private static void AddUserSearch(ref SearchCondition condition, string queryField, string[] users, string userId)
{
if (users.Contains(SystemEnumUser.OwnDept.ToString()))
{
string userOrgId = Formula.FormulaHelper.GetService <Formula.IUserService>().GetUserInfoByID(userId).UserOrgID;
string userIds = Formula.FormulaHelper.GetService <Formula.IOrgService>().GetUserIDsInOrgs(userOrgId);
condition.Add(queryField, Formula.QueryMethod.In, userIds);
}
else if (users.Contains(SystemEnumUser.Owner.ToString()))
{
condition.Add(queryField, Formula.QueryMethod.Equal, userId);
}
}
private static void AddIntervalSearch(ref SearchCondition condition, string queryField, string[] intervals)
{
foreach (string interval in intervals)
{
DateTime?t0 = null;
DateTime?t1 = null;
if (SystemEnumInterval.YearBefore.ToString() == interval)
{
t1 = DateTime.Now.Date.AddDays(1).AddYears(-1);
condition.Add(queryField, Formula.QueryMethod.LessThan, (DateTime)t1);
}
else if (SystemEnumInterval.Year.ToString() == interval)
{
t1 = DateTime.Now.Date.AddDays(1);
t0 = ((DateTime)t1).AddYears(-1);
}
else if (SystemEnumInterval.HalfYear.ToString() == interval)
{
t1 = DateTime.Now.Date.AddDays(1);
t0 = ((DateTime)t1).AddMonths(-6);
}
else if (SystemEnumInterval.Month.ToString() == interval)
{
t1 = DateTime.Now.Date.AddDays(1);
t0 = ((DateTime)t1).AddMonths(-1);
}
else if (SystemEnumInterval.Week.ToString() == interval)
{
t1 = DateTime.Now.Date.AddDays(1);
t0 = ((DateTime)t1).AddDays(-7);
}
if (t0 != null && t1 != null)
{
condition.AddBetweenCondition(queryField, (DateTime)t0, (DateTime)t1);
}
else
{
if (t0 != null)
{
condition.Add(queryField, Formula.QueryMethod.GreaterThanOrEqual, (DateTime)t0);
}
else if (t1 != null)
{
condition.Add(queryField, Formula.QueryMethod.LessThan, (DateTime)t1);
}
}
}
}
public override JsonResult GetRelationList(QueryBuilder qb)
{
if (string.IsNullOrEmpty(Request["NodeFullID"]))
{
return(Json(""));
}
string resID = Request["NodeFullID"].Split('.').Last();
string sql = "";
if (Config.Constant.IsOracleDb)
{
sql = @"
select * from (
select ID, Name, to_char(FullID) as FullID,Description,'组织' as Type,'Org' as TypeCode from S_A__OrgRes join S_A_Org on OrgID=ID where ResID='{0}'
union
select ID, Name,'' as FullID,Description,'角色' as Type,'Role' as TypeCode from S_A__RoleRes join S_A_Role on RoleID=ID where ResID='{0}'
union
select ID, Name,'' as FullID,Description,'用户' as Type,'User' as TypeCode from S_A__UserRes join S_A_User on UserID=ID where ResID='{0}'
) table1 order by Type,FullID asc";
}
else
{
// sql = @"
//select * from (
//select ID, Name, FullID,Description,'组织' as Type,'Org' as TypeCode from S_A__OrgRes join S_A_Org on OrgID=ID where ResID='{0}'
//union
//select ID, Name,'' as FullID,Description,'角色' as Type,'Role' as TypeCode from S_A__RoleRes join S_A_Role on RoleID=ID where ResID='{0}'
//union
//select ID, Name,'' as FullID,Description,'用户' as Type,'User' as TypeCode from S_A__UserRes join S_A_User on UserID=ID where ResID='{0}'
//) table1 order by Type,FullID asc";
sql = @"
select * from (
select ID, Name, FullID,Description,'组织' as Type,'Org' as TypeCode from S_A__OrgRes join S_A_Org on OrgID=ID where ResID='{0}'
union
select ID, Name,CorpID as FullID,Description,'角色' as Type,'Role' as TypeCode from S_A__RoleRes join S_A_Role on RoleID=ID where ResID='{0}'
union
select S_A_User.ID, S_A_User.Name,max(S_A_Org.FullID) as FullID,S_A_User.Description,'用户' as Type,'User' as TypeCode from S_A__UserRes join S_A_User on UserID=ID
