public D_LoginUserInfo GetLoginUserInfo(int employeeID)
{
D_LoginUserInfo ui = new D_LoginUserInfo();
string sql = @"
select firstName+'.'+lastName as username, loginName, userinfo.homePhone as tel
from employeeInfo
left join userinfo on employeeInfo.userId=userinfo.userId
where
employeeInfo.employeeID=@employeeID
";
SqlParameter[] para = {
new SqlParameter("@employeeID", employeeID)
};
IDataReader dr = m_dao.ExecuteReader(sql, para);
if (dr.Read())
{
ui.userId = employeeID;
ui.username = (string)dr["username"];
if (ui.username==".") ui.username = (string)dr["loginName"];
ui.tel = (string)dr["tel"];
ActionAuthorization actBiz = new ActionAuthorization();
ui.positionIds = actBiz.GetEmployeePositions(employeeID);
ui.roleIds = actBiz.GetEmployeeRoles(employeeID);
}
return ui;
}
public static bool CheckPageAuth(string pageName)
{
if (HttpContext.Current.Session["LoginUserInfo"] == null) return false;
D_LoginUserInfo ui = HttpContext.Current.Session["LoginUserInfo"] as D_LoginUserInfo;
if (ui == null || ui.userId <= 0) return false;
ActionAuthorization auth = new ActionAuthorization();
string pn = "ASP." + pageName.Replace('.', '_');
return auth.GetPageAuthorization(ui, pn);
}
public static bool CheckActionAuth(string actionName)
{
if (HttpContext.Current.Session["LoginUserInfo"] == null) return false;
D_LoginUserInfo ui = HttpContext.Current.Session["LoginUserInfo"] as D_LoginUserInfo;
if (ui == null || ui.userId <= 0) return false;
ActionAuthorization auth = new ActionAuthorization();
bool r = auth.CheckAuthorization(ui,actionName);
return r;
}
public static void CheckAuthorization(string actionName)
{
if (HttpContext.Current.Session["LoginUserInfo"] == null)
HttpContext.Current.Response.Redirect(Url_CommonError);
D_LoginUserInfo ui = HttpContext.Current.Session["LoginUserInfo"] as D_LoginUserInfo;
if (ui == null || ui.userId <= 0)
ShowError("Session is expired, please login again.", "Login.aspx");
ActionAuthorization auth = new ActionAuthorization();
bool r = auth.CheckAuthorization(ui,actionName);
if (!r)
{
ShowError("Permittion Denided.","Login.aspx");
}
}
private void LoadMenu()
{
tvMenu.Nodes.Clear();
AdminMenuBiz mbiz = new AdminMenuBiz();
ActionAuthorization biz = new ActionAuthorization();
DS_Menu.MenuItemDataTable dt = mbiz.GetMenuItems(true);
DS_Authorization.AuthActionDataTable actionTable = biz.GetActions();
LoadSubMenu(tvMenu.Nodes, 0, dt, actionTable);
}