/// <summary> /// Gets all views allowed by a specified user /// Note: A view is allowed to a user if and only if: /// 1. USR_ACCESS.UACC_ALLOWED is 1 for the view and user /// OR /// 2a. USR_ACCESS.UACC_ALLOWED is null for the view and user /// AND /// 2b. ROL_ACCESS.RACC_ALLOWED is 1 for the view and user's role /// </summary> /// <param name="userid">Id of the user</param> /// <returns>DataTable with ONLY one column (VIE_ID) with all views allowed by the user</returns> public static DataTable GetViewsAllowedByUser(int userid) { CmpSecurityDB cdb = new CmpSecurityDB(); CmpUsuarioDB udb = new CmpUsuarioDB(); // STEP 1: Get the role of the user int roleid = udb.GetUserRole(userid); // STEP 2: Get all the views associated by the role DataTable dtViewsByRole = cdb.GetViewsByRole(roleid); // STEP 3: Get all views associated by the user DataTable dtViewsAllowedByUser = cdb.GetViewsByUser(userid, true); // STEP 4: Get all views denied by the user DataTable dtViewsDeniedByUser = cdb.GetViewsByUser(userid, false); // STEP 5: Join all the current info in a new DataTable and return it... DataTable dtRet = new DataTable("ViewsByUser"); dtRet.Columns.Add(new DataColumn("VIE_ID", Type.GetType("System.Int32"))); dtRet.Columns.Add(new DataColumn("VIE_LIT_ID", Type.GetType("System.Int32"))); // 5.1 All views allowed by user are allowed foreach (DataRow dr in dtViewsAllowedByUser.Rows) { DataRow nrow = dtRet.NewRow(); nrow["VIE_ID"] = dr["UACC_VIE_ID"]; nrow["VIE_LIT_ID"] = dr["VIE_LIT_ID"]; dtRet.Rows.Add(nrow); } // 5.2 All views allowed by role AND not denied by user are also added foreach (DataRow dr in dtViewsByRole.Rows) { string vieid = dr["RACC_VIE_ID"].ToString(); DataRow[] draSelected = dtViewsDeniedByUser.Select("UACC_VIE_ID = " + vieid); if (draSelected != null && draSelected.Length > 0) { // 5.2.1 The view was not denied by the user... DataRow[] draSelected2 = dtRet.Select("VIE_ID = " + vieid); if (draSelected2 != null && draSelected2.Length > 0) { // 5.2.2 ... and was not previously added in dtRet, so we can add it DataRow nrow = dtRet.NewRow(); nrow["VIE_ID"] = dr["RACC_VIE_ID"]; nrow["VIE_LIT_ID"] = dr["VIE_LIT_ID"]; dtRet.Rows.Add(nrow); } } } dtRet.AcceptChanges(); return(dtRet); }
/// <summary> /// Creates a new CmpUsuario with the info of a specified user /// The user MUST exist in the database /// </summary> /// <param name="usrId"></param> public CmpUsuario(int usrId) { DataTable dt = new CmpUsuarioDB().GetData(null, "USERS.USR_ID = @USERS.USR_ID@", null, new object[] { usrId }); if (dt.Rows.Count == 1) { DataRow dr = dt.Rows[0]; _id = Convert.ToInt32(dr["USR_ID"]); _nombre = dr["USR_NAME"].ToString(); _apellido1 = dr["USR_SURNAME1"].ToString(); _apellido2 = dr["USR_SURNAME2"].ToString(); _login = dr["USR_LOGIN"].ToString(); _lanid = Convert.ToInt32(dr["USR_LAN_ID"]); _rol = Convert.ToInt32(dr["USR_ROL_ID"]); } else { throw new System.Exception("CmpUsuario::<ctor>: Not found USER with login: " + usrId); } }
public static bool GetUserData(string login, out CmpUsuario usr) { CmpUsuarioDB udb = new CmpUsuarioDB(); DataSet ds = udb.GetUserData(login); DataTable dt = ds.Tables[0]; usr = null; if (dt.Rows.Count == 0) { return(false); // User not found, so login or password is incorrect! } usr = new CmpUsuario(); usr._id = Convert.ToInt32(dt.Rows[0]["USR_ID"]); usr._login = dt.Rows[0]["USR_LOGIN"].ToString(); usr._nombre = dt.Rows[0]["USR_NAME"].ToString(); usr._apellido1 = dt.Rows[0]["USR_SURNAME1"].ToString(); usr._rol = Convert.ToInt32(dt.Rows[0]["USR_ROL_ID"]); usr._password = dt.Rows[0]["USR_PASSWORD"].ToString(); usr._lanid = Convert.ToInt32(dt.Rows[0]["USR_LAN_ID"]); return(true); }