
        }
コード例 #23
0
        public static PermissionCollection GetEffectivePermissions(
            string userName,
            string password,
            string domain)
        {
            PermissionCollection effectivePermissions = null;

            try
            {
                AuthenticationInformation authInfo = AuthenticationManager.Authenticate(userName, password, domain);
                effectivePermissions = new PermissionCollection(authInfo.PermissionCollection);
            }
            catch
            {
            }

            if (effectivePermissions == null)
            {
                effectivePermissions = new PermissionCollection();
            }

            return effectivePermissions;
        }
コード例 #24
0
ファイル: AuthManager.cs プロジェクト: scaperow/-V2.0
        public static IAuthPolicy GetTreeAuth(String TreeID, PermissionCollection Permissions)
        {
            List <RecordListElement> RecordListElements = new List <RecordListElement>();

            foreach (Permission permission in Permissions)
            {
                if (permission is RecordsPermission)
                {
                    RecordsPermission records = permission as RecordsPermission;
                    if (records.Caption == TreeID)
                    {
                        foreach (RecordListElement Element in records.RecordPermissionList)
                        {
                            if (!RecordListElements.Contains(Element))
                            {
                                RecordListElements.Add(Element);
                            }
                        }
                    }
                }
            }

            return(new AuthPolicy(RecordListElements));
        }
コード例 #25
0
ファイル: RestApi.cs プロジェクト: secc/arena-secc-webservice
        /// <summary>
        /// Determines if the personID has access to perform the
        /// indicated operation on the person field in question.
        /// </summary>
        /// <param name="personID">The ID number of the person whose security access we are checking.</param>
        /// <param name="field">The ID number of the PersonField that the user wants access to.</param>
        /// <param name="operation">The type of access the user needs to proceed.</param>
        /// <returns>true/false indicating if the operation is allowed.</returns>
        public static bool PersonFieldOperationAllowed(int personID, int field, OperationType operation)
        {
            PermissionCollection permissions;

            //
            // Load the permissions.
            //
            permissions = new PermissionCollection(ObjectType.PersonField, field);

            return PermissionsOperationAllowed(permissions, personID, operation);
        }
コード例 #26
0
ファイル: RoleController.cs プロジェクト: gowhy/MicroWish
        private RoleModel CreateRoleModel(Role role,PermissionCollection permissions)
        {
            var model = role==null?new RoleModel(): new RoleModel
                            {
                                ID = role.ID,
                                Name = role.Name,
                                IsEffect = role.IsEffect
                            };

            IDictionary<string, RoleModuleModel> modules = new Dictionary<string, RoleModuleModel>();

            foreach (var node in SecurityManager.Instance.Nodes)
            {
                var v = node.Value;
                if (!modules.ContainsKey(v.ModuleKey))
                {
                    modules.Add(v.ModuleKey, new RoleModuleModel { Name = v.Module, Value = v.ModuleKey,IsSelect = permissions.HasModule(v)});
                }

                modules[v.ModuleKey].RoleNodes.Add(new RoleNodeModel()
                {
                    IsDisable = false,
                    IsSelect = !modules[v.ModuleKey].IsSelect && permissions.HasNode(v),
                    Name = v.Name,
                    Value = v.NodeKey
                });
            }

            model.Modules = modules.Values.ToList();

            return model;
        }
コード例 #27
0
ファイル: UserGroup.cs プロジェクト: realzhaorong/vocadb
		public UserGroup(UserGroupId id, PermissionCollection permissions) {
			this.Id = id;
			this.Permissions = permissions;
		}
コード例 #28
0
ファイル: PermissionManager.cs プロジェクト: scaperow/-V2.0
        internal PermissionCollection InitPermissions(String[] PermissionIndex)
        {
            PermissionCollection permissionCollection = new PermissionCollection();

            if (PermissionIndex == null || PermissionIndex.Length == 0)
            {
                return(permissionCollection);
            }

            StringBuilder Sql_Permissions = new StringBuilder();

            //增加查询条件  Scdel=0  2013-10-17
            Sql_Permissions.Append("select * from sys_auth_Permissions where Scdel=0 and ID in ");
            Sql_Permissions.Append(string.Concat("('", string.Join("','", PermissionIndex), "')"));
            Sql_Permissions.Append(" order by ClsInfo");

            StringBuilder Sql_FieldPermission = new StringBuilder();

            Sql_FieldPermission.Append("select * from sys_auth_FieldPermission where FieldsID in (");
            //增加查询条件  Scdel=0  2013-10-17
            Sql_FieldPermission.Append("select ID from sys_auth_Permissions where Scdel=0 and ID in ");
            Sql_FieldPermission.Append(string.Concat("('", string.Join("','", PermissionIndex), "')"));
            Sql_FieldPermission.Append(" And ClsInfo='Fields'");
            Sql_FieldPermission.Append(") order by Indentity");

            StringBuilder Sql_RecordPermission = new StringBuilder();

            Sql_RecordPermission.Append("Select * from sys_auth_RecordPermission where RecordsID in (");
            //增加查询条件  Scdel=0  2013-10-17
            Sql_RecordPermission.Append("select ID from sys_auth_Permissions where Scdel=0 and ID in ");
            Sql_RecordPermission.Append(string.Concat("('", string.Join("','", PermissionIndex), "')"));
            Sql_RecordPermission.Append(" And ClsInfo='Records'");
            Sql_RecordPermission.Append(") order by Indentity");

