/// <summary> /// 根據登錄系統的用戶查詢該用戶下能管理的角色所擁有的權限 EMP_LEVEL=9 會帶出所有角色, EMP_LEVEL=1 只能帶出本部門角色 EMP_LEVEL=0 無權限管理角色 /// </summary> public void SelectRolePrivilegeByUserID(Newtonsoft.Json.Linq.JObject requestValue, Newtonsoft.Json.Linq.JObject Data, MESStationReturn StationReturn) { OleExec sfcdb = null; T_C_ROLE_PRIVILEGE RolePrivilege; List <c_role_privilegeinfo> RolePrivilegeList; // string USER_ID = Data["USER_ID"].ToString(); String LEVEL_FLAG = LoginUser.EMP_LEVEL; if (LEVEL_FLAG == "0") { StationReturn.Status = StationReturnStatusValue.Pass; StationReturn.Message = "該用戶無權限管理角色"; return; } try { sfcdb = this.DBPools["SFCDB"].Borrow(); RolePrivilege = new T_C_ROLE_PRIVILEGE(sfcdb, DBTYPE); RolePrivilegeList = RolePrivilege.QueryRolePrivilegeByUserID(LEVEL_FLAG, this.LoginUser.BU, this.LoginUser.FACTORY, this.LoginUser.DPT_NAME, sfcdb); StationReturn.Status = StationReturnStatusValue.Pass; StationReturn.Message = "獲取成功"; StationReturn.Data = RolePrivilegeList; this.DBPools["SFCDB"].Return(sfcdb); } catch (Exception e) { sfcdb.RollbackTrain(); this.DBPools["SFCDB"].Return(sfcdb); throw e; } }
public static void InputEmpPrivchecker(MESStation.BaseClass.MESStationBase Station, MESStation.BaseClass.MESStationInput Input, List <R_Station_Action_Para> Paras) { if (Paras.Count == 0) { throw new Exception("參數數量不正確!"); } MESStationSession EMP_NOLoadPoint = Station.StationSession.Find(t => t.MESDataType == Paras[0].SESSION_TYPE && t.SessionKey == Paras[0].SESSION_KEY); if (EMP_NOLoadPoint == null) { EMP_NOLoadPoint = new MESStationSession() { MESDataType = "INPUTEMP", InputValue = Input.Value.ToString(), SessionKey = "1", ResetInput = Input }; Station.StationSession.Add(EMP_NOLoadPoint); } bool bPrivilege = false; string empNo = Input.Value.ToString(); //T_c_user cUser = new T_c_user(Station.SFCDB, DB_TYPE_ENUM.Oracle); //Row_c_user rUser = cUser.getC_Userbyempno(empNo, Station.SFCDB, DB_TYPE_ENUM.Oracle); T_c_user_role cUserRole = new T_c_user_role(Station.SFCDB, DB_TYPE_ENUM.Oracle); List <get_c_roleid> roleList = cUserRole.GetRoleID(empNo, Station.SFCDB); List <string> listRoleID = new List <string>(); foreach (var item in roleList) { listRoleID.Add(item.ROLE_ID); } T_C_ROLE_PRIVILEGE tRolePrivilege = new T_C_ROLE_PRIVILEGE(Station.SFCDB, DB_TYPE_ENUM.Oracle); List <c_role_privilegeinfobyemp> privilegeList = new List <c_role_privilegeinfobyemp>(); foreach (string item in listRoleID) { List <c_role_privilegeinfobyemp> tempList = tRolePrivilege.QueryRolePrivilege(item, Station.SFCDB); privilegeList.AddRange(tempList); } EMP_NOLoadPoint.Value = privilegeList; foreach (var item in privilegeList) { if (item.PRIVILEGE_NAME == Station.DisplayName) { bPrivilege = true; } } if (bPrivilege) { Station.AddMessage("MES00000001", new string[] { }, MESReturnView.Station.StationMessageState.Pass); } else { throw new Exception("no privilege"); } }
