public string[] GetUserIdsByPermissionId(string organizeId, string permissionId)
{
DataTable dt = null;
string[] result = null;
if (!string.IsNullOrEmpty(permissionId))
{
string tableName = UserInfo.SystemCode + "PermissionScope";
string sqlQuery = string.Empty;
// 1.本人直接就有某个操作权限的。
sqlQuery = "SELECT ResourceId FROM " + tableName + " WHERE (ResourceCategory = 'BaseUser') AND (PermissionId = " + permissionId + ") AND TargetCategory='BaseOrganize' AND TargetId = " + organizeId + " AND (DeletionStateCode = 0) AND (Enabled = 1) ";
dt = this.Fill(sqlQuery);
string[] userIds = BaseBusinessLogic.FieldToArray(dt, BasePermissionEntity.FieldResourceId).Distinct <string>().Where(t => !string.IsNullOrEmpty(t)).ToArray();
// 2.角色本身就有某个操作权限的。
sqlQuery = "SELECT ResourceId FROM " + tableName + " WHERE (ResourceCategory = 'BaseRole') AND (PermissionId = " + permissionId + ") AND TargetCategory='BaseOrganize' AND TargetId = " + organizeId + " AND (DeletionStateCode = 0) AND (Enabled = 1) ";
dt = this.Fill(sqlQuery);
string[] roleIds = StringUtil.Concat(result, BaseBusinessLogic.FieldToArray(dt, BasePermissionEntity.FieldResourceId)).Distinct <string>().Where(t => !string.IsNullOrEmpty(t)).ToArray();
// 3.组织机构有某个操作权限。
// sqlQuery = "SELECT ResourceId FROM " + tableName + " WHERE (ResourceCategory = 'BaseOrganize') AND (PermissionId = " + result + ") AND (DeletionStateCode = 0) AND (Enabled = 1) ";
// result = this.Fill(sqlQuery);
// string[] ids = StringUtil.Concat(result, BaseBusinessLogic.FieldToArray(result, BasePermissionEntity.FieldResourceId)).Distinct<string>().Where(t => !string.IsNullOrEmpty(t)).ToArray();
// 4.获取所有有这个操作权限的用户Id,而且这些用户是有效的。
BaseUserManager userManager = new BaseUserManager(this.DbHelper, this.UserInfo);
result = userManager.GetUserIds(userIds, null, roleIds);
}
return(result);
}
/// <summary>
/// 获取用户有权限的区域的管理公司数组
/// </summary>
/// <param name="result">数据权限主键</param>
/// <returns>管理公司数组</returns>
public string[] GetUserManageCompanyIds(string userId, string permissionId)
{
string[] result = null;
// 用户有权限的省?获取省的管理公司?
// 用户有权限的市?市的管理公司?
// 用户有权限的县?县的管理公司?
// 用户有权限的街道?街道的管理公司?
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseUserEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, userId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionId, permissionId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldEnabled, 1));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0));
string tableName = this.UserInfo.SystemCode + "PermissionScope";
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo, tableName);
string[] areaIds = permissionScopeManager.GetProperties(parameters, BasePermissionScopeEntity.FieldTargetId);
if (areaIds != null && areaIds.Length > 0)
{
string sqlQuery = string.Empty;
sqlQuery = " SELECT DISTINCT(" + BaseAreaEntity.FieldManageCompanyId + ") "
+ " FROM " + this.CurrentTableName
+ " WHERE " + BaseAreaEntity.FieldLayer + " < 7 AND " + BaseAreaEntity.FieldManageCompanyId + " IS NOT NULL "
+ " START WITH " + BaseAreaEntity.FieldId + " IN (" + string.Join(",", areaIds) + ")"
+ " CONNECT BY PRIOR " + BaseAreaEntity.FieldId + " = " + BaseAreaEntity.FieldParentId;
DataTable dt = dbHelper.Fill(sqlQuery);
result = BaseBusinessLogic.FieldToArray(dt, BaseAreaEntity.FieldManageCompanyId);
}
return(result);
}
/// <summary>
/// 获取员工的角色主键数组
/// </summary>
/// <param name="userId">员工代吗</param>
/// <returns>主键数组</returns>
public string[] GetAllRoleIds(string userId)
{
string tableName = BaseUserRoleEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "UserRole";
