/// <summary>
/// 添加用户对应的角色
/// </summary>
/// <param name="model"></param>
/// <returns></returns>
public bool Add(URrelation model)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("insert into OA_URrelation(");
strSql.Append("ID,UserID,RoleID)");
strSql.Append(" values (");
strSql.Append("@ID,@UserID,@RoleID)");
SqlParameter[] parameters =
{
new SqlParameter("@ID", SqlDbType.VarChar, 36),
new SqlParameter("@UserID", SqlDbType.VarChar, 36),
new SqlParameter("@RoleID", SqlDbType.VarChar, 36)
};
parameters[0].Value = model.ID;
parameters[1].Value = model.UserID;
parameters[2].Value = model.RoleID;
int rows = DBAccess.ExecuteNonQuery(DB.Type, DB.ConnectionString, CommandType.Text, strSql.ToString(), parameters);
if (rows > 0)
{
return(true);
}
else
{
return(false);
}
}
/// <summary>
/// 检查密码是否正确
/// </summary>
private void GetModelByCodeAndPwd()
{
string userCode = txtID.Value.Trim();
string userPwd = security.Encrypt(txtPwd.Value.Trim(), security.se_yaoshi);
if (userBll.CheckUserCodeAndPwd(userCode, userPwd) > 0)
{
UserInfo info = userBll.GetModelOfUserByUserCodeAndPwd(userCode, userPwd);
Session["UserID"] = info.UserID;
Session["UserCode"] = info.UserCode;
Session["UserName"] = info.UserName;
Session["UserPwd"] = info.UserPwd;
URrelation relation = urRelationBll.GetModelOfURrelationByUserID(info.UserID.Trim());
if (relation != null)
{
Session["RoleID"] = relation.RoleID;
}
//if (info1.RoleCode == 4 || info1.RoleCode == 6)
//{
// Session["SaleHallCode"] = Convert.ToString(info1.SaleHallCode);
//}
//else
//{
// Session["SaleHallCode"] = 0;
//}
Response.Redirect("frmMain.htm");
}
else
{
//连续输入错误密码时
//if (Session["User"] == null)
//{
// Session["User"] = txtUserName.Text;
//}
//else
//{
// if (Session["User"].ToString() == txtUserName.Text)
// {
// int Lock = Convert.ToInt32(Session["LoginCount"].ToString());
// Lock += 1;
// if (Lock == 3)
// {
// int affect = lockBLL.ModifyLockCodeByUserName(txtUserName.Text);
// Response.Write(CommonClass.MessageBox("你已经连续输入三次错误密码!"));
// Session["LoginCount"] = "1";
// return;
// }
// Session["LoginCount"] = Convert.ToString(Lock);
// }
// else
// {
// Session["User"] = txtUserName.Text;
// Session["LoginCount"] = "1";
// }
//}
Response.Write("<script>alert('你输入的秘密错误!')</script>");
}
}
/// <summary>
/// 修改用户
/// </summary>
/// <param name="model"></param>
/// <returns></returns>
public bool Update(UserInfo model)
{
URrelationDAL urDal = new URrelationDAL();
StringBuilder strSql = new StringBuilder();
strSql.Append("update OA_User set ");
strSql.Append("UserCode=@UserCode,");
strSql.Append("UserName=@UserName,");
strSql.Append("UserState=@UserState,");
strSql.Append("DeptID=@DeptID,");
strSql.Append("Operator=@Operator");
strSql.Append(" where UserID=@UserID ");
SqlParameter[] parameters =
{
new SqlParameter("@UserCode", SqlDbType.NVarChar, 20),
new SqlParameter("@UserName", SqlDbType.VarChar, 20),
new SqlParameter("@UserState", SqlDbType.Char, 1),
new SqlParameter("@DeptID", SqlDbType.VarChar, 36),
new SqlParameter("@Operator", SqlDbType.NVarChar, 30),
new SqlParameter("@UserID", SqlDbType.VarChar, 36)
};
parameters[0].Value = model.UserCode;
parameters[1].Value = model.UserName;
parameters[2].Value = model.UserState;
parameters[3].Value = model.DeptID;
