/// <summary> /// 用户的所有可授权范围(有授权权限的权限列表) /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <param name="permissionCode">权限域编号</param> /// <returns>数据表</returns> public DataTable GetPermissionDTByPermission(BaseUserInfo userInfo, string userId, string permissionCode) { var dt = new DataTable(BaseModuleEntity.CurrentTableName); var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) => { var permissionId = new BaseModuleManager().GetIdByCodeByCache(userInfo.SystemCode, permissionCode); // 数据库里没有设置可授权的权限项,系统自动增加一个权限配置项 if (string.IsNullOrEmpty(permissionId) && permissionCode.Equals("Resource.ManagePermission")) { var permissionEntity = new BaseModuleEntity { Code = "Resource.ManagePermission", Name = "资源管理范围权限(系统默认)", IsScope = 1, Enabled = 1, AllowDelete = 0 }; permissionEntity.AllowDelete = 0; new BaseModuleManager(userInfo).AddEntity(permissionEntity); } dt = new BaseModuleManager().GetDataTableByUser(userInfo.SystemCode, userId, permissionCode); dt.TableName = BaseModuleEntity.CurrentTableName; }); return(dt); }
/// <summary> /// 组织机构上级节点 /// </summary> /// <param name="systemCode">系统编码</param> /// <param name="organizationParentId">组织机构上级主键</param> /// <param name="userId">用户主键</param> /// <param name="permissionCode">权限编号</param> /// <returns>数据表</returns> public DataTable GetUserOrganizationScopes(string systemCode, string organizationParentId, string userId, string permissionCode = "Resource.AccessPermission") { DataTable result = null; var permissionId = new BaseModuleManager().GetIdByCodeByCache(systemCode, permissionCode); if (!string.IsNullOrEmpty(permissionId)) { var tableName = UserInfo.SystemCode + "PermissionScope"; var sql = @"SELECT BaseOrganization.Id AS OrganizationId , BaseOrganization.Name , BaseOrganization.ContainChildNodes , BasePermissionScope.TargetId , BasePermissionScope.ContainChild FROM BaseOrganization LEFT OUTER JOIN BasePermissionScope ON BaseOrganization.Id = BasePermissionScope.TargetId AND BasePermissionScope.TargetCategory = 'BaseOrganization' AND BasePermissionScope.ResourceCategory = 'BaseUser' AND BasePermissionScope.ResourceId = '" + userId + @"' AND BasePermissionScope.PermissionId = " + permissionId; if (!string.IsNullOrEmpty(organizationParentId)) { sql += " WHERE BaseOrganization.ParentId = " + organizationParentId; } else { sql += " WHERE BaseOrganization.ParentId = 0 "; } sql = sql.Replace("BasePermissionScope", tableName); result = DbHelper.Fill(sql); } return(result); }
/// <summary> /// 设置组织范围 /// </summary> /// <param name="systemCode">系统编码</param> /// <param name="userId"></param> /// <param name="permissionScope"></param> /// <param name="permissionCode">权限编码</param> /// <param name="containChild"></param> /// <returns></returns> public string SetUserOrganizationScope(string systemCode, string userId, PermissionOrganizationScope permissionScope, string permissionCode = "Resource.AccessPermission", bool containChild = false) { var result = string.Empty; var permissionId = new BaseModuleManager().GetIdByCodeByCache(systemCode, permissionCode); if (!string.IsNullOrEmpty(permissionId)) { var tableName = BaseOrganizationScopeEntity.CurrentTableName; if (!string.IsNullOrEmpty(systemCode)) { tableName = systemCode + "OrganizationScope"; } var organizationScopeManager = new BaseOrganizationScopeManager(DbHelper, UserInfo, tableName); var parameters = new List <KeyValuePair <string, object> > { new KeyValuePair <string, object>(BaseOrganizationScopeEntity.FieldResourceCategory, BaseUserEntity.CurrentTableName), new KeyValuePair <string, object>(BaseOrganizationScopeEntity.FieldResourceId, userId), new KeyValuePair <string, object>(BaseOrganizationScopeEntity.FieldPermissionId, permissionId) }; result = organizationScopeManager.GetId(parameters); BaseOrganizationScopeEntity organizationScopeEntity = null; if (string.IsNullOrEmpty(result)) { organizationScopeEntity = new BaseOrganizationScopeEntity(); } else { organizationScopeEntity = organizationScopeManager.GetEntity(result); } organizationScopeEntity.AllData = (permissionScope == PermissionOrganizationScope.AllData ? 