public static int RefreshCache(string userId) { int result = 0; // 刷新用户的缓存 BaseUserEntity userEntity = BaseUserManager.GetObjectByCache(userId, true); if (userEntity != null) { // 刷新用户的登录限制 BaseUserManager.ResetIPAddressByCache(userId); BaseUserManager.ResetMACAddressByCache(userId); // 刷新组织机构缓存 BaseOrganizeManager.GetObjectByCache(userEntity.CompanyId, true); // 刷新部门缓存 BaseDepartmentManager.GetObjectByCache(userEntity.DepartmentId, true); // 2016-02-18 吉日嘎拉 刷新拒绝权限(把用户的权限放在一起方便直接移除、刷新) string key = "User:IsAuthorized:" + userId; using (var redisClient = PooledRedisHelper.GetPermissionClient()) { redisClient.Remove(key); } // 每个子系统都可以循环一次 string[] systemCodes = BaseSystemManager.GetSystemCodes(); for (int i = 0; i < systemCodes.Length; i++) { BaseUserPermissionManager.ResetPermissionByCache(systemCodes[i], userId); } } return(result); }
/// <summary> /// 给用户权限(分子系统) /// </summary> /// <param name="userInfo">用户</param> /// <param name="systemCode">系统编号</param> /// <param name="userId">用户主键</param> /// <param name="permissionCode">权限编号</param> /// <returns>主键</returns> public string GrantUserPermission(BaseUserInfo userInfo, string systemCode, string userId, string permissionCode) { string result = string.Empty; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) => { var userPermissionManager = new BaseUserPermissionManager(dbHelper, userInfo); result = userPermissionManager.GrantByPermissionCode(systemCode, userId, permissionCode); }); return(result); }
////////////////////////////////////////////////////////////////////////////////////////////////////// /// 用户权限关联关系相关 ////////////////////////////////////////////////////////////////////////////////////////////////////// #region public string[] GetUserPermissionIds(BaseUserInfo userInfo, string userId) /// <summary> /// 获取用户拥有的操作权限主键数组 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <returns>主键数组</returns> public string[] GetUserPermissionIds(BaseUserInfo userInfo, string userId) { string[] result = null; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) => { var manager = new BaseUserPermissionManager(dbHelper, userInfo); result = manager.GetPermissionIds(userInfo.SystemCode, userId); }); return(result); }
/// <summary> /// 获取用户权限主键数组 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <returns>主键数组</returns> public string[] GetUserIdsByPermission(BaseUserInfo userInfo, string permissionId) { string[] result = null; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) => { // BaseLogManager.Instance.Add(result, this.serviceName, MethodBase.GetCurrentMethod()); var manager = new BaseUserPermissionManager(dbHelper, userInfo); result = manager.GetUserIds(userInfo.SystemCode, permissionId); }); return(result); }
/// <summary> /// 授予用户操作权限 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键数组</param> /// <param name="grantPermissionIds">授予权限数组</param> /// <returns>影响的行数</returns> public int GrantUserPermissions(BaseUserInfo userInfo, string[] userIds, string[] grantPermissionIds) { int result = 0; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) => { var manager = new BaseUserPermissionManager(dbHelper, userInfo); // 小心异常,检查一下参数的有效性 if (userIds != null && grantPermissionIds != null) { result += manager.Grant(userInfo.SystemCode, userIds, grantPermissionIds); } }); return(result); }
/// <summary> /// 撤消用户操作权限 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <param name="revokePermissionIds">撤消权限数组</param> /// <returns>影响的行数</returns> public int RevokeUserPermissionById(BaseUserInfo userInfo, string userId, string revokePermissionId) { int result = 0; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) => { var manager = new BaseUserPermissionManager(dbHelper, userInfo); // 小心异常,检查一下参数的有效性 if (revokePermissionId != null) { result += manager.Revoke(userInfo.SystemCode, userId, revokePermissionId); } }); return(result); }
/// <summary> /// 授予用户操作权限 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <param name="grantPermissionIds">授予权限数组</param> /// <returns>影响的行数</returns> public string GrantUserPermissionById(BaseUserInfo userInfo, string userId, string grantPermissionId) { string result = string.Empty; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) => { var manager = new BaseUserPermissionManager(dbHelper, userInfo); // 小心异常,检查一下参数的有效性 if (grantPermissionId != null) { result = manager.Grant(userInfo.SystemCode, userId, grantPermissionId); } }); return(result); }
/// <summary> /// 撤销用户权限 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userName">用户名</param> /// <param name="permissionCode">权限编号</param> /// <returns>主键</returns> public int RevokeUserPermission(BaseUserInfo userInfo, string userName, string permissionCode) { int result = 0; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) => { var userManager = new BaseUserManager(dbHelper, userInfo); string userId = userManager.GetId(new KeyValuePair <string, object>(BaseUserEntity.FieldUserName, userName)); if (!String.IsNullOrEmpty(userId)) { var userPermissionManager = new BaseUserPermissionManager(dbHelper, userInfo); result = userPermissionManager.RevokeByPermissionCode(userInfo.SystemCode, userId, permissionCode); } }); return(result); }
