예제 #1
0
        public static bool CanLogin(DataPersistance dp,
                                    string RoleName, string UserName, string UserPassword)
        {
            string TrueStr  = dp.FormatSqlValue(true);
            string FalseStr = dp.FormatSqlValue(false);

            dp.ValidateTableDef <User>();
            dp.ValidateTableDef <RoleUser>();

            string SqlQuery;

            if (BaseSecurity.LoginWithRole)
            {
                SqlQuery = string.Concat(@"SELECT U.UserName 
                FROM (_System_User AS U INNER JOIN _System_RoleUser AS RU ON 
                U.UserName=RU.UserName) INNER JOIN _System_Role AS R ON 
                RU.RoleName=R.RoleName AND RU.ProductName=R.ProductName 
                WHERE RU.ProductName=@3 AND U.IsActive=", TrueStr,
                                         @" AND U.UserName=@0 AND U.UserPassword=@1
                AND (U.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(),
                                         " BETWEEN U.StartDate AND U.EndDate) AND R.IsActive=",
                                         TrueStr, @" AND R.RoleName=@2 AND 
                (R.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(),
                                         " BETWEEN R.StartDate AND R.EndDate)");

                return(dp.Find.IsExists(SqlQuery,
                                        new FieldParam("0", UserName),
                                        new FieldParam("1", UserPassword),
                                        new FieldParam("2", RoleName),
                                        new FieldParam("3", BaseFramework.ProductName)));
            }
            else
            {
                SqlQuery = string.Concat(@"SELECT U.UserName 
                FROM (_System_User AS U INNER JOIN _System_RoleUser AS RU ON 
                U.UserName=RU.UserName) INNER JOIN _System_Role AS R ON 
                RU.RoleName=R.RoleName AND RU.ProductName=R.ProductName 
                WHERE RU.ProductName=@3 AND U.IsActive=", TrueStr,
                                         @" AND U.UserName=@0 AND U.UserPassword=@1
                AND (U.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(),
                                         " BETWEEN U.StartDate AND U.EndDate) AND R.IsActive=",
                                         TrueStr, @" AND
                (R.UseDateLimit=", FalseStr, " OR ", dp.GetSqlNow(),
                                         " BETWEEN R.StartDate AND R.EndDate)");

                return(dp.Find.IsExists(SqlQuery,
                                        new FieldParam("0", UserName),
                                        new FieldParam("1", UserPassword),
                                        new FieldParam("3", BaseFramework.ProductName)));
            }
        }
예제 #2
0
        internal static bool IsUserAdminExist(DataPersistance dp)
        {
            string TrueStr  = dp.FormatSqlValue(true);
            string FalseStr = dp.FormatSqlValue(false);

            string SqlQuery = string.Concat(
                @"SELECT U.UserName FROM (_System_User AS U 
                INNER JOIN _System_RoleUser AS RU ON 
                U.UserName=RU.UserName) INNER JOIN _System_Role R ON 
                RU.RoleName=R.RoleName AND RU.ProductName=R.ProductName WHERE 
                R.ProductName=@0 AND U.IsAdmin=", TrueStr,
                " AND U.IsActive=", TrueStr,
                " AND (U.UseDateLimit=", FalseStr, " OR ",
                dp.GetSqlNow(), @" BETWEEN U.StartDate AND 
                U.EndDate) AND R.IsActive=", TrueStr,
                " AND (R.UseDateLimit=", FalseStr, " OR ",
                dp.GetSqlNow(), " BETWEEN R.StartDate AND R.EndDate)");

            return(dp.Find.IsExists(SqlQuery,
                                    new FieldParam("0", BaseFramework.ProductName)));
        }
예제 #3
0
 internal static DataTable GetListRole(DataPersistance dp,
                                       bool AllRole)
 {
     dp.ValidateTableDef <Role>();
     if (AllRole)
     {
         return(dp.OpenDataTable(
                    "SELECT RoleName FROM _System_Role WHERE ProductName=@0 ORDER BY RoleName",
                    new FieldParam("0", BaseFramework.ProductName)));
     }
     else
     {
         return(dp.OpenDataTable(string.Concat(
                                     "SELECT RoleName FROM _System_Role WHERE ProductName=@0 AND IsActive=",
                                     dp.FormatSqlValue(true, DataType.Boolean),
                                     " AND (UseDateLimit=",
                                     dp.FormatSqlValue(false, DataType.Boolean),
                                     " OR ", dp.GetSqlNow(),
                                     " BETWEEN StartDate AND EndDate) ORDER BY RoleName"),
                                 new FieldParam("0", BaseFramework.ProductName)));
     }
 }