}
string roleTableName = BaseRoleEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
roleTableName = BaseSystemInfo.SystemCode + "Role";
}
// 被删除的角色不应该显示出来
string sqlQuery = " SELECT RoleId "
+ " FROM BaseUser "
+ " WHERE (DeletionStateCode = 0) AND (Enabled = 1) AND (Id = " + userId + ") "
+ " UNION "
+ " SELECT RoleId "
+ " FROM " + tableName
+ " WHERE (DeletionStateCode = 0) AND (Enabled = 1) AND (UserId = " + userId + ") AND (RoleId IN (SELECT Id FROM " + roleTableName + " WHERE (DeletionStateCode = 0))) ";
DataTable dataTable = DbHelper.Fill(sqlQuery);
return(BaseBusinessLogic.FieldToArray(dataTable, BaseUserRoleEntity.FieldRoleId));
}
/// <summary>
/// 获取员工的角色主键数组
/// </summary>
/// <param name="userId">员工代吗</param>
/// <returns>主键数组</returns>
public string[] GetAllOrganizeIds(string userId)
{
// 被删除的不应该显示出来
string sqlQuery = @" SELECT CompanyId AS Id
FROM BaseUser
WHERE DeletionStateCode = 0 AND Enabled =1 AND CompanyId IS NOT NULL AND (Id = {userId})
UNION
SELECT DepartmentId AS Id
FROM BaseUser
WHERE DeletionStateCode = 0 AND Enabled =1 AND DepartmentId IS NOT NULL AND (Id = {userId})
UNION
SELECT WorkgroupId AS Id
FROM BaseUser
WHERE DeletionStateCode = 0 AND Enabled =1 AND WorkgroupId IS NOT NULL AND (Id = {userId})
UNION
SELECT CompanyId AS Id
FROM BaseUserOrganize
WHERE DeletionStateCode = 0 AND Enabled =1 AND CompanyId IS NOT NULL AND (UserId = {userId})
UNION
SELECT DepartmentId AS Id
FROM BaseUserOrganize
WHERE DeletionStateCode = 0 AND Enabled =1 AND DepartmentId IS NOT NULL AND (UserId = {userId})
UNION
SELECT WorkgroupId AS Id
FROM BaseUserOrganize
WHERE DeletionStateCode = 0 AND Enabled =1 AND WorkgroupId IS NOT NULL AND (UserId = {userId}) ";
sqlQuery = sqlQuery.Replace("{userId}", userId);
DataTable dataTable = DbHelper.Fill(sqlQuery);
return(BaseBusinessLogic.FieldToArray(dataTable, BaseUserEntity.FieldId));
}
/// <summary>
/// 获取数据表
/// </summary>
/// <param name="dbHelper">数据库连接</param>
/// <param name="tableName">目标表名</param>
/// <param name="name">字段名</param>
/// <param name="values">字段值</param>
/// <param name="targetField">目标字段</param>
/// <returns>数据表</returns>
public static string[] GetProperties(IDbHelper dbHelper, string tableName, string name, Object[] values, string targetField)
{
string sqlQuery = " SELECT " + targetField
+ " FROM " + tableName
+ " WHERE " + name + " IN (" + BaseBusinessLogic.ObjectsToList(values) + ")";
DataTable dataTable = dbHelper.Fill(sqlQuery);
return(BaseBusinessLogic.FieldToArray(dataTable, targetField));
}
/// <summary>
/// 获取数据表
/// 这个方法按道理目标数据不会非常大,所以可以不优化,问题不大
/// </summary>
/// <param name="dbHelper">数据库连接</param>
/// <param name="tableName">目标表名</param>
/// <param name="name">字段名</param>
/// <param name="values">字段值</param>
/// <param name="targetField">目标字段</param>
/// <returns>数据表</returns>
public static string[] GetProperties(IDbHelper dbHelper, string tableName, string name, Object[] values, string targetField)
{
string sqlQuery = "SELECT " + targetField
+ " FROM " + tableName
+ " WHERE " + name + " IN (" + string.Join(",", values) + ")";
var dt = dbHelper.Fill(sqlQuery);
return(BaseBusinessLogic.FieldToArray(dt, targetField).Distinct <string>().Where(t => !string.IsNullOrEmpty(t)).ToArray());
}
/// <summary>
/// 获取数据表
/// </summary>
/// <param name="dbHelper">数据库连接</param>
/// <param name="tableName">数据来源表名</param>
/// <param name="parameters">字段名,字段值</param>
/// <param name="topLimit">前几个记录</param>
/// <param name="targetField">目标字段</param>
/// <returns>数据表</returns>
