/// <summary> /// 获取用户的某个权限域的组织范围 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <param name="permissionCode">权限编号</param> /// <returns>主键数组</returns> public string[] GetUserScopeOrganizeIds(BaseUserInfo userInfo, string userId, string permissionCode) { string[] result = null; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) => { string tableName = userInfo.SystemCode + "PermissionScope"; var manager = new BaseUserScopeManager(dbHelper, userInfo, tableName); result = manager.GetOrganizeIds(userInfo.SystemCode, userId, permissionCode); }); return(result); }
private string GetSearchConditional(string permissionCode, string where, bool?enabled, string auditStates, string companyId = null, string departmentId = null) { string whereClause = BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldDeletionStateCode + " = 0 "; if (enabled.HasValue) { if (enabled == true) { whereClause += " AND " + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldEnabled + " = 1 "; } else { whereClause += " AND " + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldEnabled + " = 0 "; } } if (!String.IsNullOrEmpty(where)) { // 传递过来的表达式,还是搜索值? if (where.IndexOf("AND") < 0 && where.IndexOf("=") < 0) { where = StringUtil.GetSearchString(where); whereClause += " AND (" + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldUserName + " LIKE '" + where + "'" // + " OR " + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldSimpleSpelling + " LIKE '" + where + "'" + " OR " + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldCode + " LIKE '" + where + "'" + " OR " + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldRealName + " LIKE '" + where + "'" + " OR " + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldQuickQuery + " LIKE '" + where + "'" + " OR " + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldCompanyName + " LIKE '" + where + "'" + " OR " + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldDepartmentName + " LIKE '" + where + "'" // + " OR " + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldDescription + " LIKE '" + search + "'" + ")"; } else { whereClause += " AND (" + where + ")"; } } if (!string.IsNullOrEmpty(departmentId)) { /* * BaseOrganizeManager organizeManager = new BaseOrganizeManager(this.DbHelper, this.UserInfo); * string[] ids = organizeManager.GetChildrensId(BaseOrganizeEntity.FieldId, departmentId, BaseOrganizeEntity.FieldParentId); * if (ids != null && ids.Length > 0) * { * whereClause += " AND (" + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldCompanyId + " IN (" + StringUtil.ArrayToList(ids) + ")" + " OR " + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldDepartmentId + " IN (" + StringUtil.ArrayToList(ids) + ")" + " OR " + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldWorkgroupId + " IN (" + StringUtil.ArrayToList(ids) + "))"; + } */ whereClause += " AND (" + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldDepartmentId + " = " + departmentId + ")"; } if (!string.IsNullOrEmpty(companyId)) { whereClause += " AND (" + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldCompanyId + " = " + companyId + ")"; } if (enabled != null) { whereClause += " AND (" + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldEnabled + " = " + ((bool)enabled ? 1 : 0) + ")"; } // 是否过滤用户, 获得组织机构列表, 这里需要一个按用户过滤得功能 if (!string.IsNullOrEmpty(permissionCode) && (!UserInfo.IsAdministrator) && (BaseSystemInfo.UsePermissionScope)) { // string permissionCode = "Resource.ManagePermission"; string permissionId = BaseModuleManager.GetIdByCodeByCache(UserInfo.SystemCode, permissionCode); if (!string.IsNullOrEmpty(permissionId)) { // 从小到大的顺序进行显示,防止错误发生 BaseUserScopeManager userPermissionScopeManager = new BaseUserScopeManager(this.DbHelper, this.UserInfo); string[] organizeIds = userPermissionScopeManager.GetOrganizeIds(UserInfo.SystemCode, UserInfo.Id, permissionId); // 没有任何数据权限 if (StringUtil.Exists(organizeIds, ((int)PermissionOrganizeScope.NotAllowed).ToString())) { whereClause += " AND (" + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldId + " = NULL ) "; } // 按详细设定的数据 if (StringUtil.Exists(organizeIds, ((int)PermissionOrganizeScope.ByDetails).ToString())) { BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); string[] userIds = permissionScopeManager.GetUserIds(UserInfo.SystemCode, UserInfo.Id, permissionCode); whereClause += " AND (" + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldId + " IN (" + string.Join(",", userIds) + ")) "; } // 自己的数据,仅本人 if (StringUtil.Exists(organizeIds, ((int)PermissionOrganizeScope.OnlyOwnData).ToString())) { whereClause += " AND (" + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldId + " = " + this.UserInfo.Id + ") "; } // 用户所在工作组数据 if (StringUtil.Exists(organizeIds, ((int)PermissionOrganizeScope.UserWorkgroup).ToString())) { // whereClause += " AND (" + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldWorkgroupId + " = " + this.UserInfo.WorkgroupId + ") "; } // 用户所在部门数据 if (StringUtil.Exists(organizeIds, ((int)PermissionOrganizeScope.UserDepartment).ToString())) { whereClause += " AND (" + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldDepartmentId + " = " + this.UserInfo.DepartmentId + ") "; } // 用户所在分支机构数据 if (StringUtil.Exists(organizeIds, ((int)PermissionOrganizeScope.UserSubCompany).ToString())) { // whereClause += " AND (" + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldSubCompanyId + " = " + this.UserInfo.SubCompanyId + ") "; } // 用户所在公司数据 if (StringUtil.Exists(organizeIds, ((int)PermissionOrganizeScope.UserCompany).ToString())) { whereClause += " AND (" + BaseStaffEntity.TableName + "." + BaseStaffEntity.FieldCompanyId + " = " + this.UserInfo.CompanyId + ") "; } // 全部数据,这里就不用设置过滤条件了 if (StringUtil.Exists(organizeIds, ((int)PermissionOrganizeScope.AllData).ToString())) { } } } return(whereClause); }
