예제 #1
0
        /// <summary>
        /// 某个用户是否对某个模块Url有访问权限
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="userId">用户主键</param>
        /// <param name="moduleUrl">模块Url</param>
        /// <returns>是否有权限</returns>
        public bool IsUrlAuthorizedByUser(BaseUserInfo userInfo, string userId, string moduleUrl)
        {
            var result = false;

            var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());

            ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
            {
                // 是否超级管理员
                // 是超级管理员,就不用继续判断权限了
                var userEntity = BaseUserManager.GetEntityByCache(userId);
                if (userEntity != null)
                {
                    result = BaseUserManager.IsAdministrator(userId);
                    if (!result)
                    {
                        var tableName     = userInfo.SystemCode + "Module";
                        var moduleManager = new BaseModuleManager(dbHelper, userInfo, tableName);
                        List <BaseModuleEntity> entityList = null;
                        // moduleManager.GetList(userId);
                        // 这里需要改进,只读到第一个就可以返回了,没必要全部列表都计算一边
                        var count = entityList.Count(entity => !string.IsNullOrEmpty(entity.NavigateUrl) &&
                                                     (entity.NavigateUrl.Equals(moduleUrl, StringComparison.OrdinalIgnoreCase) || moduleUrl.StartsWith(entity.NavigateUrl)));
                        result = count > 0;
                    }
                }
            });

            return(result);
        }
예제 #2
0
        /// <summary>
        /// 获取用户实体
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="id">主键</param>
        /// <returns>实体</returns>
        public BaseUserEntity GetEntityByCache(BaseUserInfo userInfo, string id)
        {
            BaseUserEntity entity = null;

            var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());

            ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
            {
                // var userManager = new BaseUserManager(dbHelper, userInfo);
                // 判断是否已经登录的用户?
                // if (userManager.UserIsLogon(userInfo))
                // {
                entity = BaseUserManager.GetEntityByCache(id);
                // }
            });
            return(entity);
        }
예제 #3
0
        /// <summary>
        /// 为了提高授权的运行速度
        /// </summary>
        /// <param name="systemCode">系统编号</param>
        /// <param name="userId">用户主键</param>
        /// <param name="permissionId">权限主键</param>
        /// <param name="chekExists">判断是否存在</param>
        /// <returns>主键</returns>
        public string GrantUser(string systemCode, string userId, string permissionId, bool chekExists = true)
        {
            var result = string.Empty;

            if (!ValidateUtil.IsInt(userId) && string.IsNullOrEmpty(permissionId))
            {
                return(result);
            }

            CurrentTableName = systemCode + "Permission";

            var currentId = string.Empty;

            // 判断是否已经存在这个权限,若已经存在就不重复增加了
            if (chekExists)
            {
                var whereParameters = new List <KeyValuePair <string, object> >
                {
                    new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceCategory, BaseUserEntity.CurrentTableName),
                    new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceId, userId),
                    new KeyValuePair <string, object>(BasePermissionEntity.FieldPermissionId, permissionId)
                };
                currentId = GetId(whereParameters);
                if (!string.IsNullOrEmpty(currentId))
                {
                    var parameters = new List <KeyValuePair <string, object> >
                    {
                        new KeyValuePair <string, object>(BasePermissionEntity.FieldEnabled, 1),
                        new KeyValuePair <string, object>(BasePermissionEntity.FieldDeleted, 0),
                        new KeyValuePair <string, object>(BasePermissionEntity.FieldUpdateUserId, UserInfo.UserId),
                        new KeyValuePair <string, object>(BasePermissionEntity.FieldUpdateBy, UserInfo.RealName),
                        new KeyValuePair <string, object>(BasePermissionEntity.FieldUpdateTime, DateTime.Now)
                    };
                    // 更新状态,设置为有效、并取消删除,权限也不是天天变动的,所以可以更新一下
                    SetProperty(currentId, parameters);

                    result = currentId;
                }
            }

            if (string.IsNullOrEmpty(currentId))
            {
                var permissionEntity = new BasePermissionEntity
                {
                    ResourceCategory = BaseUserEntity.CurrentTableName,
                    ResourceId       = userId.ToString(),
                    PermissionId     = permissionId,
                    Enabled          = 1
                };
                // 2015-07-03 吉日嘎拉 若是没有公司相关的信息,就把公司区分出来,每个公司可以看每个公司的数据
                if (permissionEntity.CompanyId > 0)
                {
                    var entity = BaseUserManager.GetEntityByCache(userId);
                    if (entity != null)
                    {
                        permissionEntity.CompanyId   = entity.CompanyId;
                        permissionEntity.CompanyName = entity.CompanyName;
                    }
                }

                var permissionManager = new BasePermissionManager(DbHelper, UserInfo, CurrentTableName);
                result = permissionManager.Add(permissionEntity, true, false);
            }