join S_A__OrgUser on S_A__OrgUser.UserID=S_A_User.ID
join S_A_Org on S_A_Org.ID=S_A__OrgUser.OrgID
where ResID='{0}'
group by S_A_User.ID, S_A_User.Name,S_A_User.Description
) table1 order by Type,FullID asc";
}
SQLHelper sqlHelper = SQLHelper.CreateSqlHelper("Base");
SearchCondition cnd = new SearchCondition();
if (!string.IsNullOrEmpty(Request["CorpID"]))
{
cnd.Add("FullID", Formula.QueryMethod.InLike, Request["CorpID"]);
}
return(Json(sqlHelper.ExecuteDataTable(string.Format(sql, resID), cnd)));
}
public override JsonResult GetTree()
{
string sql = "select * from S_A_Org where IsDeleted<>'1' order by SortIndex";
SearchCondition cnd = new SearchCondition();
if (!string.IsNullOrEmpty(Request["CorpID"]))
{
cnd.Add("FullID", QueryMethod.InLike, Request["CorpID"]);
}
SQLHelper sqlHelper = SQLHelper.CreateSqlHelper(ConnEnum.Base);
var dt = sqlHelper.ExecuteDataTable(sql, cnd);
return(Json(dt));
}
public JsonResult GetTree()
{
string fullID = Request["RootFullID"];
if (fullID == null)
{
fullID = "";
}
fullID = fullID.Trim(',', ' ');
SQLHelper sqlHelper = SQLHelper.CreateSqlHelper("Base");
string sql = string.Format(@"select ID,'' as FullName,Code,case when '{1}'='EN' then isnull(NameEN,Name) else Name end as Name,
ParentID,FullID,Type,SortIndex,Description from S_A_Org where FullID like '{0}%' and IsDeleted='0'", fullID, FormulaHelper.GetCurrentLGID());
if (!string.IsNullOrEmpty(Request["OrgType"]))
{
sql += string.Format(" and Type in ('{0}')", Request["OrgType"].Replace(",", "','"));
}
SearchCondition cnd = new SearchCondition();
if (!string.IsNullOrEmpty(Request["CorpID"]))
{
cnd.Add("FullID", Formula.QueryMethod.InLike, Request["CorpID"]);
}
sql += " order by ParentID,SortIndex";
var dt = sqlHelper.ExecuteDataTable(sql, cnd);
//数据量大后加载非常缓慢,故注释此处 by PengPai
//foreach (DataRow item in dt.Rows)
//{
// var itemFullID = item["FullID"].ToString();
// var itemFullIDList = itemFullID.Split('.');
// if (itemFullIDList.Length > 1)
// {
// var ancestorIDs = String.Join(",", itemFullIDList);
// var ancestorOrg = dt.Select("ID in ('" + ancestorIDs.Replace(",", "','") + "')", " FullID asc");
// var fullName = "";
// foreach (DataRow ancestor in ancestorOrg)
// {
// fullName += ancestor["Name"].ToString() + ".";
// }
// item["FullName"] = fullName.Trim().TrimEnd('.');
// }
//}
return(Json(dt, JsonRequestBehavior.AllowGet));
}
private static SearchCondition GetKeySearch(Dictionary <string, List <Dictionary <string, string> > > queryData)
{
SearchCondition condition = new SearchCondition();
condition.IsOrRelateion = true;
if (queryData != null)
{
List <Dictionary <string, string> > alKeyData = queryData["keydata"];
foreach (Dictionary <string, string> ht in alKeyData)
{
string queryField = ht["queryfield"];
string value = ht["value"];
condition.Add(queryField, Formula.QueryMethod.Like, value);
}
}
return(condition);
}
private static SearchCondition GetTabSearch(Dictionary <string, List <Dictionary <string, string> > > queryData, string userId)
{
SearchCondition condition = new SearchCondition();
condition.IsOrRelateion = false;
if (queryData != null)
{
List <Dictionary <string, string> > tabDatas = queryData["tabdata"];
foreach (Dictionary <string, string> tab in tabDatas)
{
string queryField = tab["queryfield"];
string enumKey = tab["enumkey"];
string[] values = tab["value"].Split(',');
if (values != null)
{
if (enumKey.ToLower() == "system.interval")