public DataTable Search(string permissionScopeItemCode, string search, string[] roleIds, bool?enabled, string auditStates, string departmentId) { search = StringUtil.GetSearchString(search); string sqlQuery = " SELECT " + BaseUserEntity.TableName + ".* " + "," + BaseRoleEntity.TableName + "." + BaseRoleEntity.FieldRealName + " AS RoleName " + " FROM " + BaseUserEntity.TableName + " LEFT OUTER JOIN " + BaseRoleEntity.TableName + " ON " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldRoleId + " = " + BaseRoleEntity.TableName + "." + BaseRoleEntity.FieldId // 被删除的排出在外比较好一些 + " WHERE " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDeletionStateCode + " = 0 " + " AND " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldIsVisible + " = 1 "; if (!String.IsNullOrEmpty(search)) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldUserName + " LIKE '" + search + "'" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldCode + " LIKE '" + search + "'" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldRealName + " LIKE '" + search + "'" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldQuickQuery + " LIKE '" + search + "'" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDepartmentName + " LIKE '" + search + "'" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDescription + " LIKE '" + search + "')"; } if (!string.IsNullOrEmpty(departmentId)) { BaseOrganizeManager organizeManager = new BaseOrganizeManager(this.DbHelper, this.UserInfo); string[] organizeIds = organizeManager.GetChildrensId(BaseOrganizeEntity.FieldId, departmentId, BaseOrganizeEntity.FieldParentId); if (organizeIds != null && organizeIds.Length > 0) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldCompanyId + " IN (" + StringUtil.ArrayToList(organizeIds) + ")" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDepartmentId + " IN (" + StringUtil.ArrayToList(organizeIds) + ")" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldWorkgroupId + " IN (" + StringUtil.ArrayToList(organizeIds) + "))"; } } if (!String.IsNullOrEmpty(auditStates)) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldAuditStatus + " = '" + auditStates + "')"; } if (enabled != null) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldEnabled + " = " + ((bool)enabled ? 1:0) + ")"; } if ((roleIds != null) && (roleIds.Length > 0)) { string roles = StringUtil.ArrayToList(roleIds, "'"); sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldRoleId + " IN (" + roles + ") "; sqlQuery += " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldId + " IN (" + "SELECT " + BaseUserRoleEntity.FieldUserId + " FROM " + BaseUserRoleEntity.TableName + " WHERE " + BaseUserRoleEntity.FieldRoleId + " IN (" + roles + ")" + "))"; } // 是否过滤用户, 获得组织机构列表, 这里需要一个按用户过滤得功能 if ((!UserInfo.IsAdministrator) && (BaseSystemInfo.UsePermissionScope)) { // string permissionScopeItemCode = "Resource.ManagePermission"; BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.DbHelper, this.UserInfo); string permissionScopeItemId = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionScopeItemCode)); if (!string.IsNullOrEmpty(permissionScopeItemId)) { // 从小到大的顺序进行显示,防止错误发生 BaseUserScopeManager userPermissionScopeManager = new BaseUserScopeManager(this.DbHelper, this.UserInfo); string[] organizeIds = userPermissionScopeManager.GetOrganizeIds(this.UserInfo.Id, permissionScopeItemId); // 没有任何数据权限 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.None).ToString())) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldId + " = NULL ) "; } // 按详细设定的数据 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.Detail).ToString())) { BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); string[] userIds = permissionScopeManager.GetUserIds(UserInfo.Id, permissionScopeItemCode); sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldId + " IN (" + BaseBusinessLogic.ObjectsToList(userIds) + ")) "; } // 自己的数据,仅本人 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.User).ToString())) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldId + " = " + this.UserInfo.Id + ") "; } // 用户所在工作组数据 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.UserWorkgroup).ToString())) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldWorkgroupId + " = " + this.UserInfo.WorkgroupId + ") "; } // 用户所在部门数据 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.UserDepartment).ToString())) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDepartmentId + " = " + this.UserInfo.DepartmentId + ") "; } // 用户所在分支机构数据 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.UserSubCompany).ToString())) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldSubCompanyId + " = " + this.UserInfo.SubCompanyId + ") "; } // 用户所在公司数据 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.UserCompany).ToString())) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldCompanyId + " = " + this.UserInfo.CompanyId + ") "; } // 全部数据,这里就不用设置过滤条件了 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.All).ToString())) { } } } sqlQuery += " ORDER BY " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldSortCode; return(DbHelper.Fill(sqlQuery)); }