1 : 0); organizationScopeEntity.Province = (permissionScope == PermissionOrganizationScope.Province ? 1 : 0); organizationScopeEntity.City = (permissionScope == PermissionOrganizationScope.City ? 1 : 0); organizationScopeEntity.District = (permissionScope == PermissionOrganizationScope.District ? 1 : 0); organizationScopeEntity.UserCompany = (permissionScope == PermissionOrganizationScope.UserCompany ? 1 : 0); organizationScopeEntity.UserSubCompany = (permissionScope == PermissionOrganizationScope.UserSubCompany ? 1 : 0); organizationScopeEntity.UserDepartment = (permissionScope == PermissionOrganizationScope.UserDepartment ? 1 : 0); organizationScopeEntity.UserSubDepartment = (permissionScope == PermissionOrganizationScope.UserSubDepartment ? 1 : 0); organizationScopeEntity.UserWorkgroup = (permissionScope == PermissionOrganizationScope.UserWorkgroup ? 1 : 0); organizationScopeEntity.OnlyOwnData = (permissionScope == PermissionOrganizationScope.OnlyOwnData ? 1 : 0); organizationScopeEntity.ByDetails = (permissionScope == PermissionOrganizationScope.ByDetails ? 1 : 0); organizationScopeEntity.NotAllowed = (permissionScope == PermissionOrganizationScope.NotAllowed ? 1 : 0); organizationScopeEntity.Enabled = 1; organizationScopeEntity.Deleted = 0; organizationScopeEntity.ContainChild = containChild ? 1 : 0; organizationScopeEntity.PermissionId = int.Parse(permissionId); organizationScopeEntity.ResourceCategory = BaseUserEntity.CurrentTableName; organizationScopeEntity.ResourceId = userId.ToString(); if (string.IsNullOrEmpty(result)) { result = organizationScopeManager.Add(organizationScopeEntity); } else { organizationScopeManager.Update(organizationScopeEntity); } } return(result); }
/// <summary> /// 获得有某个权限的所有用户主键 /// </summary> /// <param name="systemCode">系统编号</param> /// <param name="permissionCode">操作权限编号</param> /// <returns>用户主键数组</returns> public string[] GetUserIds(string systemCode, string permissionCode) { // 若不存在就需要自动能增加一个操作权限项 var permissionId = new BaseModuleManager().GetIdByCodeByCache(systemCode, permissionCode); return(GetUserIdsByPermissionId(systemCode, permissionId)); }
/// <summary> /// 判断用户是否有有相应的权限 /// </summary> /// <param name="systemCode">系统编号</param> /// <param name="userId">用户主键</param> /// <param name="permissionCode">权限编号</param> /// <returns>有权限</returns> public bool CheckPermission(string systemCode, string userId, string permissionCode) { if (String.IsNullOrEmpty(systemCode)) { return(false); } if (String.IsNullOrEmpty(userId)) { return(false); } string permissionId = BaseModuleManager.GetIdByCodeByCache(systemCode, permissionCode); // 没有找到相应的权限 if (String.IsNullOrEmpty(permissionId)) { return(false); } this.CurrentTableName = systemCode + "Permission"; List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceCategory, BaseUserEntity.TableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceId, userId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldEnabled, 1)); parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldDeletionStateCode, 0)); //宋彪注:permisssionId先没加上 parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldPermissionId, permissionId)); return(this.Exists(parameters)); }
/// <summary> /// 组织机构上级节点 /// </summary> /// <param name="organizeParentId">组织机构上级主键</param> /// <param name="userId">用户主键</param> /// <param name="permissionCode">权限编号</param> /// <returns>数据表</returns> public DataTable GetUserOrganizeScopes(string systemCode, string organizeParentId, string userId, string permissionCode = "Resource.AccessPermission") { DataTable result = null; string permissionId = BaseModuleManager.GetIdByCodeByCache(systemCode, permissionCode); if (!string.IsNullOrEmpty(permissionId)) { string tableName = this.UserInfo.SystemCode + "PermissionScope"; string sqlQuery = @"SELECT BaseOrganize.Id AS OrganizeId , BaseOrganize.FullName , BaseOrganize.ContainChildNodes , BasePermissionScope.TargetId , BasePermissionScope.ContainChild FROM BaseOrganize LEFT OUTER JOIN BasePermissionScope ON BaseOrganize.Id = BasePermissionScope.TargetId AND BasePermissionScope.TargetCategory = 'BaseOrganize' AND BasePermissionScope.ResourceCategory = 'BaseUser' AND BasePermissionScope.ResourceId = '" + userId + @"' AND BasePermissionScope.PermissionId = " + permissionId; if (!string.IsNullOrEmpty(organizeParentId)) { sqlQuery += " WHERE BaseOrganize.ParentId = " + organizeParentId; } else { sqlQuery += " WHERE BaseOrganize.ParentId IS NULL "; } sqlQuery = sqlQuery.Replace("BasePermissionScope", tableName); result = this.DbHelper.Fill(sqlQuery); } return(result); }
// // 撤销权限的实现部分 // #region private int Revoke(BasePermissionManager permissionManager, string systemCode, string organizeId, string result) 为了提高撤销的运行速度 /// <summary> /// 为了提高撤销的运行速度 /// </summary> /// <param name="permissionManager">资源权限读写器</param> /// <param name="organizeId">组织机构主键</param> /// <param name="result">权限主键</param> /// <returns>影响行数</returns> private int Revoke(BasePermissionManager permissionManager, string systemCode, string organizeId, string permissionId) { int result = 0; List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceCategory, BaseOrganizeEntity.TableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceId, organizeId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldPermissionId, permissionId)); result = permissionManager.Delete(parameters); // 2015-09-21 吉日嘎拉 这里增加变更日志 string tableName = systemCode + ".Permission.Organize"; SQLBuilder sqlBuilder = new SQLBuilder(this.DbHelper); sqlBuilder.BeginInsert(BaseModifyRecordEntity.TableName); sqlBuilder.SetValue(BaseModifyRecordEntity.FieldTableCode, tableName); sqlBuilder.SetFormula(BaseModifyRecordEntity.FieldId, "SEQ_" + BaseModifyRecordEntity.TableName + ".NEXTVAL"); sqlBuilder.SetValue(BaseModifyRecordEntity.FieldRecordKey, organizeId); sqlBuilder.SetValue(BaseModifyRecordEntity.FieldColumnCode, permissionId); sqlBuilder.SetValue(BaseModifyRecordEntity.FieldColumnDescription, BaseModuleManager.GetNameByCache(systemCode, permissionId)); sqlBuilder.SetValue(BaseModifyRecordEntity.FieldOldValue, "1"); sqlBuilder.SetValue(BaseModifyRecordEntity.FieldNewValue, "撤销授权"); sqlBuilder.SetValue(BaseModifyRecordEntity.FieldCreateUserId, this.UserInfo.Id); sqlBuilder.SetValue(BaseModifyRecordEntity.FieldCreateBy, this.UserInfo.RealName); sqlBuilder.SetDBNow(BaseModifyRecordEntity.FieldCreateOn); sqlBuilder.SetValue(BaseModifyRecordEntity.FieldIPAddress, this.UserInfo.IPAddress); sqlBuilder.EndInsert(); return(result); }
/// <summary> /// 缓存预热,强制重新缓存 /// </summary> /// <param name="systemCode">系统编号</param> /// <returns>影响行数</returns> public static int CachePreheating(string systemCode) { var result = 0; // 把所有的组织机构都缓存起来的代码 var manager = new BaseModuleManager { CurrentTableName = systemCode + "Module" }; var dataReader = manager.ExecuteReader(); if (dataReader != null && !dataReader.IsClosed) { while (dataReader.Read()) { var entity = BaseEntity.Create <BaseModuleEntity>(dataReader, false); if (entity != null) { SetCache(systemCode, entity); result++; System.Console.WriteLine(result + " : " + entity.Code); } } dataReader.Close(); } return(result); }
public BasePermissionScopeEntity GetConstraintEntity(string resourceCategory, string resourceId, string tableName, string permissionCode = "Resource.AccessPermission") { BasePermissionScopeEntity entity = null; string permissionId = string.Empty; permissionId = BaseModuleManager.GetIdByCodeByCache(this.UserInfo.SystemCode, permissionCode); List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, resourceCategory)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, resourceId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, "Table")); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, tableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionId, permissionId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0)); // 1:先获取是否有这样的主键,若有进行更新操作。 BasePermissionScopeManager manager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo); var dt = manager.GetDataTable(parameters); if (dt.Rows.Count > 0) { entity = BaseEntity.Create <BasePermissionScopeEntity>(dt); } return(entity); }