public static string[] GetProperties(IDbHelper dbHelper, string tableName, List <KeyValuePair <string, object> > parameters, int?topLimit = null, string targetField = null)
{
if (string.IsNullOrEmpty(targetField))
{
targetField = BaseBusinessLogic.FieldId;
}
// 这里是需要完善的功能,完善了这个,是一次重大突破
string sqlQuery = " SELECT " + targetField + " FROM " + tableName;
string whereSql = string.Empty;
if (topLimit != null && topLimit > 0)
{
switch (dbHelper.CurrentDbType)
{
case CurrentDbType.Access:
case CurrentDbType.SqlServer:
sqlQuery = " SELECT TOP " + topLimit.ToString() + targetField + " FROM " + tableName;
break;
case CurrentDbType.Oracle:
whereSql = " ROWNUM < = " + topLimit;
break;
}
}
string subSql = GetWhereString(dbHelper, parameters, BaseBusinessLogic.SQLLogicConditional);
if (subSql.Length > 0)
{
if (whereSql.Length > 0)
{
whereSql = whereSql + BaseBusinessLogic.SQLLogicConditional + subSql;
}
else
{
whereSql = subSql;
}
}
if (whereSql.Length > 0)
{
sqlQuery += " WHERE " + whereSql;
}
if (topLimit != null)
{
switch (dbHelper.CurrentDbType)
{
case CurrentDbType.MySql:
sqlQuery += " LIMIT 0, " + topLimit;
break;
}
}
DataTable dataTable = new DataTable(tableName);
dbHelper.Fill(dataTable, sqlQuery, dbHelper.MakeParameters(parameters));
return(BaseBusinessLogic.FieldToArray(dataTable, targetField));
}
public string[] GetPermissionIds(string moduleId)
{
string[] returnValue = null;
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceCategory, BaseModuleEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceId, moduleId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldDeletionStateCode, 0));
DataTable dataTable = this.GetDataTable(parameters);
returnValue = BaseBusinessLogic.FieldToArray(dataTable, BasePermissionEntity.FieldPermissionItemId);
return(returnValue);
}
////
////
//// 授权范围管理部分
////
////
#region public string[] GetRoleIds(string roleId, string permissionItemCode) 获取员工的权限主键数组
/// <summary>
/// 获取员工的权限主键数组
/// </summary>
/// <param name="roleId">员工代吗</param>
/// <param name="permissionItemCode">权限代码</param>
/// <returns>主键数组</returns>
public string[] GetRoleIds(string roleId, string permissionItemCode)
{
string[] returnValue = null;
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseRoleEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, this.GetIdByCode(permissionItemCode)));
DataTable dataTable = this.GetDataTable(parameters);
returnValue = BaseBusinessLogic.FieldToArray(dataTable, BasePermissionScopeEntity.FieldTargetId);
return(returnValue);
}
/// <summary>
/// 获取孩子节点属性
/// </summary>
/// <param name="parentId">上级主键</param>
/// <param name="field">选择的字段</param>
/// <returns>孩子属性数组</returns>
public string[] GetChildrenProperties(string parentId, string field)
{
string[] result = null;
string sqlQuery = " SELECT " + field
+ " FROM " + BaseOrganizeEntity.TableName
+ " WHERE " + BaseOrganizeEntity.FieldEnabled + " = 1 "
+ " AND " + BaseOrganizeEntity.FieldDeletionStateCode + " = 0 "
+ " START WITH Id = " + parentId + " "
+ " CONNECT BY PRIOR " + BaseOrganizeEntity.FieldId + " = " + BaseOrganizeEntity.FieldParentId
+ " ORDER BY " + BaseOrganizeEntity.FieldSortCode;
DataTable dt = this.DbHelper.Fill(sqlQuery);
result = BaseBusinessLogic.FieldToArray(dt, field);
return(result);
}
////
////
//// 授权范围管理部分
////
////
#region public string[] GetRoleIds(string roleId, string permissionCode) 获取员工的权限主键数组
/// <summary>
/// 获取员工的权限主键数组
/// </summary>
/// <param name="roleId">员工主键</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>主键数组</returns>
