/// <summary>
/// 获得用户有访问权限的模块
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <returns>数据表</returns>
public DataTable GetModuleDTByUser(BaseUserInfo userInfo, string userId)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
DataTable dataTable = new DataTable(BaseModuleEntity.TableName);
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
string tableName = BaseModuleEntity.TableName;
if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
{
tableName = BaseSystemInfo.SystemCode + "Module";
}
BaseModuleManager moduleManager = new BaseModuleManager(dbHelper, userInfo, tableName);
if (userInfo.IsAdministrator)
{
List<KeyValuePair<string, object>> parameters = new List<KeyValuePair<string, object>>();
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldEnabled, 1));
parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldDeletionStateCode, 0));
// 有效的,未被删除的显示出来
dataTable = moduleManager.GetDataTable(parameters, BaseModuleEntity.FieldSortCode);
}
else
{
dataTable = moduleManager.GetDataTableByUser(userId);
}
// 若不是员工,有些菜单可以去掉的功能,加在这里
if (string.IsNullOrEmpty(userInfo.StaffId))
{
BaseBusinessLogic.Delete(dataTable, BaseModuleEntity.FieldCode, "FrmStaffAddressEdit");
dataTable.AcceptChanges();
}
dataTable.TableName = BaseModuleEntity.TableName;
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_GetModuleDTByUser, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return dataTable;
}
/// <summary>
/// 某个用户是否对某个模块有相应的权限
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <param name="moduleCode">模块编号</param>
/// <returns>是否有权限</returns>
public bool IsModuleAuthorizedByUser(BaseUserInfo userInfo, string userId, string moduleCode)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
bool returnValue = false;
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
// 是否超级管理员
BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo);
if (userManager.IsAdministrator(userId))
{
return true;
}
else
{
BaseModuleManager moduleManager = new BaseModuleManager(dbHelper, userInfo);
DataTable dataTable = moduleManager.GetDataTableByUser(userId);
foreach (DataRow dataRow in dataTable.Rows)
{
if (dataRow[BaseModuleEntity.FieldCode].ToString().Equals(moduleCode))
{
returnValue = true;
break;
}
}
}
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_IsModuleAuthorizedByUser, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return returnValue;
}