Пример #1
0
        /// <summary>
        /// 查询是否有权限
        /// </summary>
        /// <param name="TabID">菜单ID</param>
        /// <param name="RoleID">角色ID</param>
        /// <param name="PermissionKey">权限Key(全部为大写 如添加为ADD,修改为UPDATE,删除为DELETE,查看为VIEW)</param>
        /// <returns></returns>
        public bool GetPermission(int TabID, int RoleID, string PermissionKey)
        {
            string sql = "select * from TabPermission where PermissionID in(" +
                         "select PermissionID from Permission where PermissionKey=@PermissionKey and PermissionCode='SYSTEM_TAB'" +
                         ") and roleid=@RoleID and (TabID=@TabID or TabID=0)";
            bool b = false;

            try
            {
                SqlParameter[] paras = new SqlParameter[] {
                    new SqlParameter("@TabID", SqlDbType.Int),
                    new SqlParameter("@RoleID", SqlDbType.Int),
                    new SqlParameter("@PermissionKey", SqlDbType.VarChar, 50),
                };
                paras[0].Value = TabID;
                paras[1].Value = RoleID;
                paras[2].Value = PermissionKey;

                using (SqlDataReader dr = SQLHelper.DataReader(Config.SqlConnection, sql, CommandType.Text, paras))
                {
                    if (dr.Read())
                    {
                        b = true;
                    }
                }
            }
            catch
            { }
            return(b);
        }
Пример #2
0
 public List <int> GetTabIDsByTabKey(string TabKey)
 {
     if (TabKey != null && TabKey.Length > 0)
     {
         List <int> list = new List <int>();
         string     sql  = "SELECT TabID FROM Tabs WHERE TabKey=@TabKey";
         try
         {
             SqlParameter[] paras = new SqlParameter[] {
                 new SqlParameter("@TabKey", SqlDbType.VarChar, 50),
             };
             paras[0].Value = TabKey;
             //object obj = new SqlDbHelper().ExecuteScalar(sql, CommandType.Text, paras);
             //return Convert.ToInt32(obj);
             using (SqlDataReader dr = SQLHelper.DataReader(Config.SqlConnection, sql, CommandType.Text, paras))
             {
                 while (dr.Read())
                 {
                     list.Add(dr["TabID"] != DBNull.Value ? Convert.ToInt32(dr["TabID"]) : 0);
                 }
             }
         }
         catch { }
         return(list);
     }
     return(null);
 }
Пример #3
0
 /// <summary>
 /// 用户登录
 /// </summary>
 /// <param name="UserName"></param>
 /// <param name="PassWord"></param>
 /// <returns></returns>
 public Model.UserInfo Login(string UserName, string PassWord)
 {
     try
     {
         string         sql       = "select * from users where username=@UserName and PassWord=@PassWord";
         SqlParameter[] parameter = new SqlParameter[] {
             new SqlParameter("@UserName", SqlDbType.NVarChar, 100),
             new SqlParameter("@PassWord", SqlDbType.NVarChar, 50),
         };
         parameter[0].Value = UserName;
         parameter[1].Value = PassWord;
         Model.UserInfo info = new Model.UserInfo();
         using (SqlDataReader dr = SQLHelper.DataReader(Config.SqlConnection, sql, CommandType.Text, parameter))
         {
             if (dr.Read())
             {
                 //info = GetInfoByDr(dr);
                 info = BS.Components.Data.Entity.EntityHelper.GetDataReaderObject <UserInfo>("*", dr);
             }
         }
         return(info);
     }
     catch { }
     return(null);
 }