public static bool CanLogin(DataPersistance dp, string RoleName, string UserName, string UserPassword) { string TrueStr = dp.FormatSqlValue(true); string FalseStr = dp.FormatSqlValue(false); dp.ValidateTableDef <User>(); dp.ValidateTableDef <RoleUser>(); string SqlQuery; if (BaseSecurity.LoginWithRole) { SqlQuery = string.Concat(@"SELECT U.UserName FROM (_System_User AS U INNER JOIN _System_RoleUser AS RU ON U.UserName=RU.UserName) INNER JOIN _System_Role AS R ON RU.RoleName=R.RoleName AND RU.ProductName=R.ProductName WHERE RU.ProductName=@3 AND U.IsActive=", TrueStr, @" AND U.UserName=@0 AND U.UserPassword=@1 AND (U.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(), " BETWEEN U.StartDate AND U.EndDate) AND R.IsActive=", TrueStr, @" AND R.RoleName=@2 AND (R.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(), " BETWEEN R.StartDate AND R.EndDate)"); return(dp.Find.IsExists(SqlQuery, new FieldParam("0", UserName), new FieldParam("1", UserPassword), new FieldParam("2", RoleName), new FieldParam("3", BaseFramework.ProductName))); } else { SqlQuery = string.Concat(@"SELECT U.UserName FROM (_System_User AS U INNER JOIN _System_RoleUser AS RU ON U.UserName=RU.UserName) INNER JOIN _System_Role AS R ON RU.RoleName=R.RoleName AND RU.ProductName=R.ProductName WHERE RU.ProductName=@3 AND U.IsActive=", TrueStr, @" AND U.UserName=@0 AND U.UserPassword=@1 AND (U.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(), " BETWEEN U.StartDate AND U.EndDate) AND R.IsActive=", TrueStr, @" AND (R.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(), " BETWEEN R.StartDate AND R.EndDate)"); return(dp.Find.IsExists(SqlQuery, new FieldParam("0", UserName), new FieldParam("1", UserPassword), new FieldParam("3", BaseFramework.ProductName))); } }
internal static bool IsUserAdminExist(DataPersistance dp) { string TrueStr = dp.FormatSqlValue(true); string FalseStr = dp.FormatSqlValue(false); string SqlQuery = string.Concat( @"SELECT U.UserName FROM (_System_User AS U INNER JOIN _System_RoleUser AS RU ON U.UserName=RU.UserName) INNER JOIN _System_Role R ON RU.RoleName=R.RoleName AND RU.ProductName=R.ProductName WHERE R.ProductName=@0 AND U.IsAdmin=", TrueStr, " AND U.IsActive=", TrueStr, " AND (U.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(), @" BETWEEN U.StartDate AND U.EndDate) AND R.IsActive=", TrueStr, " AND (R.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(), " BETWEEN R.StartDate AND R.EndDate)"); return(dp.Find.IsExists(SqlQuery, new FieldParam("0", BaseFramework.ProductName))); }
internal static DataTable GetListRole(DataPersistance dp, bool AllRole) { dp.ValidateTableDef <Role>(); if (AllRole) { return(dp.OpenDataTable( "SELECT RoleName FROM _System_Role WHERE ProductName=@0 ORDER BY RoleName", new FieldParam("0", BaseFramework.ProductName))); } else { return(dp.OpenDataTable(string.Concat( "SELECT RoleName FROM _System_Role WHERE ProductName=@0 AND IsActive=", dp.FormatSqlValue(true, DataType.Boolean), " AND (UseDateLimit=", dp.FormatSqlValue(false, DataType.Boolean), " OR ", dp.GetSqlNow(), " BETWEEN StartDate AND EndDate) ORDER BY RoleName"), new FieldParam("0", BaseFramework.ProductName))); } }