//
// 授予授权范围的实现部分
//
#region private string GrantRole(BasePermissionScopeManager permissionScopeManager, string id, string userId, string grantRoleId) 为了提高授权的运行速度
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="userId">员工主键</param>
/// <param name="grantRoleId">权限主键</param>
/// <returns>主键</returns>
private string GrantRole(BasePermissionScopeManager permissionScopeManager, string userId, string permissionItemCode, string grantRoleId)
{
string returnValue = string.Empty;
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
resourcePermissionScopeEntity.ResourceCategory = BaseUserEntity.TableName;
resourcePermissionScopeEntity.ResourceId = userId;
resourcePermissionScopeEntity.TargetCategory = BaseRoleEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantRoleId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
return(permissionScopeManager.Add(resourcePermissionScopeEntity));
}
/// <summary>
/// 设置实体
/// </summary>
/// <param name="permissionScopeEntity">实体</param>
private void SetEntity(SQLBuilder sqlBuilder, BasePermissionScopeEntity permissionScopeEntity)
{
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldResourceCategory, permissionScopeEntity.ResourceCategory);
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldResourceId, permissionScopeEntity.ResourceId);
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldTargetCategory, permissionScopeEntity.TargetCategory);
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldTargetId, permissionScopeEntity.TargetId);
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldPermissionItemId, permissionScopeEntity.PermissionId);
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldPermissionConstraint, permissionScopeEntity.PermissionConstraint);
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldStartDate, permissionScopeEntity.StartDate);
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldEndDate, permissionScopeEntity.EndDate);
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldEnabled, permissionScopeEntity.Enabled);
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldDeletionStateCode, permissionScopeEntity.DeletionStateCode);
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldDescription, permissionScopeEntity.Description);
SetEntityExpand(sqlBuilder, permissionScopeEntity);
}
/// <summary>
/// 更新实体
/// </summary>
/// <param name="baseResourcePermissionScopeEntity">实体</param>
public int UpdateEntity(BasePermissionScopeEntity baseResourcePermissionScopeEntity)
{
SQLBuilder sqlBuilder = new SQLBuilder(DbHelper);
sqlBuilder.BeginUpdate(this.CurrentTableName);
this.SetEntity(sqlBuilder, baseResourcePermissionScopeEntity);
if (UserInfo != null)
{
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldModifiedUserId, UserInfo.Id);
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldModifiedBy, UserInfo.RealName);
}
sqlBuilder.SetDBNow(BasePermissionScopeEntity.FieldModifiedOn);
sqlBuilder.SetWhere(BasePermissionScopeEntity.FieldId, baseResourcePermissionScopeEntity.Id);
return(sqlBuilder.EndUpdate());
}
private void GetConstraint()
{
if (string.IsNullOrEmpty(this.TableConstraint))
{
BasePermissionScopeEntity permissionScopeEntity = DotNetService.Instance.TableColumnsService.GetConstraintEntity(this.UserInfo, this.ResourceCategory, this.ResourceId, this.TableName, this.PermissionCode);
if (permissionScopeEntity != null)
{
this.TableConstraint = permissionScopeEntity.PermissionConstraint;
this.chkEnabled.Checked = (permissionScopeEntity.Enabled == 1);
}
}
if (!string.IsNullOrEmpty(this.TableConstraint))
{
this.txtTableConstraint.Text = this.TableConstraint;
}
}
/// <summary>
/// 设置约束条件
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="resourceCategory">资源类别</param>
/// <param name="resourceId">资源主键</param>
/// <param name="tableName">表名</param>
/// <param name="constraint">约束</param>
/// <param name="enabled">有效</param>
/// <param name="permissionCode">操作权限项</param>
/// <returns>主键</returns>
public string SetConstraint(string resourceCategory, string resourceId, string tableName, string permissionCode, string constraint, bool enabled = true)
