private void ImportOneUnit(MCS.Library.SOA.DataObjects.Security.SCObjectSet objectSet, Operations.IFacade exec, ImportContextWrapper wrapper, SchemaObjectBase parent, int totalSteps, AdminUnit unit)
{
int currentStep = 0;
var scopes = (from m in objectSet.Membership where m.ContainerID == unit.ID && m.MemberSchemaType == AUCommon.SchemaAUAdminScope && m.Status == Schemas.SchemaProperties.SchemaObjectStatus.Normal join o in objectSet.Objects on m.ID equals o.ID where o.SchemaType == AUCommon.SchemaAUAdminScope && o.Status == Schemas.SchemaProperties.SchemaObjectStatus.Normal select(AUAdminScope) o).ToArray();
var roles = (from m in objectSet.Membership where m.ContainerID == unit.ID && m.MemberSchemaType == AUCommon.SchemaAdminUnitRole && m.Status == Schemas.SchemaProperties.SchemaObjectStatus.Normal join o in objectSet.Objects on m.ID equals o.ID where o.SchemaType == AUCommon.SchemaAdminUnitRole && o.Status == Schemas.SchemaProperties.SchemaObjectStatus.Normal select(AURole) o).ToArray();
try
{
currentStep++;
wrapper.SetStatusAndLog(currentStep, totalSteps, "正在导入管理单元" + unit.GetQualifiedName());
exec.AddAdminUnitWithMembers(unit, (AdminUnit)parent, roles, scopes);
ImportRoleMembers(objectSet, exec, wrapper, totalSteps, unit, currentStep, roles);
ImportConditions(objectSet, exec, wrapper, totalSteps, unit, currentStep, scopes);
if (this.ImportSubUnits)
{
wrapper.IncreaseLevel();
var subs = (from r in objectSet.Relations where r.ParentID == unit.ID && r.ChildSchemaType == AUCommon.SchemaAdminUnit && r.Status == Schemas.SchemaProperties.SchemaObjectStatus.Normal join o in objectSet.Objects on r.ID equals o.ID where o.Status == Schemas.SchemaProperties.SchemaObjectStatus.Normal && o.SchemaType == AUCommon.SchemaAdminUnit select(AdminUnit) o).ToArray();
int count = subs.Length;
foreach (AdminUnit s in subs)
{
ImportOneUnit(objectSet, exec, wrapper, unit, count, s);
}
wrapper.DecreaseLevel();
}
}
catch (Exception ex)
{
wrapper.IncreaseError();
wrapper.SetStatusAndLog(currentStep, totalSteps, string.Format("导入单元 {0} 失败,原因是:{1}", unit.GetQualifiedName(), ex.ToString()));
}
}
public override SCObjectSet Execute(HttpRequest req)
{
string[] ids = req.Form.GetValues("id");
if (ids == null && ids.Length == 0)
throw new HttpException("当获取角色对象时,必须提供ID参数");
string appId = req.Form["appId"];
if (string.IsNullOrEmpty(appId))
throw new HttpException("当获取角色对象时,必须提供appId参数");
SCObjectSet objectSet = new SCObjectSet();
objectSet.Scope = "AppRoles";
PC.SCApplication appObj = (PC.SCApplication)PC.Adapters.SchemaObjectAdapter.Instance.Load(appId);
if (appObj == null || appObj.Status != SchemaObjectStatus.Normal)
throw new HttpException("指定的应用不存在或者已删除");
objectSet.Objects = ExportQueryHelper.LoadObjects(ids, null);
objectSet.Membership = ExportQueryHelper.LoadFullMemberships(ids); // 应用与角色的关系 & 应用的成员关系
objectSet.Conditions = ExportQueryHelper.LoadConditions(ids); // 保存对象的条件
objectSet.Relations = ExportQueryHelper.LoadFullRelations(ids); // 与权限的绑定关系
return objectSet;
}
public override void DoImport(SCObjectSet objectSet, IImportContext context)
{
var executor = PC.Executors.SCObjectOperations.InstanceWithPermissions;
var apps = ImportService.Instance.FilterNormalObjectsBySchemaCategories(objectSet.Objects, "Applications").ToList();
int allCount = apps.Count;
int step = 0;
context.AppendLog("发现" + allCount + "个应用");
Dictionary<object, object> mappings = new Dictionary<object, object>(); // 保存新旧对象的对应关系
// 统计需要哪些附加动作
int extStepCount = 0;
if (this.IncludePermissions)
extStepCount++;
if (this.IncludeRoles)
extStepCount++;
if (this.IncludeRoleMembers)
extStepCount++;
if (this.IncludeRoleDefinitions)
extStepCount++;
if (this.IncludeRoleConditions)
extStepCount++;
if (this.IncludeAcls)
extStepCount++;
foreach (PC.SCApplication app in apps)
{
this.ImportApplication(objectSet, context, executor, allCount, step++, extStepCount, mappings, app);
}
}
public override void DoImport(SCObjectSet objectSet, IImportContext context)
{
if (objectSet.HasRelations && objectSet.HasObjects)
{
context.SetStatus(0, 1, "正在分析数据。");
// 查找组织关系
var pendingOperations = new List<Action<object>>();
var objects = objectSet.Objects;
Dictionary<string, IList<PC.SCOrganization>> orgToOrgRelations = new Dictionary<string, IList<PC.SCOrganization>>();
Dictionary<string, IList<PC.SCUser>> orgToUserRelations = new Dictionary<string, IList<PC.SCUser>>();
Dictionary<string, IList<PC.SCGroup>> orgToGroupRelations = new Dictionary<string, IList<PC.SCGroup>>();
Dictionary<string, PC.SchemaObjectBase> knownObjects = new Dictionary<string, PC.SchemaObjectBase>(); // 缓存已知对象,避免多次往返
context.SetStatus(0, 1, "正在统计需要导入的对象");
Stat stat = new Stat(); // 统计信息
FindFullOURelations(objectSet, orgToOrgRelations, orgToUserRelations, orgToGroupRelations, new PC.SCOrganization[] { this.Parent }, stat); // 爬出所有组织关系
Dictionary<PC.SCOrganization, IList<PC.SCRelationObject>> userToOrgRelations = new Dictionary<PC.SCOrganization, IList<PC.SCRelationObject>>();
