//
// 授予授权范围的实现部分
//
#region private string GrantRole(BasePermissionScopeManager manager, string id, string userId, string grantRoleId) 为了提高授权的运行速度
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="manager">权限范围管理器</param>
/// <param name="systemCode">系统编号</param>
/// <param name="userId">用户主键</param>
/// <param name="grantRoleId">权限主键</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>主键</returns>
private string GrantRole(BasePermissionScopeManager manager, string systemCode, string userId, string grantRoleId, string permissionCode)
{
var result = string.Empty;
var permissionId = new BaseModuleManager().GetIdByCodeByCache(systemCode, permissionCode);
if (!string.IsNullOrEmpty(permissionId))
{
// 对应哪个角色
var roleTableName = systemCode + "Role";
var entity = new BasePermissionScopeEntity
{
PermissionId = permissionId.ToInt(),
ResourceCategory = BaseUserEntity.CurrentTableName,
ResourceId = userId.ToInt(),
TargetCategory = roleTableName,
TargetId = grantRoleId.ToInt(),
Enabled = 1,
Deleted = 0
};
result = manager.Add(entity, true, false);
}
return(result);
}
//
// 授予授权范围的实现部分
//
#region private string GrantModule(BasePermissionScopeManager manager, string id, string userId, string grantModuleId) 为了提高授权的运行速度
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="permissionScopeManager">权限域读写器</param>
/// <param name="systemCode">系统编码</param>
/// <param name="userId">用户主键</param>
/// <param name="grantModuleId">权限主键</param>
/// <param name="permissionCode">权限编号</param>
/// <returns>主键</returns>
private string GrantModule(BasePermissionScopeManager permissionScopeManager, string systemCode, string userId, string grantModuleId, string permissionCode)
{
var result = string.Empty;
var resourcePermissionScopeEntity = new BasePermissionScopeEntity();
var permissionId = new BaseModuleManager().GetIdByCodeByCache(systemCode, permissionCode);
if (string.IsNullOrEmpty(permissionId))
{
return(string.Empty);
}
resourcePermissionScopeEntity.PermissionId = permissionId.ToInt();
resourcePermissionScopeEntity.ResourceCategory = BaseUserEntity.CurrentTableName;
resourcePermissionScopeEntity.ResourceId = userId.ToInt();
resourcePermissionScopeEntity.TargetCategory = BaseModuleEntity.CurrentTableName;
resourcePermissionScopeEntity.TargetId = grantModuleId.ToInt();
resourcePermissionScopeEntity.Enabled = 1;
resourcePermissionScopeEntity.Deleted = 0;
return(permissionScopeManager.Add(resourcePermissionScopeEntity));
}
/// <summary>
/// 为了提高授权的运行速度
/// </summary>
/// <param name="manager">权限域读写器</param>
/// <param name="systemCode">系统编码</param>
/// <param name="userId">用户主键</param>
/// <param name="grantOrganizationId">权组织机构限主键</param>
/// <param name="permissionCode">权限编号</param>
/// <param name="containChild"></param>
/// <returns>主键</returns>
private string GrantOrganization(BasePermissionScopeManager manager, string systemCode, string userId, string grantOrganizationId, string permissionCode = "Resource.AccessPermission", bool containChild = false)
{
var result = string.Empty;
var permissionId = new BaseModuleManager().GetIdByCodeByCache(systemCode, permissionCode);
if (!string.IsNullOrEmpty(permissionId))
{
var parameters = new List <KeyValuePair <string, object> >
{
new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseUserEntity.CurrentTableName),
new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, userId),
new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseOrganizationEntity.CurrentTableName),
new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, grantOrganizationId),
new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionId, permissionId)
};
// Nick Deng 优化数据权限设置,没有权限和其他任意一种权限互斥
// 即当没有权限时,该用户对应该数据权限的其他权限都应删除
// 当该用户拥有对应该数据权限的其他权限时,删除该用户的没有权限的权限
result = manager.GetId(parameters);
if (!string.IsNullOrEmpty(result))
{
manager.SetProperty(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldId, result), new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldContainChild, containChild ? 1 : 0));
}
else
{
var entity = new BasePermissionScopeEntity
{
PermissionId = permissionId.ToInt(),
ResourceCategory = BaseUserEntity.CurrentTableName,
ResourceId = userId.ToInt(),
TargetCategory = BaseOrganizationEntity.CurrentTableName,
TargetId = grantOrganizationId.ToInt(),
ContainChild = containChild ? 1 : 0,
Enabled = 1,
Deleted = 0
};
result = manager.Add(entity);
}
}
return(result);
}
