protected void dsMain_Selecting(object sender, ObjectDataSourceSelectingEventArgs e)
{
if (e.ExecutingSelectCount == false)
{
string where = "1=1";
if (MostSupervisor == false || NormalSupervisior == false)
{
ConnectiveSqlClauseCollection cscc = WfAclAdapter.Instance.GetAclQueryConditionsByUser(DeluxeIdentity.CurrentUser.ID);
string resourceIDList = "SELECT RESOURCE_ID FROM WF.ACL WHERE " + cscc.ToSqlString(TSqlBuilder.Instance);
where = "ACI.RESOURCE_ID IN (" + resourceIDList + ")";
//检查是否具有分类授权
WfApplicationAuthCollection authInfo = WfApplicationAuthAdapter.Instance.GetUserApplicationAuthInfo(DeluxeIdentity.Current.User);
var builder = authInfo.GetApplicationAndProgramBuilder("APPLICATION_NAME", "PROGRAM_NAME");
if (builder.IsEmpty == false)
{
where = "(" + where + " OR (" + builder.ToSqlString(TSqlBuilder.Instance) + "))";
}
}
string fullText = GetFullTextParameter(Request.QueryString["query"]);
if (fullText != null)
{
where += " AND CONTAINS(ACI.*," + fullText + ")";
}
e.InputParameters["where"] = where;
}
}
protected void objectDataSource_Selecting(object sender, ObjectDataSourceSelectingEventArgs e)
{
e.InputParameters["totalCount"] = LastQueryRowCount;
if (e.ExecutingSelectCount == false)
{
string where = e.InputParameters["where"] as string;
if (MostSupervisor == false || NormalSupervisior == false)
{
//检查是否具有分类授权
WfApplicationAuthCollection authInfo = WfApplicationAuthAdapter.Instance.GetUserApplicationAuthInfo(DeluxeIdentity.Current.User);
var builder = authInfo.GetApplicationAndProgramBuilder("APPLICATION_NAME", "PROGRAM_NAME");
if (builder.IsEmpty == false)
{
if (string.IsNullOrEmpty(where) == false)
{
where += " AND ";
}
where += "(" + builder.ToSqlString(TSqlBuilder.Instance) + ")";
e.InputParameters["where"] = where;
}
else
{
e.Cancel = true; //没有定义任何权限,不能查询
}
}
}
}
public string GetFilterByQuery(QueryCondition qc)
{
if (string.IsNullOrEmpty(qc.WhereClause))
{
qc.WhereClause = "1 = 1";
}
var addition = string.IsNullOrEmpty(qc.WhereClause) ? "1 = 1" : qc.WhereClause;
if (RolesDefineConfig.GetConfig().IsCurrentUserInRoles("ProcessAdmin", "AdminFormQuery", "WorkflowQueryAdmin") == false)
{
ConnectiveSqlClauseCollection cscc = WfAclAdapter.Instance.GetAclQueryConditionsByUser(DeluxeIdentity.CurrentUser.ID);
string condition = "RESOURCE_ID IN (SELECT RESOURCE_ID FROM WF.ACL WHERE " + cscc.ToSqlString(TSqlBuilder.Instance) + ")";
//检查是否具有分类授权
WfApplicationAuthCollection authInfo = WfApplicationAuthAdapter.Instance.GetUserApplicationAuthInfo(DeluxeIdentity.Current.User);
var cateCondition = authInfo.GetApplicationAndProgramBuilder("APPLICATION_NAME", "PROGRAM_NAME_MCS").ToSqlString(TSqlBuilder.Instance);
if (string.IsNullOrEmpty(cateCondition) == false)
{
condition = "(" + condition + " OR " + cateCondition + ")";
}
addition += " AND " + condition;
qc.WhereClause = addition;
}
return(qc.WhereClause);
}
public void LoadUserApplicationAuthInfo()
{
IUser testUser = (IUser)OguObjectSettings.GetConfig().Objects["admin"].Object;
WfApplicationAuthCollection authInfo = WfApplicationAuthAdapter.Instance.LoadUserApplicationAuthInfo(testUser);