this.allSteps = this.CalculateSteps(stat);
this.currentSteps = 0;
bool orgValid = false; // 必须校验组织
context.SetStatus(0, this.allSteps, "正在导入数据。");
// 递归导入组织,并剔除错误的数据
orgValid = this.PrepareOrganizations(objectSet, context, knownObjects, orgToOrgRelations, this.Parent, this.IncludeOrganizations == false);
if (this.IncludeAcl)
{
// 递归导入Acl
var action = new AclAction(this);
action.ExecutePreOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
this.DoHierarchicalAction(objectSet, context, knownObjects, orgToOrgRelations, orgToUserRelations, orgToGroupRelations, this.Parent, action);
action.ExecutePostOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
}
if (this.IncludeUser)
{
var action = new UserAction(this);
action.ImportSecretaries = this.IncludeSecretaries;
action.ExecutePreOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
this.DoHierarchicalAction(objectSet, context, knownObjects, orgToOrgRelations, orgToUserRelations, orgToGroupRelations, this.Parent, action);
action.ExecutePostOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
}
if (this.IncludeGroup)
{
var action = new GroupAction(this);
action.ImportMembers = this.IncludeGroupMembers;
action.ImportConditions = this.IncludeGroupConditions;
action.ExecutePreOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
this.DoHierarchicalAction(objectSet, context, knownObjects, orgToOrgRelations, orgToUserRelations, orgToGroupRelations, this.Parent, action);
action.ExecutePostOperation(objectSet, context, knownObjects, this.Parent, orgToOrgRelations, orgToUserRelations, orgToGroupRelations);
}
}
}
public override void DoImport(SCObjectSet objectSet, IImportContext context)
{
if (string.IsNullOrEmpty(this.ApplicationId))
throw new HttpException("没有指定ApplicationId的情况下无法导入。");
var app = (PC.SCApplication)PC.Adapters.SchemaObjectAdapter.Instance.Load(this.ApplicationId);
if (app == null)
throw new HttpException("指定的应用并不存在");
if (objectSet.HasObjects)
{
var exec = PC.Executors.SCObjectOperations.InstanceWithPermissions;
PC.SCRole[] pendingRoles;
if (this.CopyMode)
{
pendingRoles = (from r in objectSet.Objects where r is PC.SCRole select (PC.SCRole)r).ToArray();
}
else
{
pendingRoles = (from r in objectSet.Objects join m in objectSet.Membership on r.ID equals m.ID where r.SchemaType == "Roles" && m.ContainerID == app.ID select (PC.SCRole)r).ToArray();
}
int count = 0;
int allCount = pendingRoles.Length;
foreach (var role in pendingRoles)
{
var role2 = this.CopyMode ? AppImportAction.MakeCopy(role) : role;
context.SetStatus(count, allCount, "正在导入角色:" + role2.DisplayName);
context.AppendLog("正在导入角色" + role2.ToDescription());
exec.AddRole(role2, app); // 导入角色
if (this.IncludeConstMembers && objectSet.HasMembership)
{
context.SetStatus(count, allCount, "正在查找并添加角色成员");
context.AppendLog("正在查找角色成员");
ImportRoleMembers(objectSet, context, exec, role, role2);
}
if (this.IncludeConditions && objectSet.HasConditions)
{
context.SetStatus(count, allCount, "正在查找并添加角色条件");
context.AppendLog("正在查找角色条件");
this.ImportRoleConditions(objectSet, context, exec, role, role2);
}
if (this.IncludeRoleDefinitions && this.CopyMode == false && objectSet.HasRelations)
{
this.ImportRoleDefinitions(objectSet, context, exec, count, allCount, role, role2);
}
count++;
}
}
}
public override void DoImport(SCObjectSet objectSet, IImportContext context)
{
if (objectSet.HasMembership)
{
try
{
var actor = PC.Executors.SCObjectOperations.InstanceWithPermissions;
ImportService.Instance.WithEffectObject<PC.SCGroup>(this.groupId, group =>
{
var pendingMembership = ImportService.Instance.FilterMembership(objectSet.Membership, m => m.ContainerID == this.groupId).ToList();
int allCount = pendingMembership.Count;
context.SetStatus(0, allCount, "正在寻找当前群组的固定成员。");
int count = 0;
foreach (var r in pendingMembership)
{
count++;
try
{
ImportService.Instance.WithEffectObject<PC.SCUser>(r.ID, o =>
{
string msg = "正在导入成员: " + o.ToDescription();
context.SetStatus(count, allCount, msg);
context.AppendLog(msg);
actor.AddUserToGroup(o, group);
}, () =>
{
string msg = string.Format("跳过了不存在的对象 {0} \r\n", r.ID);
context.AppendLog(msg);
context.SetStatus(count, allCount, msg);
});
}
catch (Exception ex)
{
context.AppendLog("导入成员时出错:" + ex.Message);
}
}
}, () =>
{
context.AppendLog("指定的群组无效,导入终止。");
});
}
catch (Exception ex)
{
context.AppendLog("导入遇到错误,已经终止:" + ex.Message.ToString() + Environment.NewLine);
}
}
}
private void ImportConditions(MCS.Library.SOA.DataObjects.Security.SCObjectSet objectSet, Operations.IFacade exec, ImportContextWrapper wrapper, int totalSteps, AdminUnit unit, int currentStep, AUAdminScope[] scopes)
{
if (this.IncludeScopeConditions)
{
wrapper.SetStatusAndLog(currentStep, totalSteps, "正在导入管理单元管理范围条件" + unit.GetQualifiedName());
foreach (AUAdminScope sc in scopes)
{
var conditions = (from c in objectSet.Conditions where c.OwnerID == sc.ID select c);