/// <summary> /// 刪除角色ID信息刪除C_ROLE表,C_ROLE_PRIVILEGE ,C_USER_ROLE /// </summary> public void DeleteRole(Newtonsoft.Json.Linq.JObject requestValue, Newtonsoft.Json.Linq.JObject Data, MESStationReturn StationReturn) { OleExec sfcdb = null; string DeleteSql = ""; string strid = ""; T_C_ROLE GetRoleInformation; T_C_ROLE_PRIVILEGE GetRolePrivilegeInfo; try { sfcdb = this.DBPools["SFCDB"].Borrow(); sfcdb.BeginTrain(); GetRoleInformation = new T_C_ROLE(sfcdb, DBTYPE); GetRolePrivilegeInfo = new T_C_ROLE_PRIVILEGE(sfcdb, DBTYPE); foreach (string item in Data["ID"]) { strid = item.Trim('\'').Trim('\"'); if (GetRoleInformation.CheckRole(strid, sfcdb)) { Row_C_ROLE row = (Row_C_ROLE)GetRoleInformation.GetObjByID(strid, sfcdb); DeleteSql += row.GetDeleteString(DBTYPE) + ";\n"; if (!GetRolePrivilegeInfo.CheckRolePrivilege(strid, sfcdb)) //檢查C_ROLE_PRIVILEGE是否有添加角色權限,如果存在就刪除 { Row_C_PRIVILEGE PrivilegeRow = (Row_C_PRIVILEGE)GetRolePrivilegeInfo.GetObjByRoleID(strid, sfcdb); DeleteSql += PrivilegeRow.GetDeleteString(DBTYPE) + ";\n"; } } else { sfcdb.RollbackTrain(); StationReturn.Status = StationReturnStatusValue.Fail; StationReturn.Message = "該角色已被賦予用戶使用,不能刪除"; StationReturn.Data = ""; this.DBPools["SFCDB"].Return(sfcdb); return; } } DeleteSql = "BEGIN\n" + DeleteSql + "END;"; sfcdb.ExecSQL(DeleteSql); sfcdb.CommitTrain(); StationReturn.Status = StationReturnStatusValue.Pass; StationReturn.Message = "刪除成功"; sfcdb.CommitTrain(); this.DBPools["SFCDB"].Return(sfcdb); } catch (Exception e) { sfcdb.RollbackTrain(); this.DBPools["SFCDB"].Return(sfcdb); throw e; } }
/// <summary> /// 查詢角色權限C_ROLE_PRIVILEGE /// </summary> public void SelectRolePrivilege(Newtonsoft.Json.Linq.JObject requestValue, Newtonsoft.Json.Linq.JObject Data, MESStationReturn StationReturn) { OleExec sfcdb = null; T_C_ROLE_PRIVILEGE RolePrivilege; List <c_role_privilegeinfobyemp> RolePrivilegeList; string Role_Id = Data["ROLE_ID"].ToString(); try { sfcdb = this.DBPools["SFCDB"].Borrow(); RolePrivilege = new T_C_ROLE_PRIVILEGE(sfcdb, DBTYPE); RolePrivilegeList = RolePrivilege.QueryRolePrivilege(Role_Id, sfcdb); StationReturn.Status = StationReturnStatusValue.Pass; StationReturn.Message = "獲取成功"; StationReturn.Data = RolePrivilegeList; this.DBPools["SFCDB"].Return(sfcdb); } catch (Exception e) { sfcdb.RollbackTrain(); this.DBPools["SFCDB"].Return(sfcdb); throw e; } }
/// <summary> /// 根據傳入角色 除掉登錄人能管理的角色中存在和該角色相同的權限ID /// </summary> public void CheckTwoRolePrivilegeID(Newtonsoft.Json.Linq.JObject requestValue, Newtonsoft.Json.Linq.JObject Data, MESStationReturn StationReturn) { OleExec sfcdb = null; T_C_ROLE_PRIVILEGE CheckRolePrivilege; T_C_ROLE GetMangeRole; List <c_role_privilegeinfobyemp> CheckRolePrivilegeList; List <c_role_byempl> GetMangeRoleList; string EDITROLE_ID = Data["EDITROLE_ID"].ToString(); try { sfcdb = this.DBPools["SFCDB"].Borrow(); CheckRolePrivilege = new T_C_ROLE_PRIVILEGE(sfcdb, DBTYPE); GetMangeRole = new T_C_ROLE(sfcdb, DBTYPE); GetMangeRoleList = GetMangeRole.ManageRoleByUser(new List <get_c_roleid>(), this.LoginUser.DPT_NAME, this.LoginUser.BU, this.LoginUser.FACTORY, this.LoginUser.EMP_LEVEL, sfcdb); if (GetMangeRoleList.Count == 0) { StationReturn.Status = StationReturnStatusValue.Fail; StationReturn.Message = "無角色能管理"; this.DBPools["SFCDB"].Return(sfcdb); return; } CheckRolePrivilegeList = CheckRolePrivilege.CheckTwoRolePrivilegeID(GetMangeRoleList, EDITROLE_ID, this.LoginUser.EMP_LEVEL, sfcdb); StationReturn.Status = StationReturnStatusValue.Pass; StationReturn.MessageCode = "MES00000026"; // StationReturn.Message = "獲取成功"; StationReturn.Data = CheckRolePrivilegeList; this.DBPools["SFCDB"].Return(sfcdb); } catch (Exception e) { sfcdb.RollbackTrain(); this.DBPools["SFCDB"].Return(sfcdb); throw e; } }
/// <summary> /// 刪除角色權限 /// </summary> public void DeleteRolePrivilege(Newtonsoft.Json.Linq.JObject requestValue, Newtonsoft.Json.Linq.JObject Data, MESStationReturn StationReturn) { OleExec sfcdb = this.DBPools["SFCDB"].Borrow(); string DeleteSql = "", P_code = ""; string strid = ""; string MenuID = ""; T_C_PRIVILEGE CheckExistMenuID = new T_C_PRIVILEGE(sfcdb, DBTYPE); Row_C_PRIVILEGE ChRow = (Row_C_PRIVILEGE)CheckExistMenuID.NewRow(); T_C_MENU tcm = new T_C_MENU(sfcdb, DBTYPE); DataTable rcm = new DataTable(); DataTable TTcm = new DataTable(); List <c_role_privilegeinfobyemp> RolePrivilegeList = new List <c_role_privilegeinfobyemp>(); List <string> DeletePrivilege = new List <string>(); List <MENUS> GetMenuList = new List <MENUS>(); T_C_ROLE_PRIVILEGE tcup = new T_C_ROLE_PRIVILEGE(sfcdb, DBTYPE); Row_C_ROLE_PRIVILEGE rcup = (Row_C_ROLE_PRIVILEGE)tcup.NewRow(); T_C_MENU Tmenu = new T_C_MENU(sfcdb, DBTYPE); string ROLE_ID = Data["ROLE_ID"].ToString(); try { //sfcdb.BeginTrain(); //foreach (string item in Data["PRIVILEGE_ID"]) //{ // DeletePrivilege.Add(item.Trim('\'').Trim('\"')); //} foreach (string item in Data["PRIVILEGE_ID"]) { string PRIVILEGE_ID = item.Trim('\'').Trim('\"'); //RolePrivilegeList = tcup.QueryRolePrivilege(ROLE_ID, sfcdb); //ChRow = (Row_C_PRIVILEGE)CheckExistMenuID.getC_PrivilegebyID(PRIVILEGE_ID, sfcdb); //if (ChRow.MENU_ID != null && ChRow.MENU_ID != "N/A") //{ // if (!Tmenu.Check_PARENT(ChRow.MENU_ID,sfcdb)) //CHECK刪除的權限是否存在下級權限 // { // GetMenuList = Tmenu.GetMenuNextID("PARENT_CODE", ChRow.MENU_ID, sfcdb); // if (GetMenuList!=null) // { // for (int i = 0; i < GetMenuList.Count-1; i++) // { // ChRow = (Row_C_PRIVILEGE)CheckExistMenuID.getC_PrivilegebyMenuID(GetMenuList[i].ID.ToString(), sfcdb); // c_role_privilegeinfobyemp h = RolePrivilegeList.Find(s=>s.PRIVILEGE_ID== ChRow.ID); // if (h != null) // { // string u = DeletePrivilege.Find(t => t == ChRow.ID); // if (u == null || u == "") // { // StationReturn.Status = StationReturnStatusValue.Fail; // StationReturn.Message = "要刪除的權限存在下級權限,無法越級刪除"; // StationReturn.Data = ChRow.PRIVILEGE_NAME; // this.DBPools["SFCDB"].Return(sfcdb); // return; // } // } // } // } // } // rcup = tcup.GetC_Role_Privilege_ID(ROLE_ID, PRIVILEGE_ID, sfcdb); // strid = rcup.ID.ToString(); // rcup = (Row_C_ROLE_PRIVILEGE)tcup.GetObjByID(strid, sfcdb); // DeleteSql += rcup.GetDeleteString(DBTYPE) + ";\n"; //} //else //{ // rcup = tcup.GetC_Role_Privilege_ID(ROLE_ID, PRIVILEGE_ID, sfcdb); // strid = rcup.ID.ToString(); // rcup = (Row_C_ROLE_PRIVILEGE)tcup.GetObjByID(strid, sfcdb); // DeleteSql += rcup.GetDeleteString(DBTYPE) + ";\n"; //} // by SDL CHECK要刪除的權限要是存在下級菜單則不允許刪除 rcup = tcup.GetC_Role_Privilege_ID(ROLE_ID, PRIVILEGE_ID, sfcdb); strid = rcup.ID.ToString(); rcup = (Row_C_ROLE_PRIVILEGE)tcup.GetObjByID(strid, sfcdb); DeleteSql += rcup.GetDeleteString(DBTYPE) + ";\n"; ChRow = (Row_C_PRIVILEGE)CheckExistMenuID.getC_PrivilegebyID(PRIVILEGE_ID, sfcdb); if (ChRow.MENU_ID != null || ChRow.MENU_ID != "N/A") { rcm = tcm.getC_MenubyPARENT_CODE(ChRow.MENU_ID, sfcdb); if (rcm.Rows.Count != 0) { for (int i = 0; i < rcm.Rows.Count - 1; i++) { MenuID = rcm.Rows[i]["ID"].ToString(); ChRow = (Row_C_PRIVILEGE)CheckExistMenuID.getC_PrivilegebyMenuID(MenuID, sfcdb); rcup = (Row_C_ROLE_PRIVILEGE)tcup.GetC_Role_Privilege_ID(ROLE_ID, ChRow.ID, sfcdb); if (P_code.IndexOf(MenuID) < 0 && rcup != null) { rcup = (Row_C_ROLE_PRIVILEGE)tcup.GetObjByID(rcup.ID, sfcdb); DeleteSql += rcup.GetDeleteString(DBTYPE) + ";\n"; P_code += MenuID + ","; } TTcm = tcm.getC_MenubyPARENT_CODE(MenuID, sfcdb); if (TTcm.Rows.Count != 0) { for (int j = 0; j < TTcm.Rows.Count - 1; j++) { MenuID = TTcm.Rows[j]["ID"].ToString(); ChRow = (Row_C_PRIVILEGE)CheckExistMenuID.getC_PrivilegebyMenuID(MenuID, sfcdb); if (ChRow != null) { rcup = (Row_C_ROLE_PRIVILEGE)tcup.GetC_Role_Privilege_ID(ROLE_ID, ChRow.ID, sfcdb); if (P_code.IndexOf(MenuID) < 0 && rcup != null) { rcup = (Row_C_ROLE_PRIVILEGE)tcup.GetObjByID(rcup.ID, sfcdb); DeleteSql += rcup.GetDeleteString(DBTYPE) + ";\n"; P_code += MenuID + ","; } } DataTable HHcm = tcm.getC_MenubyPARENT_CODE(MenuID, sfcdb); if (HHcm.Rows.Count != 0) { for (int z = 0; z < HHcm.Rows.Count - 1; z++) { MenuID = HHcm.Rows[z]["ID"].ToString(); ChRow = (Row_C_PRIVILEGE)CheckExistMenuID.getC_PrivilegebyMenuID(MenuID, sfcdb); if (ChRow != null) { rcup = (Row_C_ROLE_PRIVILEGE)tcup.GetC_Role_Privilege_ID(ROLE_ID, ChRow.ID, sfcdb); if (P_code.IndexOf(MenuID) < 0 && rcup != null) { rcup = (Row_C_ROLE_PRIVILEGE)tcup.GetObjByID(rcup.ID, sfcdb); DeleteSql += rcup.GetDeleteString(DBTYPE) + ";\n"; P_code += MenuID + ","; } } } } } } } } } } DeleteSql = "begin\n" + DeleteSql + "end;"; sfcdb.ExecSQL(DeleteSql); sfcdb.CommitTrain(); StationReturn.Status = StationReturnStatusValue.Pass; StationReturn.Message = "刪除成功"; sfcdb.CommitTrain(); this.DBPools["SFCDB"].Return(sfcdb); } catch (Exception e) { sfcdb.RollbackTrain(); this.DBPools["SFCDB"].Return(sfcdb); throw e; } }