public string[] GetRoleIds(string roleId, string permissionCode)
{
string[] result = null;
string roleTableName = this.UserInfo.SystemCode + "Role";
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, roleTableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, roleTableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionId, this.GetPermissionIdByCode(permissionCode)));
var dt = this.GetDataTable(parameters);
result = BaseBusinessLogic.FieldToArray(dt, BasePermissionScopeEntity.FieldTargetId).Distinct <string>().Where(t => !string.IsNullOrEmpty(t)).ToArray();
return(result);
}
/// <summary>
/// 获取员工的角色主键数组
/// </summary>
/// <param name="roleId">角色代吗</param>
/// <returns>主键数组</returns>
public string[] GetUserIdsInRole(string roleId)
{
string tableName = BaseUserRoleEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "UserRole";
}
// 需要显示未被删除的用户
string sqlQuery = " SELECT Id AS USERID FROM BaseUser WHERE (RoleId = " + roleId + ") AND (DeletionStateCode = 0) AND (Enabled = 1) "
+ " UNION SELECT UserId FROM " + tableName + " WHERE (RoleId = " + roleId + ") AND (UserId IN (SELECT Id FROM BaseUser WHERE (DeletionStateCode = 0))) AND (DeletionStateCode = 0) ";
DataTable dataTable = DbHelper.Fill(sqlQuery);
return(BaseBusinessLogic.FieldToArray(dataTable, BaseUserRoleEntity.FieldUserId));
}
////
////
//// 授权范围管理部分
////
////
#region public string[] GetPermissionIds(string userId, string permissionCode) 获取员工的权限主键数组
/// <summary>
/// 获取员工的权限主键数组
/// </summary>
/// <param name="userId">员工主键</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>主键数组</returns>
public string[] GetPermissionIds(string systemCode, string userId, string permissionCode)
{
string[] result = null;
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseUserEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, userId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseModuleEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionId, BaseModuleManager.GetIdByCodeByCache(systemCode, permissionCode)));
var dt = this.GetDataTable(parameters);
result = BaseBusinessLogic.FieldToArray(dt, BasePermissionScopeEntity.FieldTargetId).Distinct <string>().Where(t => !string.IsNullOrEmpty(t)).ToArray();
return(result);
}
//////////////////////////////////////////////////////////////////////////////////////////////////////
/// 资源权限设定关系相关
//////////////////////////////////////////////////////////////////////////////////////////////////////
#region public string[] GetResourcePermissionIds(BaseUserInfo userInfo, string resourceCategory, string resourceId)
/// <summary>
/// 获取资源权限主键数组
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="resourceCategory">资源分类</param>
/// <returns>主键数组</returns>
public string[] GetResourcePermissionIds(BaseUserInfo userInfo, string resourceCategory, string resourceId)
{
string[] result = null;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceCategory, resourceCategory));
parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceId, resourceId));
var dt = DbLogic.GetDataTable(dbHelper, BasePermissionEntity.TableName, parameters);
result = BaseBusinessLogic.FieldToArray(dt, BasePermissionEntity.FieldPermissionId).Distinct <string>().Where(t => !string.IsNullOrEmpty(t)).ToArray();
});
return(result);
}
/// <summary>
/// 获取委托列表
/// </summary>
/// <param name="permissionCode">操作权限编号</param>
/// <param name="userId">用户主键</param>
/// <returns>数据表</returns>
public DataTable GetAuthorizeDT(string systemCode, string permissionCode, string userId = null)
{
if (userId == null)
{
userId = this.UserInfo.Id;