parameters[4].Value = model.Operator;
parameters[5].Value = model.UserID;
IDbTransaction transaction = DBAccess.BeginDbTransaction(DB.Type, DB.ConnectionString);
try
{
int rows = DBAccess.ExecuteNonQuery(DB.Type, DB.ConnectionString, CommandType.Text, strSql.ToString(), parameters);
if (rows > 0)
{
urDal.Delete(model.UserID);
URrelation ur = new URrelation();
ur.ID = System.Guid.NewGuid().ToString();
ur.UserID = model.UserID;
ur.RoleID = model.RoleID;
urDal.Add(ur);
transaction.Commit();
return(true);
}
else
{
return(false);
}
}
catch
{
transaction.Rollback();
}
return(false);
}
/// <summary>
/// 根据用户ID获取角色ID
/// </summary>
/// <param name="UserID"></param>
/// <returns></returns>
public URrelation GetModelOfURrelationByUserID(string UserID)
{
StringBuilder strSql = new StringBuilder();
strSql.AppendFormat(" select * from OA_URrelation ");
strSql.AppendFormat(" where UserID='{0}' ", UserID);
URrelation urRelation = new URrelation();
DataSet ds = DBAccess.ExecuteDataset(DB.Type, DB.ConnectionString, CommandType.Text, strSql.ToString(), null);
if (ds.Tables[0].Rows.Count > 0)
{
urRelation.ID = ds.Tables[0].Rows[0]["ID"].ToString();
urRelation.UserID = ds.Tables[0].Rows[0]["UserID"].ToString();
urRelation.RoleID = ds.Tables[0].Rows[0]["RoleID"].ToString();
return(urRelation);
}
else
{
return(null);
}
}
/// <summary>
/// 新增
/// </summary>
/// <param name="model">用户实体类</param>
/// <returns>用户ID</returns>
public bool Add(OA.Model.UserInfo userInfo)
{
URrelationDAL urDal = new URrelationDAL();
StringBuilder strSql = new StringBuilder();
strSql.Append("insert into OA_User(");
strSql.Append("UserID,UserCode,UserName,UserPwd,UserState,CreateTime,CreateUserID,DeptID,Operator)");
strSql.Append(" values (");
strSql.Append("@UserID,@UserCode,@UserName,@UserPwd,@UserState,@CreateTime,@CreateUserID,@DeptID,@Operator)");
SqlParameter[] parameters =
{
new SqlParameter("@UserID", SqlDbType.VarChar, 36),
new SqlParameter("@UserCode", SqlDbType.NVarChar, 20),
new SqlParameter("@UserName", SqlDbType.VarChar, 20),
new SqlParameter("@UserPwd", SqlDbType.VarChar, 36),
new SqlParameter("@UserState", SqlDbType.Char, 1),
new SqlParameter("@CreateTime", SqlDbType.DateTime),
new SqlParameter("@CreateUserID", SqlDbType.VarChar, 36),
new SqlParameter("@DeptID", SqlDbType.VarChar, 36),
new SqlParameter("@Operator", SqlDbType.NVarChar, 30)
};
parameters[0].Value = userInfo.UserID;
parameters[1].Value = userInfo.UserCode;
parameters[2].Value = userInfo.UserName;
parameters[3].Value = userInfo.UserPwd;
parameters[4].Value = userInfo.UserState;
parameters[5].Value = userInfo.CreateTime;
parameters[6].Value = userInfo.CreateUserID;
parameters[7].Value = userInfo.DeptID;
parameters[8].Value = userInfo.Operator;
IDbTransaction transaction = DBAccess.BeginDbTransaction(DB.Type, DB.ConnectionString);
try
{
int obj = DBAccess.ExecuteNonQuery(DB.Type, DB.ConnectionString, CommandType.Text, strSql.ToString(), parameters);
if (obj > 0)
{
urDal.Delete(userInfo.UserID);
URrelation ur = new URrelation();
ur.ID = System.Guid.NewGuid().ToString();
ur.UserID = userInfo.UserID;
ur.RoleID = userInfo.RoleID;
urDal.Add(ur);
transaction.Commit();
return(true);
}
else
{
return(false);
}
}
catch
{
transaction.Rollback();
}
return(false);
}