/// <summary> ///添加角色所擁有的權限ID INSERT C_ROLE_PRIVILEGE /// </summary> public void AddRolePrivilege(Newtonsoft.Json.Linq.JObject requestValue, Newtonsoft.Json.Linq.JObject Data, MESStationReturn StationReturn) { OleExec sfcdb = null; string InsertSql = ""; string P_code = ""; T_C_ROLE_PRIVILEGE Roler; string ROLE_ID = Data["ROLE_ID"].ToString(); try { sfcdb = this.DBPools["SFCDB"].Borrow(); sfcdb.BeginTrain(); Roler = new T_C_ROLE_PRIVILEGE(sfcdb, DBTYPE); T_C_PRIVILEGE CheckExistMenuID = new T_C_PRIVILEGE(sfcdb, DBTYPE); T_C_MENU tcm = new T_C_MENU(sfcdb, DBTYPE); Row_C_MENU rcm = (Row_C_MENU)tcm.NewRow(); T_C_ROLE_PRIVILEGE tcup = new T_C_ROLE_PRIVILEGE(sfcdb, DBTYPE); Row_C_ROLE_PRIVILEGE rcup = (Row_C_ROLE_PRIVILEGE)tcup.NewRow(); foreach (string item in Data["PRIVILEGE_ID"]) { string PRIVILEGE_ID = item.Trim('\'').Trim('\"'); if (Roler.CheckPrivilegeData(ROLE_ID, PRIVILEGE_ID, sfcdb)) { Row_C_ROLE_PRIVILEGE row = (Row_C_ROLE_PRIVILEGE)Roler.NewRow(); row.ID = Roler.GetNewID(BU, sfcdb); row.ROLE_ID = ROLE_ID; row.PRIVILEGE_ID = PRIVILEGE_ID; row.EDIT_EMP = LoginUser.EMP_NO; row.SYSTEM_NAME = SystemName; row.EDIT_TIME = GetDBDateTime(); InsertSql += row.GetInsertString(DBTYPE) + ";\n"; Row_C_PRIVILEGE ChRow = (Row_C_PRIVILEGE)CheckExistMenuID.getC_PrivilegebyID(PRIVILEGE_ID, sfcdb); if (ChRow.MENU_ID != null || ChRow.MENU_ID != "N/A") { P_code += ChRow.MENU_ID + ","; rcm = tcm.getC_MenubyID(ChRow.MENU_ID, sfcdb); if (rcm.PARENT_CODE != "0") { if (P_code.IndexOf(rcm.PARENT_CODE) < 0 && tcup.GetC_Role_Privilege_ID(ROLE_ID, ChRow.MENU_ID, sfcdb) == null && Roler.CheckPrivilegeData(ROLE_ID, rcm.PARENT_CODE, sfcdb)) { rcup.ID = tcup.GetNewID(BU, sfcdb); rcup.SYSTEM_NAME = SystemName; rcup.ROLE_ID = ROLE_ID; rcup.PRIVILEGE_ID = rcm.PARENT_CODE; rcup.EDIT_EMP = LoginUser.EMP_NO; rcup.EDIT_TIME = DateTime.Now; InsertSql += rcup.GetInsertString(this.DBTYPE) + ";\n"; P_code += rcm.PARENT_CODE + ","; } do { rcm = tcm.getC_MenubyID(rcm.PARENT_CODE, sfcdb); if (rcm.PARENT_CODE != "0") { if (P_code.IndexOf(rcm.PARENT_CODE) < 0 && tcup.GetC_Role_Privilege_ID(ROLE_ID, ChRow.MENU_ID, sfcdb) == null && Roler.CheckPrivilegeData(ROLE_ID, rcm.PARENT_CODE, sfcdb)) { rcup.ID = tcup.GetNewID(BU, sfcdb); rcup.SYSTEM_NAME = SystemName; rcup.ROLE_ID = ROLE_ID; rcup.PRIVILEGE_ID = rcm.PARENT_CODE; rcup.EDIT_EMP = LoginUser.EMP_NO; rcup.EDIT_TIME = DateTime.Now; InsertSql += rcup.GetInsertString(this.DBTYPE) + ";\n"; P_code += rcm.PARENT_CODE + ","; } } } while (rcm.PARENT_CODE != "0"); } } } else { StationReturn.Status = StationReturnStatusValue.Fail; StationReturn.Message = "該角色已包含該權限ID"; StationReturn.Data = ""; this.DBPools["SFCDB"].Return(sfcdb); return; } } InsertSql = "begin\n" + InsertSql + "end;"; sfcdb.ExecSQL(InsertSql); sfcdb.CommitTrain(); StationReturn.Status = StationReturnStatusValue.Pass; StationReturn.Message = "添加成功"; sfcdb.CommitTrain(); this.DBPools["SFCDB"].Return(sfcdb); } catch (Exception e) { sfcdb.RollbackTrain(); this.DBPools["SFCDB"].Return(sfcdb); throw e; } }