/// <summary>
/// Updates the right.
/// </summary>
/// <param name="rightList">The right list.</param>
public void UpdateRight(List <Sys_Right> rightList)
{
using (var dataContext = new PCSDataContext(Utils.Instance.ConnectionString))
{
foreach (var sysRight in rightList)
{
var roleId = sysRight.RoleID;
var menuEntryId = sysRight.Menu_EntryID;
var right = dataContext.Sys_Rights.FirstOrDefault(r => r.RoleID == roleId && r.Menu_EntryID == menuEntryId);
if (right != null)
{
right.Permission = sysRight.Permission;
}
else
{
right = new Sys_Right
{
Menu_EntryID = sysRight.Menu_EntryID,
Permission = sysRight.Permission,
RoleID = sysRight.RoleID
};
dataContext.Sys_Rights.InsertOnSubmit(right);
}
}
dataContext.SubmitChanges();
}
}
/// <summary>
/// This method checks business rule and call Add() method of DS class
/// </summary>
public void AddSysRight(Sys_Right right)
{
const string METHOD_NAME = THIS + ".Add()";
try
{
using (var trans = new TransactionScope())
{
var dcPCS = new PCSDataContext(Utils.Instance.ConnectionString);
dcPCS.Sys_Rights.InsertOnSubmit(right);
// submit changes
dcPCS.SubmitChanges();
trans.Complete();
}
}
catch (SqlException ex)
{
if (ex.Errors.Count > 1)
{
if (ex.Number == ErrorCode.SQLDUPLICATE_KEYCODE)
{
throw new PCSDBException(ErrorCode.DUPLICATE_KEY, METHOD_NAME, ex);
}
throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex);
}
throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex);
}
}
private string GetParents(int rightId)
{
var list = new List <int> {
rightId
};
Sys_Right right = AllRights.Find(p => p.RightId == rightId);
while (right.ParentId != 0)
{
int parentId = right.ParentId;
list.Add(right.ParentId);
right = AllRights.Find(p => p.RightId == parentId);
}
string result = string.Empty;
for (int i = list.Count - 1; i >= 0; i--)
{
result += list[i] + "-";
}
if (result.EndsWith("-"))
{
result = result.Substring(0, result.LastIndexOf('-'));
}
return(result);
}
/// <summary>
/// This method uses to update data in SysRight table
/// </summary>
public void UpdateSysRight(Sys_Right right)
{
const string METHOD_NAME = THIS + ".UpdateSysRight()";
try
{
using (var trans = new TransactionScope())
{
var dcPCS = new PCSDataContext(Utils.Instance.ConnectionString);
Sys_Right current = dcPCS.Sys_Rights.SingleOrDefault(r => r.RightID == right.RightID);
if (current != null)
{
current.Menu_EntryID = right.Menu_EntryID;
current.Permission = right.Permission;
current.RoleID = right.RoleID;
// submit changes
dcPCS.SubmitChanges();
}
trans.Complete();
}
}
catch (SqlException ex)
{
if (ex.Errors.Count > 1)
{
if (ex.Number == ErrorCode.SQLDUPLICATE_KEYCODE)
{
throw new PCSDBException(ErrorCode.DUPLICATE_KEY, METHOD_NAME, ex);
}
throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex);
}
throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex);
}
}
protected virtual bool HasRight(ActionExecutingContext filterContext, out string message)
{
//判断有没有权限
var filterContextInfo = new FilterContextInfo(filterContext);
string url = filterContextInfo.controllerName + "/" + filterContextInfo.actionName;
bool hasRight = false;
//使用配置文件的方式去掉权限系统不管理的Url
List <string> exUrls = cacheManager.Get("ExcludeUrls", () =>
{
var urls = (UrlExcludeConfigurationSection)ConfigurationManager.GetSection("excludeUrls");
return((from RetechUrlConfigurationElement urlElement in urls.ExcludeUrls
select urlElement.Url).ToList());
});
if (exUrls != null && exUrls.Exists(p => p.Equals(url, StringComparison.CurrentCultureIgnoreCase)))
{
hasRight = true;
}
else
{