/// <summary> /// 清除用户权限 /// /// 1.清除用户的角色归属。 /// 2.清除用户的模块权限。 /// 3.清除用户的操作权限。 /// </summary> /// <param name="userInfo">用户</param> /// <param name="id">主键</param> /// <returns>数据表</returns> public int ClearUserPermission(BaseUserInfo userInfo, string id) { int result = 0; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) => { string systemCode = userInfo.SystemCode; BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo); result += userManager.ClearRole(systemCode, id); var userPermissionManager = new BaseUserPermissionManager(dbHelper, userInfo); result += userPermissionManager.RevokeAll(systemCode, id); var userPermissionScopeManager = new BaseUserScopeManager(dbHelper, userInfo); result += userPermissionScopeManager.RevokeAll(systemCode, id); }); return(result); }
/// <summary> /// 撤销用户权限 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userName">用户名</param> /// <param name="permissionItemCode">权限编号</param> /// <returns>主键</returns> public int RevokeUserPermission(BaseUserInfo userInfo, string userName, string permissionItemCode) { // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif int returnValue = 0; using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo); string userId = userManager.GetId(new KeyValuePair <string, object>(BaseUserEntity.FieldUserName, userName)); BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo); string permissionItemId = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode)); if (!String.IsNullOrEmpty(userId) && !String.IsNullOrEmpty(permissionItemId)) { BaseUserPermissionManager userPermissionManager = new BaseUserPermissionManager(dbHelper, userInfo); returnValue = userPermissionManager.Revoke(userId, permissionItemId); } } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } return(returnValue); }
/// <summary> /// 获取用户的权限主键数组 /// </summary> /// <param name="systemCode">系统编号</param> /// <param name="userId">用户主键</param> /// <param name="companyId">公司主键</param> /// <param name="useBaseRole">使用基础角色权限</param> /// <returns>拥有权限数组</returns> public static string[] GetPermissionIdsByUserByCache(string systemCode, string userId, string companyId = null, bool containPublic = true, bool useBaseRole = false) { // 公开的操作权限需要计算 string[] result = null; int errorMark = 0; string tableName = BaseModuleEntity.TableName; if (string.IsNullOrWhiteSpace(systemCode)) { systemCode = "Base"; } // 就不需要参合基础的角色了 if (systemCode.Equals("Base")) { useBaseRole = false; } tableName = systemCode + "Module"; try { errorMark = 1; // 01: 把公开的部分获取出来(把公开的主键数组从缓存里获取出来,减少数据库的读取次数) if (containPublic) { List <BaseModuleEntity> moduleEntities = BaseModuleManager.GetEntitiesByCache(systemCode); if (moduleEntities != null) { result = moduleEntities.Where((t => t.IsPublic == 1 && t.Enabled == 1 && t.DeletionStateCode == 0)).Select(t => t.Id.ToString()).ToArray(); } } // 02: 获取用户本身拥有的权限 string[] userPermissionIds = BaseUserPermissionManager.GetPermissionIdsByCache(systemCode, userId); result = StringUtil.Concat(result, userPermissionIds); // 03: 用户角色的操作权限 // 用户都在哪些角色里?通过缓存读取?没有角色的,没必要进行运算了 string[] roleIds = BaseUserManager.GetRoleIdsByCache(systemCode, userId, companyId); if (useBaseRole && !systemCode.Equals("Base", StringComparison.OrdinalIgnoreCase)) { string[] baseRoleIds = BaseUserManager.GetRoleIdsByCache("Base", userId, companyId); if (baseRoleIds != null && baseRoleIds.Length > 0) { roleIds = StringUtil.Concat(roleIds, baseRoleIds); } } if (roleIds != null && roleIds.Length > 0) { string[] userRolePermissionIds = BaseRolePermissionManager.GetPermissionIdsByCache(systemCode, roleIds); result = StringUtil.Concat(result, userRolePermissionIds); } // 04: 按部门(组织机构)获取权限项 if (BaseSystemInfo.UseOrganizePermission && !string.IsNullOrEmpty(companyId)) { // 2016-02-26 吉日嘎拉,公司权限进行优化简化 string[] organizePermission = BaseOrganizePermissionManager.GetPermissionIdsByCache(systemCode, companyId); result = StringUtil.Concat(result, organizePermission); } } catch (System.Exception ex) { string writeMessage = "BasePermissionManager.GetPermissionIdsByUser:发生时间:" + DateTime.Now + System.Environment.NewLine + "errorMark = " + errorMark.ToString() + System.Environment.NewLine + "Message:" + ex.Message + System.Environment.NewLine + "Source:" + ex.Source + System.Environment.NewLine + "StackTrace:" + ex.StackTrace + System.Environment.NewLine + "TargetSite:" + ex.TargetSite + System.Environment.NewLine; FileUtil.WriteMessage(writeMessage, BaseSystemInfo.StartupPath + "//Exception//Exception" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt"); } return(result); }