/// <summary> /// 查询获取指定的用户是否已配置权限 /// </summary> /// <param name="szUserID">用户ID</param> /// <param name="rightType">用户权限类型</param> /// <param name="nCount">返回的记录数</param> /// <returns>SystemData.ReturnValue</returns> private short ExistRightInfo(string szUserID, UserRightType rightType, ref int nCount) { if (GlobalMethods.Misc.IsEmptyString(szUserID)) return SystemData.ReturnValue.PARAM_ERROR; if (base.MedQCAccess == null) return SystemData.ReturnValue.PARAM_ERROR; string szCondition = string.Format("{0}='{1}'AND {2}='{3}'" , SystemData.UserRightTable.USER_ID, szUserID , SystemData.UserRightTable.RIGHT_TYPE, UserRightBase.GetRightTypeName(rightType)); string szSQL = string.Format(SystemData.SQL.SELECT_WHERE, "COUNT(*)", SystemData.DataTable.USER_RIGHT, szCondition); nCount = 0; try { object objValue = base.MedQCAccess.ExecuteScalar(szSQL, CommandType.Text); if (objValue == null || objValue == System.DBNull.Value) nCount = 0; if (!int.TryParse(objValue.ToString(), out nCount)) nCount = 0; } catch (Exception ex) { LogManager.Instance.WriteLog("RightAccess.ExistRightInfo", new string[] { "SQL" }, new object[] { szSQL }, "SQL执行失败!", ex); return SystemData.ReturnValue.EXCEPTION; } return SystemData.ReturnValue.OK; }
/// <summary> /// 创建指定的用户权限 /// </summary> /// <param name="rightType">用户权限类型</param> /// <returns>MDSDBLib.UserRightBase</returns> public static UserRightBase Create(UserRightType rightType) { if (rightType == UserRightType.MedDoc) { return(new UserRight()); } else { return(new QCUserRight()); } }
/// <summary> /// 获取权限类型名称 /// </summary> public static string GetRightTypeName(UserRightType rightType) { if (rightType == UserRightType.MedQC) { return("MEDQC"); } else { return("MEDDOC"); } }
/// <summary> /// 获取所有编辑器用户权限 /// </summary> /// <param name="rightType">用户权限类型</param> /// <param name="lstUserRight">用户权限信息列表</param> /// <returns>SystemData.ReturnValue</returns> public short GetUserRight(UserRightType rightType, ref List<UserRightBase> lstUserRight) { if (base.MedQCAccess == null) return SystemData.ReturnValue.PARAM_ERROR; string szField = string.Format("{0},{1},{2}" , SystemData.UserRightTable.USER_ID, SystemData.UserRightTable.RIGHT_CODE , SystemData.UserRightTable.RIGHT_DESC); string szTable = SystemData.DataTable.USER_RIGHT; DbParameter[] param = new DbParameter[1]{new DbParameter(SystemData.UserRightTable.RIGHT_TYPE , UserRightBase.GetRightTypeName(rightType))}; string szCondition = string.Format("{0}='{1}' or {0}='MRQC'", SystemData.UserRightTable.RIGHT_TYPE ,SystemData.UserRightTable.RIGHT_TYPE); string szSQL = string.Format(SystemData.SQL.SELECT_WHERE, szField, szTable, szCondition); IDataReader dataReader = null; try { dataReader = base.MedQCAccess.ExecuteReader(szSQL, CommandType.Text, ref param); if (dataReader == null || dataReader.IsClosed || !dataReader.Read()) return SystemData.ReturnValue.RES_NO_FOUND; if (lstUserRight == null) lstUserRight = new List<UserRightBase>(); lstUserRight.Clear(); do { UserRightBase userRight = UserRightBase.Create(rightType); userRight.UserID = dataReader.GetString(0).Trim(); if (!dataReader.IsDBNull(2)) userRight.RightDesc = dataReader.GetString(2); if (!dataReader.IsDBNull(1)) userRight.SetRightCode(dataReader.GetString(1)); lstUserRight.Add(userRight); } while (dataReader.Read()); return SystemData.ReturnValue.OK; } catch (Exception ex) { LogManager.Instance.WriteLog("RightAccess.GetUserRight", new string[] { "szSQL" }, new object[] { szSQL }, ex); return SystemData.ReturnValue.EXCEPTION; } finally { base.MedQCAccess.CloseConnnection(false); } }