Console.WriteLine(authInfo.Count);
}
public void AppProgramWhereBuilderTest()
{
WfApplicationAuthCollection auth = new WfApplicationAuthCollection();
auth.Add(PrepareData("秘书服务", "部门通知"));
auth.Add(PrepareData("秘书服务", "集团通知"));
string sql = auth.GetApplicationAndProgramBuilder("APPLICATION_NAME", "PROGRAM_NAME").ToSqlString(TSqlBuilder.Instance);
Console.WriteLine(sql);
Assert.IsTrue(sql.IndexOf("(APPLICATION_NAME = N'秘书服务' AND PROGRAM_NAME = N'部门通知') OR (APPLICATION_NAME = N'秘书服务' AND PROGRAM_NAME = N'集团通知')") >= 0);
Assert.IsTrue(sql.IndexOf("TENANT_CODE") >= 0);
}
public void AppProgramWhereBuilderTest()
{
WfApplicationAuthCollection auth = new WfApplicationAuthCollection();
auth.Add(PrepareData("秘书服务", "部门通知"));
auth.Add(PrepareData("秘书服务", "集团通知"));
string sql = auth.GetApplicationAndProgramBuilder("APPLICATION_NAME", "PROGRAM_NAME").ToSqlString(TSqlBuilder.Instance);
Console.WriteLine(sql);
Assert.IsTrue(sql.IndexOf("(APPLICATION_NAME = N'秘书服务' AND PROGRAM_NAME = N'部门通知') OR (APPLICATION_NAME = N'秘书服务' AND PROGRAM_NAME = N'集团通知')") >= 0);
Assert.IsTrue(sql.IndexOf("TENANT_CODE") >= 0);
}
protected void ObjectDataSourceSelecting(object sender, ObjectDataSourceSelectingEventArgs e)
{
if (e.ExecutingSelectCount == false)
{
e.InputParameters["authType"] = (WfApplicationAuthType)int.Parse(this.rdoList.SelectedValue);
if (views.ActiveViewIndex == 1)
{
if (string.IsNullOrEmpty(this.lastUser.Value))
{
e.Cancel = true;
}
else
{
e.InputParameters["appName"] = null;
e.InputParameters["programName"] = null;
e.InputParameters["authType"] = WfApplicationAuthType.None;
WfApplicationAuthCollection authInfo = WfApplicationAuthAdapter.Instance.GetUserApplicationAuthInfo(new OguUser(lastUser.Value));
string condition = "1=2";
if (authInfo.Count > 0)
{
ConnectiveSqlClauseCollection allMatch = new ConnectiveSqlClauseCollection(LogicOperatorDefine.Or);
foreach (var item in authInfo)
{
WhereSqlClauseBuilder where = new WhereSqlClauseBuilder();
where.AppendItem("APPLICATION_NAME", item.ApplicationName);
where.AppendItem("PROGRAM_NAME", item.ProgramName);
where.AppendItem("AUTH_TYPE", item.AuthType);
allMatch.Add(where);
}
condition = allMatch.ToSqlString(TSqlBuilder.Instance);
}
else
{
e.Cancel = true;
}
e.InputParameters["where"] = condition;
}
}
}
}
private static string GetCurrentUserAppAuthInfoScript()
{
string isAdmin = "false";
string appAuthInfo = "[]";
if (DeluxePrincipal.IsAuthenticated)
{
if (RolesDefineConfig.GetConfig().IsCurrentUserInRoles(DeluxeIdentity.CurrentUser, "ProcessAdmin"))
{
isAdmin = "true";
}
WfApplicationAuthCollection authInfo = WfApplicationAuthAdapter.Instance.GetUserApplicationAuthInfo(DeluxeIdentity.CurrentUser);
appAuthInfo = JSONSerializerExecute.Serialize(authInfo);
}
string script = ResourceHelper.LoadStringFromResource(Assembly.GetExecutingAssembly(), "MCS.Web.WebControls.Workflow.Abstract.currentUserPermissions.js");
script = script.Replace("$_currentUserIsAdmin$", isAdmin);
script = script.Replace("$_currentUserAppAuthInfoString$", appAuthInfo);
return(script);
}
