// // 授予授权范围的实现部分 // #region private string GrantUser(PiPermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantUserId) 为了提高授权的运行速度 /// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="permissionScopeManager">权限域读写器</param> /// <param name="userId">员工主键</param> /// <param name="permissionItemCode">权限项代码</param> /// <param name="grantUserId">权限主键</param> /// <returns>主键</returns> private string GrantUser(PiPermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantUserId) { var returnValue = string.Empty; var names = new string[5]; var values = new string[5]; names[0] = PiPermissionScopeTable.FieldResourceCategory; values[0] = PiUserTable.TableName; names[1] = PiPermissionScopeTable.FieldResourceId; values[1] = userId; names[2] = PiPermissionScopeTable.FieldTargetCategory; values[2] = PiUserTable.TableName; names[3] = PiPermissionScopeTable.FieldTargetId; values[3] = grantUserId; names[4] = PiPermissionScopeTable.FieldPermissionId; values[4] = this.GetIdByCode(permissionItemCode); if (!this.Exists(names, values)) { var resourcePermissionScopeEntity = new PiPermissionScopeEntity { PermissionId = this.GetIdByCode(permissionItemCode), ResourceCategory = PiUserTable.TableName, ResourceId = userId, TargetCategory = PiUserTable.TableName, TargetId = grantUserId, Enabled = 1, DeleteMark = 0 }; return(permissionScopeManager.Add(resourcePermissionScopeEntity)); } return(returnValue); }
/// <summary> /// 设置约束条件 /// </summary> /// <param name="resourceCategory">资源类别</param> /// <param name="resourceId">资源主键</param> /// <param name="tableName">表名</param> /// <param name="constraint">约束</param> /// <param name="enabled">有效</param> /// <param name="permissionCode">操作权限项</param> /// <returns>主键</returns> public string SetConstraint(string resourceCategory, string resourceId, string tableName, string permissionCode, string constraint, bool enabled = true) { string returnValue = string.Empty; string permissionId = string.Empty; PiPermissionItemManager permissionItemManager = new PiPermissionItemManager(this.UserInfo); permissionId = permissionItemManager.GetIdByAdd(permissionCode); PiPermissionScopeManager manager = new PiPermissionScopeManager(this.DBProvider, this.UserInfo); string[] names = { PiPermissionScopeTable.FieldResourceCategory , PiPermissionScopeTable.FieldResourceId , PiPermissionScopeTable.FieldTargetCategory , PiPermissionScopeTable.FieldTargetId , PiPermissionScopeTable.FieldPermissionId , PiPermissionScopeTable.FieldDeleteMark }; Object[] values = { resourceCategory , resourceId , "Table" , tableName , permissionId , 0 }; // 1:先获取是否有这样的主键,若有进行更新操作。 // 2:若没有进行添加操作。 returnValue = manager.GetId(names, values); if (!string.IsNullOrEmpty(returnValue)) { string[] targetFields = { PiPermissionScopeTable.FieldPermissionConstraint, PiPermissionScopeTable.FieldEnabled }; Object[] targetValues = { constraint, enabled ? 1 : 0 }; manager.SetProperty(PiPermissionScopeTable.FieldId, returnValue, targetFields, targetValues); } else { PiPermissionScopeEntity entity = new PiPermissionScopeEntity { ResourceCategory = resourceCategory, ResourceId = resourceId, TargetCategory = "Table", TargetId = tableName, PermissionConstraint = constraint, PermissionId = permissionId, DeleteMark = 0, Enabled = enabled ? 1 : 0 }; returnValue = manager.Add(entity); } return(returnValue); }
/// <summary> /// 获取约束条件 /// </summary> /// <param name="userInfo">用户</param> /// <param name="resourceCategory">资源类别</param> /// <param name="resourceId">资源主键</param> /// <param name="tableName">表名</param> /// <returns>约束条件</returns> public PiPermissionScopeEntity GetConstraintEntity(UserInfo userInfo, string resourceCategory, string resourceId, string tableName, string permissionCode = "Resource.AccessPermission") { PiPermissionScopeEntity returnValue = null; var parameter = ParameterUtil.CreateWithLog(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider => { returnValue = new TableColumnsManager(dbProvider, userInfo).GetConstraintEntity(resourceCategory, resourceId, tableName, permissionCode); }); return(returnValue); }
/// <summary> /// 获取约束条件 /// </summary> /// <param name="resourceCategory">资源类别</param> /// <param name="resourceId">资源主键</param> /// <param name="tableName">表名</param> /// <returns>约束条件</returns> public string GetConstraint(string resourceCategory, string resourceId, string tableName, string permissionCode = "Resource.AccessPermission") { string returnValue = string.Empty; PiPermissionScopeEntity entity = GetConstraintEntity(resourceCategory, resourceId, tableName, permissionCode); if (entity != null && entity.Enabled == 1) { returnValue = entity.PermissionConstraint; } return(returnValue); }
// // 授予授权范围的实现部分 // #region private string GrantPermissionItem(PiPermissionScopeManager permissionScopeManager, string id, string userId, string grantPermissionId) 为了提高授权的运行速度 /// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="permissionScopeManager">权限域读写器</param> /// <param name="userId">员工主键</param> /// <param name="permissionItemCode">权限代码</param> /// <param name="grantPermissionId">权限主键</param> /// <returns>主键</returns> private string GrantPermissionItem(PiPermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantPermissionId) { string returnValue = string.Empty; PiPermissionScopeEntity resourcePermissionScopeEntity = new PiPermissionScopeEntity { PermissionId = this.GetIdByCode(permissionItemCode), ResourceCategory = PiUserTable.TableName, ResourceId = userId, TargetCategory = PiPermissionItemTable.TableName, TargetId = grantPermissionId, Enabled = 1, DeleteMark = 0 }; return(permissionScopeManager.Add(resourcePermissionScopeEntity)); }