}
// 获取别人委托我的列表
string permissionId = string.Empty;
permissionId = BaseModuleManager.GetIdByCodeByCache(systemCode, permissionCode);
string tableName = systemCode + "PermissionScope";
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(this.UserInfo, tableName);
string[] names = new string[] {
BasePermissionScopeEntity.FieldDeletionStateCode
, BasePermissionScopeEntity.FieldEnabled
, BasePermissionScopeEntity.FieldResourceCategory
, BasePermissionScopeEntity.FieldPermissionId
, BasePermissionScopeEntity.FieldTargetCategory
, BasePermissionScopeEntity.FieldTargetId
};
Object[] values = new Object[] { 0, 1, BaseUserEntity.TableName, permissionId, BaseUserEntity.TableName, userId };
// 排除过期的,此方法有性能问题,已经放到后台的Sql中处理。 comment by zgl on 2011-10-27
//var result = manager.GetDataTable(names, values);
//for (int i = 0; i < result.Rows.Count; i++)
//{
// if (!string.IsNullOrEmpty(result.Rows[i][BasePermissionScopeEntity.FieldEndDate].ToString()))
// {
// // 过期的不显示
// if (DateTime.Parse(result.Rows[i][BasePermissionScopeEntity.FieldEndDate].ToString()).Date < DateTime.Now.Date)
// {
// result.Rows.RemoveAt(i);
// // result 行数会减少
// i--;
// }
// }
//}
//排除过期的,已经放到后台的Sql中处理。
var dt = permissionScopeManager.GetAuthoriedList(BaseUserEntity.TableName, permissionId, BaseUserEntity.TableName, userId);
string[] userIds = BaseBusinessLogic.FieldToArray(dt, BasePermissionScopeEntity.FieldResourceId).Distinct <string>().Where(t => !string.IsNullOrEmpty(t)).ToArray();
BaseUserManager userManager = new BaseUserManager(this.UserInfo);
return(userManager.GetDataTable(userIds));
}
public string[] GetUserIds(string[] userIds, string[] organizeIds, string[] roleIds)
{
/*
* // 要注意不能重复发信息,只能发一次。
* // 按公司查找用户
* string[] companyUsers = null;
* // 按部门查找用户
* string[] departmentUsers = null;
* // 按工作组查找用户
* string[] workgroupUsers = null;
* if (ids != null && ids.Length > 0)
* {
* // 这里获得的是用户主键,不是员工主键
* companyUsers = this.GetIds(new KeyValuePair<string, object>(BaseUserEntity.FieldDeletionStateCode, 0)
* , new KeyValuePair<string, object>(BaseUserEntity.FieldEnabled, 1)
* , new KeyValuePair<string, object>(BaseUserEntity.FieldCompanyId, ids));
* subCompanyUsers = this.GetIds(new KeyValuePair<string, object>(BaseUserEntity.FieldDeletionStateCode, 0)
* , new KeyValuePair<string, object>(BaseUserEntity.FieldEnabled, 1)
* , new KeyValuePair<string, object>(BaseUserEntity.FieldSubCompanyId, ids));
* departmentUsers = this.GetIds(new KeyValuePair<string, object>(BaseUserEntity.FieldDeletionStateCode, 0)
* , new KeyValuePair<string, object>(BaseUserEntity.FieldEnabled, 1)
* , new KeyValuePair<string, object>(BaseUserEntity.FieldDepartmentId, ids));
* workgroupUsers = this.GetIds(new KeyValuePair<string, object>(BaseUserEntity.FieldDeletionStateCode, 0)
* , new KeyValuePair<string, object>(BaseUserEntity.FieldEnabled, 1)
* , new KeyValuePair<string, object>(BaseUserEntity.FieldWorkgroupId, ids));
* }
*/
string[] companyUsers = null;
if (organizeIds != null && organizeIds.Length > 0)
{
string sqlQuery = this.GetUserSQL(organizeIds, true);
var dt = DbHelper.Fill(sqlQuery);
companyUsers = BaseBusinessLogic.FieldToArray(dt, BaseUserEntity.FieldId).Distinct <string>().Where(t => !string.IsNullOrEmpty(t)).ToArray();
}
string[] roleUsers = null;
if (roleIds != null && roleIds.Length > 0)
{
roleUsers = this.GetUserIds(roleIds);
}
// userIds = StringUtil.Concat(userIds, companyUsers, departmentUsers, workgroupUsers, roleUsers);
userIds = StringUtil.Concat(userIds, companyUsers, roleUsers);
return(userIds);