/// <summary> /// 获取模块菜单表,从缓存读取 /// 没有缓存也可以用的。 /// </summary> /// <param name="systemCode">系统编号</param> /// <param name="refreshCache">是否刷新缓存</param> /// <returns>菜单</returns> public List <BaseModuleEntity> GetEntitiesByCache(string systemCode = "Base", bool refreshCache = false) { List <BaseModuleEntity> result = null; var tableName = systemCode + "Module"; var cacheKey = "List." + systemCode + ".Module"; //var cacheTime = default(TimeSpan); var cacheTime = TimeSpan.FromMilliseconds(86400000); result = CacheUtil.Cache <List <BaseModuleEntity> >(cacheKey, () => { var moduleManager = new BaseModuleManager(DbHelper, UserInfo, tableName); // 读取目标表中的数据 var parametersWhere = new List <KeyValuePair <string, object> > { //有效的菜单 new KeyValuePair <string, object>(BaseModuleEntity.FieldEnabled, 1), //没被删除的菜单 new KeyValuePair <string, object>(BaseModuleEntity.FieldDeleted, 0) }; // parameters.Add(new KeyValuePair<string, object>(BaseModuleEntity.FieldIsVisible, 1)); CurrentTableName = tableName; return(moduleManager.GetList <BaseModuleEntity>(parametersWhere, BaseModuleEntity.FieldSortCode)); }, true, refreshCache, cacheTime); return(result); }
/// <summary> /// GetPermissionScopeResourceIds /// </summary> /// <param name="userInfo">用户信息</param> /// <param name="resourceCategory"></param> /// <param name="targetId"></param> /// <param name="targetResourceCategory"></param> /// <param name="permissionCode">权限编码</param> /// <returns></returns> public string[] GetPermissionScopeResourceIds(BaseUserInfo userInfo, string resourceCategory, string targetId, string targetResourceCategory, string permissionCode) { string[] result = null; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) => { var permissionId = new BaseModuleManager().GetIdByCodeByCache(userInfo.SystemCode, permissionCode); var parameters = new List <KeyValuePair <string, object> > { new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, targetId), new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, resourceCategory), new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionId, permissionId), new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, targetResourceCategory), new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldEnabled, 1), new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldDeleted, 0) }; var tableName = userInfo.SystemCode + "PermissionScope"; result = DbUtil.GetProperties(dbHelper, tableName, parameters, 0, BasePermissionScopeEntity.FieldResourceId); }); return(result); }
// // 授予授权范围的实现部分 // #region private string GrantUser(BasePermissionScopeManager manager, string userId, string grantUserId, string permissionCode) 为了提高授权的运行速度 /// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="manager">权限域读写器</param> /// <param name="userId">用户主键</param> /// <param name="grantUserId">权限主键</param> /// <param name="permissionCode">权限编号</param> /// <returns>主键</returns> private string GrantUser(BasePermissionScopeManager permissionScopeManager, string systemCode, string userId, string grantUserId, string permissionCode) { string result = string.Empty; List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseUserEntity.TableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, userId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, BaseUserEntity.TableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, grantUserId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionId, BaseModuleManager.GetIdByCodeByCache(systemCode, permissionCode))); if (!this.Exists(parameters)) { BasePermissionScopeEntity resourcePermissionScopeEntity = new BasePermissionScopeEntity(); resourcePermissionScopeEntity.PermissionId = BaseModuleManager.GetIdByCodeByCache(systemCode, permissionCode); resourcePermissionScopeEntity.ResourceCategory = BaseUserEntity.TableName; resourcePermissionScopeEntity.ResourceId = userId; resourcePermissionScopeEntity.TargetCategory = BaseUserEntity.TableName; resourcePermissionScopeEntity.TargetId = grantUserId; resourcePermissionScopeEntity.Enabled = 1; resourcePermissionScopeEntity.DeletionStateCode = 0; return(permissionScopeManager.Add(resourcePermissionScopeEntity)); } return(result); }
