public DataTable GetCateNewsGroupOfficialAll(string _lang, string username) { DataTable datatable = new DataTable(); if (username.Equals("administrator")) { using (SqlConnection connection = GetConnection()) { SqlCommand command = new SqlCommand("_CateNewsGroupGetOfficialAll", connection); command.CommandType = CommandType.StoredProcedure; command.Parameters.AddWithValue("@Language", _lang); connection.Open(); using (SqlDataAdapter adapter = new SqlDataAdapter(command)) { adapter.Fill(datatable); command.Dispose(); } } } else { AdminRolesDAO adminRolesDAO = new AdminRolesDAO(); string strRoles = adminRolesDAO.GetRoles(username); CateNewsGroupPermissionDAO catenewGroupPermissionDAO = new CateNewsGroupPermissionDAO(); string strCateID = catenewGroupPermissionDAO.GetCateNewsGroupID(strRoles, _lang); using (SqlConnection connection = GetConnection()) { string SQL = "SELECT tblCateNewsGroup.* FROM tblCateNewsGroup WHERE [IsOfficial] = 1 And Language=@Language AND [CateNewsGroupID] in('" + strCateID + "') Order by [Order] ASC"; SqlCommand command = new SqlCommand(SQL, connection); command.CommandText = SQL; command.Parameters.AddWithValue("@Language", _lang); connection.Open(); using (SqlDataAdapter adapter = new SqlDataAdapter(command)) { adapter.Fill(datatable); command.Dispose(); } } } return(datatable); }
public string GetRoles(string username) { AdminRolesDAO adminRolesDAO = new AdminRolesDAO(); return adminRolesDAO.GetRoles(username); }