{
string returnValue = string.Empty;
string permissionId = string.Empty;
BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.UserInfo);
permissionId = permissionItemManager.GetIdByAdd(permissionCode);
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, resourceCategory));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, resourceId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, "Table"));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, tableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, permissionId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0));
BasePermissionScopeManager manager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo);
// 1:先获取是否有这样的主键,若有进行更新操作。
// 2:若没有进行添加操作。
returnValue = manager.GetId(parameters);
if (!string.IsNullOrEmpty(returnValue))
{
parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionConstraint, constraint));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldEnabled, enabled ? 1 : 0));
manager.SetProperty(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldId, returnValue), parameters);
}
else
{
BasePermissionScopeEntity entity = new BasePermissionScopeEntity();
entity.ResourceCategory = resourceCategory;
entity.ResourceId = resourceId;
entity.TargetCategory = "Table";
entity.TargetId = tableName;
entity.PermissionConstraint = constraint;
entity.PermissionId = int.Parse(permissionId);
entity.DeletionStateCode = 0;
entity.Enabled = enabled ? 1: 0;
returnValue = manager.Add(entity);
}
return(returnValue);
}
/// <summary>
/// 获取约束条件
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="resourceCategory">资源类别</param>
/// <param name="resourceId">资源主键</param>
/// <param name="tableName">表名</param>
/// <returns>约束条件</returns>
public BasePermissionScopeEntity GetConstraintEntity(BaseUserInfo userInfo, string resourceCategory, string resourceId, string tableName, string permissionCode = "Resource.AccessPermission")
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
BasePermissionScopeEntity returnValue = null;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
BaseTableColumnsManager manager = new BaseTableColumnsManager(dbHelper, userInfo);
returnValue = manager.GetConstraintEntity(resourceCategory, resourceId, tableName, permissionCode);
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.TableColumnsService_SetConstraint, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return(returnValue);
}
//
// 授予授权范围的实现部分
//
#region private string GrantOrganize(BasePermissionScopeManager permissionScopeManager, string id, string roleId, string grantOrganizeId) 为了提高授权的运行速度
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="Id">主键</param>
/// <param name="roleId">员工主键</param>
/// <param name="grantOrganizeId">权限主键</param>
/// <returns>主键</returns>
private string GrantOrganize(BasePermissionScopeManager permissionScopeManager, string roleId, string permissionItemCode, string grantOrganizeId)
{
string returnValue = string.Empty;
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, grantOrganizeId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
// Nick Deng 优化数据权限设置,没有权限和其他任意一种权限互斥
// 即当没有权限时,该角色对应该数据权限的其他权限都应删除
// 当该角色拥有对应该数据权限的其他权限时,删除该角色的没有权限的权限
BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity();
DataTable dt = new DataTable();
if (!this.Exists(parameters))
{
resourcePermissionScopeEntity.PermissionId = int.Parse(this.GetIdByCode(permissionItemCode));
resourcePermissionScopeEntity.ResourceCategory = BaseRoleEntity.TableName;
resourcePermissionScopeEntity.ResourceId = roleId;
resourcePermissionScopeEntity.TargetCategory = BaseOrganizeEntity.TableName;
resourcePermissionScopeEntity.TargetId = grantOrganizeId;
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.DeletionStateCode = 0;
returnValue = permissionScopeManager.Add(resourcePermissionScopeEntity);
if (grantOrganizeId != ((int)PermissionScope.None).ToString())
{
parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, ((int)PermissionScope.None).ToString()));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
if (this.Exists(parameters))
{