foreach (var c in conditions)
{
DBTimePointActionContext.Current.DoActions(() => exec.UpdateScopeCondition(sc, c));
}
}
}
}
private static void ImportRoleMembers(SCObjectSet objectSet, IImportContext context, PC.Executors.ISCObjectOperations exec, PC.SCRole roleRef, PC.SCRole roleActual)
{
foreach (var m in objectSet.Membership)
{
if (m.ContainerID == roleRef.ID)
{
var objSc = PC.Adapters.SchemaObjectAdapter.Instance.Load(m.ID) as PC.SCBase;
if (objSc != null)
{
context.AppendLogFormat("正在替角色 {0} 导入角色成员 {1}\r\n", roleActual.DisplayName, objSc.DisplayName);
exec.AddMemberToRole(objSc, roleActual);
}
}
}
}
public override void DoImport(SCObjectSet objectSet, IImportContext context)
{
if (objectSet.HasRelations)
{
int allCount = objectSet.Objects.Count;
int count = 0;
var pendingOrgs = new List<SchemaObjectBase>(objectSet.Objects.Count);
foreach (SCOrganization item in ImportService.Instance.FilterNormalObjectsBySchemaCategories(objectSet.Objects, "Organizations"))
{
// 进行过滤,保留当前组织中的组织
if (objectSet.Relations.Exists(r => r.ParentID == this.Parent.ID && r.Status == SchemaObjectStatus.Normal && r.ID == item.ID))
{
pendingOrgs.Add(item);
}
}
allCount = pendingOrgs.Count;
if (allCount > 0)
{
context.SetStatus(0, 1, "正在寻找当前组织内的关系。");
foreach (SCOrganization item in pendingOrgs)
{
count++;
try
{
var summaryName = item.ToDescription();
context.SetStatus(count, allCount, "正在导入对象:" + summaryName);
PC.Executors.SCObjectOperations.InstanceWithPermissions.AddOrganization((PC.SCOrganization)item, this.Parent);
context.AppendLog("已执行导入项目" + summaryName);
}
catch (Exception ex)
{
context.AppendLog("对项的操作失败,原因是:" + ex.Message);
}
}
}
else
{
context.SetStatus(0, 1, "没有找到符合条件的组织关系。");
}
}
}
private void ImportRoleMembers(MCS.Library.SOA.DataObjects.Security.SCObjectSet objectSet, Operations.IFacade exec, ImportContextWrapper wrapper, int totalSteps, AdminUnit unit, int currentStep, AURole[] roles)
{
if (this.IncludeRoleMembers)
{
wrapper.SetStatusAndLog(currentStep, totalSteps, "正在替换管理单元角色成员" + unit.GetQualifiedName());
foreach (AURole role in roles)
{
var userIDS = (from c in objectSet.Membership where c.ContainerID == role.ID && c.MemberSchemaType == "Users" && c.Status == Schemas.SchemaProperties.SchemaObjectStatus.Normal select c.ID).ToArray();
var users = MCS.Library.OGUPermission.OguMechanismFactory.GetMechanism().GetObjects <IUser>(SearchOUIDType.Guid, userIDS);
var scUsers = (from u in users select new SCUser()
{
}).ToArray();
var schemaRole = AUCommon.DoDbProcess <AUSchemaRole>(() => (AUSchemaRole)PC.Adapters.SchemaObjectAdapter.Instance.Load(role.SchemaRoleID));
exec.ReplaceUsersInRole(scUsers, unit, schemaRole);
}
}
}
public override SCObjectSet Execute(HttpRequest req)
{
string[] ids = req.Form.GetValues("id");
if (ids == null || ids.Length < 0)
throw new HttpException("当获取人员数据时,必须提供ID参数");
SCObjectSet objectSet = new SCObjectSet();
objectSet.Scope = "AllUsers";
objectSet.Objects = ExportQueryHelper.LoadObjects(ids, null);
objectSet.Relations = ExportQueryHelper.LoadFullRelations(ids);
objectSet.Membership = ExportQueryHelper.LoadFullMemberships(ids);
return objectSet;
}
public override SCObjectSet Execute(HttpRequest req)
{
string[] ids = req.Form.GetValues("memberIds");
string roleId = req.Form["roleId"];
if (ids == null || ids.Length < 0)
throw new HttpException("当获取角色固定成员数据时,必须提供memberIds参数");
if (string.IsNullOrEmpty(roleId))
throw new HttpException("当获取角色固定成员数据时,必须提供roleID");
SCObjectSet objectSet = new SCObjectSet();
objectSet.Scope = "RoleConstMembers";
objectSet.Membership = ExportQueryHelper.LoadMembershipFor(ids, roleId);
return objectSet;
}
public override SCObjectSet Execute(HttpRequest req)
{
string[] ids = req.Form.GetValues("id");
if (ids == null || ids.Length < 0)
throw new HttpException("当获取应用数据时,必须提供ID参数");
SCObjectSet objectSet = new SCObjectSet();
objectSet.Scope = "AllApps";
objectSet.Objects = ExportQueryHelper.LoadObjects(ids, "Applications");
// 查找应用下的角色和功能
objectSet.Membership = ExportQueryHelper.LoadMembershipOf(ids, "Applications");
var memberObjects = ExportQueryHelper.LoadObjects((from obj in objectSet.Membership select obj.ID).ToArray(), null);
objectSet.Acls = ExportQueryHelper.LoadAclsFor(ids); // ACL
foreach (var obj in memberObjects)
{
if (objectSet.Objects.ContainsKey(obj.ID) == false)
objectSet.Objects.Add(obj); // 成员对象(角色和功能)
}
var roleIds = (from m in memberObjects where m is PC.SCRole select m.ID).ToArray();
if (roleIds.Length > 0)
{
var roleMembers = ExportQueryHelper.LoadMembershipOf(roleIds);
objectSet.Membership.CopyFrom(roleMembers); // 角色→固定成员
objectSet.Conditions = ExportQueryHelper.LoadConditions(roleIds); // 角色→条件
objectSet.Relations = ExportQueryHelper.LoadFullRelations(roleIds);
}
return objectSet;
}
public override void DoImport(SCObjectSet objectSet, IImportContext context)
{
var pendingUsers = new List<SchemaObjectBase>(objectSet.Objects.Count);
