/// <summary>
/// 判断记录是否存在
/// </summary>
public bool RoleAuthorityExists(Entity.BASE_ROLEAUTHORITYLIST model)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("select count(1) from Base_RoleAuthorityList where ");
if (model.UserID != 0)//判断是角色权限还是用户权限
{
strSql.Append("UserID=@UserID");
}
else if (model.RoleID != 0)
{
strSql.Append("RoleID=@RoleID");
}
else
{
strSql.Append("GroupID=@GroupID");
}
strSql.Append(" and ModuleID=@ModuleID and AuthorityTag=@AuthorityTag");
SqlParameter[] parameters =
{
new SqlParameter("@UserID", SqlDbType.Int, 4),
new SqlParameter("@RoleID", SqlDbType.Int, 4),
new SqlParameter("@GroupID", SqlDbType.Int, 4),
new SqlParameter("@ModuleID", SqlDbType.Int, 4),
new SqlParameter("@AuthorityTag", SqlDbType.NVarChar, 50)
};
parameters[0].Value = model.UserID;
parameters[1].Value = model.RoleID;
parameters[2].Value = model.GroupID;
parameters[3].Value = model.ModuleID;
parameters[4].Value = model.AuthorityTag;
return(SqlServerHelper.Exists(strSql.ToString(), parameters));
}
/// <summary>
/// 得到一个对象实体
/// </summary>
public Entity.BASE_ROLEAUTHORITYLIST GetEntity(int ID)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("select ID, UserID, RoleID, GroupID, ModuleID, AuthorityTag, Flag ");
strSql.Append(" from BASE_ROLEAUTHORITYLIST ");
strSql.Append(" where ID=@ID");
SqlParameter[] parameters =
{
new SqlParameter("@ID", SqlDbType.Int, 4)
};
parameters[0].Value = ID;
Entity.BASE_ROLEAUTHORITYLIST entity = new Entity.BASE_ROLEAUTHORITYLIST();
DataSet ds = SqlServerHelper.Query(strSql.ToString(), parameters);
if (ds.Tables[0].Rows.Count > 0)
{
if (ds.Tables[0].Rows[0]["ID"].ToString() != "")
{
entity.ID = int.Parse(ds.Tables[0].Rows[0]["ID"].ToString());
}
if (ds.Tables[0].Rows[0]["UserID"].ToString() != "")
{
entity.UserID = int.Parse(ds.Tables[0].Rows[0]["UserID"].ToString());
}
if (ds.Tables[0].Rows[0]["RoleID"].ToString() != "")
{
entity.RoleID = int.Parse(ds.Tables[0].Rows[0]["RoleID"].ToString());
}
if (ds.Tables[0].Rows[0]["GroupID"].ToString() != "")
{
entity.GroupID = int.Parse(ds.Tables[0].Rows[0]["GroupID"].ToString());
}
if (ds.Tables[0].Rows[0]["ModuleID"].ToString() != "")
{
entity.ModuleID = int.Parse(ds.Tables[0].Rows[0]["ModuleID"].ToString());
}
entity.AuthorityTag = ds.Tables[0].Rows[0]["AuthorityTag"].ToString();
if (ds.Tables[0].Rows[0]["Flag"].ToString() != "")
{
if ((ds.Tables[0].Rows[0]["Flag"].ToString() == "1") || (ds.Tables[0].Rows[0]["Flag"].ToString().ToLower() == "true"))
{
entity.Flag = true;
}
else
{
entity.Flag = false;
}
}
return(entity);
}
else
{
return(null);
}
}
/// <summary>
/// 判断是否有模块访问权限
/// </summary>
/// <param name="ModuleID">模块ID</param>
/// <param name="AuthorityTag">权限标识</param>
/// <returns></returns>
public static bool ValidationModule(int ModuleID, string AuthorityTag)
{
bool ret = false;
SQLServerDAL.BASE_ROLE bll = new SQLServerDAL.BASE_ROLE();
Entity.BASE_ROLEAUTHORITYLIST model = new Entity.BASE_ROLEAUTHORITYLIST();
ArrayList rid = Code.SessionBox.GetUserSession().RoleID;
for (int ri = 0; ri < rid.Count; ri++)
{
model.UserID = 0;
model.RoleID = int.Parse(rid[ri].ToString().Split(',')[0]);
model.ModuleID = ModuleID;