// // 授予授权范围的实现部分 // #region private string GrantRole(BasePermissionScopeManager manager, string id, string userId, string grantRoleId) 为了提高授权的运行速度 /// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="manager">权限范围管理器</param> /// <param name="systemCode">系统编号</param> /// <param name="userId">用户主键</param> /// <param name="grantRoleId">权限主键</param> /// <param name="permissionCode">权限编号</param> /// <returns>主键</returns> private string GrantRole(BasePermissionScopeManager manager, string systemCode, string userId, string grantRoleId, string permissionCode) { var result = string.Empty; var permissionId = new BaseModuleManager().GetIdByCodeByCache(systemCode, permissionCode); if (!string.IsNullOrEmpty(permissionId)) { // 对应哪个角色 var roleTableName = systemCode + "Role"; var entity = new BasePermissionScopeEntity { PermissionId = permissionId.ToInt(), ResourceCategory = BaseUserEntity.CurrentTableName, ResourceId = userId.ToInt(), TargetCategory = roleTableName, TargetId = grantRoleId.ToInt(), Enabled = 1, Deleted = 0 }; result = manager.Add(entity, true, false); } return(result); }
/// <summary> /// 获取菜单模块树型列表 /// </summary> /// <param name="systemCode">子系统</param> /// <param name="isMenu">是否菜单(0/1)</param> public DataTable GetModuleTree(string systemCode, string isMenu = null) { if (string.IsNullOrEmpty(systemCode)) { systemCode = "Base"; } //读取选定子系统的菜单模块 var manager = new BaseModuleManager(UserInfo, systemCode + "Module"); // 获取所有数据 var parameters = new List <KeyValuePair <string, object> >(); if (ValidateUtil.IsInt(isMenu)) { parameters.Add(new KeyValuePair <string, object>(BaseModuleEntity.FieldIsMenu, isMenu)); } parameters.Add(new KeyValuePair <string, object>(BaseModuleEntity.FieldEnabled, 1)); parameters.Add(new KeyValuePair <string, object>(BaseModuleEntity.FieldDeleted, 0)); //2017.12.20增加默认的HttpRuntime.Cache缓存 var cacheKey = "DataTable." + systemCode + ".ModuleTree." + isMenu; //var cacheTime = default(TimeSpan); var cacheTime = TimeSpan.FromMilliseconds(86400000); return(CacheUtil.Cache <DataTable>(cacheKey, () => manager.GetModuleTree(manager.GetDataTable(parameters, BaseModuleEntity.FieldSortCode)), true, false, cacheTime)); //直接读取数据库 //return manager.GetModuleTree(manager.GetModuleTree(manager.GetDataTable(parameters, BaseModuleEntity.FieldSortCode))); }
/// <summary> /// 某个用户是否对某个模块Url有访问权限 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <param name="moduleUrl">模块Url</param> /// <returns>是否有权限</returns> public bool IsUrlAuthorizedByUser(BaseUserInfo userInfo, string userId, string moduleUrl) { bool result = false; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) => { // 是否超级管理员 // 是超级管理员,就不用继续判断权限了 var userManager = new BaseUserManager(dbHelper, userInfo); BaseUserEntity userEntity = userManager.GetObject(userId); if (userEntity != null && !string.IsNullOrEmpty(userEntity.Id)) { result = userManager.IsAdministrator(userId); if (!result) { string tableName = userInfo.SystemCode + "Module"; var moduleManager = new BaseModuleManager(dbHelper, userInfo, tableName); List <BaseModuleEntity> entityList = null; // moduleManager.GetList(userId); // 这里需要改进,只读到第一个就可以返回了,没必要全部列表都计算一边 int count = entityList.Count(entity => !string.IsNullOrEmpty(entity.NavigateUrl) && (entity.NavigateUrl.Equals(moduleUrl, StringComparison.OrdinalIgnoreCase) || moduleUrl.StartsWith(entity.NavigateUrl))); result = count > 0; } } }); return(result); }