foreach (SCUser item in ImportService.Instance.FilterNormalObjectsBySchemaCategories(objectSet.Objects, "Users"))
{
// 进行过滤,保留当前组织中的人员
if (objectSet.Relations.Exists(r => r.ParentID == this.Parent.ID && r.Status == SchemaObjectStatus.Normal && r.ID == item.ID))
{
pendingUsers.Add(item);
}
}
// 这些人属于组织
ImportService.Instance.ImportUsers(pendingUsers, objectSet, context, true);
if (this.IncludeSecretaries && objectSet.HasMembership)
{
ImportService.Instance.ImportSecretaries(pendingUsers, objectSet, context);
ImportService.Instance.ImportBosses(pendingUsers, objectSet, context);
}
}
public override void ExecuteEachOrganization(SCObjectSet objectSet, IImportContext context, IDictionary<string, PC.SchemaObjectBase> knownObjects, PC.SCOrganization org, Dictionary<string, IList<PC.SCOrganization>> orgToOrgRelations, Dictionary<string, IList<PC.SCUser>> orgToUserRelations, Dictionary<string, IList<PC.SCGroup>> orgToGroupRelations)
{
if (objectSet.HasAcls)
{
context.SetStatus(Owner.currentSteps, Owner.allSteps, string.Format("正在寻找 {0} 的ACL。", org.ToDescription()));
var allAcls = ImportService.Instance.FilterAcls(objectSet.Acls, acl => acl.ContainerID == org.ID && acl.Status == SchemaObjectStatus.Normal).ToList();
var summaryName = org.ToDescription();
try
{
var newContainer = new PC.Permissions.SCAclContainer(org);
foreach (var acl in allAcls)
{
ImportService.Instance.WithEffectObject<PC.SchemaObjectBase>(acl.MemberID, knownObjects, role =>
{
newContainer.Members.Add(acl.ContainerPermission, role);
}, null);
}
var oldMembers = PC.Adapters.SCAclAdapter.Instance.LoadByContainerID(org.ID, DateTime.MinValue);
if (oldMembers != null)
{
newContainer.Members.MergeChangedItems(oldMembers);
}
context.SetStatusAndLog(Owner.currentSteps, Owner.allSteps, string.Format("正在替换 {0} 的ACL:", summaryName));
PC.Adapters.SCAclAdapter.Instance.Update(newContainer);
}
catch (Exception ex)
{
context.AppendLogFormat("对象 {0} 的ACL操作失败,原因是:{1}\r\n", summaryName, ex.Message);
}
}
}
private void ImportOneGroup(SCObjectSet objectSet, IImportContext context, PC.Executors.ISCObjectOperations exec, SchemaObjectCollection parentObjects, SchemaObjectCollection memberObjects, int allCount, int count, SchemaObjectBase grp)
{
if (grp.SchemaType == "Groups")
{
try
{
var summaryName = grp.Properties.GetValue<string>("Name", "未命名");
context.SetStatus(count, allCount, "正在导入对象:" + summaryName);
if (this.IncludeSelf)
{
SCRelationObject parentOrgRelation = (SCRelationObject)objectSet.Relations.Find(m => ((SCRelationObject)m).ParentSchemaType == "Organizations" && ((SCRelationObject)m).ChildSchemaType == "Groups" && ((SCRelationObject)m).ID == grp.ID);
if (parentOrgRelation == null)
throw new HttpException("未找到群组的父级组织");
var parentOrg = (SCOrganization)(parentObjects != null ? (from p in parentObjects where p.ID == parentOrgRelation.ParentID select p).FirstOrDefault() : null);
if (parentOrg == null || parentOrg.Status != SchemaObjectStatus.Normal)
throw new HttpException("群组的父级组织不存在或者已删除,未能导入群组。");
exec.AddGroup((SCGroup)grp, parentOrg);
context.AppendLog("已执行导入对象" + summaryName);
}
ImportMembers(objectSet, context, exec, memberObjects, grp);
ImportConditions(objectSet, context, grp);
}
catch (Exception ex)
{
context.AppendLog("对项的操作失败,原因是:" + ex.Message);
}
}
else
{
context.AppendLog("已跳过不是群组的项");
}
}
public override SCObjectSet Execute(HttpRequest req)
{
string[] ids = req.Form.GetValues("id");
if (ids == null && ids.Length == 0)
throw new HttpException("当获取功能对象时,必须提供ID参数");
string appId = req.Form["appId"];
if (string.IsNullOrEmpty(appId))
throw new HttpException("当获取功能对象时,必须提供appId参数");
SCObjectSet objectSet = new SCObjectSet();
objectSet.Scope = "AppPermissions";
PC.SCApplication appObj = (PC.SCApplication)PC.Adapters.SchemaObjectAdapter.Instance.Load(appId);
if (appObj == null || appObj.Status != SchemaObjectStatus.Normal)
throw new HttpException("指定的应用不存在或者已删除");
objectSet.Objects = ExportQueryHelper.LoadObjects(ids, null);
objectSet.Membership = ExportQueryHelper.LoadMembershipFor(ids, appId);
return objectSet;
}
public override void DoImport(SCObjectSet objectSet, IImportContext context)
{
context.AppendLog("正在查找人员");
var actor = PC.Executors.SCObjectOperations.InstanceWithPermissions;
var pendingUsers = ImportService.Instance.FilterNormalObjectsBySchemaCategories(objectSet.Objects, "Users").ToList();
int allCount = pendingUsers.Count;
ImportService.Instance.ImportUsers(pendingUsers, objectSet, context, objectSet.HasRelations && this.IncludeOrganizationRelation);
if (this.IncludeSecretaries && objectSet.HasMembership)
{
ImportService.Instance.ImportSecretaries(pendingUsers, objectSet, context);
ImportService.Instance.ImportBosses(pendingUsers, objectSet, context);
}
if (this.IncludeGroupConstMembers && objectSet.HasMembership)
{
ImportService.Instance.AddUsersToGroups(pendingUsers, objectSet, context);
}
}
