public bool ISBPAFileWritable(IYZDbProvider provider, IDbConnection cn, BPMConnection bpmcn) { Folder parentFolder = DirectoryManager.GetFolderByID(provider, cn, this.FolderID); Folder rootFolder = DirectoryManager.GetFolderByID(provider, cn, parentFolder.RootID); if (NameCompare.EquName(rootFolder.FolderType, "BPALibrary")) { if (SecurityManager.CheckPermision(bpmcn, parentFolder.RSID, BPMPermision.Write)) { return(true); } } if (NameCompare.EquName(rootFolder.FolderType, "BPAGroup")) { if (bpmcn.Token.ContainsSID(WellKnownSID.Administrators)) { return(true); } YZSoft.Group.Group group = YZSoft.Group.GroupManager.GetGroupFromFolderID(provider, cn, rootFolder.FolderID); YZSoft.Group.Member member = YZSoft.Group.GroupManager.TryGetGroupMember(provider, cn, group.GroupID, YZAuthHelper.LoginUserAccount); if (member != null) { if ((member.GroupPerm & Group.GroupPerm.Edit) == Group.GroupPerm.Edit || (member.GroupPerm & Group.GroupPerm.Auth) == Group.GroupPerm.Auth) { return(true); } } } return(false); }
public void Insert(IDbConnection cn, YZSoft.Group.Member member) { using (SqlCommand cmd = new SqlCommand()) { cmd.Connection = cn as SqlConnection; StringBuilder sb = new StringBuilder(); sb.Append("SET NOCOUNT ON;"); sb.Append("INSERT INTO YZAppGroupMembers("); sb.Append("GroupID,"); sb.Append("UID,"); sb.Append("Role) "); sb.Append("VALUES("); sb.Append("@GroupID,"); sb.Append("@UID,"); sb.Append("@Role);"); sb.Append("SELECT SCOPE_IDENTITY()"); cmd.CommandText = sb.ToString(); cmd.Parameters.Add("@GroupID", SqlDbType.Int).Value = member.GroupID; cmd.Parameters.Add("@UID", SqlDbType.NVarChar).Value = this.Convert(member.UID, false); cmd.Parameters.Add("@Role", SqlDbType.NVarChar).Value = this.Convert(member.Role, false); member.ItemID = System.Convert.ToInt32(cmd.ExecuteScalar()); } }
public void Insert(IDbConnection cn, YZSoft.Group.Member member) { using (OracleCommand cmd = new OracleCommand()) { cmd.Connection = cn as OracleConnection; cmd.BindByName = true; cmd.CommandText = "SELECT BPMSEQ_YZAPPGROUPMEMBERS.NEXTVAL FROM DUAL"; member.ItemID = System.Convert.ToInt32(cmd.ExecuteScalar()); StringBuilder sb = new StringBuilder(); sb.Append("INSERT INTO YZAPPGROUPMEMBERS("); sb.Append("ITEMID,"); sb.Append("GROUPID,"); sb.Append("\"UID\","); sb.Append("\"ROLE\") "); sb.Append("VALUES("); sb.Append(":ITEMID,"); sb.Append(":GROUPID,"); sb.Append(":PM_UID,"); sb.Append(":ROLE1)"); cmd.CommandText = sb.ToString(); cmd.Parameters.Add(":ITEMID", OracleDbType.Int32).Value = member.ItemID; cmd.Parameters.Add(":GROUPID", OracleDbType.Int32).Value = member.GroupID; cmd.Parameters.Add(":PM_UID", OracleDbType.NVarchar2).Value = this.Convert(member.UID, false); cmd.Parameters.Add(":ROLE1", OracleDbType.NVarchar2).Value = this.Convert(member.Role, false); cmd.ExecuteNonQuery(); } }