/// <summary> /// 从缓存获取获取实体 /// </summary> /// <param name="systemCode">系统编号</param> /// <param name="code">编号</param> /// <returns>权限实体</returns> public static BaseModuleEntity GetObjectByCacheByCode(string systemCode, string code) { BaseModuleEntity result = null; string cacheKey = systemCode + ".Module"; if (!string.IsNullOrEmpty(code)) { cacheKey = systemCode + ".Module." + code; } result = GetCacheByKey(cacheKey); if (result == null) { // 动态读取表中的数据 string tableName = systemCode + "Module"; BaseModuleManager manager = new BaseModuleManager(tableName); result = manager.GetObjectByCode(code); // 若是空的不用缓存,继续读取实体 if (result != null) { SetCache(systemCode, result); } } return(result); }
/// <summary> /// 缓存预热,强制重新缓存 /// </summary> /// <param name="systemCode">系统编号</param> /// <returns>影响行数</returns> public static int CachePreheating(string systemCode) { int result = 0; // 把所有的组织机构都缓存起来的代码 BaseModuleManager manager = new BaseModuleManager(); manager.CurrentTableName = systemCode + "Module"; using (IDataReader dataReader = manager.ExecuteReader()) { while (dataReader.Read()) { BaseModuleEntity entity = BaseEntity.Create <BaseModuleEntity>(dataReader, false); if (entity != null) { BaseModuleManager.SetCache(systemCode, entity); result++; System.Console.WriteLine(result.ToString() + " : " + entity.Code); } } dataReader.Close(); } return(result); }
/// <summary> /// 判断用户是否有有相应的权限 /// </summary> /// <param name="systemCode">系统编号</param> /// <param name="userId">用户主键</param> /// <param name="permissionCode">权限编号</param> /// <returns>有权限</returns> public bool CheckPermission(string systemCode, string userId, string permissionCode) { if (string.IsNullOrEmpty(systemCode)) { return(false); } if (!ValidateUtil.IsInt(userId)) { return(false); } var permissionId = new BaseModuleManager().GetIdByCodeByCache(systemCode, permissionCode); // 没有找到相应的权限 if (string.IsNullOrEmpty(permissionId)) { return(false); } CurrentTableName = systemCode + "Permission"; var parameters = new List <KeyValuePair <string, object> > { new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceCategory, BaseUserEntity.CurrentTableName), new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceId, userId), new KeyValuePair <string, object>(BasePermissionEntity.FieldEnabled, 1), new KeyValuePair <string, object>(BasePermissionEntity.FieldDeleted, 0), //宋彪注:permisssionId先没加上 new KeyValuePair <string, object>(BasePermissionEntity.FieldPermissionId, permissionId) }; return(Exists(parameters)); }
/// <summary> /// 获得有某个权限的所有用户主键 /// </summary> /// <param name="organizeId">组织机构主键</param> /// <param name="permissionCode">操作权限编号</param> /// <param name="permissionItemName">操作权限名称</param> /// <returns>用户主键数组</returns> public string[] GetUserIds(string systemCode, string organizeId, string permissionCode, string permissionName = null) { string permissionId = string.Empty; // 若不存在就需要自动能增加一个操作权限项 permissionId = BaseModuleManager.GetIdByCodeByCache(systemCode, permissionCode); return(GetUserIdsByPermissionId(organizeId, permissionId)); }
public static int RefreshCache(string systemCode, string moduleId) { int result = 0; // 2016-02-29 吉日嘎拉 强制刷新缓存 BaseModuleManager.GetObjectByCache(systemCode, moduleId, true); return(result); }
/// <summary> /// 某个用户是否对某个模块有相应的权限 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <param name="moduleCode">模块编号</param> /// <returns>是否有权限</returns> public bool IsModuleAuthorizedByUser(BaseUserInfo userInfo, string userId, string moduleCode) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif bool returnValue = false; using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); // 是否超级管理员 BaseUserManager userManager = new BaseUserManager(dbHelper, userInfo); if (userManager.IsAdministrator(userId)) { return(true); } else { BaseModuleManager moduleManager = new BaseModuleManager(dbHelper, userInfo); DataTable dataTable = moduleManager.GetDataTableByUser(userId); foreach (DataRow dataRow in dataTable.Rows) { if (dataRow[BaseModuleEntity.FieldCode].ToString().Equals(moduleCode)) { returnValue = true; break; } } } BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_IsModuleAuthorizedByUser, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return(returnValue); }