public void DoImport(MCS.Library.SOA.DataObjects.Security.SCObjectSet objectSet, IImportContext context)
{
var exec = this.IgnorePermission ? Operations.Facade.DefaultInstance : Operations.Facade.InstanceWithPermissions;
ImportContextWrapper wrapper = new ImportContextWrapper(context);
if (string.IsNullOrEmpty(this.ParentID))
{
throw new InvalidOperationException("操作前必须对ParentID进行赋值");
}
var parent = AUCommon.DoDbProcess <SchemaObjectBase>(() => PC.Adapters.SchemaObjectAdapter.Instance.Load(this.ParentID));
if (parent == null || parent.Status != Schemas.SchemaProperties.SchemaObjectStatus.Normal)
{
throw new AUObjectException("不存在指定的父级单元,请确认");
}
if (parent is AUSchema)
{
parent = null;
}
else if (!(parent is AdminUnit))
{
throw new AUObjectException("指定的ParentID不是一个AUSchema或者AdminUnit对象的ID");
}
var subs = (from r in objectSet.Relations where r.ParentID == this.ParentID && r.ChildSchemaType == AUCommon.SchemaAdminUnit && r.Status == Schemas.SchemaProperties.SchemaObjectStatus.Normal join o in objectSet.Objects on r.ID equals o.ID where o.Status == Schemas.SchemaProperties.SchemaObjectStatus.Normal && o.SchemaType == AUCommon.SchemaAdminUnit select(AdminUnit) o).ToArray();
int count = subs.Length;
foreach (AdminUnit s in subs)
{
ImportOneUnit(objectSet, exec, wrapper, parent, count, s);
}
}
/// <summary>
/// 执行导入操作
/// </summary>
/// <param name="objectSet">所有数据</param>
/// <param name="context">导入的执行上下文</param>
public override void DoImport(SCObjectSet objectSet, IImportContext context)
{
var exec = PC.Executors.SCObjectOperations.InstanceWithPermissions;
SchemaObjectCollection parentObjects = null; // 预先查出父级组织
if (this.IncludeSelf && objectSet.HasObjects && objectSet.HasRelations)
{
parentObjects = this.GetParentObjects(objectSet.Relations);
}
SchemaObjectCollection memberObjects = null; // 预先查出成员
if (this.IncludeMembers && objectSet.HasMembership)
{
memberObjects = this.GetMemberObjects(objectSet.Membership);
}
int allCount = objectSet.Objects.Count;
int count = 0;
foreach (var grp in objectSet.Objects)
{
count++;
ImportOneGroup(objectSet, context, exec, parentObjects, memberObjects, allCount, count, grp);
}
}
public override void ExecutePostOperation(SCObjectSet objectSet, IImportContext context, IDictionary<string, PC.SchemaObjectBase> knownObjects, PC.SCOrganization org, Dictionary<string, IList<PC.SCOrganization>> orgToOrgRelations, Dictionary<string, IList<PC.SCUser>> orgToUserRelations, Dictionary<string, IList<PC.SCGroup>> orgToGroupRelations)
{
if (this.ImportSecretaries)
{
var allUsers = this.importedUsers.Values.ToArray();
var reducedMemberships = ImportService.Instance.FilterMembership(objectSet.Membership, m => Util.IsUser(m.MemberSchemaType) && Util.IsUser(m.ContainerSchemaType)).ToList();
if (reducedMemberships.Count > 0)
{
int count = reducedMemberships.Count;
int step = 0;
context.SetStatus(Owner.currentSteps, Owner.allSteps, "正在查找人员秘书");
foreach (var r in reducedMemberships)
{
step++;
try
{
if (this.importedUsers.ContainsKey(r.ContainerID))
{
var boss = this.importedUsers[r.ContainerID];
// 导入的用户是上司的
ImportService.Instance.WithEffectObject<PC.SCUser>(r.ID, knownObjects, secretary =>
{
context.SetSubStatusAndLog(step, count, string.Format("正在替 {0} 添加秘书 {1}", boss.Name, secretary.Name));
PC.Executors.SCObjectOperations.Instance.AddSecretaryToUser(secretary, boss);
}, null);
}
else if (this.importedUsers.ContainsKey(r.ID))
{
var secretary = this.importedUsers[r.ID];
// 作为秘书的
ImportService.Instance.WithEffectObject<PC.SCUser>(r.ContainerID, knownObjects, boss =>
{
context.SetSubStatusAndLog(step, count, string.Format("正在替 {0} 添加秘书 {1}", boss.Name, secretary.Name));
PC.Executors.SCObjectOperations.Instance.AddSecretaryToUser(secretary, boss);
}, null);
}
}
catch (Exception ex)
{
context.SetSubStatusAndLog(step, count, string.Format("未能完成添加秘书操作:{0}", ex.ToString()));
}
}
}
}
}
private void ImportMembers(SCObjectSet objectSet, IImportContext context, PC.Executors.ISCObjectOperations exec, SchemaObjectCollection memberObjects, SchemaObjectBase grp)
{
if (this.IncludeMembers && objectSet.HasMembership)
{
var memberRelations = objectSet.Membership.FindAll(m => m.ContainerID == grp.ID && m.Status == SchemaObjectStatus.Normal);
if (memberRelations.Count > 0 && memberObjects != null)
{
context.AppendLogFormat("正在试图添加{0}个群组成员\r\n", memberRelations.Count);
foreach (var r in memberRelations)
{
var user = (SCUser)(from m in memberObjects where m.ID == r.ID select m).FirstOrDefault();
if (user != null)
{
try
{
exec.AddUserToGroup(user, (SCGroup)grp);
context.AppendLogFormat("已经向群组{0}添加群组成员:{1}\r\n", ((SCGroup)grp).DisplayName, user.DisplayName);
}
catch (Exception ex)
{
context.AppendLogFormat("无法导入群组 {0} 的成员 {1}: {2}\r\n", ((SCGroup)grp).DisplayName, user.DisplayName, ex.Message);
}
}
else
{
context.AppendLogFormat("已跳过不存在的成员\r\n");
}
}
}
}
}
private void ImportConditions(SCObjectSet objectSet, IImportContext context, SchemaObjectBase grp)