            StringBuilder Sql_FunctionPermission = new StringBuilder();

            Sql_FunctionPermission.Append("Select * from sys_auth_FunctionPermission where FunctionsID in (");
            //增加查询条件  Scdel=0  2013-10-17
            Sql_FunctionPermission.Append("select ID from sys_auth_Permissions where Scdel=0 and ID in ");
            Sql_FunctionPermission.Append(string.Concat("('", string.Join("','", PermissionIndex), "')"));
            Sql_FunctionPermission.Append(" And ClsInfo='Functions'");
            Sql_FunctionPermission.Append(") order by Indentity");

            StringBuilder Sql_DataPermission = new StringBuilder();

            Sql_DataPermission.Append("Select * from sys_auth_DataPermission where TableID in (");
            //增加查询条件  Scdel=0  2013-10-17
            Sql_DataPermission.Append("select ID from sys_auth_Permissions where Scdel=0 and ID in ");
            Sql_DataPermission.Append(string.Concat("('", string.Join("','", PermissionIndex), "')"));
            Sql_DataPermission.Append(" And ClsInfo='Datas'");
            Sql_DataPermission.Append(") order by TableID");

            List <String> Sql_Commands = new List <string>();

            Sql_Commands.Add(Sql_Permissions.ToString());
            Sql_Commands.Add(Sql_FieldPermission.ToString());
            Sql_Commands.Add(Sql_RecordPermission.ToString());
            Sql_Commands.Add(Sql_FunctionPermission.ToString());
            Sql_Commands.Add(Sql_DataPermission.ToString());

            DataSet dataset = GetDataSet(Sql_Commands.ToArray());

            if (dataset != null)
            {
                DataTable PermissionDataTable         = dataset.Tables["sys_auth_Permissions"];
                DataTable FieldPermissionDataTable    = dataset.Tables["sys_auth_FieldPermission"];
                DataTable RecordPermissionDataTable   = dataset.Tables["sys_auth_RecordPermission"];
                DataTable FunctionPermissionDataTable = dataset.Tables["sys_auth_FunctionPermission"];
                DataTable DataPermissionDataTable     = dataset.Tables["sys_auth_DataPermission"];

                foreach (DataRow Row in PermissionDataTable.Rows)
                {
                    String Index       = Row["ID"].ToString();
                    String Cls         = Row["ClsInfo"].ToString();
                    String ModelIndex  = Row["ModuleID"].ToString();
                    String Description = Row["Description"].ToString();

                    PermissionType Type = Type = (PermissionType)Enum.Parse(typeof(PermissionType), Cls);
                    if (Type == PermissionType.Records)
                    {
                        RecordsPermission recordsPermission = new RecordsPermission();
                        recordsPermission.ModuleID = ModelIndex;
                        recordsPermission.Index    = Index;
                        recordsPermission.Caption  = Description;
                        permissionCollection.Add(recordsPermission);

                        DataRow[] RecordRows = RecordPermissionDataTable.Select("RecordsID='" + Index + "'");
                        foreach (DataRow RecordRow in RecordRows)
                        {
                            RecordListElement recordListElement = new RecordListElement();
                            recordListElement.Caption = RecordRow["Description"].ToString();
                            recordListElement.Index   = RecordRow["Indentity"].ToString();
                            recordListElement.Code    = RecordRow["RecordCode"].ToString();
                            recordsPermission.RecordPermissionList.Add(recordListElement);
                        }
                    }
                    else if (Type == PermissionType.Fields)
                    {
                        FieldsPermission fieldsPermission = new FieldsPermission();
                        fieldsPermission.ModuleID   = ModelIndex;
                        fieldsPermission.Index      = Index;
                        fieldsPermission.Caption    = Description;
                        fieldsPermission.FieldsName = Description;
                        permissionCollection.Add(fieldsPermission);

                        DataRow[] FieldRows = FieldPermissionDataTable.Select("FieldsID='" + Index + "'");
                        foreach (DataRow FieldRow in FieldRows)
                        {
                            FieldPermission fieldPermission = new FieldPermission();
                            fieldPermission.Index     = FieldRow["Indentity"].ToString();
                            fieldPermission.FieldName = FieldRow["Description"].ToString();
                            fieldPermission.Editable  = Convert.ToBoolean(FieldRow["Editable"]);
                            fieldPermission.Viewable  = Convert.ToBoolean(FieldRow["Viewable"]);
                            fieldsPermission.Fields.Add(fieldPermission);
                        }
                    }
                    else if (Type == PermissionType.Functions)
                    {
                        FunctionsPermission functionsPermission = new FunctionsPermission();
                        functionsPermission.ModuleID = ModelIndex;
                        functionsPermission.Index    = Index;
                        functionsPermission.Caption  = Description;
                        permissionCollection.Add(functionsPermission);