public new string GetIdByCode(string permissionCode) { string tableName = UserInfo.SystemCode + "Module"; BaseModuleManager moduleManager = new BaseModuleManager(dbHelper, UserInfo, tableName); return(moduleManager.GetIdByCode(permissionCode)); //BasePermissionManager moduleManager = new BasePermissionManager(DbHelper); //// 这里应该是若不存在就自动加一个操作权限 //return moduleManager.GetIdByAdd(permissionCode); }
/// <summary> /// 直接看用户本身是否有这个权限(不管角色是否有权限) /// </summary> /// <param name="systemCode">系统</param> /// <param name="userId">用户主键</param> /// <param name="permissionCode">权限主键</param> /// <returns>是否有权限</returns> public bool CheckPermissionByUser(string systemCode, string userId, string permissionCode) { var permissionId = new BaseModuleManager().GetIdByCodeByCache(systemCode, permissionCode); // 没有找到相应的权限 if (string.IsNullOrEmpty(permissionId)) { return(false); } return(CheckResourcePermission(systemCode, BaseUserEntity.CurrentTableName, userId.ToString(), permissionId)); }
/// <summary> /// 获取用户的件约束表达式 /// </summary> /// <param name="userInfo">用户</param> /// <param name="tableName">表名</param> /// <returns>主键</returns> public string GetUserConstraint(string tableName, string permissionCode = "Resource.AccessPermission") { string result = string.Empty; // 这里是获取用户的条件表达式 // 1: 首先用户在哪些角色里是有效的? // 2: 这些角色都有哪些哪些条件约束? // 3: 组合约束条件? // 4:用户本身的约束条件? string permissionId = string.Empty; permissionId = BaseModuleManager.GetIdByCodeByCache(this.UserInfo.SystemCode, permissionCode); BaseUserManager manager = new BaseUserManager(this.DbHelper, this.UserInfo); string[] roleIds = manager.GetRoleIds(UserInfo.Id); if (roleIds == null || roleIds.Length == 0) { return(result); } BasePermissionScopeManager scopeManager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo); List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleIds)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, "Table")); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, tableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionId, permissionId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldEnabled, 1)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0)); DataTable dtPermissionScope = scopeManager.GetDataTable(parameters); string permissionConstraint = string.Empty; foreach (DataRow dr in dtPermissionScope.Rows) { permissionConstraint = dr[BasePermissionScopeEntity.FieldPermissionConstraint].ToString(); permissionConstraint = permissionConstraint.Trim(); if (!string.IsNullOrEmpty(permissionConstraint)) { result += " AND " + permissionConstraint; } } if (!string.IsNullOrEmpty(result)) { result = result.Substring(5); // 解析替换约束表达式标准函数 result = ConstraintUtil.PrepareParameter(this.UserInfo, result); } return(result); }
/// <summary> /// 用户授予权限 /// </summary> /// <param name="systemCode">系统编号</param> /// <param name="userId">用户主键</param> /// <param name="permissionCode">权限编号</param> /// <returns>影响行数</returns> public int RevokeByPermissionCode(string systemCode, string userId, string permissionCode) { int result = 0; string permissionId = BaseModuleManager.GetIdByCodeByCache(systemCode, permissionCode); if (!String.IsNullOrEmpty(permissionId)) { result = this.Revoke(systemCode, userId, permissionId); } return(result); }
// // 撤销授权范围的实现部分 // #region private int RevokeRole(BasePermissionScopeManager manager, string userId, string revokeRoleId, string permissionCode) 为了提高授权的运行速度 /// <summary> /// 为了提高授权的运行速度 /// </summary> /// <param name="manager">权限域读写器</param> /// <param name="userId">用户主键</param> /// <param name="revokeRoleId">权限主键</param> /// <param name="permissionCode">权限编号</param> /// <returns>主键</returns> private int RevokeRole(BasePermissionScopeManager manager, string systemCode, string userId, string revokeRoleId, string permissionCode) { string permissionId = BaseModuleManager.GetIdByCodeByCache(systemCode, permissionCode); string roleTableName = UserInfo.SystemCode + "Role"; List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseUserEntity.TableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, userId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, roleTableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, revokeRoleId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionId, permissionId)); return(manager.Delete(parameters)); }