List <Sys_Right> allRights = cacheManager.Get("all_rights", () => { return(new RightBL().GetAllRights()); });
if (allRights != null)
{
Sys_Right right = allRights.Find(p => p.Path.ToUpper() == url.ToUpper());
if (right != null)
{
var userRights = filterContext.HttpContext.Session["myRights"] as List <Sys_Right>;
if (userRights != null)
{
if (userRights.Exists(p => p.RightId == right.RightId))
{
hasRight = true;
}
}
}
else
{
hasRight = true;
}
}
}
if (filterContext.HttpContext.Session["myRights"] == null)
{
message = "未登录";
}
else if (!hasRight)
{
message = "无权限";
}
else
{
message = "";
}
return(hasRight);
}
public ActionResult RightEdit(int id = 0)
{
Sys_Right right = AllRights.Find(p => p.RightId == id) ?? new Sys_Right
{
RightId = 0,
Path = "",
RightDesc = "",
RightName = ""
};
ViewData["allrights"] = AllRights;
return(View(right));
}
public void UpdateTrans(Sys_Menu_Entry menu, int roleId)
{
const string METHOD_NAME = THIS + ".Delete()";
try
{
using (var trans = new TransactionScope())
{
PCSDataContext dataContext = new PCSDataContext(Utils.Instance.ConnectionString);
var current = dataContext.Sys_Menu_Entries.SingleOrDefault(m => m.Menu_EntryID == menu.Menu_EntryID);
if (current != null)
{
current.Text_Caption_EN_US = menu.Text_Caption_EN_US;
current.Text_Caption_JA_JP = menu.Text_Caption_JA_JP;
current.Text_Caption_VI_VN = menu.Text_Caption_VI_VN;
current.Text_CaptionDefault = menu.Text_CaptionDefault;
current.Prefix = menu.Prefix;
current.TransFormat = menu.TransFormat;
}
else
{
dataContext.Sys_Menu_Entries.InsertOnSubmit(menu);
// create right for new menu
var right = new Sys_Right
{
Menu_EntryID = menu.Menu_EntryID,
Permission = 1,
RoleID = roleId
};
dataContext.Sys_Rights.InsertOnSubmit(right);
}
dataContext.SubmitChanges();
trans.Complete();
}
}
catch (SqlException ex)
{
if (ex.Errors.Count > 1)
{
if (ex.Number == ErrorCode.SQLDUPLICATE_UNIQUE_KEYCODE)
{
throw new PCSDBException(ErrorCode.DUPLICATE_KEY, METHOD_NAME, ex);
}
throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex);
}
throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex);
}
}
/// <summary>
/// Add new menu to database and return id
/// </summary>
/// <param name="menu">SysMenuEntry object</param>
/// <param name="roleId">Role ID</param>
/// <returns>New ID</returns>
public int AddAndReturnID(Sys_Menu_Entry menu, int roleId)
{
const string METHOD_NAME = THIS + ".AddAndReturnID()";
try
{
using (var trans = new TransactionScope())
{
PCSDataContext dataContext = new PCSDataContext(Utils.Instance.ConnectionString);
dataContext.Sys_Menu_Entries.InsertOnSubmit(menu);
// update button caption
var subMenus = dataContext.Sys_Menu_Entries.Where(
m => m.Parent_Shortcut == menu.Parent_Shortcut && m.Button_Caption > menu.Button_Caption).OrderBy(
m => m.Button_Caption).ToList();
subMenus.ForEach(m => m.Button_Caption = m.Button_Caption + 1);
// save new menu
menu.Button_Caption += 1;
// submit changes
dataContext.SubmitChanges();
// create right for new menu
var right = new Sys_Right
{
Menu_EntryID = menu.Menu_EntryID,
Permission = 1,
RoleID = roleId
};
dataContext.Sys_Rights.InsertOnSubmit(right);
dataContext.SubmitChanges();
trans.Complete();
return(menu.Menu_EntryID);
}
}
catch (SqlException ex)
{
if (ex.Errors.Count > 1)
{
if (ex.Number == ErrorCode.SQLDUPLICATE_UNIQUE_KEYCODE)
{
throw new PCSDBException(ErrorCode.DUPLICATE_KEY, METHOD_NAME, ex);
}
throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex);
}
throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex);
}
}
