/// <summary> /// /// </summary> /// <param name="userPerType"></param> /// <param name="userId"></param> /// <param name="userRolId"></param> /// <param name="strDBConnection"></param> /// <returns></returns> private static bool GetPermissionDB(UserPermissionTypeEnum userPerType, string userId, UserRolEnum userRolId, string strDBConnection) { if (userRolId == UserRolEnum.System || userRolId == UserRolEnum.SuperAdministrator) { return(true); } var bReturn = false; var strSql = "Permission_QueryUser"; var paramsToSP = new SqlParameter[] { new SqlParameter("@UserId", userId) , new SqlParameter("@UserRolId", userRolId) , new SqlParameter("@UserPerTypeId", userPerType) }; var sqlapi = new SqlApiSqlClient(); using (sqlapi.Connection = new SqlConnection(strDBConnection)) { var reader = sqlapi.DataReaderSqlSP(strSql, paramsToSP); if (!reader.HasRows) { bReturn = false; } else { if (reader.Read()) { if (reader.IsDBNull(0)) { bReturn = false; } else { bReturn = Convert.ToBoolean(reader[0]); } } else { bReturn = false; } } reader.Close(); sqlapi.Connection.Close(); } return(bReturn); }
/// <summary> /// Get permission using HttpContext.Current.Session /// </summary> /// <param name="userPerType"></param> /// <param name="strDBConnection"></param> /// <returns></returns> public static bool GetPermission(UserPermissionTypeEnum userPerType, string strDBConnection) { if (HttpContext.Current.Session["User.UserRolId"].ToString().Equals(UserRolEnum.System) || HttpContext.Current.Session["User.UserRolId"].ToString().Equals(UserRolEnum.SuperAdministrator)) { return(true); } var key = HttpContext.Current.Session.SessionID + "_Permission_" + userPerType.ToString(); var bresult = GetFromCache(key); if (bresult == null) { bresult = GetPermissionDB(Convert.ToString((int)userPerType), HttpContext.Current.Session["User.UserId"].ToString(), HttpContext.Current.Session["User.UserRolId"].ToString(), strDBConnection); HttpRuntime.Cache.Insert(key, bresult, null, System.Web.Caching.Cache.NoAbsoluteExpiration, TimeSpan.FromMinutes(5)); } return((bool)bresult); }