model.AuthorityTag = AuthorityTag;
if (bll.RoleAuthorityExists(model))
{
//只要有一个角色有操作权限都会返回真
ret = true;
break;
}
}
//读取用户拥有的该模块权限
if (ConfigurationManager.AppSettings["UserGrant"].ToString().ToLower() == "true")
{
DataSet RALds = bll.GetUserAuthorityList(Code.SessionBox.GetUserSession().LoginId, ModuleID);
for (int i = 0; i < RALds.Tables[0].Rows.Count; i++)
{
//判断模块的浏览权限
if (RALds.Tables[0].Rows[i]["AuthorityTag"].ToString().ToUpper() == "BROWSE")
{
if (RALds.Tables[0].Rows[i]["Flag"].ToString().ToLower() == "true")//允许查看
{
ret = true;
break;
}
else if (RALds.Tables[0].Rows[i]["Flag"].ToString().ToLower() != "true") //禁止收查看
{
ret = false;
break;
}
}
}
}
return(ret);
}
/// <summary>
/// 更新一条数据
/// </summary>
public bool Update(Entity.BASE_ROLEAUTHORITYLIST entity)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("update BASE_ROLEAUTHORITYLIST set ");
strSql.Append(" UserID = @UserID , ");
strSql.Append(" RoleID = @RoleID , ");
strSql.Append(" GroupID = @GroupID , ");
strSql.Append(" ModuleID = @ModuleID , ");
strSql.Append(" AuthorityTag = @AuthorityTag , ");
strSql.Append(" Flag = @Flag ");
strSql.Append(" where ID=@ID ");
SqlParameter[] parameters =
{
new SqlParameter("@ID", SqlDbType.Int, 4),
new SqlParameter("@UserID", SqlDbType.Int, 4),
new SqlParameter("@RoleID", SqlDbType.Int, 4),
new SqlParameter("@GroupID", SqlDbType.Int, 4),
new SqlParameter("@ModuleID", SqlDbType.Int, 4),
new SqlParameter("@AuthorityTag", SqlDbType.NVarChar, 50),
new SqlParameter("@Flag", SqlDbType.Bit, 1)
};
parameters[6].Value = entity.ID;
parameters[7].Value = entity.UserID;
parameters[8].Value = entity.RoleID;
parameters[9].Value = entity.GroupID;
parameters[10].Value = entity.ModuleID;
parameters[11].Value = entity.AuthorityTag;
parameters[12].Value = entity.Flag;
int rows = SqlServerHelper.ExecuteSql(strSql.ToString(), parameters);
if (rows > 0)
{
return(true);
}
else
{
return(false);
}
}
/// <summary>
/// 增加一条数据
/// </summary>
public int Add(Entity.BASE_ROLEAUTHORITYLIST entity)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("insert into BASE_ROLEAUTHORITYLIST(");
strSql.Append("UserID,RoleID,GroupID,ModuleID,AuthorityTag,Flag");
strSql.Append(") values (");
strSql.Append("@UserID,@RoleID,@GroupID,@ModuleID,@AuthorityTag,@Flag");
strSql.Append(") ");
strSql.Append(";select @@IDENTITY");
SqlParameter[] parameters =
{
new SqlParameter("@UserID", SqlDbType.Int, 4),
new SqlParameter("@RoleID", SqlDbType.Int, 4),
new SqlParameter("@GroupID", SqlDbType.Int, 4),
new SqlParameter("@ModuleID", SqlDbType.Int, 4),
new SqlParameter("@AuthorityTag", SqlDbType.NVarChar, 50),
new SqlParameter("@Flag", SqlDbType.Bit, 1)
};
parameters[0].Value = entity.UserID;
parameters[1].Value = entity.RoleID;
parameters[2].Value = entity.GroupID;
parameters[3].Value = entity.ModuleID;
parameters[4].Value = entity.AuthorityTag;
parameters[5].Value = entity.Flag;
object obj = SqlServerHelper.GetSingle(strSql.ToString(), parameters);
if (obj == null)
{
return(0);
}
else
{
return(Convert.ToInt32(obj));
}
}
/// <summary>
/// 判断记录是否存在
/// </summary>
public bool RoleAuthorityExists(Entity.BASE_ROLEAUTHORITYLIST model)
{
return(dal.RoleAuthorityExists(model));
}