}
/// <summary>
/// 获取在线用户,客服
/// </summary>
/// <param name="userIds"></param>
/// <returns></returns>
public string[] GetOnLineUserIds(string[] userIds)
{
string[] result = null;
string sqlQuery = "SELECT " + BaseUserLogOnEntity.FieldId
+ " FROM " + this.CurrentTableName
+ " WHERE " + BaseUserLogOnEntity.FieldUserOnLine + " = 1 ";
if (userIds != null && userIds.Length > 0)
{
sqlQuery += " AND " + BaseUserLogOnEntity.FieldId + " IN (" + BaseBusinessLogic.ObjectsToList(userIds) + ") ";
}
DataTable dt = this.DbHelper.Fill(sqlQuery);
result = BaseBusinessLogic.FieldToArray(dt, BaseUserLogOnEntity.FieldId);
return(result);
}
//////////////////////////////////////////////////////////////////////////////////////////////////////
/// 资源权限设定关系相关
//////////////////////////////////////////////////////////////////////////////////////////////////////
#region public string[] GetResourcePermissionItemIds(BaseUserInfo userInfo, string resourceCategory, string resourceId)
/// <summary>
/// 获取资源权限主键数组
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="resourceCategory">资源分类</param>
/// <returns>主键数组</returns>
public string[] GetResourcePermissionItemIds(BaseUserInfo userInfo, string resourceCategory, string resourceId)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
string[] returnValue = null;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceCategory, resourceCategory));
parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceId, resourceId));
DataTable dataTable = DbLogic.GetDataTable(dbHelper, BasePermissionEntity.TableName, parameters);
returnValue = BaseBusinessLogic.FieldToArray(dataTable, BasePermissionEntity.FieldPermissionItemId);
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_GetResourcePermissionItemIds, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return(returnValue);
}
/// <summary>
/// 获取用户权限树
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <param name="permissionName">权限名称</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>用户主键</returns>
public string[] GetPermissionTreeUserIds(string systemCode, string userId, string permissionCode, string permissionName = null)
{
string[] result = null;
string tableName = string.Empty;
string permissionId = BaseModuleManager.GetIdByCodeByCache(systemCode, permissionCode);
if (!string.IsNullOrEmpty(permissionId))
{
tableName = " (SELECT ResourceId, TargetId FROM " + UserInfo.SystemCode + "PermissionScope WHERE Enabled = 1 AND DeletionStateCode = 0 AND ResourceCategory = '" + BaseUserEntity.TableName + "' AND TargetCategory = '" + BaseUserEntity.TableName + "' AND PermissionId = " + permissionId + ") T ";
// tableName = UserInfo.SystemCode + "UserUserScope";
string fieldParentId = "ResourceId"; //"ManagerUserId";
string fieldId = "TargetId"; // "UserId";
string order = null;
bool idOnly = true;
DataTable dt = DbLogic.GetChildrens(this.DbHelper, tableName, fieldId, userId, fieldParentId, order, idOnly);
result = BaseBusinessLogic.FieldToArray(dt, "TargetId");
}
return(result);
}
public string[] GetUserIds(string[] roleIds)
{
string tableName = BaseUserRoleEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "UserRole";
}
string[] userIds = null;
if (roleIds != null && roleIds.Length > 0)
{
// 需要显示未被删除的用户
string sqlQuery = " SELECT Id AS UserId FROM BaseUser WHERE (RoleId IN ( " + StringUtil.ArrayToList(roleIds) + ")) AND (DeletionStateCode = 0) AND (Enabled = 1) "
+ " UNION SELECT UserId FROM " + tableName + " WHERE (RoleId IN (" + StringUtil.ArrayToList(roleIds) + ")) "