{
if (this.IncludeConditions && objectSet.HasConditions)
{
PC.Conditions.SCConditionOwner owner = new PC.Conditions.SCConditionOwner()
{
OwnerID = grp.ID,
Type = "Default"
};
var conditions = from c in objectSet.Conditions where c.OwnerID == grp.ID && c.Type == "Default" select c;
foreach (var c in conditions)
{
owner.Conditions.Add(c);
}
context.AppendLog("正在添加条件表达式");
PC.Adapters.SCConditionAdapter.Instance.UpdateConditions(owner);
context.AppendLog("添加条件表达式结束。");
}
}
private void ImportRoleConditions(SCObjectSet objectSet, IImportContext context, PC.Executors.ISCObjectOperations executor, Dictionary<object, object> mappings, PC.SCRole[] roles)
{
if (roles.Length > 0 && objectSet.HasConditions)
{
foreach (var r in roles)
{
PC.SCRole role2 = r;
if (mappings.ContainsKey(r))
{
role2 = (PC.SCRole)mappings[r];
}
var roleConditions = (from c in objectSet.Conditions where c.OwnerID == r.ID select c).ToArray();
if (roleConditions.Length > 0)
{
context.AppendLogFormat("正在替角色{0}添加条件\r\n", role2.ToDescription());
PC.Conditions.SCConditionOwner owner = new PC.Conditions.SCConditionOwner()
{
OwnerID = role2.ID,
Type = "Default"
};
foreach (var c in roleConditions)
{
owner.Conditions.Add(c);
}
PC.Adapters.SCConditionAdapter.Instance.UpdateConditions(owner);
}
}
}
}
/// <summary>
/// 准备组织
/// </summary>
/// <param name="objectSet"></param>
/// <param name="context"></param>
/// <param name="knownObjects">向其中写入已经确认存在于数据库中的项</param>
/// <param name="orgToOrgRelations">组织关系</param>
/// <param name="allSteps"></param>
/// <param name="currentSteps"></param>
/// <param name="currentParent"></param>
/// <param name="checkOnly"><see langword="true"/>表示只检查组织关系,不实际导入。</param>
/// <returns></returns>
private bool PrepareOrganizations(SCObjectSet objectSet, IImportContext context, IDictionary<string, PC.SchemaObjectBase> knownObjects, Dictionary<string, IList<PC.SCOrganization>> orgToOrgRelations, PC.SCOrganization currentParent, bool checkOnly)
{
bool valid = true;
PC.SchemaObjectCollection objects = objectSet.Objects;
if (orgToOrgRelations.ContainsKey(currentParent.ID))
{
var childList = orgToOrgRelations[currentParent.ID];
for (int i = 0; i < childList.Count; i++)
{
this.currentSteps++;
var org = childList[i];
try
{
// 导入该组织
if (checkOnly == false)
{
var msg = string.Format("正在导入组织{0}", org.ToDescription());
context.AppendLog(msg);
context.SetStatus(this.currentSteps, this.allSteps, msg);
PC.Executors.SCObjectOperations.Instance.AddOrganization(org, currentParent);
if (knownObjects.ContainsKey(org.ID) == false)
knownObjects.Add(org.ID, org);
}
else
{
context.SetStatus(this.currentSteps, this.allSteps, string.Format("正在校验组织 {0} ", org.ToDescription()));
if (Util.IsNullOrDeleted(PC.Adapters.SchemaObjectAdapter.Instance.Load(org.ID)))
{
context.AppendLog(string.Format("组织 {0} 不存在,导入时将排除此组织及子对象", org.ToDescription()));
valid = false;
childList.RemoveAt(i);
i--;
continue;
}
else if (Util.IsNullOrDeleted(PC.Adapters.SchemaRelationObjectAdapter.Instance.Load(currentParent.ID, org.ID)))
{
context.AppendLog(string.Format("组织 {0} 已存在,但已被移至其他位置,导入时将排除此组织及子对象。", org.ToDescription()));
valid = false;
childList.RemoveAt(i);
i--;
continue;
}
else
{
if (knownObjects.ContainsKey(org.ID) == false)
knownObjects.Add(org.ID, org);
}
}
valid &= this.PrepareOrganizations(objectSet, context, knownObjects, orgToOrgRelations, org, checkOnly);
}
catch (Exception ex)
{
context.AppendLog(string.Format("导入组织 {0} 时出现错误,已跳过了该组织及子对象:{1}", org.ToDescription(), ex.ToString()));
valid = false;
childList.RemoveAt(i);
i--;
}
}
}
return valid;
}
private void ImportApplication(SCObjectSet objectSet, IImportContext context, PC.Executors.ISCObjectOperations executor, int allCount, int currentStep, int extStepCount, Dictionary<object, object> mappings, PC.SCApplication app)
{
var app2 = this.CopyMode ? AppImportAction.MakeCopy(app) : app;
var summaryName = app2.DisplayName ?? app.Name;
context.SetStatus(currentStep, allCount, "正在导入项目:" + summaryName);
context.AppendLog("正在导入应用" + summaryName);
executor.AddApplication((PC.SCApplication)app2);
var permissionRelation = from p in objectSet.Membership where p.ContainerID == app.ID && p.MemberSchemaType == "Permissions" orderby p.InnerSort ascending select p;
var permissions = (from o in objectSet.Objects join p in permissionRelation on o.ID equals p.ID select (PC.SCPermission)o).ToArray();
var roleRelations = from r in objectSet.Membership where r.ContainerID == app.ID && r.MemberSchemaType == "Roles" orderby r.InnerSort ascending select r;
var roles = (from o in objectSet.Objects join r in roleRelations on o.ID equals r.ID select (PC.SCRole)o).ToArray();
var acls = (from acl in objectSet.Acls where acl.Status == SchemaObjectStatus.Normal && acl.ContainerID == app.ID orderby acl.SortID ascending select acl).ToArray();
int allStepCount = allCount * (extStepCount + 1);
int step = currentStep * (extStepCount + 1);