private void UpdateRight(int roleId, List <Sys_Right> roleRights, TreeNodeAdv parentNode)
{
var children = parentNode == null ? FunctionListTree.Nodes : parentNode.Nodes;
foreach (TreeNodeAdv node in children)
{
var menuEntry = (Sys_Menu_Entry)node.Tag;
var right = roleRights.FirstOrDefault(r => r.Menu_EntryID == menuEntry.Menu_EntryID && r.RoleID == roleId);
// current menu entry did not exist in the right records and the node is not check, continue
if (right == null && !node.Checked)
{
continue;
}
int permission;
switch (node.CheckState)
{
case CheckState.Checked:
permission = (int)MenuPermission.All;
break;
case CheckState.Unchecked:
permission = (int)MenuPermission.None;
break;
default:
permission = (int)MenuPermission.View;
break;
}
if (right != null)
{
right.Permission = permission;
}
else
{
right = new Sys_Right {
Menu_EntryID = menuEntry.Menu_EntryID, Permission = permission, RoleID = roleId
};
roleRights.Add(right);
}
if (node.GetNodeCount(true) > 0)
{
UpdateRight(roleId, roleRights, node);
}
}
}
/// <summary>
/// 修改权限
/// </summary>
/// <returns></returns>
public bool Update(Sys_Right model)
{
using (IDbConnection connection = OpenConnection())
{
const string sqlwhere =
"update Sys_Right set RightName=@RightName,RightType=@RightType,Path=@Path,RightDesc=@RightDesc,ParentId=@ParentId,ShowOrder=@ShowOrder,ModuleName=@moduleName where RightId=@RightId";
var param = new
{
model.RightName,
model.RightType,
model.Path,
model.RightDesc,
model.ParentId,
model.ShowOrder,
model.RightId,
moduleName = model.ModuleName
};
int result = connection.Execute(sqlwhere, param);
return(result > 0);
}
}
/// <summary>
/// 插入权限
/// </summary>
/// <returns>rightId</returns>
public void Add(Sys_Right model)
{
using (IDbConnection connection = OpenConnection())
{
const string sqlwhere =
@"insert into Sys_Right(RightName,RightType,Path,RightDesc,ParentId,ShowOrder) values(@RightName,@RightType,@Path,@RightDesc,@ParentId,@ShowOrder)
SELECT @@Identity AS ID
";
var param = new
{
model.RightName,
model.RightType,
model.Path,
model.RightDesc,
model.ParentId,
model.ShowOrder
};
dynamic id = connection.Query <decimal>(sqlwhere, param).FirstOrDefault();
model.RightId = Convert.ToInt32(id);
}
}
/// <summary>
/// 获取当前请求的页面的菜单
/// </summary>
/// <param name="urs">权限集合</param>
/// <param name="url">当前请求的url</param>
/// <param name="flag">0:总(一级)菜单;1:子(二级)菜单</param>
/// <returns></returns>
private Sys_Right GetSubMenu(List <Sys_Right> urs, string url, int flag)
{
Sys_Right obj = urs.FirstOrDefault(p => p.Path.ToLower() == url.ToLower());
if (obj != null)
{
Session["moduleName"] = string.IsNullOrEmpty(obj.ModuleName)
? Session["moduleName"].ToString()
: obj.ModuleName;
Sys_Right fr = urs.FirstOrDefault(p => p.RightId == obj.ParentId);
if (obj.RightType == 0 &&
(flag == 1 || (flag == 0 && (fr != null && fr.ParentId == 0))))
{
return(obj);
}
Sys_Right sysRight = urs.FirstOrDefault(p => p.RightId == obj.ParentId);
if (sysRight != null)
{
return(GetSubMenu(urs, sysRight.Path, flag));
}
}
return(null);
}
/// <summary>
/// 修改权限
/// </summary>
/// <returns></returns>
public bool Update(Sys_Right model)
{
return(_rightDB.Update(model));
}
/// <summary>
/// 插入权限
/// </summary>
/// <returns></returns>
public void Add(Sys_Right model)
{
_rightDB.Add(model);
}
public JsonResult SaveRight(int rightID, string rightName, string rightDesc, int rightType, string rightPath,
int parentRight, int?showOrder, string moduleName)
{
try
{
if (rightBL.Exists(rightName, rightID))
{
return(Json(new
{
result = 0,
content = "权限名称重复!"