+ " AND (UserId IN (SELECT Id FROM BaseUser WHERE (DeletionStateCode = 0))) AND (DeletionStateCode = 0) ";
DataTable dataTable = DbHelper.Fill(sqlQuery);
userIds = BaseBusinessLogic.FieldToArray(dataTable, BaseUserRoleEntity.FieldUserId);
}
return(userIds);
}
public string[] GetPermissionIdsByUser(string userId)
{
string tableName = BaseUserRoleEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "UserRole";
}
string sqlQuery =
// 用户的操作权限
" SELECT " + BasePermissionEntity.FieldPermissionItemId
+ " FROM " + this.CurrentTableName
+ " WHERE (" + BasePermissionEntity.FieldResourceCategory + " = '" + BaseUserEntity.TableName + "') "
+ " AND (" + BasePermissionEntity.FieldEnabled + " = 1) "
+ " AND (" + BasePermissionEntity.FieldResourceId + " = '" + userId + "')"
+ " UNION "
// 角色的操作权限
+ " SELECT " + BasePermissionEntity.FieldPermissionItemId
+ " FROM " + this.CurrentTableName
+ " WHERE " + "(" + BasePermissionEntity.FieldResourceCategory + " = '" + BaseRoleEntity.TableName + "') "
+ " AND (" + BasePermissionEntity.FieldEnabled + " = 1) "
+ " AND (" + BasePermissionEntity.FieldResourceId + " IN ( "
+ " SELECT " + BaseUserRoleEntity.FieldRoleId
+ " FROM " + tableName
+ " WHERE " + BaseUserRoleEntity.FieldUserId + " = '" + userId + "' "
+ " AND " + BaseUserRoleEntity.FieldEnabled + " = 1"
+ " UNION "
+ " SELECT " + BaseUserEntity.FieldRoleId
+ " FROM " + BaseUserEntity.TableName
+ " WHERE " + BaseUserEntity.FieldId + " = '" + userId + "'"
+ ")) ";
DataTable dataTable = DbHelper.Fill(sqlQuery);
string[] permissionItemIds = BaseBusinessLogic.FieldToArray(dataTable, BasePermissionEntity.FieldPermissionItemId);
// 按部门获取权限项
if (BaseSystemInfo.UseOrganizePermission)
{
sqlQuery = string.Empty;
BaseUserEntity userEntity = new BaseUserManager(this.DbHelper).GetEntity(userId);
sqlQuery = " SELECT " + BasePermissionEntity.FieldPermissionItemId
+ " FROM " + this.CurrentTableName
+ " WHERE (" + this.CurrentTableName + ".ResourceCategory = '" +
BaseOrganizeEntity.TableName + "') "
+ " AND (ResourceId = '" + userEntity.CompanyId + "' OR "
+ " ResourceId = '" + userEntity.DepartmentId + "' OR "
+ " ResourceId = '" + userEntity.SubCompanyId + "' OR"
+ " ResourceId = '" + userEntity.WorkgroupId + "') "
+ " AND (Enabled = 1) "
+ " AND (DeletionStateCode = 0)";
dataTable = DbHelper.Fill(sqlQuery);
string[] permissionItemIdsByOrganize = BaseBusinessLogic.FieldToArray(dataTable,
BasePermissionEntity.FieldPermissionItemId);
permissionItemIds = StringUtil.Concat(permissionItemIds, permissionItemIdsByOrganize);
}
return(permissionItemIds);
}
/// <summary>
/// 获得所有主键数组
/// </summary>
/// <returns>主键数组</returns>
private string[] GetIds()
{
return(BaseBusinessLogic.FieldToArray(this.DTUser, BaseUserEntity.FieldId));
}
/// <summary>
/// 获取子节点列表
/// </summary>
/// <param name="dbHelper">数据库连接</param>
/// <param name="tableName">目标表明</param>
/// <param name="fieldId">主键字段</param>
/// <param name="id">值</param>
/// <param name="fieldParentId">父亲节点字段</param>
/// <param name="order">排序</param>
/// <returns>主键数组</returns>
public static string[] GetChildrensId(IDbHelper dbHelper, string tableName, string fieldId, string id, string fieldParentId, string order)
{
return(BaseBusinessLogic.FieldToArray(GetChildrens(dbHelper, tableName, fieldId, id, fieldParentId, order, true), BaseBusinessLogic.FieldId));
}
/// <summary>
/// 获取用户的管理网点
/// </summary>
/// <param name="result">数据权限主键</param>
/// <returns>管理网点数组</returns>
public string[] GetUserCompanyIds(string userId, string permissionId)
{
string[] result = null;
// 用户有权限的省?获取省的网点?