dt = permissionScopeManager.GetDataTable(parameters);
if (dt != null && dt.Rows.Count > 0)
{
permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString());
}
}
}
else
{
parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
dt = permissionScopeManager.GetDataTable(parameters);
for (int i = 0; i < dt.Rows.Count; i++)
{
if (dt.Rows[i]["TargetId"].ToString() != ((int)PermissionScope.None).ToString())
{
permissionScopeManager.DeleteEntity(dt.Rows[0]["Id"].ToString());
}
}
}
}
return(returnValue);
}
partial void SetEntityExpand(SQLBuilder sqlBuilder, BasePermissionScopeEntity permissionScopeEntity);
/// <summary>
/// 添加实体
/// </summary>
/// <param name="baseResourcePermissionScopeEntity">实体</param>
public string AddEntity(BasePermissionScopeEntity baseResourcePermissionScopeEntity)
{
string sequence = string.Empty;
SQLBuilder sqlBuilder = new SQLBuilder(DbHelper, this.Identity, this.ReturnId);
sqlBuilder.BeginInsert(this.CurrentTableName, BasePermissionScopeEntity.FieldId);
if (!this.Identity)
{
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldId, baseResourcePermissionScopeEntity.Id);
}
else
{
if (!this.ReturnId && (DbHelper.CurrentDbType == DbTypes.Oracle || DbHelper.CurrentDbType == DbTypes.DB2))
{
if (DbHelper.CurrentDbType == DbTypes.Oracle)
{
sqlBuilder.SetFormula(BasePermissionScopeEntity.FieldId, "SEQ_" + this.CurrentTableName.ToUpper() + ".NEXTVAL ");
}
if (DbHelper.CurrentDbType == DbTypes.DB2)
{
sqlBuilder.SetFormula(BasePermissionScopeEntity.FieldId, "NEXT VALUE FOR SEQ_" + this.CurrentTableName.ToUpper());
}
}
else
{
if (this.Identity && (DbHelper.CurrentDbType == DbTypes.Oracle || DbHelper.CurrentDbType == DbTypes.DB2))
{
if (baseResourcePermissionScopeEntity.Id == null)
{
if (string.IsNullOrEmpty(sequence))
{
BaseSequenceManager sequenceManager = new BaseSequenceManager(DbHelper, this.Identity);
sequence = sequenceManager.GetSequence(this.CurrentTableName);
}
baseResourcePermissionScopeEntity.Id = int.Parse(sequence);
}
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldId, baseResourcePermissionScopeEntity.Id);
}
}
}
this.SetEntity(sqlBuilder, baseResourcePermissionScopeEntity);
if (UserInfo != null)
{
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldCreateUserId, UserInfo.Id);
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldCreateBy, UserInfo.RealName);
}
sqlBuilder.SetDBNow(BasePermissionScopeEntity.FieldCreateOn);
if (UserInfo != null)
{
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldModifiedUserId, UserInfo.Id);
sqlBuilder.SetValue(BasePermissionScopeEntity.FieldModifiedBy, UserInfo.RealName);
}
sqlBuilder.SetDBNow(BasePermissionScopeEntity.FieldModifiedOn);
if (DbHelper.CurrentDbType == DbTypes.SqlServer && this.Identity)
{
sequence = sqlBuilder.EndInsert().ToString();
}
else
{
sqlBuilder.EndInsert();
}
return(sequence);
}
/// <summary>
/// 获取实体
/// </summary>
/// <param name="id">主键</param>
public BasePermissionScopeEntity GetEntity(int id)
{
BasePermissionScopeEntity baseResourcePermissionScopeEntity = new BasePermissionScopeEntity(this.GetDataTable(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldId, id)));
return(baseResourcePermissionScopeEntity);
}
/// <summary>
/// 更新
/// </summary>
/// <param name="baseResourcePermissionScopeEntity">实体</param>
public int Update(BasePermissionScopeEntity baseResourcePermissionScopeEntity)
{
return(this.UpdateEntity(baseResourcePermissionScopeEntity));
}
/// <summary>
/// 添加
/// </summary>
/// <param name="baseResourcePermissionScopeEntity">实体</param>
/// <param name="identity">自增量方式</param>
/// <param name="returnId">返回主鍵</param>
/// <returns>主键</returns>
public string Add(BasePermissionScopeEntity baseResourcePermissionScopeEntity, bool identity, bool returnId)
{
this.Identity = identity;
this.ReturnId = returnId;
return(this.AddEntity(baseResourcePermissionScopeEntity));
}
/// <summary>
/// 添加
/// </summary>
/// <param name="baseResourcePermissionScopeEntity">实体</param>
/// <returns>主键</returns>
public string Add(BasePermissionScopeEntity baseResourcePermissionScopeEntity)
{
return(this.AddEntity(baseResourcePermissionScopeEntity));
}