}, JsonRequestBehavior.AllowGet));
}
var right = AllRights.Find(p => p.RightId == rightID);
if (right == null)
{
//新增
right = new Sys_Right
{
RightName = rightName,
RightDesc = rightDesc,
RightType = rightType,
Path = rightPath,
ParentId = parentRight,
ShowOrder = showOrder,
ModuleName = moduleName
};
rightBL.Add(right);
lock (lockobj)
{
AllRights.Add(right);
}
}
else
{
right.RightName = rightName;
right.RightDesc = rightDesc;
right.RightType = rightType;
right.Path = rightPath;
right.ShowOrder = showOrder;
right.ModuleName = moduleName;
//修改前的判断
if (right.RightId == parentRight)
{
return(Json(new
{
result = 0,
content = "上级权限不能为本身!"
}, JsonRequestBehavior.AllowGet));
}
var childs = new List <int>();
GetChildRights(right.RightId, childs);
if (childs.IndexOf(parentRight) >= 0)
{
return(Json(new
{
result = 0,
content = "上级权限也不能为本身的子权限!"
}, JsonRequestBehavior.AllowGet));
}
right.ParentId = parentRight;
rightBL.Update(right);
lock (lockobj)
{
AllRights.Remove(AllRights.Find(p => p.RightId == rightID));
AllRights.Add(right);
}
}
return(Json(new
{
result = 1,
content = "保存成功"
}, JsonRequestBehavior.AllowGet));
}
catch
{
return(Json(new
{
result = 0,
content = "保存失败"
}, JsonRequestBehavior.AllowGet));
}
}
/// <summary>
/// Update into Database
/// </summary>
public void Update(Sys_Menu_Entry menu, int roleId)
{
const string METHOD_NAME = THIS + ".Delete()";
try
{
using (var trans = new TransactionScope())
{
PCSDataContext dataContext = new PCSDataContext(Utils.Instance.ConnectionString);
var current = dataContext.Sys_Menu_Entries.SingleOrDefault(m => m.Menu_EntryID == menu.Menu_EntryID);
if (current != null)
{
current.Button_Caption = menu.Button_Caption;
current.CollapsedImage = menu.CollapsedImage;
current.Description = menu.Description;
current.ExpandedImage = menu.ExpandedImage;
current.FormLoad = menu.FormLoad;
current.IsTransaction = menu.IsTransaction;
current.IsUserCreated = menu.IsUserCreated;
current.Parent_Child = menu.Parent_Child;
current.Parent_Shortcut = menu.Parent_Shortcut;
current.Prefix = menu.Prefix;
current.ReportID = menu.ReportID;
current.Shortcut = menu.Shortcut;
current.TableName = menu.TableName;
current.Text_Caption_EN_US = menu.Text_Caption_EN_US;
current.Text_Caption_JA_JP = menu.Text_Caption_JA_JP;
current.Text_Caption_VI_VN = menu.Text_Caption_VI_VN;
current.Text_Caption_Language_Default = menu.Text_Caption_Language_Default;
current.Text_CaptionDefault = menu.Text_CaptionDefault;
current.TransFormat = menu.TransFormat;
current.TransNoFieldName = menu.TransNoFieldName;
current.Type = menu.Type;
}
else
{
dataContext.Sys_Menu_Entries.InsertOnSubmit(menu);
// create right for new menu
var right = new Sys_Right
{
Menu_EntryID = menu.Menu_EntryID,
Permission = 1,
RoleID = roleId
};
dataContext.Sys_Rights.InsertOnSubmit(right);
}
dataContext.SubmitChanges();
trans.Complete();
}
}
catch (SqlException ex)
{
if (ex.Errors.Count > 1)
{
if (ex.Number == ErrorCode.SQLDUPLICATE_UNIQUE_KEYCODE)
{
throw new PCSDBException(ErrorCode.DUPLICATE_KEY, METHOD_NAME, ex);
}
throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex);
}
throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex);
}
}
