/// <summary> /// 检查是否有全部权限 /// </summary> /// <returns></returns> public bool LookAll(AuthorizeUserTypeEnum authorizeUserType, SystemTypeEnum systemType, string loginKey = null) { object _obj = null; StringBuilder sqlString = new StringBuilder(); if (systemType == SystemTypeEnum.WebSystem && OperatorProvider.Provider.Current().IsSystem) { _obj = true; } else { if (authorizeUserType == AuthorizeUserTypeEnum.UserID && string.IsNullOrEmpty(loginKey)) { loginKey = SystemInfo.CurrentUserId; } var parameter = new List <DbParameter>(); sqlString.AppendLine(@" SELECT * from view_post_user where 1=1"); sqlString.AppendLine(authorizeUserType == AuthorizeUserTypeEnum.UserID ? string.Format(" and UserId='{0}' and AuthorizationMethod={1}", loginKey, (int)AuthorizationMethodEnum.AllPorject) : string.Format(" and Account='{0}' and AuthorizationMethod={1}", loginKey, (int)AuthorizationMethodEnum.AllPorject)); _obj = this.BaseRepository().FindEntity(sqlString.ToString(), parameter.ToArray()); } return(_obj == null ? false : true); }
/// <summary> /// /// </summary> /// <param name="strSql"></param> /// <param name="dbParameter"></param> /// <param name="authorizeUserType">授权验证的方式</param> /// <param name="systemType">请求系统类型</param> /// <param name="loginKey">用户ID 或者 登录名</param> /// <returns></returns> public IEnumerable <T> FindList(string strSql, DbParameter[] dbParameter, AuthorizeUserTypeEnum authorizeUserType, SystemTypeEnum systemType, string loginKey = null, Pagination pagination = null, string authorizeKeyName = "projectid") { StringBuilder sqlString = new StringBuilder(); if (systemType == SystemTypeEnum.WebSystem && OperatorProvider.Provider.Current().IsSystem) { sqlString.Append(strSql); } else { if (!LookAll(authorizeUserType, systemType, loginKey)) { if (authorizeUserType == AuthorizeUserTypeEnum.UserID && string.IsNullOrEmpty(loginKey)) { loginKey = SystemInfo.CurrentUserId; } sqlString.AppendLine(string.Format(@"select *from ({0}) pinfo inner join ( SELECT ItemId,UserId FROM view_post_project where 1=1 ", strSql)); sqlString.AppendLine(authorizeUserType == AuthorizeUserTypeEnum.UserID ? string.Format(" and UserId='{0}'", loginKey) : string.Format(" and Account='{0}'", loginKey)); sqlString.AppendLine(@" ) as post_project on pinfo." + authorizeKeyName + "= post_project.ItemId"); } else { sqlString.Append(strSql); } } return(pagination == null?this.BaseRepository().FindList(sqlString.ToString(), dbParameter) : this.BaseRepository().FindList(sqlString.ToString(), dbParameter, pagination)); }