// 用户有权限的市?市的网点?
// 用户有权限的县?县的网点?
// 用户有权限的街道?街道的网点?
List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseUserEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, userId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionId, permissionId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldEnabled, 1));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0));
string tableName = this.UserInfo.SystemCode + "PermissionScope";
BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo, tableName);
string[] areaIds = permissionScopeManager.GetProperties(parameters, BasePermissionScopeEntity.FieldTargetId);
// 按区域分割省、市、县、街道
string[] province = null;
string[] city = null;
string[] district = null;
string[] street = null;
SplitArea(areaIds, out province, out city, out district, out street);
string[] areaCompanyIds = null;
if (areaIds != null && areaIds.Length > 0)
{
string commandText = " SELECT " + BaseOrganizeEntity.FieldId
+ " FROM " + BaseOrganizeEntity.TableName
+ " WHERE " + BaseOrganizeEntity.FieldEnabled + " = 1 "
+ " AND " + BaseOrganizeEntity.FieldDeletionStateCode + " = 0 "
+ " AND (";
if (province != null && province.Length > 0)
{
commandText += BaseOrganizeEntity.FieldProvinceId + " IN (" + BaseBusinessLogic.ObjectsToList(province, "'") + ")";
}
if (city != null && city.Length > 0)
{
if (province != null && province.Length > 0)
{
commandText += " OR ";
}
commandText += BaseOrganizeEntity.FieldCityId + " IN (" + BaseBusinessLogic.ObjectsToList(city, "'") + ")";
}
if (district != null && district.Length > 0)
{
if ((province != null && province.Length > 0) || (city != null && city.Length > 0))
{
commandText += " OR ";
}
commandText += BaseOrganizeEntity.FieldDistrictId + " IN (" + BaseBusinessLogic.ObjectsToList(district, "'") + ")";
}
if (street != null && street.Length > 0)
{
if ((province != null && province.Length > 0) || (city != null && city.Length > 0) || (district != null && district.Length > 0))
{
commandText += " OR ";
}
commandText += BaseOrganizeEntity.FieldStreetId + " IN (" + BaseBusinessLogic.ObjectsToList(areaIds, "'") + ")";
}
commandText += ")";
BaseOrganizeManager organizeManager = new BaseOrganizeManager();
DataTable dt = organizeManager.Fill(commandText);
areaCompanyIds = BaseBusinessLogic.FieldToArray(dt, BaseOrganizeEntity.FieldId);
}
// 用户直接有权限的网点
parameters = new List <KeyValuePair <string, object> >();
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseUserEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, userId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionId, permissionId));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizeEntity.TableName));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldEnabled, 1));
parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0));
string[] companyIds = permissionScopeManager.GetProperties(parameters, BasePermissionScopeEntity.FieldTargetId);
result = StringUtil.Concat(companyIds, areaCompanyIds);
return(result);
}
/// <summary>
/// 获取父子节点列表
/// </summary>
/// <param name="dbHelper">数据库连接</param>
/// <param name="tableName">目标表明</param>
/// <param name="fieldCode">编码字段</param>
/// <param name="code">编码</param>
/// <param name="order">排序</param>
/// <returns>主键数组</returns>
public static string[] GetParentChildrensIdByCode(IDbHelper dbHelper, string tableName, string fieldCode, string code, string order)
{
return(BaseBusinessLogic.FieldToArray(GetParentChildrensByCode(dbHelper, tableName, fieldCode, code, order, true), BaseBusinessLogic.FieldId));
}
/// <summary>
/// 获取父子节点列表
/// </summary>
/// <param name="dbHelper">数据库连接</param>
/// <param name="tableName">目标表明</param>
/// <param name="fieldCode">编码字段</param>
/// <param name="code">编码</param>
/// <param name="order">排序</param>
/// <returns>主键数组</returns>
public static string[] GetParentChildrensIdByCode(IDbHelper dbHelper, string tableName, string fieldCode, string code, string order)
{
return(BaseBusinessLogic.FieldToArray(GetParentChildrensByCode(dbHelper, tableName, fieldCode, code, order, true), BaseBusinessLogic.FieldId).Distinct <string>().Where(t => !string.IsNullOrEmpty(t)).ToArray());
}
