C# (CSharp) xbase.security SecuritySettings 예제들

예제 #1

        //  private string loginPageUrl;



        public Security(string sessionId)
        {
            userContext.SessionId = sessionId;
            SecuritySettings.CreateDefaultDb();
        }

예제 #2

        public bool _CheckObjectPermission(string objectType, string objectId, PermissionTypes permissionType)
        {
            //nocheck this folder /xj-service/

            if (userContext.Id.Equals(BuiltinUsers.admin, StringComparison.OrdinalIgnoreCase))
            {
                return(true);
            }

            if (objectId.StartsWith("/xj-service/", StringComparison.OrdinalIgnoreCase))
            {
                return(true);
            }

            if (isAdminObject(objectType))
            {
                return(IsAdminRoleUser);
            }
            if (isAdminObject(objectId))
            {
                return(IsAdminRoleUser);
            }

            if (IsAdminRoleUser)
            {
                return(true);
            }
            Database     db   = SecuritySettings.GetDb();
            DbConnection conn = db.CreateConnection();


            try
            {
                //   if (conn.State != ConnectionState.Open)
                conn.Open();
                DbCommand cmd = conn.CreateCommand();
                cmd.CommandType = CommandType.Text;
                if (objectType.Equals("ListData", StringComparison.OrdinalIgnoreCase))
                {
                    if (objectId.EndsWith(".html", StringComparison.OrdinalIgnoreCase))
                    {
                        objectId = objectId.Remove(objectId.LastIndexOf(".html", StringComparison.OrdinalIgnoreCase));
                    }
                    if (objectId.EndsWith(".htm", StringComparison.OrdinalIgnoreCase))
                    {
                        objectId = objectId.Remove(objectId.LastIndexOf(".htm", StringComparison.OrdinalIgnoreCase));
                    }
                    objectId = objectId.TrimStart('/');
                }
                cmd.CommandText = @"select [object_id] from xsys_role_permissions where [object_id]='" + objectId + "' and [object_type]='" + objectType + "'";
                DbDataReader reader = cmd.ExecuteReader();
                try
                {
                    if (!reader.HasRows)
                    {
                        return(true);
                    }
                }
                finally
                {
                    reader.Close();
                }
                //  cmd = conn.CreateCommand();

                cmd.CommandText = @"select [permission] from xsys_role_permissions where [object_id]='" + objectId + "' and [object_type]='" + objectType + "'" +
                                  " and role_id in (select role_id from xsys_user_roles where [user_id]='" + userContext.Id + "') ";
                reader = cmd.ExecuteReader();
                try
                {
                    if (!reader.HasRows)
                    {
                        return(false);
                    }

                    while (reader.Read())
                    {
                        PermissionTypes p = (PermissionTypes)reader.GetInt32(0);
                        if ((permissionType & p) != 0)
                        {
                            return(true);
                        }
                    }
                }
                catch (Exception e)
                {
                    throw new Exception("安全检查时，安全系统配置错误" + e.Message);
                }
                finally
                {
                    reader.Close();
                }
                return(false);
            }
            catch (Exception e)
            {
                throw new Exception("安全检查时，安全系统配置错误" + e.Message);
            }
            finally
            {
                conn.Close();
            }
        }