/// <summary>
/// 某个用户是否对某个模块有相应的权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <param name="moduleCode">模块编号</param>
/// <returns>是否有权限</returns>
public bool IsModuleAuthorizedByUser(BaseUserInfo userInfo, string userId, string moduleCode)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
bool returnValue = false;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
// 是否超级管理员
BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo);
if (userManager.IsAdministrator(userId))
{
return true;
}
else
{
BaseModuleManager moduleManager = new BaseModuleManager(dbHelper, userInfo);
DataTable dataTable = moduleManager.GetDataTableByUser(userId);
foreach (DataRow dataRow in dataTable.Rows)
{
if (dataRow[BaseModuleEntity.FieldCode].ToString().Equals(moduleCode))
{
returnValue = true;
break;
}
}
}
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_IsModuleAuthorizedByUser, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return returnValue;
}
/// <summary>
/// 某个用户是否对某个模块有相应的权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <param name="moduleCode">模块编号</param>
/// <returns>是否有权限</returns>
public bool IsModuleAuthorizedByUser(BaseUserInfo userInfo, string userId, string moduleCode, string permissionItemCode)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
bool returnValue = false;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
// 是超级管理员,就不用继续判断权限了
BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo);
returnValue = userManager.IsAdministrator(userId);
if (returnValue)
{
return returnValue;
}
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(dbHelper);
returnValue = permissionScopeManager.IsModuleAuthorized(userId, moduleCode, permissionItemCode);
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_IsModuleAuthorizedByUser, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return returnValue;
}
/// <summary>
/// 获得某个用户的所有权限列表
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <returns>数据表</returns>
public DataTable GetPermissionDTByUser(BaseUserInfo userInfo, string userId)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
DataTable dataTable = new DataTable(BasePermissionItemEntity.TableName);
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
string tableName = BasePermissionItemEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "PermissionItem";
}
// 是否超级管理员
BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo);
BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo, tableName);
if (userManager.IsAdministrator(userId))
{
dataTable = permissionItemManager.GetDataTable();
}
else
{
tableName = BasePermissionEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "Permission";
}
BasePermissionManager permissionManager = new BasePermissionManager(dbHelper, userInfo, tableName);
string[] ids = permissionManager.GetPermissionIdsByUser(userId);
// 若是以前赋予的权限,后来有些权限设置为无效了,那就不应该再获取哪些无效的权限才对。
// bug修正:没有赋值DataTable,导致返回值空
dataTable = permissionItemManager.GetDataTable(
new KeyValuePair<string, object>(BasePermissionItemEntity.FieldId, ids)
, new KeyValuePair<string, object>(BasePermissionItemEntity.FieldEnabled, 1)
, new KeyValuePair<string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0));
}
dataTable.TableName = tableName;
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_GetPermissionDTByUser, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return dataTable;
}