                        DataRow[] FunctionRows = FunctionPermissionDataTable.Select("FunctionsID='" + Index + "'");
                        foreach (DataRow FunctionRow in FunctionRows)
                        {
                            FunctionPermission functionPermission = new FunctionPermission();
                            functionPermission.Caption = FunctionRow["Description"].ToString();
                            functionPermission.Index   = FunctionRow["Indentity"].ToString();
                            functionsPermission.Functions.Add(functionPermission);
                        }
                    }
                    else if (Type == PermissionType.Datas)
                    {
                        DatasPermission datasPermission = new DatasPermission();
                        datasPermission.ModuleID = ModelIndex;
                        datasPermission.Index    = Index;
                        datasPermission.Caption  = Description;
                        permissionCollection.Add(datasPermission);

                        DataRow[] DataRows = DataPermissionDataTable.Select("TableID='" + Index + "'");
                        foreach (DataRow DataRow in DataRows)
                        {
                            DataPermission dataPermission = new DataPermission();
                            dataPermission.Index     = DataRow["TableID"].ToString();
                            dataPermission.FieldName = DataRow["FieldName"].ToString();

                            String FieldValueList = DataRow["FieldValues"].ToString();
                            if (!string.IsNullOrEmpty(FieldValueList))
                            {
                                String[] Values = FieldValueList.Split(new Char[] { ';' }, StringSplitOptions.RemoveEmptyEntries);
                                dataPermission.Values.AddRange(Values);
                            }

                            datasPermission.Conditions.Add(dataPermission);
                        }
                    }
                }
            }

            return(permissionCollection);
        }
コード例 #29
0
ファイル: PermissionManager.cs プロジェクト: scaperow/-V2.0
        public Boolean UpdatePermissions(PermissionCollection Permissions)
        {
            if (Permissions == null || Permissions.Count == 0)
            {
                return(true);
            }

            Boolean Result = false;

            List <string> PermissionIndexList = new List <string>();

            foreach (Permission Permission in Permissions)
            {
                PermissionIndexList.Add(Permission.Index);
            }

            String[] PermissionIndex = PermissionIndexList.ToArray();
            Result = DeletePermissions(PermissionIndex);

            StringBuilder Sql_Permissions = new StringBuilder();

            //增加查询条件  Scdel=0  2013-10-17
            Sql_Permissions.Append("select * from sys_auth_Permissions where ID in ");
            Sql_Permissions.Append(string.Concat("('", string.Join("','", PermissionIndex), "')"));
            Sql_Permissions.Append(" order by ClsInfo");

            StringBuilder Sql_FieldPermission = new StringBuilder();

            Sql_FieldPermission.Append("select * from sys_auth_FieldPermission where FieldsID in (");
            //增加查询条件  Scdel=0  2013-10-17
            Sql_FieldPermission.Append("select ID from sys_auth_Permissions where  ID in ");
            Sql_FieldPermission.Append(string.Concat("('", string.Join("','", PermissionIndex), "')"));
            Sql_FieldPermission.Append(" And ClsInfo='Fields'");
            Sql_FieldPermission.Append(") order by Indentity");

            StringBuilder Sql_RecordPermission = new StringBuilder();

            Sql_RecordPermission.Append("Select * from sys_auth_RecordPermission where RecordsID in (");
            //增加查询条件  Scdel=0  2013-10-17
            Sql_RecordPermission.Append("select ID from sys_auth_Permissions where ID in ");
            Sql_RecordPermission.Append(string.Concat("('", string.Join("','", PermissionIndex), "')"));
            Sql_RecordPermission.Append(" And ClsInfo='Records'");
            Sql_RecordPermission.Append(") order by Indentity");

            StringBuilder Sql_FunctionPermission = new StringBuilder();

            Sql_FunctionPermission.Append("Select * from sys_auth_FunctionPermission where FunctionsID in (");
            //增加查询条件  Scdel=0  2013-10-17
            Sql_FunctionPermission.Append("select ID from sys_auth_Permissions where  ID in ");
            Sql_FunctionPermission.Append(string.Concat("('", string.Join("','", PermissionIndex), "')"));
            Sql_FunctionPermission.Append(" And ClsInfo='Functions'");
            Sql_FunctionPermission.Append(") order by Indentity");

            StringBuilder Sql_DataPermission = new StringBuilder();

            Sql_DataPermission.Append("Select * from sys_auth_DataPermission where TableID in (");
            //增加查询条件  Scdel=0  2013-10-17
            Sql_DataPermission.Append("select ID from sys_auth_Permissions where ID in ");
            Sql_DataPermission.Append(string.Concat("('", string.Join("','", PermissionIndex), "')"));
            Sql_DataPermission.Append(" And ClsInfo='Datas'");
            Sql_DataPermission.Append(") order by TableID");

            List <String> Sql_Commands = new List <string>();

            Sql_Commands.Add(Sql_Permissions.ToString());
            Sql_Commands.Add(Sql_FieldPermission.ToString());
            Sql_Commands.Add(Sql_RecordPermission.ToString());
            Sql_Commands.Add(Sql_FunctionPermission.ToString());
            Sql_Commands.Add(Sql_DataPermission.ToString());

