public bool updateUser(User user, string userId) { // if (!(Security.user.Id.Equals(user.Id) && Security.IsAdminRoleUser)) // throw new XUserException("无权操作"); if (existsUser(user.Id) && user.Id != userId) { throw new XUserException("用户" + user.Id + "已经存在,法将用户" + userId + "改为" + user.Id); } DatabaseAdmin dba = SecuritySettings.getDBA(); DbCommand cmd = dba.getSqlStringCommand(SecurityDataScripts.UpdateUserSql); dba.addInParameter(cmd, "@Id", DbType.String, user.Id); dba.addInParameter(cmd, "@DisplayName", DbType.String, user.DisplayName); dba.addInParameter(cmd, "@IsDisable", DbType.Boolean, user.IsDisable); dba.addInParameter(cmd, "@IsActive", DbType.Boolean, user.IsActive); dba.addInParameter(cmd, "@Email", DbType.AnsiString, user.Email); dba.addInParameter(cmd, "@Mobile", DbType.AnsiString, user.Mobile); dba.addInParameter(cmd, "@GroupId", DbType.AnsiString, user.GroupId); dba.addInParameter(cmd, "@oldId", DbType.AnsiString, userId); bool ret = dba.execNonQuery(cmd) != 0; if (!ret) { throw new XUserException(userId + "用户未发现"); } return(ret); }
public bool updateRole(Role role, string roleId) { if (String.IsNullOrEmpty(roleId)) { throw new Exception("角色Id不能为空"); } if (existsRole(role.Id) && !roleId.Equals(role.Id, StringComparison.OrdinalIgnoreCase)) { throw new Exception("角色Id" + role.Id + "已经存在,不能将" + roleId + "修改成" + role.Id); } DatabaseAdmin dba = SecuritySettings.getDBA(); DbCommand cmd = dba.getSqlStringCommand(SecurityDataScripts.UpdateRoleSql); dba.addInParameter(cmd, "@Id", DbType.String, role.Id); dba.addInParameter(cmd, "@DisplayName", DbType.String, role.DisplayName); dba.addInParameter(cmd, "@Remark", DbType.String, role.Remark); dba.addInParameter(cmd, "@oldId", DbType.String, roleId); bool ret = dba.execNonQuery(cmd) != 0; if (!ret) { throw new XUserException("角色修改失败,角色" + roleId + "不存在"); } return(ret); }
public bool deleteUser(string userId) { DatabaseAdmin dba = SecuritySettings.getDBA(); DbCommand cmd = dba.getSqlStringCommand(SecurityDataScripts.DeleteUserSQL); dba.addInParameter(cmd, "@user_id", DbType.String, userId); return(dba.execNonQuery(cmd) != 0); }
public static void deleteUserRole(string userId, string roleId) { DatabaseAdmin dba = SecuritySettings.getDBA(); DbCommand cmd = dba.getSqlStringCommand(SecurityDataScripts.deleteUserRoleSQL); dba.addInParameter(cmd, "@roleId", DbType.String, roleId); dba.addInParameter(cmd, "@userId", DbType.String, userId); dba.execNonQuery(cmd); }
public void executeCommandSchema(CommandSchema commandSchema, ListDataRow row, Dictionary <string, string> realParams, bool refresh = false) { using (TransactionScope ts = new TransactionScope()) { DbCommand cmd = getCommand(commandSchema); setCommandParamValue(cmd, realParams, row); if (refresh) { DataSet ds = dbAdmin.executeDateSet(cmd); refreshRow(ds, row); } else { dbAdmin.execNonQuery(cmd); } ts.Complete(); } }
/// <summary> /// 设置角色的对象权限 /// </summary> /// <param name="roleId"></param> /// <param name="objectId"></param> /// <param name="permission"></param> public static void setPermission(string roleId, string objectId, PermissionTypes permission) { PermissionTypes oldPerm = getRoleObjectPermission(roleId, objectId); oldPerm = oldPerm | permission; DatabaseAdmin dba = SecuritySettings.getDBA(); DbCommand cmd = dba.getSqlStringCommand(SecurityDataScripts.SetRoleObjectPermissionSql); dba.addInParameter(cmd, "@roleId", DbType.String, roleId); dba.addInParameter(cmd, "@objectId", DbType.String, objectId); dba.addInParameter(cmd, "@permission", DbType.Int32, oldPerm); dba.execNonQuery(cmd); //for(PermissionTypes }
public void appendUserRole(string userId, string roleId) { DatabaseAdmin dba = SecuritySettings.getDBA(); DbCommand cmd = dba.getSqlStringCommand(SecurityDataScripts.CheckUserRolesSQl); dba.addInParameter(cmd, "@roleId", DbType.String, roleId); dba.addInParameter(cmd, "@userId", DbType.String, userId); object c = dba.executeScalar(cmd); if ((int)c < 1) { cmd = dba.getSqlStringCommand(SecurityDataScripts.AppendUserRolesSQl); dba.addInParameter(cmd, "@roleId", DbType.String, roleId); dba.addInParameter(cmd, "@userId", DbType.String, userId); } dba.execNonQuery(cmd); }