if (this.IncludePermissions)
{
context.SetStatus(step++, allStepCount, "正在查找功能...");
this.ImportPermissions(context, executor, mappings, app2, permissions, this.CopyMode);
}
if (this.IncludeRoles)
{
context.SetStatus(step++, allStepCount, "正在查找角色...");
this.ImportRoles(context, executor, mappings, app2, roles);
}
if (this.IncludeAcls)
{
context.SetStatus(step++, allStepCount, "正在查找Acl...");
this.ImportAcl(context, executor, app2, acls);
}
if (this.IncludeRoleMembers)
{
context.SetStatus(step++, allStepCount, "正在查找角色成员...");
this.ImportRoleMembers(objectSet, context, executor, mappings, roles);
}
if (this.IncludeRoleConditions)
{
context.SetStatus(step++, allStepCount, "正在查找角色条件...");
this.ImportRoleConditions(objectSet, context, executor, mappings, roles);
}
if (this.IncludeRoles && this.IncludePermissions && this.IncludeRoleDefinitions)
{
context.SetStatus(step++, allStepCount, "正在查找角色功能定义...");
this.ImportRolePermissions(objectSet, context, executor, mappings, permissions, roles, this.CopyMode);
}
}
/// <summary> /// 在递归的每个组织中调用一次 /// </summary> /// <param name="objectSet"></param> /// <param name="context"></param> /// <param name="knownObjects"></param> /// <param name="relation"></param> /// <param name="orgToOrgRelations"></param> /// <param name="orgToUserRelations"></param> /// <param name="orgToGroupRelations"></param> public abstract void ExecuteEachOrganization(SCObjectSet objectSet, IImportContext context, IDictionary<string, PC.SchemaObjectBase> knownObjects, PC.SCOrganization org, Dictionary<string, IList<PC.SCOrganization>> orgToOrgRelations, Dictionary<string, IList<PC.SCUser>> orgToUserRelations, Dictionary<string, IList<PC.SCGroup>> orgToGroupRelations);
private void DoImportMembers(SCObjectSet objectSet, IImportContext context, IDictionary<string, PC.SchemaObjectBase> knownObjects, PC.SCGroup group)
{
if (this.ImportMembers && objectSet.HasMembership)
{
var members = ImportService.Instance.FilterMembership(objectSet.Membership, m => m.ContainerID == group.ID && m.Status == SchemaObjectStatus.Normal).ToArray();
if (members.Length > 0)
{
context.SetStatus(Owner.currentSteps, Owner.allSteps, string.Format("正在查找群组 {0} 的固定成员", group.ToDescription()));
for (int j = 0; j < members.Length; j++)
{
try
{
var gm = members[j];
ImportService.Instance.WithEffectObject<PC.SCUser>(gm.ID, knownObjects, user =>
{
context.SetSubStatusAndLog(j, members.Length, string.Format("正在向群组 {0} 添加成员 {1} ", group.Name, user.Name));
PC.Executors.SCObjectOperations.Instance.AddUserToGroup(user, group);
}, null);
}
catch (Exception ex2)
{
context.SetSubStatusAndLog(j, members.Length, string.Format("向群组 {0} 添加成员时出错:", group.ToDescription(), ex2.ToString()));
}
}
}
}
}
private void DoImportConditions(SCObjectSet objectSet, IImportContext context, PC.SCGroup group)
{
if (this.ImportConditions && objectSet.HasConditions)
{
context.SetStatusAndLog(Owner.currentSteps, Owner.allSteps, string.Format("正在替换群组 {0} 的条件", group.Name));
try
{
var owner = PC.Adapters.SCConditionAdapter.Instance.Load(group.ID, "Default") ?? new PC.Conditions.SCConditionOwner() { OwnerID = group.ID, Type = "Default" };
PC.Conditions.SCConditionCollection src = new PC.Conditions.SCConditionCollection();
src.CopyFrom(ImportService.Instance.FilterConditions(objectSet.Conditions, c => c.OwnerID == group.ID));
owner.Conditions.ReplaceItemsWith(src, group.ID, "Default");
PC.Adapters.SCConditionAdapter.Instance.UpdateConditions(owner);
}
catch (Exception ex)
{
context.AppendLog(string.Format("替换群组 {0} 条件成员时出错:{1}", group.ToDescription(), ex.ToString()));
}
}
}
public override void ExecuteEachOrganization(SCObjectSet objectSet, IImportContext context, IDictionary<string, PC.SchemaObjectBase> knownObjects, PC.SCOrganization org, Dictionary<string, IList<PC.SCOrganization>> orgToOrgRelations, Dictionary<string, IList<PC.SCUser>> orgToUserRelations, Dictionary<string, IList<PC.SCGroup>> orgToGroupRelations)
{
if (orgToGroupRelations.ContainsKey(org.ID))
{
var groups = orgToGroupRelations[org.ID];
if (groups.Count > 0)
{
context.SetStatus(Owner.currentSteps, Owner.allSteps, string.Format("正在查找 {0} 中的群组", org.ToDescription()));
}
for (int i = 0; i < groups.Count; i++)
{
var group = groups[i];
try
{
context.SetSubStatusAndLog(i + 1, groups.Count, string.Format("正在向组织 {0} 添加群组 {1}", org.Name, group.Name));
PC.Executors.SCObjectOperations.Instance.AddGroup(group, org);
knownObjects.Add(group.ID, group);
this.DoImportMembers(objectSet, context, knownObjects, group);
this.DoImportConditions(objectSet, context, group);
}
catch (Exception ex)
{
context.AppendLog(string.Format("向组织 {0} 导入群组 {1} 时出错:", org.ToDescription(), group.Name, ex.ToString()));
}
}
}
}
private void ImportRoleMembers(SCObjectSet objectSet, IImportContext context, PC.Executors.ISCObjectOperations executor, Dictionary<object, object> mappings, PC.SCRole[] roles)
{
if (roles.Length > 0)
{
foreach (var r in roles)