            DataSet dataset = GetDataSet(Sql_Commands.ToArray());

            if (dataset != null)
            {
                DataTable PermissionDataTable         = dataset.Tables["sys_auth_Permissions"];
                DataTable FieldPermissionDataTable    = dataset.Tables["sys_auth_FieldPermission"];
                DataTable RecordPermissionDataTable   = dataset.Tables["sys_auth_RecordPermission"];
                DataTable FunctionPermissionDataTable = dataset.Tables["sys_auth_FunctionPermission"];
                DataTable DataPermissionDataTable     = dataset.Tables["sys_auth_DataPermission"];

                foreach (Permission Permission in Permissions)
                {
                    DataRow   Row;
                    DataRow[] Rows = PermissionDataTable.Select("ID='" + Permission.Index + "'");
                    if (Rows.Length > 0)
                    {
                        Row = Rows[0];
                    }
                    else
                    {
                        Row = PermissionDataTable.NewRow();
                        PermissionDataTable.Rows.Add(Row);
                    }

                    Row["ID"]          = Permission.Index;
                    Row["SCTS"]        = DateTime.Now.ToString();
                    Row["ModuleID"]    = Permission.ModuleID;
                    Row["Description"] = Permission.Caption;
                    Row["Scdel"]       = 0;

                    if (Permission is RecordsPermission)
                    {
                        RecordsPermission records = Permission as RecordsPermission;
                        foreach (RecordListElement record in records.RecordPermissionList)
                        {
                            DataRow   recordRow;
                            DataRow[] recordRows = RecordPermissionDataTable.Select("Indentity='" + record.Index + "' and RecordsID='" + Permission.Index + "'");
                            if (recordRows.Length > 0)
                            {
                                recordRow = recordRows[0];
                            }
                            else
                            {
                                recordRow = RecordPermissionDataTable.NewRow();
                                RecordPermissionDataTable.Rows.Add(recordRow);

                                recordRow["ID"]   = Guid.NewGuid().ToString();
                                recordRow["SCTS"] = DateTime.Now.ToString();
                            }

                            recordRow["RecordsID"]   = Permission.Index;
                            recordRow["Indentity"]   = record.Index;
                            recordRow["Description"] = record.Caption;
                            recordRow["RecordCode"]  = record.Code;
                            recordRow["Scdel"]       = 0;
                        }

                        Row["ClsInfo"] = "Records";
                    }
                    else if (Permission is FieldsPermission)
                    {
                        FieldsPermission fields = Permission as FieldsPermission;
                        foreach (FieldPermission field in fields.Fields)
                        {
                            DataRow   fieldRow;
                            DataRow[] fieldRows = FieldPermissionDataTable.Select("Indentity='" + field.Index + "'");
                            if (fieldRows.Length > 0)
                            {
                                fieldRow = fieldRows[0];
                            }
                            else
                            {
                                fieldRow = FieldPermissionDataTable.NewRow();
                                FieldPermissionDataTable.Rows.Add(fieldRow);

                                fieldRow["ID"]   = Guid.NewGuid().ToString();
                                fieldRow["SCTS"] = DateTime.Now.ToString();
                            }

                            fieldRow["FieldsID"]    = Permission.Index;
                            fieldRow["Indentity"]   = field.Index;
                            fieldRow["Description"] = field.FieldName;
                            fieldRow["Editable"]    = field.Editable;
                            fieldRow["Viewable"]    = field.Viewable;
                            fieldRow["Scdel"]       = 0;
                        }

                        Row["ClsInfo"] = "Fields";
                    }
                    else if (Permission is FunctionsPermission)
                    {
                        FunctionsPermission functions = Permission as FunctionsPermission;
                        foreach (FunctionPermission function in functions.Functions)
                        {
                            DataRow   functionRow;
                            DataRow[] functionRows = FunctionPermissionDataTable.Select("Indentity='" + function.Index + "' and FunctionsID = '" + Permission.Index + "'");
                            if (functionRows.Length > 0)
                            {
                                functionRow = functionRows[0];
                            }
                            else
                            {
                                functionRow = FunctionPermissionDataTable.NewRow();
                                FunctionPermissionDataTable.Rows.Add(functionRow);

                                functionRow["ID"]   = Guid.NewGuid().ToString();
                                functionRow["SCTS"] = DateTime.Now.ToString();
                            }

                            functionRow["FunctionsID"] = Permission.Index;
                            functionRow["Indentity"]   = function.Index;
                            functionRow["Description"] = function.Caption;
                            functionRow["Scdel"]       = 0;
                        }

                        Row["ClsInfo"] = "Functions";
                    }
                    else if (Permission is DatasPermission)
                    {
                        DatasPermission Datas = Permission as DatasPermission;
                        foreach (DataPermission Data in Datas.Conditions)
                        {
                            DataRow   dataRow;
                            DataRow[] dataRows = DataPermissionDataTable.Select("TableID='" + Permission.Index + "' and FieldName='" + Data.FieldName + "'");
                            if (dataRows.Length > 0)
                            {
                                dataRow = dataRows[0];
                            }
                            else
                            {
                                dataRow = DataPermissionDataTable.NewRow();
                                DataPermissionDataTable.Rows.Add(dataRow);

                                dataRow["ID"]   = Guid.NewGuid().ToString();
                                dataRow["SCTS"] = DateTime.Now.ToString();
                            }

                            dataRow["TableID"]     = Data.Index;
                            dataRow["SCTS"]        = DateTime.Now.ToString();
                            dataRow["FieldName"]   = Data.FieldName;
                            dataRow["FieldValues"] = string.Join(";", Data.Values.ToArray());
                            dataRow["Scdel"]       = 0;
                        }