public bool HasRight(FormType form, UserRightType type) { var rightName = $"Form.{form.ToString()}.{type.ToString()}"; return(HasRight(rightName)); }
private void btnLogin_Click(object sender, EventArgs e) { string szUserID = this.txtUserID.Text.Trim().ToUpper(); if (GlobalMethods.Misc.IsEmptyString(szUserID)) { MessageBoxEx.Show("请输入您的用户ID!"); this.txtUserID.Focus(); this.txtUserID.SelectAll(); return; } this.Cursor = Cursors.WaitCursor; //获取用户信息 UserInfo userInfo = null; if (szUserID.ToUpper() == "ADMINISTRATOR") { szUserID = "administrator";//管理员账户要小写 userInfo = new UserInfo(); userInfo.USER_ID = szUserID; userInfo.USER_NAME = "管理员"; goto ADMINISTRATOR_LOGIN; } short shRet = UserAccess.Instance.GetUserInfo(szUserID, ref userInfo); if (shRet != SystemData.ReturnValue.OK) { MessageBoxEx.Show("登录失败,系统无法获取用户信息!"); this.Cursor = Cursors.Default; return; } if (userInfo == null) { MessageBoxEx.Show("您输入的账号非法!"); this.txtUserID.Focus(); this.txtUserID.SelectAll(); this.Cursor = Cursors.Default; return; } //查询用户权限信息 UserRightType rightType = UserRightType.MedQC; UserRightBase userRightBase = null; shRet = RightAccess.Instance.GetUserRight(szUserID, rightType, ref userRightBase); if (shRet != SystemData.ReturnValue.OK && shRet != SystemData.ReturnValue.RES_NO_FOUND) { MessageBoxEx.Show("登录失败,系统无法获取用户权限!"); this.Cursor = Cursors.Default; return; } //验证用户输入的密码 ADMINISTRATOR_LOGIN: shRet = RightAccess.Instance.VerifyUser(szUserID, this.txtUserPwd.Text); if (shRet == SystemData.ReturnValue.FAILED) { MessageBoxEx.Show("您输入的登录口令错误!"); this.txtUserPwd.Focus(); this.txtUserPwd.SelectAll(); this.Cursor = Cursors.Default; return; } if (shRet != SystemData.ReturnValue.OK && shRet != SystemData.ReturnValue.RES_NO_FOUND) { MessageBoxEx.Show("登录失败,系统无法验证用户信息!"); this.Cursor = Cursors.Default; return; } this.Cursor = Cursors.Default; SystemParam.Instance.UserInfo = userInfo; SystemConfig.Instance.Write(SystemData.ConfigKey.DEFAULT_LOGIN_USERID, szUserID); HdpProduct hdpProduct = (this.cboProduct.SelectedItem as HdpProduct); if (hdpProduct == null) { MessageBoxEx.Show("网络出现异常!"); return; } string szProduct = hdpProduct.NAME_SHORT; SystemConfig.Instance.Write(SystemData.ConfigKey.DEFAULT_LOGIN_PRODUCT, szProduct); DataCache.Instance.HdpProduct = this.cboProduct.SelectedItem as HdpProduct; //查找用户角色 List <HdpRoleUser> lstHdpRoleUser = null; shRet = HdpRoleUserAccess.Instance.GetHdpRoleUserList(szUserID, ref lstHdpRoleUser); if (shRet != SystemData.ReturnValue.OK) { MessageBoxEx.Show("登录失败,系统无法获取用户权限!"); this.Cursor = Cursors.Default; return; } //缓存用户角色权限信息 List <HdpRoleGrant> lstHdpAllRoleGrant = new List <HdpRoleGrant>(); foreach (HdpRoleUser item in lstHdpRoleUser) { List <HdpRoleGrant> lstHdpRoleGrant = new List <HdpRoleGrant>(); shRet = HdpRoleGrantAccess.Instance.GetHdpRoleGrantList(item.RoleCode, string.Empty, ref lstHdpRoleGrant); if (shRet == SystemData.ReturnValue.OK) { lstHdpAllRoleGrant.AddRange(lstHdpRoleGrant); } } DataCache.Instance.QcAdminDepts = null; DataCache.Instance.DicHdpParameter = null; DataCache.Instance.RoleName = string.Join(",", lstHdpRoleUser.Select(m => m.RoleName).ToArray()); RightHandler.Instance.LstHdpRoleGrant = lstHdpAllRoleGrant; this.DialogResult = DialogResult.OK; }