/// <summary> /// 某个用户是否对某个模块Url有访问权限 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <param name="moduleUrl">模块Url</param> /// <returns>是否有权限</returns> public bool IsUrlAuthorizedByUser(BaseUserInfo userInfo, string userId, string moduleUrl) { var result = false; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) => { // 是否超级管理员 // 是超级管理员,就不用继续判断权限了 var userEntity = BaseUserManager.GetEntityByCache(userId); if (userEntity != null) { result = BaseUserManager.IsAdministrator(userId); if (!result) { var tableName = userInfo.SystemCode + "Module"; var moduleManager = new BaseModuleManager(dbHelper, userInfo, tableName); List <BaseModuleEntity> entityList = null; // moduleManager.GetList(userId); // 这里需要改进,只读到第一个就可以返回了,没必要全部列表都计算一边 var count = entityList.Count(entity => !string.IsNullOrEmpty(entity.NavigateUrl) && (entity.NavigateUrl.Equals(moduleUrl, StringComparison.OrdinalIgnoreCase) || moduleUrl.StartsWith(entity.NavigateUrl))); result = count > 0; } } }); return(result); }
/// <summary> /// 获取用户实体 /// </summary> /// <param name="userInfo">用户</param> /// <param name="id">主键</param> /// <returns>实体</returns> public BaseUserEntity GetEntityByCache(BaseUserInfo userInfo, string id) { BaseUserEntity entity = null; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) => { // var userManager = new BaseUserManager(dbHelper, userInfo); // 判断是否已经登录的用户? // if (userManager.UserIsLogon(userInfo)) // { entity = BaseUserManager.GetEntityByCache(id); // } }); return(entity); }
/// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="systemCode">系统编号</param> /// <param name="userId">用户主键</param> /// <param name="permissionId">权限主键</param> /// <param name="chekExists">判断是否存在</param> /// <returns>主键</returns> public string GrantUser(string systemCode, string userId, string permissionId, bool chekExists = true) { var result = string.Empty; if (!ValidateUtil.IsInt(userId) && string.IsNullOrEmpty(permissionId)) { return(result); } CurrentTableName = systemCode + "Permission"; var currentId = string.Empty; // 判断是否已经存在这个权限,若已经存在就不重复增加了 if (chekExists) { var whereParameters = new List <KeyValuePair <string, object> > { new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceCategory, BaseUserEntity.CurrentTableName), new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceId, userId), new KeyValuePair <string, object>(BasePermissionEntity.FieldPermissionId, permissionId) }; currentId = GetId(whereParameters); if (!string.IsNullOrEmpty(currentId)) { var parameters = new List <KeyValuePair <string, object> > { new KeyValuePair <string, object>(BasePermissionEntity.FieldEnabled, 1), new KeyValuePair <string, object>(BasePermissionEntity.FieldDeleted, 0), new KeyValuePair <string, object>(BasePermissionEntity.FieldUpdateUserId, UserInfo.UserId), new KeyValuePair <string, object>(BasePermissionEntity.FieldUpdateBy, UserInfo.RealName), new KeyValuePair <string, object>(BasePermissionEntity.FieldUpdateTime, DateTime.Now) }; // 更新状态,设置为有效、并取消删除,权限也不是天天变动的,所以可以更新一下 SetProperty(currentId, parameters); result = currentId; } } if (string.IsNullOrEmpty(currentId)) { var permissionEntity = new BasePermissionEntity { ResourceCategory = BaseUserEntity.CurrentTableName, ResourceId = userId.ToString(), PermissionId = permissionId, Enabled = 1 }; // 2015-07-03 吉日嘎拉 若是没有公司相关的信息,就把公司区分出来,每个公司可以看每个公司的数据 if (permissionEntity.CompanyId > 0) { var entity = BaseUserManager.GetEntityByCache(userId); if (entity != null) { permissionEntity.CompanyId = entity.CompanyId; permissionEntity.CompanyName = entity.CompanyName; } } var permissionManager = new BasePermissionManager(DbHelper, UserInfo, CurrentTableName); result = permissionManager.Add(permissionEntity, true, false); } // 2015-09-21 吉日嘎拉 这里增加变更日志 var tableName = systemCode + "UserPermission"; var sqlBuilder = new SqlBuilder(DbHelper); sqlBuilder.BeginInsert(BaseChangeLogEntity.CurrentTableName); sqlBuilder.SetValue(BaseChangeLogEntity.FieldTableName, tableName); if (DbHelper.CurrentDbType == CurrentDbType.Oracle) { sqlBuilder.SetFormula(BaseChangeLogEntity.FieldId, BaseChangeLogEntity.CurrentTableName + "_SEQ.NEXTVAL"); } sqlBuilder.SetValue(BaseChangeLogEntity.FieldRecordKey, userId); sqlBuilder.SetValue(BaseChangeLogEntity.FieldColumnName, "授权"); sqlBuilder.SetValue(BaseChangeLogEntity.FieldColumnDescription, new BaseModuleManager().GetNameByCache(systemCode, permissionId)); sqlBuilder.SetValue(BaseChangeLogEntity.FieldOldValue, null); sqlBuilder.SetValue(BaseChangeLogEntity.FieldNewValue, permissionId); sqlBuilder.EndInsert(); return(result); }