                        Row["ClsInfo"] = "Datas";
                    }
                }

                IDbConnection Connection  = GetConntion();
                Transaction   Transaction = new Transaction(Connection);

                try
                {
                    object r = Update(dataset, Transaction);
                    Result = (Convert.ToInt32(r) == 1);

                    if (Result)
                    {
                        Transaction.Commit();
                    }
                    else
                    {
                        Transaction.Rollback();
                    }
                }
                catch
                {
                    Transaction.Rollback();
                }
            }

            return(Result);
        }
コード例 #30
0
ファイル: RestApi.cs プロジェクト: secc/arena-secc-webservice
        /// <summary>
        /// Determines if the personID has access to perform the indicated operation
        /// on the small group cluster in question.
        /// </summary>
        /// <param name="personID">The ID number of the person whose security access we are checkin.</param>
        /// <param name="clusterID">The ID number of the profile the user wants access to.</param>
        /// <param name="operation">The type of access the user needs to proceed.</param>
        /// <returns>true/false indicating if the operation is allowed.</returns>
        public static bool GroupClusterOperationAllowed(int personID, int clusterID, OperationType operation)
        {
            PermissionCollection permissions;

            //
            // Load the permissions.
            //
            permissions = new PermissionCollection(ObjectType.Group_Cluster, clusterID);

            return PermissionsOperationAllowed(permissions, personID, operation);
        }
コード例 #31
0
ファイル: MenuService.cs プロジェクト: ofnhkb1/Notify2017
 /// <summary>
 /// 验证权限
 /// </summary>
 /// <param name="menus">菜单</param>
 /// <param name="address">菜单地址</param>
 /// <returns>结果</returns>
 public static bool HasPermission(IEnumerable <TMenu> menus, string address)
 {
     return(PermissionCollection.HasPermission(menus.ToMenus(), address));
 }
コード例 #32
0
ファイル: RestApi.cs プロジェクト: secc/arena-secc-webservice
        /// <summary>
        /// Checks the PermissionCollection class to determine if the
        /// indicated operation is allowed for the person identified by
        /// their ID number.
        /// </summary>
        /// <param name="permissions">The collection of permissions to check. These should be object permissions.</param>
        /// <param name="personID">The ID number of the user whose security access we are checking.</param>
        /// <param name="operation">The type of access the user needs to proceed.</param>
        /// <returns>true/false indicating if the operation is allowed.</returns>
        public static bool PermissionsOperationAllowed(PermissionCollection permissions, int personID, OperationType operation)
        {
            RoleCollection roles;
            int i;

            //
            // Check if the person has direct permission.
            //
            if (permissions.ContainsSubjectOperation(SubjectType.Person, personID, operation) == true)
                return true;

            //
            // Now check all roles for the given person.
            //
            roles = new RoleCollection(DefaultOrganizationID(), personID);
            for (i = 0; i < roles.Count; i++)
            {
                if (permissions.ContainsSubjectOperation(SubjectType.Role, roles[i].RoleID, operation) == true)
                    return true;
            }

            return false;
        }
コード例 #33
0
ファイル: AdminService.cs プロジェクト: gowhy/LoveBank
        /// <summary>
        /// 获得角色的权限点
        /// </summary>
        /// <param name="role"></param>
        /// <returns></returns>
        public PermissionCollection GetPermissions(int role)
        {
            var permissions = new PermissionCollection();

            DbProvider.D<RoleAccess>().Where(x => x.RoleId == role).ToList().ForEach(access => permissions.Add(new Permission { ModuleKey = access.Module, NodeKey = access.Node }));

            return permissions;
        }
コード例 #34
0
 /// <summary>
 /// Initializes a new instance of the <see cref="PlayerInfo"/> class with the specified user ID, chat data and permissions.
 /// </summary>
 /// <param name="userId">The user ID.</param>
 /// <param name="chatData">The user's chat information.</param>
 /// <param name="permissions">A collection of the user's permissions.</param>
 public PlayerInfo(int userId, [NotNull] ChatData chatData, [NotNull] PermissionCollection permissions) : this(userId, chatData)
 {
     Permissions = permissions ?? throw new ArgumentNullException(nameof(permissions));
 }
コード例 #35
0
 public UserGroup(UserGroupId id, PermissionCollection permissions)
 {
     this.Id          = id;
     this.Permissions = permissions;
 }
コード例 #36
0
ファイル: Person.cs プロジェクト: secc/arena-secc-webservice
        private bool ShouldShow(Arena.Core.Person arena, string name)
        {
            // First we check to see if this is yourself
            if (Arena.Core.ArenaContext.Current.Person.PersonID == arena.PersonID)
            {
                return true;
            }

            // Next we check to see if this is a family member
            if (Arena.Core.ArenaContext.Current.Person.FamilyId == arena.FamilyId)
            {
                return true;
            }

            // Group Leader Check - If the person they are fetching is one of their
            // small group members, go ahead and provide visibility
            Arena.Custom.SECC.Data.SmallGroup.GroupCollection gc = new Arena.Custom.SECC.Data.SmallGroup.GroupCollection();
            gc.LoadByLeaderPersonID(Arena.Core.ArenaContext.Current.Person.PersonID);
            foreach (Arena.SmallGroup.Group g in gc)
            {
                foreach (Arena.Core.Person groupMember in g.Members)
                {
                    if (groupMember.PersonID == arena.PersonID)
                    {
                        return true;
                    }
                }