{
PC.SCRole role2 = r;
if (mappings.ContainsKey(r))
{
role2 = (PC.SCRole)mappings[r];
}
// 查找角色成员
var roleMemberIds = (from m in objectSet.Membership where m.ContainerSchemaType == "Roles" && m.ContainerID == r.ID select m.ID).ToArray();
if (roleMemberIds.Length > 0)
{
var roleMembers = DbUtil.LoadObjects(roleMemberIds);
foreach (PC.SCBase obj in roleMembers)
{
context.AppendLog("正在导入角色成员" + obj.DisplayName ?? obj.Name);
executor.AddMemberToRole(obj, role2);
}
}
}
}
}
/// <summary>
/// 获取所有组织节点表
/// </summary>
/// <param name="objectSet"></param>
/// <param name="childOrgs">向其中写入组织的子组织</param>
/// <param name="childUsers">向其中写入组织的子用户</param>
/// <param name="childGroups">向其中写入组织的子群组</param>
/// <param name="parents"></param>
/// <param name="stat"></param>
private static void FindFullOURelations(SCObjectSet objectSet, Dictionary<string, IList<PC.SCOrganization>> childOrgs, Dictionary<string, IList<PC.SCUser>> childUsers, Dictionary<string, IList<PC.SCGroup>> childGroups, IEnumerable<PC.SCOrganization> parents, Stat stat)
{
var objects = objectSet.Objects;
foreach (var item in parents)
{
List<PC.SCOrganization> orgs = new List<PC.SCOrganization>();
List<PC.SCUser> users = new List<PC.SCUser>();
List<PC.SCGroup> groups = new List<PC.SCGroup>();
foreach (var r in objectSet.Relations.FindAll(r => r.ParentID == item.ID && r.Status == SchemaObjectStatus.Normal).OrderBy(r => r.InnerSort))
{
if (Util.IsOrganization(r.ChildSchemaType))
{
if (objects.ContainsKey(r.ID))
{
orgs.Add((PC.SCOrganization)objects[r.ID]);
stat.OrgsCount++;
}
}
else if (Util.IsGroup(r.ChildSchemaType))
{
if (objects.ContainsKey(r.ID))
{
groups.Add((PC.SCGroup)objects[r.ID]);
stat.GroupsCount++;
}
}
else if (Util.IsUser(r.ChildSchemaType))
{
if (objects.ContainsKey(r.ID))
{
users.Add((PC.SCUser)objects[r.ID]);
stat.UsersCount++;
}
}
}
childOrgs.Add(item.ID, orgs);
childGroups.Add(item.ID, groups);
childUsers.Add(item.ID, users);
FindFullOURelations(objectSet, childOrgs, childUsers, childGroups, orgs, stat);
}
}
public override void ExecuteEachOrganization(SCObjectSet objectSet, IImportContext context, IDictionary<string, PC.SchemaObjectBase> knownObjects, PC.SCOrganization org, Dictionary<string, IList<PC.SCOrganization>> orgToOrgRelations, Dictionary<string, IList<PC.SCUser>> orgToUserRelations, Dictionary<string, IList<PC.SCGroup>> orgToGroupRelations)
{
if (orgToUserRelations.ContainsKey(org.ID))
{
var users = orgToUserRelations[org.ID];
if (users.Count > 0)
{
context.SetStatus(Owner.currentSteps, Owner.allSteps, string.Format("正在查找 {0} 中的用户", org.ToDescription()));
}
for (int i = 0; i < users.Count; i++)
{
var user = users[i];
try
{
if (this.importedUsers.ContainsKey(user.ID) == false)
{
context.SetSubStatusAndLog(i + 1, users.Count, string.Format("正在向组织 {0} 导入用户 {1}", org.Name, user.Name));
PC.Executors.SCObjectOperations.Instance.AddUser(user, org);
this.importedUsers.Add(user.ID, user);
if (knownObjects.ContainsKey(user.ID) == false)
knownObjects.Add(user.ID, user);
}
else
{
context.SetSubStatusAndLog(i + 1, users.Count, string.Format("正在向组织 {0} 添加用户 {1}", org.Name, user.Name));
PC.Executors.SCObjectOperations.Instance.AddUserToOrganization(user, org);
if (knownObjects.ContainsKey(user.ID) == false)
knownObjects.Add(user.ID, user);
}
}
catch (Exception ex)
{
context.AppendLog(string.Format("向组织 {0} 导入用户 {1} 时出错:", org.Name, user.Name, ex.ToString()));
}
}
}
}
private void ImportRolePermissions(SCObjectSet objectSet, IImportContext context, PC.Executors.ISCObjectOperations executor, Dictionary<object, object> mappings, PC.SCPermission[] permissions, PC.SCRole[] roles, bool copyMode)
{
if (roles.Length > 0 && permissions.Length > 0 && objectSet.HasRelations)
{
foreach (var r in roles)
{
PC.SCRole role2 = r;
if (mappings.ContainsKey(r))
{
role2 = (PC.SCRole)mappings[r];
}
context.AppendLogFormat("正在替 {0} 查找功能定义\r\n", role2.ToDescription());
foreach (var p in permissions)
{
PC.SCPermission permission2 = p;
if (mappings.ContainsKey(p))
permission2 = (PC.SCPermission)mappings[p];
var actual = PC.Adapters.SchemaRelationObjectAdapter.Instance.Load(role2.ID, permission2.ID);
var actualHasPermission = actual != null && actual.Status == SchemaObjectStatus.Normal;
var refHasPermission = (from rr in objectSet.Relations where rr.Status == SchemaObjectStatus.Normal && rr.ParentID == r.ID && rr.ID == p.ID && rr.ChildSchemaType == "Permissions" && rr.ParentSchemaType == "Roles" select rr).FirstOrDefault() != null;
if (refHasPermission == false && actualHasPermission)
{
context.AppendLogFormat("正在替角色 {0} 解除功能 {1}\r\n", role2.ToDescription(), permission2.ToDescription());
executor.DisjoinRoleAndPermission(role2, permission2);
}
else if (refHasPermission && actualHasPermission == false)
{
context.AppendLogFormat("正在替角色 {0} 指定功能 {1}\r\n", role2.ToDescription(), permission2.ToDescription());
executor.JoinRoleAndPermission(role2, permission2);
}
}
}
}
}