/// <summary> /// 用户授予权限 /// </summary> /// <param name="systemCode">系统编号</param> /// <param name="userId">用户主键</param> /// <param name="permissionCode">权限编号</param> public string GrantByPermissionCode(string systemCode, string userId, string permissionCode) { string result = string.Empty; string permissionId = BaseModuleManager.GetIdByCodeByCache(systemCode, permissionCode); if (!String.IsNullOrEmpty(permissionId)) { result = this.Grant(systemCode, userId, permissionId); } return(result); }
/// <summary> /// 用户授予权限 /// </summary> /// <param name="systemCode">系统编号</param> /// <param name="userId">用户主键</param> /// <param name="permissionCode">权限编号</param> /// <returns>影响行数</returns> public int RevokeByPermissionCode(string systemCode, string userId, string permissionCode) { var result = 0; var permissionId = new BaseModuleManager().GetIdByCodeByCache(systemCode, permissionCode); if (!string.IsNullOrEmpty(permissionId)) { result = RevokeUser(systemCode, userId, permissionId); } return(result); }
// // 从数据库获取权限 // /// <summary> /// 获取清单 /// </summary> /// <param name="systemCode"></param> /// <param name="userId"></param> /// <param name="companyId"></param> /// <param name="fromCache"></param> /// <returns></returns> public List <BaseModuleEntity> GetPermissionListByUser(string systemCode, string userId, string companyId = null, bool fromCache = false) { var result = new List <BaseModuleEntity>(); if (!ValidateUtil.IsInt(userId)) { return(result); } var useBaseRole = false; var key = "BaseModule"; var tableName = "BaseModule"; if (!string.IsNullOrWhiteSpace(systemCode)) { key = systemCode + "Module"; tableName = systemCode + "Module"; // 2015-11-19 所有的系统都继承基础角色的权限 // 2022-01-04 Troy.Cui 停用集成基础角色 useBaseRole = false; var isAdministrator = BaseUserManager.IsAdministrator(userId); if (isAdministrator) { result = new BaseModuleManager().GetEntitiesByCache(systemCode); } else { string[] permissionIds = null; permissionIds = GetPermissionIdsByUser(systemCode, userId, companyId: companyId, containPublic: false, useBaseRole: useBaseRole); // 2016-03-02 吉日嘎拉,少读一次缓存服务器,减少缓存服务器读写压力 var entities = new BaseModuleManager().GetEntitiesByCache(systemCode); // 若是以前赋予的权限,后来有些权限设置为无效了,那就不应该再获取哪些无效的权限才对。 if (permissionIds != null && permissionIds.Length > 0) { // 要特别注意IsPublic的设置,容易造成失控 result = (entities as List <BaseModuleEntity>).Where(t => (t.IsPublic == 1 && t.Enabled == 1 && t.Deleted == 0) || permissionIds.Contains(t.Id.ToString())).ToList(); } else { result = (entities as List <BaseModuleEntity>).Where(t => t.IsPublic == 1 && t.Enabled == 1 && t.Deleted == 0).ToList(); } } } return(result); }
/// <summary> /// 更新模块菜单 /// </summary> /// <param name="userInfo">用户</param> /// <param name="moduleEntity">实体</param> /// <param name="statusCode">返回状态码</param> /// <param name="statusMessage">返回状消息</param> /// <returns>影响行数</returns> public int Update(BaseUserInfo userInfo, BaseModuleEntity moduleEntity, out string statusCode, out string statusMessage) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif statusCode = string.Empty; statusMessage = string.Empty; int returnValue = 0; using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); string tableName = BaseModuleEntity.TableName; if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode)) { tableName = BaseSystemInfo.SystemCode + "Module"; } BaseModuleManager moduleManager = new BaseModuleManager(dbHelper, userInfo, tableName); // 调用方法,并且返回运行结果 returnValue = moduleManager.Update(moduleEntity, out statusCode); // 获得状态消息 statusMessage = moduleManager.GetStateMessage(statusCode); BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.ModuleService_Update, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return(returnValue); }