public bool repassword(string password1, string password2) { if (!Security.IsLogin) { throw new XUserException("请先登录"); } if (password1.Equals(password2)) { throw new XUserException("两次输入的密码不一致"); } DatabaseAdmin dba = SecuritySettings.getDBA(); DbCommand cmd = dba.getSqlStringCommand(SecurityDataScripts.InsertUserSql); dba.addInParameter(cmd, "@Id", DbType.String, Security.user.Id); return(dba.execNonQuery(cmd) != 0); }
public bool addUser(User user) { if (String.IsNullOrEmpty(user.Id) || !(UserInfoExpress.isEmail(user.Id) || UserInfoExpress.isMobile(user.Id))) { throw new XUserException("新用户注册,必须填写手机号或电子邮件!"); } if (existsUser(user.Id)) { throw new XUserException("新用户注册,用户" + user.Id + "已经被别人使用!"); } user.Password = Crypto.Encrypt(user.Password); if (UserInfoExpress.isEmail(user.Id) && string.IsNullOrEmpty(user.Email)) { user.Email = user.Id; } if (UserInfoExpress.isMobile(user.Id) && string.IsNullOrEmpty(user.Mobile)) { user.Mobile = user.Id; } DatabaseAdmin dba = SecuritySettings.getDBA(); DbCommand cmd = dba.getSqlStringCommand(SecurityDataScripts.InsertUserSql); dba.addInParameter(cmd, "@Id", DbType.String, user.Id); dba.addInParameter(cmd, "@DisplayName", DbType.String, user.DisplayName); dba.addInParameter(cmd, "@Password", DbType.String, user.Password); dba.addInParameter(cmd, "@create_date", DbType.DateTime, DateTime.Now); dba.addInParameter(cmd, "@IsDisable", DbType.Boolean, user.IsDisable); dba.addInParameter(cmd, "@IsActive", DbType.Boolean, user.IsActive); dba.addInParameter(cmd, "@Email", DbType.AnsiString, user.Email); dba.addInParameter(cmd, "@Mobile", DbType.AnsiString, user.Mobile); dba.addInParameter(cmd, "@GroupId", DbType.AnsiString, user.GroupId); bool ret = dba.execNonQuery(cmd) != 0; if (!ret) { throw new XUserException("用户添加失败"); } return(ret); }
/// <summary> /// 用权限类型设置角色的对象权限 /// </summary> /// <param name="roleId">角色ID</param> /// <param name="objectId">对象ID</param> /// <param name="type">权限类型字符串:None/Read/Write/Execute/DoAll</param> /// <param name="enable"></param> public static void setPermission(string roleId, string objectId, string type, bool enable) { PermissionTypes permission = (PermissionTypes)Enum.Parse(typeof(PermissionTypes), type); PermissionTypes oldPerm = getRoleObjectPermission(roleId, objectId); oldPerm = oldPerm | permission; if (!enable) { oldPerm = oldPerm ^ permission; } DatabaseAdmin dba = SecuritySettings.getDBA(); DbCommand cmd = dba.getSqlStringCommand(SecurityDataScripts.SetRoleObjectPermissionSql); dba.addInParameter(cmd, "@roleId", DbType.String, roleId); dba.addInParameter(cmd, "@objectId", DbType.String, objectId); dba.addInParameter(cmd, "@permission", DbType.Int32, oldPerm); dba.execNonQuery(cmd); }
public bool addRole(Role role) { if (existsRole(role.Id)) { throw new XUserException("角色" + role.Id + "已经存在"); } DatabaseAdmin dba = SecuritySettings.getDBA(); DbCommand cmd = dba.getSqlStringCommand(SecurityDataScripts.InsertRoleSql); dba.addInParameter(cmd, "@Id", DbType.String, role.Id); dba.addInParameter(cmd, "@DisplayName", DbType.String, role.DisplayName); dba.addInParameter(cmd, "@Remark", DbType.String, role.Remark); bool ret = dba.execNonQuery(cmd) != 0; if (!ret) { throw new XUserException("角色添加失败"); } return(ret); }
public bool appendRoles(UserRoleIds userRoleIds) { string userId = userRoleIds.UserId; DatabaseAdmin dba = SecuritySettings.getDBA(); for (int i = 0; i < userRoleIds.RoleIds.Count; i++) { DbCommand cmd = dba.getSqlStringCommand(SecurityDataScripts.CheckUserRolesSQl); string roleId = userRoleIds.RoleIds[i]; dba.addInParameter(cmd, "@roleId", DbType.String, roleId); dba.addInParameter(cmd, "@userId", DbType.String, userId); object c = dba.executeScalar(cmd); if ((int)c < 1) { cmd = dba.getSqlStringCommand(SecurityDataScripts.AppendUserRolesSQl); dba.addInParameter(cmd, "@roleId", DbType.String, roleId); dba.addInParameter(cmd, "@userId", DbType.String, userId); } dba.execNonQuery(cmd); } return(true); }