                Arena.SmallGroup.GroupCluster cluster = g.GroupCluster;
                while (cluster != null)
                {
                    // If this is the current group's cluster leader or admin
                    if (cluster.LeaderID == arena.PersonID
                        || cluster.AdminID == arena.PersonID)
                    {
                        return true;
                    }
                    if (cluster.ParentClusterID > 0)
                    {
                        cluster = new Arena.SmallGroup.GroupCluster(cluster.ParentClusterID);
                    }
                    else {
                        cluster = null;
                    }
                }
            }

            if (!PersonMapper._fieldSecurityMap.ContainsKey(name.ToUpperInvariant())) {
                return false;
            }

            PermissionCollection permissionCollection = new PermissionCollection(ObjectType.PersonField, PersonMapper._fieldSecurityMap[name.ToUpperInvariant()]);
            if (!permissionCollection.Allowed(OperationType.View, Arena.Core.ArenaContext.Current.User))
            {
                return false;
            }
            if (this._includeFields == null)
            {
                return true;
            }
            return this._includeFields.Contains(name.ToUpperInvariant());
        }
コード例 #37
0
        internal void InitializePermissionSet(List<AuthorizationResponse> responses)
        {
            if (_permissionCollection == null)
            {
                _permissionCollection = new PermissionCollection();
            }

            _permissionCollection.Clear();
            foreach (AuthorizationResponse response in responses)
            {
                bool allowed = false;
                if (response.EvaluationResult == AuthorizationEvaluationResult.Allowed)
                {
                    allowed = true;
                }

                _permissionCollection.Add(new Permission(
                    response.Request.Namespace,
                    response.Request.Action,
                    allowed));
            }
        }
コード例 #38
0
        public void GenerateReport()
        {
            StringBuilder SQL_DataSource = new StringBuilder();

            SQL_DataSource.Append("select a.nodecode as foldercode,b.description as foldername,c.nodecode as modulecode,d.description as modulename,d.id ");
            SQL_DataSource.Append("from sys_engs_ItemInfo as b,");
            SQL_DataSource.Append("(SELECT NodeCode,ralationid FROM sys_engs_Tree ");
            SQL_DataSource.Append("WHERE (SUBSTRING(NodeCode, 0, 13) IN");
            SQL_DataSource.Append("(SELECT NodeCode FROM sys_engs_Tree AS sys_engs_Tree_1 WHERE (NodeType = '@unit_施工单位'))) and nodetype = '@folder') as a,");
            SQL_DataSource.Append("(SELECT NodeCode,ralationid FROM sys_engs_Tree ");
            SQL_DataSource.Append("WHERE (SUBSTRING(NodeCode, 0, 13) IN (SELECT NodeCode FROM sys_engs_Tree AS sys_engs_Tree_1 WHERE (NodeType = '@unit_施工单位'))) and nodetype = '@module') as c,");
            //增加查询条件  Scdel=0  2013-10-17
            SQL_DataSource.Append("sys_biz_Module as d where b.Scdel=0 and b.id = a.ralationid and c.ralationid = d.id and c.nodecode like a.nodecode + '%' order by a.nodecode,c.nodecode");

            DataTable DataSource = GetDataTable(SQL_DataSource.ToString());

            DataTable DataResule = new DataTable();

            DataColumn Column = new DataColumn("CompanyName");

            Column.DataType = typeof(String);
            DataResule.Columns.Add(Column);

            Column          = new DataColumn("CompanyCode");
            Column.DataType = typeof(String);
            DataResule.Columns.Add(Column);

            Column          = new DataColumn("ModelCode");
            Column.DataType = typeof(String);
            DataResule.Columns.Add(Column);

            Column          = new DataColumn("FolderName");
            Column.DataType = typeof(String);
            DataResule.Columns.Add(Column);

            Column          = new DataColumn("ModuleName");
            Column.DataType = typeof(String);
            DataResule.Columns.Add(Column);

            Column          = new DataColumn("PXRate");
            Column.DataType = System.Type.GetType("System.Decimal");
            DataResule.Columns.Add(Column);

            Column          = new DataColumn("YZRate");
            Column.DataType = System.Type.GetType("System.Decimal");
            DataResule.Columns.Add(Column);

            Column          = new DataColumn("SelectTable");
            Column.DataType = typeof(String);
            DataResule.Columns.Add(Column);

            foreach (DataRow Row in DataSource.Rows)
            {
                String TableName = "biz_norm_extent_" + Row["id"].ToString();

                StringBuilder SQL_Company = new StringBuilder();
                SQL_Company.Append("select a.Description,b.NodeCode from sys_engs_CompanyInfo as a,sys_engs_Tree as b");
                //增加查询条件  Scdel=0     2013-10-17
                SQL_Company.Append("where a.Scdel=0 and");
                SQL_Company.Append("b.NodeCode ='");
                SQL_Company.Append(Row["foldercode"].ToString().Substring(0, 12));
                SQL_Company.Append("' and a.id = b.ralationid");