/// <summary> /// 获取权限审核 /// </summary> /// <param name="userInfo">用户</param> /// <param name="startDate">开始日期</param> /// <param name="endDate">结束日期</param> /// <param name="companyId">公司主键</param> /// <param name="userId">用户主键</param> /// <param name="permissionId">权限主键</param> /// <param name="recordCount">记录数</param> /// <param name="pageNo">当前页</param> /// <param name="pageSize">每页显示条数</param> /// <returns>数据表</returns> public DataTable PermissionMonitor(BaseUserInfo userInfo, DateTime startDate, DateTime endDate, string companyId, string userId, string permissionId, out int recordCount, int pageNo = 1, int pageSize = 20) { DataTable result = null; recordCount = 0; var myRecordCount = 0; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) => { var condition = string.Empty; var dbParameters = new List <KeyValuePair <string, object> >(); if (!string.IsNullOrEmpty(condition)) { condition += " AND "; } condition += BasePermissionEntity.FieldCreateTime + " >= " + DbUtil.GetParameter(BaseSystemInfo.UserCenterDbType, "startDate"); dbParameters.Add(new KeyValuePair <string, object>("startDate", startDate)); if (!string.IsNullOrEmpty(condition)) { condition += " AND "; } condition += BasePermissionEntity.FieldCreateTime + " <= " + DbUtil.GetParameter(BaseSystemInfo.UserCenterDbType, "endDate"); dbParameters.Add(new KeyValuePair <string, object>("endDate", endDate)); var tableName = BasePermissionEntity.CurrentTableName; if (userInfo != null) { tableName = userInfo.SystemCode + "Permission"; } myRecordCount = dbHelper.GetCount(tableName, condition, dbHelper.MakeParameters(dbParameters)); result = DbUtil.GetDataTableByPage(dbHelper, tableName, "*", pageNo, pageSize, condition, dbHelper.MakeParameters(dbParameters), BasePermissionEntity.FieldCreateTime + " DESC"); if (!result.Columns.Contains("ResourceCategoryName")) { result.Columns.Add("ResourceCategoryName".ToUpper()); } if (!result.Columns.Contains("PermissionName")) { result.Columns.Add("PermissionName".ToUpper()); } if (!result.Columns.Contains("PermissionCode")) { result.Columns.Add("PermissionCode".ToUpper()); } if (!result.Columns.Contains("ResourceName")) { result.Columns.Add("ResourceName".ToUpper()); } if (!result.Columns.Contains("CompanyName")) { result.Columns.Add("CompanyName".ToUpper()); } foreach (DataRow dr in result.Rows) { var id = dr["PermissionId"].ToString(); var moduleEntity = new BaseModuleManager().GetEntityByCache(userInfo, id); if (moduleEntity != null) { dr["PermissionName"] = moduleEntity.Name; dr["PermissionCode"] = moduleEntity.Code; } if (dr["ResourceCategory"].ToString().Equals(BaseUserEntity.CurrentTableName)) { id = dr["ResourceId"].ToString(); var userEntity = BaseUserManager.GetEntityByCache(id); if (userEntity != null) { dr["ResourceName"] = userEntity.RealName; dr["CompanyName"] = userEntity.CompanyName; dr["ResourceCategoryName"] = "用户"; } } else if (dr["ResourceCategory"].ToString().Equals(BaseOrganizationEntity.CurrentTableName)) { id = dr["ResourceId"].ToString(); var organizationEntity = BaseOrganizationManager.GetEntityByCache(id); if (organizationEntity != null) { dr["ResourceName"] = organizationEntity.Name; dr["ResourceCategoryName"] = "网点"; } } else if (dr["ResourceCategory"].ToString().Equals(BaseRoleEntity.CurrentTableName)) { id = dr["ResourceId"].ToString(); var roleEntity = BaseRoleManager.GetEntityByCache(userInfo, id); if (roleEntity != null) { dr["ResourceName"] = roleEntity.Name; dr["ResourceCategoryName"] = "角色"; } } } }); recordCount = myRecordCount; return(result); }