// // 授予授权范围的实现部分 // #region private string GrantModule(PiPermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantModuleId) 为了提高授权的运行速度 /// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="permissionScopeManager">权限域读写器</param> /// <param name="userId">员工主键</param> /// <param name="permissionItemCode">权限代码</param> /// <param name="grantModuleId">权限主键</param> /// <returns>主键</returns> private string GrantModule(PiPermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantModuleId) { string returnValue = string.Empty; PiPermissionScopeEntity resourcePermissionScopeEntity = new PiPermissionScopeEntity(); string permissionId = this.GetIdByCode(permissionItemCode); if (string.IsNullOrEmpty(permissionId)) { return(string.Empty); } resourcePermissionScopeEntity.PermissionId = permissionId; resourcePermissionScopeEntity.ResourceCategory = PiUserTable.TableName; resourcePermissionScopeEntity.ResourceId = userId; resourcePermissionScopeEntity.TargetCategory = PiModuleTable.TableName; resourcePermissionScopeEntity.TargetId = grantModuleId; resourcePermissionScopeEntity.Enabled = 1; resourcePermissionScopeEntity.DeleteMark = 0; return(permissionScopeManager.Add(resourcePermissionScopeEntity)); }
public PiPermissionScopeEntity GetConstraintEntity(string resourceCategory, string resourceId, string tableName, string permissionCode = "Resource.AccessPermission") { PiPermissionScopeEntity entity = null; string permissionId = string.Empty; PiPermissionItemManager permissionItemManager = new PiPermissionItemManager(this.UserInfo); permissionId = permissionItemManager.GetIdByAdd(permissionCode); PiPermissionScopeManager manager = new PiPermissionScopeManager(this.DBProvider, this.UserInfo); string[] names = { PiPermissionScopeTable.FieldResourceCategory , PiPermissionScopeTable.FieldResourceId , PiPermissionScopeTable.FieldTargetCategory , PiPermissionScopeTable.FieldTargetId , PiPermissionScopeTable.FieldPermissionId , PiPermissionScopeTable.FieldDeleteMark }; Object[] values = { resourceCategory , resourceId , "Table" , tableName , permissionId , 0 }; // 1:先获取是否有这样的主键,若有进行更新操作。 DataTable dt = manager.GetDT(names, values); if (dt.Rows.Count > 0) { entity = BaseEntity.Create <PiPermissionScopeEntity>(dt); } return(entity); }
// // 授予授权范围的实现部分 // #region private string GrantOrganize(PiPermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string grantOrganizeId) 为了提高授权的运行速度 /// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="permissionScopeManager">权限域读写器</param> /// <param name="permissionItemCode">权限代码</param> /// <param name="roleId">员工主键</param> /// <param name="grantOrganizeId">权限主键</param> /// <returns>主键</returns> private string GrantOrganize(PiPermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string grantOrganizeId) { string returnValue = string.Empty; string[] names = new string[5]; string[] values = new string[5]; names[0] = PiPermissionScopeTable.FieldResourceCategory; values[0] = PiRoleTable.TableName; names[1] = PiPermissionScopeTable.FieldResourceId; values[1] = roleId; names[2] = PiPermissionScopeTable.FieldTargetCategory; values[2] = PiOrganizeTable.TableName; names[3] = PiPermissionScopeTable.FieldTargetId; values[3] = grantOrganizeId; names[4] = PiPermissionScopeTable.FieldPermissionId; values[4] = this.GetIdByCode(permissionItemCode); // Nick Deng 优化数据权限设置,没有权限和其他任意一种权限互斥 // 即当没有权限时,该角色对应该数据权限的其他权限都应删除 // 当该角色拥有对应该数据权限的其他权限时,删除该角色的没有权限的权限 PiPermissionScopeEntity resourcePermissionScopeEntity = new PiPermissionScopeEntity(); DataTable dt = new DataTable(); if (!this.Exists(names, values)) { resourcePermissionScopeEntity.PermissionId = this.GetIdByCode(permissionItemCode); resourcePermissionScopeEntity.ResourceCategory = PiRoleTable.TableName; resourcePermissionScopeEntity.ResourceId = roleId; resourcePermissionScopeEntity.TargetCategory = PiOrganizeTable.TableName; resourcePermissionScopeEntity.TargetId = grantOrganizeId; resourcePermissionScopeEntity.Enabled = 1; resourcePermissionScopeEntity.DeleteMark = 0; returnValue = permissionScopeManager.Add(resourcePermissionScopeEntity); if (grantOrganizeId != ((int)PermissionScope.None).ToString()) { values[3] = ((int)PermissionScope.None).ToString(); if (this.Exists(names, values)) { dt = permissionScopeManager.GetDT(names, values); if (dt != null && dt.Rows.Count > 0) { permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString()); } } } else { string[] namesForDel = new string[4]; string[] valuesForDel = new string[4]; namesForDel[0] = names[0]; valuesForDel[0] = values[0]; namesForDel[1] = names[1]; valuesForDel[1] = values[1]; namesForDel[2] = names[2]; valuesForDel[2] = values[2]; namesForDel[3] = names[4]; valuesForDel[3] = values[4]; dt = permissionScopeManager.GetDT(namesForDel, valuesForDel); for (int i = 0; i < dt.Rows.Count; i++) { if (dt.Rows[i]["TARGETID"].ToString() != ((int)PermissionScope.None).ToString()) { permissionScopeManager.DeleteEntity(dt.Rows[0]["ID"].ToString()); } } } } return(returnValue); }