{
AddIntervalSearch(ref condition, queryField, values);
}
else if (enumKey.ToLower() == "system.ownerowndept")
{
AddUserSearch(ref condition, queryField, values, userId);
}
else
{
string strValue = string.Empty;
foreach (object obj in values)
{
strValue += Convert.ToString(obj) + ",";
}
condition.Add(queryField, Formula.QueryMethod.In, strValue.TrimEnd(','));
}
}
}
}
return(condition);
}
private static void dealOtherDataAuth(SearchCondition cnd, Res res, UserInfo user)
{
string dataFilter = res.DataFilter;
var arr = JsonHelper.ToObject <List <Dictionary <string, string> > >(dataFilter);
foreach (var a in arr)
{
string fieldName = a["FieldName"];
string queryMode = a["QueryMode"];
string value = a["Value"];
string orGroup = "";
if (a.ContainsKey("OrGroup") && !string.IsNullOrEmpty(a["OrGroup"]))
{
orGroup = a["OrGroup"];
}
#region 替换value中的变量
Regex reg = new Regex("\\{[0-9a-zA-Z_]*\\}");
value = reg.Replace(value, (Match m) =>
{
string v = m.Value.Trim('{', '}');
if (!string.IsNullOrEmpty(HttpContext.Current.Request[v]))
{
return(HttpContext.Current.Request[v]);
}
switch (v)
{
case Formula.Constant.CurrentUserID:
return(user.UserID);
case Formula.Constant.CurrentUserName:
return(user.UserName);
case Formula.Constant.CurrentUserOrgID:
return(user.UserOrgID);
case Formula.Constant.CurrentUserOrgIDs:
return(user.UserOrgIDs);
case Formula.Constant.CurrentUserOrgName:
return(user.UserOrgName);
case Formula.Constant.CurrentUserPrjID:
return(user.UserPrjID);
case Formula.Constant.CurrentUserPrjName:
return(user.UserPrjName);
case "CurrentTime":
return(DateTime.Now.ToString());
default:
return(m.Value);
}
});
#endregion
QueryMethod q = (QueryMethod)Enum.Parse(typeof(QueryMethod), queryMode);
cnd.Add(fieldName, q, value, orGroup, res.ID);
}
}
public static SearchCondition CreateAuthDataFilter()
{
UserInfo user = FormulaHelper.GetUserInfo();
SearchCondition cnd = new SearchCondition();
cnd.IsOrRelateion = true;
if (HttpContext.Current.Request.UrlReferrer == null)
{
return(cnd);
}
string url = HttpContext.Current.Request.UrlReferrer.PathAndQuery;
if (url.StartsWith("/portal", StringComparison.CurrentCultureIgnoreCase)) //在ActionResult中进行权限过滤
{
url = HttpContext.Current.Request.Url.PathAndQuery;
}
//没有定义数据权限,则不过滤数据
if (GetService <IResService>().GetRes(url, "Data").Count() == 0)
{
return(cnd);
}
//当前用户的数据级权限
var resList = GetService <IResService>().GetRes(url, "Data", user.UserID);
resList = resList.Where(c => c.Type == "Data").ToList();//三权分离的管理员会无条件拥有"系统管理菜单权限",因此需要重新过滤Data
if (resList.Where(c => c.DataFilter == "All").Count() > 0)
{
return(cnd);
}
else
{
if (Config.Constant.IsOracleDb)
{
foreach (var item in resList)
{
switch (item.DataFilter)
{
case "OrgID":
cnd.Add("ORGID", QueryMethod.Equal, user.UserOrgID);
break;
case "PrjID":
cnd.Add("PRJID", QueryMethod.Equal, user.UserPrjID);
break;
case "CreateUserID":
cnd.Add("CREATEUSERID", QueryMethod.Equal, user.UserID);
break;
default:
dealOtherDataAuth(cnd, item, user);
break;
}
}
}
else
{
foreach (var item in resList)
{
switch (item.DataFilter)
{
case "OrgID":
cnd.Add("OrgID", QueryMethod.Equal, user.UserOrgID);
break;
case "PrjID":
cnd.Add("PrjID", QueryMethod.Equal, user.UserPrjID);
break;
case "CreateUserID":
cnd.Add("CreateUserID", QueryMethod.Equal, user.UserID);
break;
default:
dealOtherDataAuth(cnd, item, user);
break;
}
}
}
}
if (cnd.Items.Count == 0)
{
cnd.Add("ID", QueryMethod.Equal, "");
}
return(cnd);
}
