//======================================================================================
public Guid[] GetNoPermissionTargetRoleIds(User my, TA2 action)
{
int actionIndex = GetActionValue(action);
PermissionTargetType targetType = Permissions.GetPermissionTargetType(actionIndex);
return(GetNoPermissionTargetRoleIds(my, targetType));
}
public static PermissionTargetType[] s_PermissionTargetTypes = null;//new Dictionary<int, PermissionTargetType>();
static PermissionCollection()
{
#region 读取 s_PermissionTargetTypes
PermissionTargetType?defaultTargetType = null;
//读取默认的PermissionTargetType,如果每个枚举没有具体指定PermissionTargetType,那么将用这个值
if (typeof(TA2).IsDefined(typeof(PermissionTargetAttribute), false))
{
PermissionTargetAttribute permissionTargetAttribute = (PermissionTargetAttribute)typeof(TA2).GetCustomAttributes(typeof(PermissionTargetAttribute), false)[0];
defaultTargetType = permissionTargetAttribute.TargetType;
}
//得到所有枚举值
FieldInfo[] fieldInfosWithTarget = typeof(TA2).GetFields();
PermissionTargetType[] permissionTargetTypes = new PermissionTargetType[fieldInfosWithTarget.Length];
int i = 0;
foreach (FieldInfo fieldInfo in fieldInfosWithTarget)
{
if (fieldInfo.IsDefined(typeof(PermissionTargetAttribute), false))
{
PermissionTargetAttribute permissionTargetAttribute = (PermissionTargetAttribute)typeof(TA2).GetCustomAttributes(typeof(PermissionTargetAttribute), false)[0];
permissionTargetTypes[i] = permissionTargetAttribute.TargetType;
i++;
}
else if (fieldInfo.IsDefined(typeof(PermissionItemAttribute), false))
{
if (defaultTargetType != null)
{
permissionTargetTypes[i] = defaultTargetType.Value;
}
else
{
throw new Exception(typeof(TA2).FullName + "或者" + fieldInfo.Name + "没有标记PermissionTarget,这将导致bbsmax无法确定这个权限判断的目标");
}
i++;
}
}
s_PermissionTargetTypes = permissionTargetTypes;
#endregion
}
public Guid[] GetNoPermissionTargetRoleIds(int operatorUserID, PermissionTargetType permissionTargetType)
{
User my = UserBO.Instance.GetUser(operatorUserID, GetUserOption.WithAll);
return(GetNoPermissionTargetRoleIds(my, permissionTargetType));
}
/// <summary>
/// 通过调用此方法来得到我到底没有权限管理哪些用户组
/// TODO : 尚未检查 BeforePermissionCheck
/// </summary>
public Guid[] GetNoPermissionTargetRoleIds(User my, PermissionTargetType permissionTargetType)
{
RoleCollection allRoles = AllSettings.Current.RoleSettings.Roles;
//User user = UserBO.Instance.GetUser(operatorUserID);
if (my == null)
{
return(allRoles.GetKeys());
}
//如果是创始人,直接返回null
if (my.IsOwner)
{
return(new Guid[0]);
}
//管理类权限而我不是管理员
if (IsManagement && my.IsManager == false)
{
return(allRoles.GetKeys());
}
PermissionLimit limit;
switch (permissionTargetType)
{
case PermissionTargetType.Content:
limit = AllSettings.Current.PermissionSettings.ContentPermissionLimit;
break;
case PermissionTargetType.User:
limit = AllSettings.Current.PermissionSettings.UserPermissionLimit;
break;
default:
throw new NotSupportedException("Action with target must defined 'PermissionSetWithTargetType'");
}
if (limit.LimitType == PermissionLimitType.Unlimited)
{
return(new Guid[0]);
}
List <Guid> allowRoleIds = new List <Guid>();
foreach (UserRole userRole in my.Roles)
{
//不是管理员
if (IsManagement && userRole.Role.IsManager == false)
{
continue;
}
RoleCollection allowRoles;
if (limit.LimitType == PermissionLimitType.RoleLevelLowerMe)
{
allowRoles = AllSettings.Current.RoleSettings.GetRoles(delegate(Role role)
{
if (role < userRole.Role)
{
return(true);
}
return(false);
});
}
else if (limit.LimitType == PermissionLimitType.RoleLevelLowerOrSameMe)
{
allowRoles = AllSettings.Current.RoleSettings.GetRoles(delegate(Role role)
{
if (role <= userRole.Role)
{
return(true);
}
return(false);
});
}
else if (limit.LimitType == PermissionLimitType.ExcludeCustomRoles)
{
List <Guid> excludeRoleIds = null;
limit.ExcludeRoles.TryGetValue(userRole.RoleID, out excludeRoleIds);
if (excludeRoleIds != null && excludeRoleIds.Count != 0)
{
allowRoles = AllSettings.Current.RoleSettings.GetRoles(delegate(Role role)
{
if (excludeRoleIds.Contains(role.RoleID))
{
return(false);
}
return(true);
});
}
else
{
allowRoles = AllSettings.Current.RoleSettings.Roles;
}
}
else
{
throw new NotSupportedException();
}
foreach (Role allowRole in allowRoles)
{
if (allowRoleIds.Contains(allowRole.RoleID) == false)
{
allowRoleIds.Add(allowRole.RoleID);
}
}
}
int noPermissionRolesCount = allRoles.Count - allowRoleIds.Count;
Guid[] noPermissionRoleIds = new Guid[noPermissionRolesCount];
int i = 0;
foreach (Role role in allRoles)
{
if (allowRoleIds.Contains(role.RoleID) == false)
{
noPermissionRoleIds[i] = role.RoleID;
i++;
}
}
return(noPermissionRoleIds);
}