            // 2015-09-21 吉日嘎拉 这里增加变更日志
            var tableName  = systemCode + "UserPermission";
            var sqlBuilder = new SqlBuilder(DbHelper);

            sqlBuilder.BeginInsert(BaseChangeLogEntity.CurrentTableName);
            sqlBuilder.SetValue(BaseChangeLogEntity.FieldTableName, tableName);
            if (DbHelper.CurrentDbType == CurrentDbType.Oracle)
            {
                sqlBuilder.SetFormula(BaseChangeLogEntity.FieldId, BaseChangeLogEntity.CurrentTableName + "_SEQ.NEXTVAL");
            }
            sqlBuilder.SetValue(BaseChangeLogEntity.FieldRecordKey, userId);
            sqlBuilder.SetValue(BaseChangeLogEntity.FieldColumnName, "授权");
            sqlBuilder.SetValue(BaseChangeLogEntity.FieldColumnDescription, new BaseModuleManager().GetNameByCache(systemCode, permissionId));
            sqlBuilder.SetValue(BaseChangeLogEntity.FieldOldValue, null);
            sqlBuilder.SetValue(BaseChangeLogEntity.FieldNewValue, permissionId);
            sqlBuilder.EndInsert();

            return(result);
        }
예제 #4
0
        /// <summary>
        /// 获取权限审核
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="startDate">开始日期</param>
        /// <param name="endDate">结束日期</param>
        /// <param name="companyId">公司主键</param>
        /// <param name="userId">用户主键</param>
        /// <param name="permissionId">权限主键</param>
        /// <param name="recordCount">记录数</param>
        /// <param name="pageNo">当前页</param>
        /// <param name="pageSize">每页显示条数</param>
        /// <returns>数据表</returns>
        public DataTable PermissionMonitor(BaseUserInfo userInfo, DateTime startDate, DateTime endDate, string companyId, string userId, string permissionId, out int recordCount, int pageNo = 1, int pageSize = 20)
        {
            DataTable result = null;

            recordCount = 0;
            var myRecordCount = 0;

            var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());

            ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
            {
                var condition    = string.Empty;
                var dbParameters = new List <KeyValuePair <string, object> >();

                if (!string.IsNullOrEmpty(condition))
                {
                    condition += " AND ";
                }
                condition += BasePermissionEntity.FieldCreateTime + " >= " + DbUtil.GetParameter(BaseSystemInfo.UserCenterDbType, "startDate");
                dbParameters.Add(new KeyValuePair <string, object>("startDate", startDate));

                if (!string.IsNullOrEmpty(condition))
                {
                    condition += " AND ";
                }
                condition += BasePermissionEntity.FieldCreateTime + " <= " + DbUtil.GetParameter(BaseSystemInfo.UserCenterDbType, "endDate");
                dbParameters.Add(new KeyValuePair <string, object>("endDate", endDate));

                var tableName = BasePermissionEntity.CurrentTableName;
                if (userInfo != null)
                {
                    tableName = userInfo.SystemCode + "Permission";
                }

                myRecordCount = dbHelper.GetCount(tableName, condition, dbHelper.MakeParameters(dbParameters));
                result        = DbUtil.GetDataTableByPage(dbHelper, tableName, "*", pageNo, pageSize, condition, dbHelper.MakeParameters(dbParameters), BasePermissionEntity.FieldCreateTime + " DESC");

                if (!result.Columns.Contains("ResourceCategoryName"))
                {
                    result.Columns.Add("ResourceCategoryName".ToUpper());
                }
                if (!result.Columns.Contains("PermissionName"))
                {
                    result.Columns.Add("PermissionName".ToUpper());
                }
                if (!result.Columns.Contains("PermissionCode"))
                {
                    result.Columns.Add("PermissionCode".ToUpper());
                }
                if (!result.Columns.Contains("ResourceName"))
                {
                    result.Columns.Add("ResourceName".ToUpper());
                }
                if (!result.Columns.Contains("CompanyName"))
                {
                    result.Columns.Add("CompanyName".ToUpper());
                }

                foreach (DataRow dr in result.Rows)
                {
                    var id           = dr["PermissionId"].ToString();
                    var moduleEntity = new BaseModuleManager().GetEntityByCache(userInfo, id);
                    if (moduleEntity != null)
                    {
                        dr["PermissionName"] = moduleEntity.Name;
                        dr["PermissionCode"] = moduleEntity.Code;
                    }
                    if (dr["ResourceCategory"].ToString().Equals(BaseUserEntity.CurrentTableName))
                    {
                        id             = dr["ResourceId"].ToString();
                        var userEntity = BaseUserManager.GetEntityByCache(id);
                        if (userEntity != null)
                        {
                            dr["ResourceName"]         = userEntity.RealName;
                            dr["CompanyName"]          = userEntity.CompanyName;
                            dr["ResourceCategoryName"] = "用户";
                        }
                    }
                    else if (dr["ResourceCategory"].ToString().Equals(BaseOrganizationEntity.CurrentTableName))
                    {
                        id = dr["ResourceId"].ToString();
                        var organizationEntity = BaseOrganizationManager.GetEntityByCache(id);
                        if (organizationEntity != null)
                        {
                            dr["ResourceName"]         = organizationEntity.Name;
                            dr["ResourceCategoryName"] = "网点";
                        }
                    }
                    else if (dr["ResourceCategory"].ToString().Equals(BaseRoleEntity.CurrentTableName))
                    {
                        id             = dr["ResourceId"].ToString();
                        var roleEntity = BaseRoleManager.GetEntityByCache(userInfo, id);
                        if (roleEntity != null)
                        {
                            dr["ResourceName"]         = roleEntity.Name;
                            dr["ResourceCategoryName"] = "角色";
                        }
                    }
                }
            });

            recordCount = myRecordCount;
            return(result);
        }