public static int RefreshCache(string userId)
{
int result = 0;
// 刷新用户的缓存
BaseUserEntity userEntity = BaseUserManager.GetObjectByCache(userId, true);
if (userEntity != null)
{
// 刷新用户的登录限制
BaseUserManager.ResetIPAddressByCache(userId);
BaseUserManager.ResetMACAddressByCache(userId);
// 刷新组织机构缓存
BaseOrganizeManager.GetObjectByCache(userEntity.CompanyId, true);
// 刷新部门缓存
BaseDepartmentManager.GetObjectByCache(userEntity.DepartmentId, true);
// 2016-02-18 吉日嘎拉 刷新拒绝权限(把用户的权限放在一起方便直接移除、刷新)
string key = "User:IsAuthorized:" + userId;
using (var redisClient = PooledRedisHelper.GetPermissionClient())
{
redisClient.Remove(key);
}
// 每个子系统都可以循环一次
string[] systemCodes = BaseSystemManager.GetSystemCodes();
for (int i = 0; i < systemCodes.Length; i++)
{
BaseUserPermissionManager.ResetPermissionByCache(systemCodes[i], userId);
}
}
return(result);
}
/// <summary>
/// 给用户权限(分子系统)
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="systemCode">系统编号</param>
/// <param name="userId">用户主键</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>主键</returns>
public string GrantUserPermission(BaseUserInfo userInfo, string systemCode, string userId, string permissionCode)
{
string result = string.Empty;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var userPermissionManager = new BaseUserPermissionManager(dbHelper, userInfo);
result = userPermissionManager.GrantByPermissionCode(systemCode, userId, permissionCode);
});
return(result);
}
//////////////////////////////////////////////////////////////////////////////////////////////////////
/// 用户权限关联关系相关
//////////////////////////////////////////////////////////////////////////////////////////////////////
#region public string[] GetUserPermissionIds(BaseUserInfo userInfo, string userId)
/// <summary>
/// 获取用户拥有的操作权限主键数组
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <returns>主键数组</returns>
public string[] GetUserPermissionIds(BaseUserInfo userInfo, string userId)
{
string[] result = null;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var manager = new BaseUserPermissionManager(dbHelper, userInfo);
result = manager.GetPermissionIds(userInfo.SystemCode, userId);
});
return(result);
}
/// <summary>
/// 获取用户权限主键数组
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <returns>主键数组</returns>
public string[] GetUserIdsByPermission(BaseUserInfo userInfo, string permissionId)
{
string[] result = null;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
// BaseLogManager.Instance.Add(result, this.serviceName, MethodBase.GetCurrentMethod());
var manager = new BaseUserPermissionManager(dbHelper, userInfo);
result = manager.GetUserIds(userInfo.SystemCode, permissionId);
});
return(result);
}
/// <summary>
/// 授予用户操作权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键数组</param>
/// <param name="grantPermissionIds">授予权限数组</param>
/// <returns>影响的行数</returns>
public int GrantUserPermissions(BaseUserInfo userInfo, string[] userIds, string[] grantPermissionIds)
{
int result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var manager = new BaseUserPermissionManager(dbHelper, userInfo);
// 小心异常,检查一下参数的有效性
if (userIds != null && grantPermissionIds != null)
{
result += manager.Grant(userInfo.SystemCode, userIds, grantPermissionIds);
}
});
return(result);
}
/// <summary>
/// 撤消用户操作权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <param name="revokePermissionIds">撤消权限数组</param>
/// <returns>影响的行数</returns>
public int RevokeUserPermissionById(BaseUserInfo userInfo, string userId, string revokePermissionId)
{
int result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var manager = new BaseUserPermissionManager(dbHelper, userInfo);
// 小心异常,检查一下参数的有效性
if (revokePermissionId != null)
{
result += manager.Revoke(userInfo.SystemCode, userId, revokePermissionId);
}
});
return(result);
}
/// <summary>
/// 授予用户操作权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <param name="grantPermissionIds">授予权限数组</param>
/// <returns>影响的行数</returns>
public string GrantUserPermissionById(BaseUserInfo userInfo, string userId, string grantPermissionId)
{
string result = string.Empty;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var manager = new BaseUserPermissionManager(dbHelper, userInfo);
// 小心异常,检查一下参数的有效性
if (grantPermissionId != null)
{
result = manager.Grant(userInfo.SystemCode, userId, grantPermissionId);
}
});
return(result);
}
/// <summary>
/// 撤销用户权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userName">用户名</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>主键</returns>
public int RevokeUserPermission(BaseUserInfo userInfo, string userName, string permissionCode)
{
int result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var userManager = new BaseUserManager(dbHelper, userInfo);
string userId = userManager.GetId(new KeyValuePair <string, object>(BaseUserEntity.FieldUserName, userName));
