/// <summary>
/// 检查用户对于一批目录是否具有指定权限,返回具有权限的目录Id列表
/// </summary>
/// <param name="handle"></param>
/// <param name="permission"></param>
/// <param name="toFilterDirIdList"></param>
/// <returns></returns>
public List <string> FilterDirIds(LibHandle handle, DMFuncPermissionEnum permission, List <string> toFilterDirIdList)
{
if (handle == LibHandleCache.Default.GetSystemHandle() || string.IsNullOrEmpty(handle.UserId) || handle.UserId == "admin")
{
return(toFilterDirIdList);//系统用户则直接原样返回
}
string personId = handle.PersonId;
DMUserPermission userPermission = DMUserPermissionCache.Default.GetCacheItem(personId);
if (userPermission.IsUnlimited)
{
return(toFilterDirIdList);//用户权限不受限制则直接原样返回
}
Dictionary <string, List <string> > dicDirId_DirIds = DirLinkAddress.GetDirIdsForDirs(toFilterDirIdList);
if (dicDirId_DirIds == null)
{
return(new List <string>());
}
List <string> resultList = new List <string>();
try
{
//使用每个目录的目录标识列表(含自身和所有父级目录)检查是否可用权限
resultList = (from item in toFilterDirIdList
where dicDirId_DirIds.ContainsKey(item) && userPermission.CheckCan(dicDirId_DirIds[item], string.Empty, permission)
select item).ToList();
}
catch (Exception exp)
{
DMCommonMethod.WriteLog("FilterDocIds", exp.Message);
}
return(resultList);
}
/// <summary>
/// 获取用户对于指定文档的权限集合
/// </summary>
/// <param name="userHandle">用户会话标识</param>
/// <param name="docId"></param>
/// <returns></returns>
public List <DMFuncPermissionEnum> GetPermissionOf(string userHandle, string docId)
{
if (string.IsNullOrEmpty(userHandle) || string.IsNullOrEmpty(docId))
{
return(new List <DMFuncPermissionEnum>());//参数非法,返回空
}
LibHandle libHandle = LibHandleCache.Default.GetCurrentHandle(userHandle) as LibHandle;
if (libHandle == null)
{
return(new List <DMFuncPermissionEnum>());//用户句柄无效
}
List <DMFuncPermissionEnum> listPer = new List <DMFuncPermissionEnum>();
//添加所有权限
listPer.AddRange(new DMFuncPermissionEnum[] {
DMFuncPermissionEnum.Browse,
DMFuncPermissionEnum.Add,
DMFuncPermissionEnum.Edit,
DMFuncPermissionEnum.Delete,
DMFuncPermissionEnum.Read,
DMFuncPermissionEnum.Print,
DMFuncPermissionEnum.Download,
DMFuncPermissionEnum.Move,
DMFuncPermissionEnum.SetVersion,
DMFuncPermissionEnum.Subscribe,
DMFuncPermissionEnum.Lend,
DMFuncPermissionEnum.Link,
DMFuncPermissionEnum.Associate,
DMFuncPermissionEnum.Comment,
DMFuncPermissionEnum.Rename,
DMFuncPermissionEnum.Replace,
DMFuncPermissionEnum.Fallback,
});
DirLinkAddress dirLink = new DirLinkAddress(docId);
if (libHandle.UserId.Equals("admin") || (DirTypeEnum)dirLink.DirType == DirTypeEnum.Private || libHandle == LibHandleCache.Default.GetSystemHandle())
{
return(listPer);//具有所有权限
}
DMUserPermission userPer = DMUserPermissionCache.Default.GetCacheItem(libHandle.PersonId);
listPer = (from item in listPer
where userPer.CheckCan(dirLink.ParentDirIdList, docId, item) //筛选
select item).ToList();
return(listPer);
}
public DMUserPermission GetCacheItem(string personId)
{
DMUserPermission userPermission = null;
object lockItem = lockObjDic.GetOrAdd(personId, new object());
lock (lockItem)
{
userPermission = this.Get(personId) as DMUserPermission;
if (userPermission == null)
{
userPermission = new DMUserPermission(personId);
userPermission.RefreshUserPower(); //获取用户操作权限
CacheItemPolicy policy = new CacheItemPolicy();
policy.SlidingExpiration = new TimeSpan(0, 30, 0); //30分钟内不访问自动剔除
this.Set(personId, userPermission, policy);
}
}
return(userPermission);
}
/// <summary>
/// 检查用户是否具有对于指定目录(或及指定文档)的指定权限
/// </summary>
/// <param name="handle"></param>
/// <param name="dirId"></param>
/// <param name="docId">如果参数为空则指针对目录的检查</param>
/// <param name="funcPermission"></param>
/// <returns></returns>
public bool HasPermission(LibHandle handle, string dirId, string docId, DMFuncPermissionEnum funcPermission)
{
bool ret = false;
if (handle == LibHandleCache.Default.GetSystemHandle() || string.IsNullOrEmpty(handle.UserId) || handle.UserId == "admin")
{
ret = true;
}
else
{
string personId = handle.PersonId;
DMUserPermission userPermission = DMUserPermissionCache.Default.GetCacheItem(personId);
if (userPermission.IsUnlimited)
{
ret = true;
}
else
{
return(userPermission.CheckCan(dirId, docId, funcPermission));
}
}
return(ret);
}
/// <summary>
/// 检查用户对于一批文档是否具有指定权限,返回具有权限的文档Id列表
/// </summary>
/// <param name="handle"></param>
/// <param name="permission"></param>
/// <param name="toFilterDocIdList"></param>
/// <returns></returns>
public List <string> FilterDocIds(LibHandle handle, DMFuncPermissionEnum permission, List <string> toFilterDocIdList)
{
if (handle == LibHandleCache.Default.GetSystemHandle() || string.IsNullOrEmpty(handle.UserId) || handle.UserId == "admin")
{
return(toFilterDocIdList);//系统用户则直接原样返回
}
string personId = handle.PersonId;
DMUserPermission userPermission = DMUserPermissionCache.Default.GetCacheItem(personId);
if (userPermission.IsUnlimited)
{
return(toFilterDocIdList);//用户权限不受限制则直接原样返回
}
Dictionary <string, List <DocInfo> > dicDocId_DirIds = DirLinkAddress.GetParentDirIdsForDocs(toFilterDocIdList);
if (dicDocId_DirIds == null)
{
return(null);
}
List <string> resultList = new List <string>();
Dictionary <string, List <string> > tempDic = new Dictionary <string, List <string> >();
foreach (KeyValuePair <string, List <DocInfo> > item in dicDocId_DirIds)
{
foreach (DocInfo temp in item.Value)
{
if (temp.DirType == DirTypeEnum.Private && temp.CreatorId == personId)
{
if (!resultList.Contains(item.Key))
{
resultList.Add(item.Key);
break;
}
}
else
{
if (tempDic.ContainsKey(item.Key))
{
tempDic[item.Key].Add(temp.DirId);
}
else
{
tempDic.Add(item.Key, new List <string>()
{
temp.DirId
});
}
}
}
}
try {
//使用每个文档的标识和父目录标识列表检查是否可用权限
resultList.AddRange((from item in toFilterDocIdList
where tempDic.ContainsKey(item) && userPermission.CheckCan(tempDic[item], item, permission)
select item).ToList());
}
catch (Exception exp)
{
DMCommonMethod.WriteLog("FilterDocIds", exp.Message);
}
return(resultList);
}