                DataTable CompanyInfo = GetDataTable(SQL_Company.ToString());

                DataRow newRow = DataResule.NewRow();
                newRow["CompanyName"] = CompanyInfo.Rows[0]["Description"].ToString();
                newRow["CompanyCode"] = CompanyInfo.Rows[0]["NodeCode"].ToString();
                newRow["FolderName"]  = Row["FolderName"].ToString();
                newRow["ModuleName"]  = Row["ModuleName"].ToString();
                newRow["SelectTable"] = TableName;
                newRow["ModelCode"]   = Row["modulecode"].ToString();


                DataResule.Rows.Add(newRow);
            }

            StringBuilder Sql_Select = new StringBuilder();

            Sql_Select.Append("select code from sys_auth_Organization where type = '");
            Sql_Select.Append("监理单位");
            Sql_Select.Append("'");

            DataTable Organization = GetDataTable(Sql_Select.ToString());

            if (Organization != null && Organization.Rows.Count > 0)
            {
                PermissionCollection Permissions = new PermissionCollection();
                foreach (DataRow Row in Organization.Rows)
                {
                    int PXCount;
                    int JZCount;
                    int AllCount;
                    Sql_Select = new StringBuilder();
                    //增加查询条件  Scdel=0  2013-10-17
                    Sql_Select.Append("select * from sys_auth_Users where Scdel=0 and code like '");
                    Sql_Select.Append(Row["code"].ToString());
                    Sql_Select.Append("%'");

                    DataTable Users = GetDataTable(Sql_Select.ToString());
                    if (Users != null && Users.Rows.Count > 0)
                    {
                        foreach (DataRow UserRow in Users.Rows)
                        {
                            RoleCollection Roles = RoleManager.InitRoleInformation(UserRow["ID"].ToString());
                            foreach (Role role in Roles)
                            {
                                PermissionCollection _Permissions = PermissionManager.InitPermissions(role.Index);
                                foreach (Permission Permission in _Permissions)
                                {
                                    if (!Permissions.Contains(Permission))
                                    {
                                        Permissions.Add(Permission);
                                    }
                                }
                            }
                        }
                    }

                    IAuthPolicy AuthPolicy = AuthManager.GetTreeAuth(TreeID, Permissions);
                    DataTable   SelectData = new DataTable();
                    SelectData = DataResule.Clone();

                    StringBuilder Sql_JLSelect = new StringBuilder();
                    Sql_JLSelect.Append("select NodeCode from sys_engs_Tree where nodetype ='@unit_监理单位'");

                    DataTable JLData = GetDataTable(Sql_Select.ToString());

                    foreach (DataRow JLRow in JLData.Rows)
                    {
                        if (AuthPolicy.HasAuth(JLRow["NodeCode"].ToString()))
                        {
                            foreach (DataRow SelectRow in DataResule.Rows)
                            {
                                if (AuthPolicy.HasAuth(SelectRow["NodeCode"].ToString()))
                                {
                                    StringBuilder SQL_PXCount = new StringBuilder();
                                    SQL_PXCount.Append("select count(id) from ");
                                    SQL_PXCount.Append(SelectRow["SelectTable"].ToString());
                                    SQL_PXCount.Append("where trytype = '");
                                    SQL_PXCount.Append("平行 and scpt ='");
                                    SQL_PXCount.Append(JLRow["NodeCode"].ToString());
                                    SQL_PXCount.Append("' and scct in (select id from ");
                                    SQL_PXCount.Append(SelectRow["SelectTable"].ToString());
                                    SQL_PXCount.Append(" where scpt ='");
                                    SQL_PXCount.Append(SelectRow["modulecode"].ToString());
                                    SQL_PXCount.Append("')");

                                    PXCount = Convert.ToInt32(ExcuteScalar(SQL_PXCount.ToString()));

                                    StringBuilder SQL_JZCount = new StringBuilder();
                                    SQL_JZCount.Append("select count(id) from ");
                                    SQL_JZCount.Append(SelectRow["SelectTable"].ToString());
                                    SQL_JZCount.Append("where trytype = '");
                                    SQL_JZCount.Append("见证 and scpt ='");
                                    SQL_JZCount.Append(JLRow["NodeCode"].ToString());
                                    SQL_JZCount.Append("' and scct in (select id from ");
                                    SQL_JZCount.Append(SelectRow["SelectTable"].ToString());
                                    SQL_JZCount.Append(" where scpt ='");
                                    SQL_JZCount.Append(SelectRow["modulecode"].ToString());
                                    SQL_JZCount.Append("')");

                                    JZCount = Convert.ToInt32(ExcuteScalar(SQL_JZCount.ToString()));

                                    StringBuilder SQL_ALLCount = new StringBuilder();
                                    SQL_ALLCount.Append("select count(id) from ");
                                    SQL_ALLCount.Append(SelectRow["SelectTable"].ToString());
                                    SQL_ALLCount.Append("where scpt ='");
                                    SQL_ALLCount.Append(SelectRow["modulecode"].ToString());
                                    SQL_ALLCount.Append("'");

                                    AllCount = Convert.ToInt32(ExcuteScalar(SQL_ALLCount.ToString()));

                                    SelectRow["PXRate"] = PXCount / AllCount;
                                    SelectRow["YZRate"] = JZCount / AllCount;

