/// <summary> /// 判断记录是否存在 /// </summary> public bool RoleAuthorityExists(Entity.BASE_ROLEAUTHORITYLIST model) { StringBuilder strSql = new StringBuilder(); strSql.Append("select count(1) from Base_RoleAuthorityList where "); if (model.UserID != 0)//判断是角色权限还是用户权限 { strSql.Append("UserID=@UserID"); } else if (model.RoleID != 0) { strSql.Append("RoleID=@RoleID"); } else { strSql.Append("GroupID=@GroupID"); } strSql.Append(" and ModuleID=@ModuleID and AuthorityTag=@AuthorityTag"); SqlParameter[] parameters = { new SqlParameter("@UserID", SqlDbType.Int, 4), new SqlParameter("@RoleID", SqlDbType.Int, 4), new SqlParameter("@GroupID", SqlDbType.Int, 4), new SqlParameter("@ModuleID", SqlDbType.Int, 4), new SqlParameter("@AuthorityTag", SqlDbType.NVarChar, 50) }; parameters[0].Value = model.UserID; parameters[1].Value = model.RoleID; parameters[2].Value = model.GroupID; parameters[3].Value = model.ModuleID; parameters[4].Value = model.AuthorityTag; return(SqlServerHelper.Exists(strSql.ToString(), parameters)); }
/// <summary> /// 得到一个对象实体 /// </summary> public Entity.BASE_ROLEAUTHORITYLIST GetEntity(int ID) { StringBuilder strSql = new StringBuilder(); strSql.Append("select ID, UserID, RoleID, GroupID, ModuleID, AuthorityTag, Flag "); strSql.Append(" from BASE_ROLEAUTHORITYLIST "); strSql.Append(" where ID=@ID"); SqlParameter[] parameters = { new SqlParameter("@ID", SqlDbType.Int, 4) }; parameters[0].Value = ID; Entity.BASE_ROLEAUTHORITYLIST entity = new Entity.BASE_ROLEAUTHORITYLIST(); DataSet ds = SqlServerHelper.Query(strSql.ToString(), parameters); if (ds.Tables[0].Rows.Count > 0) { if (ds.Tables[0].Rows[0]["ID"].ToString() != "") { entity.ID = int.Parse(ds.Tables[0].Rows[0]["ID"].ToString()); } if (ds.Tables[0].Rows[0]["UserID"].ToString() != "") { entity.UserID = int.Parse(ds.Tables[0].Rows[0]["UserID"].ToString()); } if (ds.Tables[0].Rows[0]["RoleID"].ToString() != "") { entity.RoleID = int.Parse(ds.Tables[0].Rows[0]["RoleID"].ToString()); } if (ds.Tables[0].Rows[0]["GroupID"].ToString() != "") { entity.GroupID = int.Parse(ds.Tables[0].Rows[0]["GroupID"].ToString()); } if (ds.Tables[0].Rows[0]["ModuleID"].ToString() != "") { entity.ModuleID = int.Parse(ds.Tables[0].Rows[0]["ModuleID"].ToString()); } entity.AuthorityTag = ds.Tables[0].Rows[0]["AuthorityTag"].ToString(); if (ds.Tables[0].Rows[0]["Flag"].ToString() != "") { if ((ds.Tables[0].Rows[0]["Flag"].ToString() == "1") || (ds.Tables[0].Rows[0]["Flag"].ToString().ToLower() == "true")) { entity.Flag = true; } else { entity.Flag = false; } } return(entity); } else { return(null); } }
/// <summary> /// 判断是否有模块访问权限 /// </summary> /// <param name="ModuleID">模块ID</param> /// <param name="AuthorityTag">权限标识</param> /// <returns></returns> public static bool ValidationModule(int ModuleID, string AuthorityTag) { bool ret = false; SQLServerDAL.BASE_ROLE bll = new SQLServerDAL.BASE_ROLE(); Entity.BASE_ROLEAUTHORITYLIST model = new Entity.BASE_ROLEAUTHORITYLIST(); ArrayList rid = Code.SessionBox.GetUserSession().RoleID; for (int ri = 0; ri < rid.Count; ri++) { model.UserID = 0; model.RoleID = int.Parse(rid[ri].ToString().Split(',')[0]); model.ModuleID = ModuleID; model.AuthorityTag = AuthorityTag; if (bll.RoleAuthorityExists(model)) { //只要有一个角色有操作权限都会返回真 ret = true; break; } } //读取用户拥有的该模块权限 if (ConfigurationManager.AppSettings["UserGrant"].ToString().ToLower() == "true") { DataSet RALds = bll.GetUserAuthorityList(Code.SessionBox.GetUserSession().LoginId, ModuleID); for (int i = 0; i < RALds.Tables[0].Rows.Count; i++) { //判断模块的浏览权限 if (RALds.Tables[0].Rows[i]["AuthorityTag"].ToString().ToUpper() == "BROWSE") { if (RALds.Tables[0].Rows[i]["Flag"].ToString().ToLower() == "true")//允许查看 { ret = true; break; } else if (RALds.Tables[0].Rows[i]["Flag"].ToString().ToLower() != "true") //禁止收查看 { ret = false; break; } } } } return(ret); }
/// <summary> /// 更新一条数据 /// </summary> public bool Update(Entity.BASE_ROLEAUTHORITYLIST entity) { StringBuilder strSql = new StringBuilder(); strSql.Append("update BASE_ROLEAUTHORITYLIST set "); strSql.Append(" UserID = @UserID , "); strSql.Append(" RoleID = @RoleID , "); strSql.Append(" GroupID = @GroupID , "); strSql.Append(" ModuleID = @ModuleID , "); strSql.Append(" AuthorityTag = @AuthorityTag , "); strSql.Append(" Flag = @Flag "); strSql.Append(" where ID=@ID "); SqlParameter[] parameters = { new SqlParameter("@ID", SqlDbType.Int, 4), new SqlParameter("@UserID", SqlDbType.Int, 4), new SqlParameter("@RoleID", SqlDbType.Int, 4), new SqlParameter("@GroupID", SqlDbType.Int, 4), new SqlParameter("@ModuleID", SqlDbType.Int, 4), new SqlParameter("@AuthorityTag", SqlDbType.NVarChar, 50), new SqlParameter("@Flag", SqlDbType.Bit, 1) }; parameters[6].Value = entity.ID; parameters[7].Value = entity.UserID; parameters[8].Value = entity.RoleID; parameters[9].Value = entity.GroupID; parameters[10].Value = entity.ModuleID; parameters[11].Value = entity.AuthorityTag; parameters[12].Value = entity.Flag; int rows = SqlServerHelper.ExecuteSql(strSql.ToString(), parameters); if (rows > 0) { return(true); } else { return(false); } }
/// <summary> /// 增加一条数据 /// </summary> public int Add(Entity.BASE_ROLEAUTHORITYLIST entity) { StringBuilder strSql = new StringBuilder(); strSql.Append("insert into BASE_ROLEAUTHORITYLIST("); strSql.Append("UserID,RoleID,GroupID,ModuleID,AuthorityTag,Flag"); strSql.Append(") values ("); strSql.Append("@UserID,@RoleID,@GroupID,@ModuleID,@AuthorityTag,@Flag"); strSql.Append(") "); strSql.Append(";select @@IDENTITY"); SqlParameter[] parameters = { new SqlParameter("@UserID", SqlDbType.Int, 4), new SqlParameter("@RoleID", SqlDbType.Int, 4), new SqlParameter("@GroupID", SqlDbType.Int, 4), new SqlParameter("@ModuleID", SqlDbType.Int, 4), new SqlParameter("@AuthorityTag", SqlDbType.NVarChar, 50), new SqlParameter("@Flag", SqlDbType.Bit, 1) }; parameters[0].Value = entity.UserID; parameters[1].Value = entity.RoleID; parameters[2].Value = entity.GroupID; parameters[3].Value = entity.ModuleID; parameters[4].Value = entity.AuthorityTag; parameters[5].Value = entity.Flag; object obj = SqlServerHelper.GetSingle(strSql.ToString(), parameters); if (obj == null) { return(0); } else { return(Convert.ToInt32(obj)); } }
/// <summary> /// 判断记录是否存在 /// </summary> public bool RoleAuthorityExists(Entity.BASE_ROLEAUTHORITYLIST model) { return(dal.RoleAuthorityExists(model)); }