if (!String.IsNullOrEmpty(userId))
{
var userPermissionManager = new BaseUserPermissionManager(dbHelper, userInfo);
result = userPermissionManager.RevokeByPermissionCode(userInfo.SystemCode, userId, permissionCode);
}
});
return(result);
}
/// <summary>
/// 清除用户权限
///
/// 1.清除用户的角色归属。
/// 2.清除用户的模块权限。
/// 3.清除用户的操作权限。
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="id">主键</param>
/// <returns>数据表</returns>
public int ClearUserPermission(BaseUserInfo userInfo, string id)
{
int result = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
string systemCode = userInfo.SystemCode;
BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo);
result += userManager.ClearRole(systemCode, id);
var userPermissionManager = new BaseUserPermissionManager(dbHelper, userInfo);
result += userPermissionManager.RevokeAll(systemCode, id);
var userPermissionScopeManager = new BaseUserScopeManager(dbHelper, userInfo);
result += userPermissionScopeManager.RevokeAll(systemCode, id);
});
return(result);
}
/// <summary>
/// 撤销用户权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userName">用户名</param>
/// <param name="permissionItemCode">权限编号</param>
/// <returns>主键</returns>
public int RevokeUserPermission(BaseUserInfo userInfo, string userName, string permissionItemCode)
{
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
int returnValue = 0;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo);
string userId = userManager.GetId(new KeyValuePair <string, object>(BaseUserEntity.FieldUserName, userName));
BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo);
string permissionItemId = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode));
if (!String.IsNullOrEmpty(userId) && !String.IsNullOrEmpty(permissionItemId))
{
BaseUserPermissionManager userPermissionManager = new BaseUserPermissionManager(dbHelper, userInfo);
returnValue = userPermissionManager.Revoke(userId, permissionItemId);
}
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
return(returnValue);
}
/// <summary>
/// 获取用户的权限主键数组
/// </summary>
/// <param name="systemCode">系统编号</param>
/// <param name="userId">用户主键</param>
/// <param name="companyId">公司主键</param>
/// <param name="useBaseRole">使用基础角色权限</param>
/// <returns>拥有权限数组</returns>
public static string[] GetPermissionIdsByUserByCache(string systemCode, string userId, string companyId = null, bool containPublic = true, bool useBaseRole = false)
{
// 公开的操作权限需要计算
string[] result = null;
int errorMark = 0;
string tableName = BaseModuleEntity.TableName;
if (string.IsNullOrWhiteSpace(systemCode))
{
systemCode = "Base";
}
// 就不需要参合基础的角色了
if (systemCode.Equals("Base"))
{
useBaseRole = false;
}
tableName = systemCode + "Module";
try
{
errorMark = 1;
// 01: 把公开的部分获取出来(把公开的主键数组从缓存里获取出来,减少数据库的读取次数)
if (containPublic)
{
List <BaseModuleEntity> moduleEntities = BaseModuleManager.GetEntitiesByCache(systemCode);
if (moduleEntities != null)
{
result = moduleEntities.Where((t => t.IsPublic == 1 && t.Enabled == 1 && t.DeletionStateCode == 0)).Select(t => t.Id.ToString()).ToArray();
}
}
// 02: 获取用户本身拥有的权限
string[] userPermissionIds = BaseUserPermissionManager.GetPermissionIdsByCache(systemCode, userId);
result = StringUtil.Concat(result, userPermissionIds);
// 03: 用户角色的操作权限
// 用户都在哪些角色里?通过缓存读取?没有角色的,没必要进行运算了
string[] roleIds = BaseUserManager.GetRoleIdsByCache(systemCode, userId, companyId);
if (useBaseRole && !systemCode.Equals("Base", StringComparison.OrdinalIgnoreCase))
{
string[] baseRoleIds = BaseUserManager.GetRoleIdsByCache("Base", userId, companyId);
if (baseRoleIds != null && baseRoleIds.Length > 0)
{
roleIds = StringUtil.Concat(roleIds, baseRoleIds);
}
}
if (roleIds != null && roleIds.Length > 0)
{
string[] userRolePermissionIds = BaseRolePermissionManager.GetPermissionIdsByCache(systemCode, roleIds);
result = StringUtil.Concat(result, userRolePermissionIds);
}
// 04: 按部门(组织机构)获取权限项
if (BaseSystemInfo.UseOrganizePermission && !string.IsNullOrEmpty(companyId))
{
// 2016-02-26 吉日嘎拉,公司权限进行优化简化
string[] organizePermission = BaseOrganizePermissionManager.GetPermissionIdsByCache(systemCode, companyId);
result = StringUtil.Concat(result, organizePermission);
}
}
catch (System.Exception ex)
{
string writeMessage = "BasePermissionManager.GetPermissionIdsByUser:发生时间:" + DateTime.Now
+ System.Environment.NewLine + "errorMark = " + errorMark.ToString()
+ System.Environment.NewLine + "Message:" + ex.Message
+ System.Environment.NewLine + "Source:" + ex.Source
+ System.Environment.NewLine + "StackTrace:" + ex.StackTrace
+ System.Environment.NewLine + "TargetSite:" + ex.TargetSite
+ System.Environment.NewLine;
FileUtil.WriteMessage(writeMessage, BaseSystemInfo.StartupPath + "//Exception//Exception" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
return(result);
}