                                    SelectData.ImportRow(SelectRow);
                                }
                            }

                            DrawSupervisionReport(SelectData, Row["Description"].ToString());
                        }
                    }
                }
            }
        }
コード例 #39
0
        public void AuthenticationForApplication()
        {
            // Authenticate to the Security system
            AuthenticationInformation authInfo = AuthenticationManager.Authenticate(Username, Password, Domain);
            _ncaUserId = authInfo.UserId;
            _ncaExpiration = authInfo.UserAccountExpirationUtc;
            NcaRoleCode = authInfo.ActiveRoleCode;
            _permissionCollection = new PermissionCollection(authInfo.PermissionCollection);

            if (SecurityRoleCollection == null)
            {
                SecurityRoleCollection = new StringCollection();
            }
            SecurityRoleCollection.Clear();

            foreach (string role in authInfo.SecurityRoleCollection)
            {
                SecurityRoleCollection.Add(role);
            }
            synchronizeUserToDatabase();
        }
コード例 #40
0
        /// <summary>
        /// Returns the permissions for the given codesource object.
        /// The implementation of this method first calls super.getPermissions
        /// and then adds permissions based on the URL of the codesource.
        /// <para>
        /// If the protocol of this URL is "jar", then the permission granted
        /// is based on the permission that is required by the URL of the Jar
        /// file.
        /// </para>
        /// <para>
        /// If the protocol is "file" and there is an authority component, then
        /// permission to connect to and accept connections from that authority
        /// may be granted. If the protocol is "file"
        /// and the path specifies a file, then permission to read that
        /// file is granted. If protocol is "file" and the path is
        /// a directory, permission is granted to read all files
        /// and (recursively) all files and subdirectories contained in
        /// that directory.
        /// </para>
        /// <para>
        /// If the protocol is not "file", then permission
        /// to connect to and accept connections from the URL's host is granted.
        /// </para>
        /// </summary>
        /// <param name="codesource"> the codesource </param>
        /// <exception cref="NullPointerException"> if {@code codesource} is {@code null}. </exception>
        /// <returns> the permissions granted to the codesource </returns>
        protected internal override PermissionCollection GetPermissions(CodeSource codesource)
        {
            PermissionCollection perms = base.GetPermissions(codesource);

            URL url = codesource.Location;

            Permission    p;
            URLConnection urlConnection;

            try
            {
                urlConnection = url.OpenConnection();
                p             = urlConnection.Permission;
            }
            catch (IOException)
            {
                p             = null;
                urlConnection = null;
            }

            if (p is FilePermission)
            {
                // if the permission has a separator char on the end,
                // it means the codebase is a directory, and we need
                // to add an additional permission to read recursively
                String path = p.Name;
                if (path.EndsWith(File.Separator))
                {
                    path += "-";
                    p     = new FilePermission(path, SecurityConstants.FILE_READ_ACTION);
                }
            }
            else if ((p == null) && (url.Protocol.Equals("file")))
            {
                String path = url.File.Replace('/', System.IO.Path.DirectorySeparatorChar);
                path = ParseUtil.decode(path);
                if (path.EndsWith(File.Separator))
                {
                    path += "-";
                }
                p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION);
            }
            else
            {
                /// <summary>
                /// Not loading from a 'file:' URL so we want to give the class
                /// permission to connect to and accept from the remote host
                /// after we've made sure the host is the correct one and is valid.
                /// </summary>
                URL locUrl = url;
                if (urlConnection is JarURLConnection)
                {
                    locUrl = ((JarURLConnection)urlConnection).JarFileURL;
                }
                String host = locUrl.Host;
                if (host != null && (host.Length() > 0))
                {
                    p = new SocketPermission(host, SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION);
                }
            }

            // make sure the person that created this class loader
            // would have this permission

            if (p != null)
            {
//JAVA TO C# CONVERTER WARNING: The original Java variable was marked 'final':
//ORIGINAL LINE: final SecurityManager sm = System.getSecurityManager();
                SecurityManager sm = System.SecurityManager;
                if (sm != null)
                {
//JAVA TO C# CONVERTER WARNING: The original Java variable was marked 'final':
//ORIGINAL LINE: final java.security.Permission fp = p;
                    Permission fp = p;
                    AccessController.doPrivileged(new PrivilegedActionAnonymousInnerClassHelper3(this, sm, fp), Acc);
                }
                perms.Add(p);
            }
            return(perms);
        }
コード例 #41
0
ファイル: RestApi.cs プロジェクト: secc/arena-secc-webservice
        /// <summary>
        /// Determines if the personID has access to perform the
        /// indicated operation on the profile in question.
        /// </summary>
        /// <param name="personID">The ID number of the person whose security access we are checking.</param>
        /// <param name="profileID">The ID number of the profile the user wants access to.</param>
        /// <param name="operation">The type of access the user needs to proceed.</param>
        /// <returns>true/false indicating if the operation is allowed.</returns>
        public static bool ProfileOperationAllowed(int personID, int profileID, OperationType operation)
        {
            PermissionCollection permissions;

            //
            // Load the permissions.
            //
            permissions = new PermissionCollection(ObjectType.Tag, profileID);

            return PermissionsOperationAllowed(permissions, personID, operation);
        }