/// <summary> /// 删除权限 /// </summary> /// <param name="userInfo">用户</param> /// <param name="permissionItemCode">权限编号</param> /// <returns>影响行数</returns> public int DeletePermission(BaseUserInfo userInfo, string permissionItemCode) { // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif int returnValue = 0; using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo); string id = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode)); if (!String.IsNullOrEmpty(id)) { // 在删除时,可能会把相关的其他配置权限会删除掉,所以需要调用这个方法。 returnValue = permissionItemManager.Delete(id); } } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } return(returnValue); }
/// <summary> /// /// </summary> /// <param name="userInfo"></param> /// <param name="resourceCategory"></param> /// <param name="targetId"></param> /// <param name="targetResourceCategory"></param> /// <param name="permissionItemCode"></param> /// <returns></returns> public string[] GetPermissionScopeResourceIds(BaseUserInfo userInfo, string resourceCategory, string targetId, string targetResourceCategory, string permissionItemCode) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif string[] returnValue = null; using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); string tableName = BasePermissionItemEntity.TableName; if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode)) { tableName = BaseSystemInfo.SystemCode + "PermissionItem"; } BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo, tableName); string permissionItemId = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode)); List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, targetId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, resourceCategory)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, permissionItemId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, targetResourceCategory)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldEnabled, 1)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0)); tableName = BasePermissionScopeEntity.TableName; if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode)) { tableName = BaseSystemInfo.SystemCode + "PermissionScope"; } returnValue = DbLogic.GetProperties(dbHelper, tableName, parameters, 0, BasePermissionScopeEntity.FieldResourceId); BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return(returnValue); }
/// <summary> /// 用户的所有可授权范围(有授权权限的权限列表) /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <param name="permissionItemCode">权限域编号</param> /// <returns>数据表</returns> public DataTable GetPermissionItemDTByPermissionScope(BaseUserInfo userInfo, string userId, string permissionItemCode) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif DataTable dataTable = new DataTable(BasePermissionItemEntity.TableName); using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo); string permissionItemId = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode)); // 数据库里没有设置可授权的权限项,系统自动增加一个权限配置项 if (String.IsNullOrEmpty(permissionItemId) && permissionItemCode.Equals("Resource.ManagePermission")) { BasePermissionItemEntity permissionItemEntity = new BasePermissionItemEntity(); permissionItemEntity.Code = "Resource.ManagePermission"; permissionItemEntity.FullName = "资源管理范围权限(系统默认)"; permissionItemEntity.IsScope = 1; permissionItemEntity.Enabled = 1; permissionItemEntity.AllowDelete = 0; permissionItemEntity.AllowDelete = 0; permissionItemManager.AddEntity(permissionItemEntity); } dataTable = permissionItemManager.GetDataTableByUser(userId, permissionItemCode); dataTable.TableName = BasePermissionItemEntity.TableName; BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_GetPermissionItemDTByPermission, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return(dataTable); }
/// <summary> /// 获取授权范围 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <returns>数据表</returns> public DataTable GetLicensedDT(BaseUserInfo userInfo, string userId) { // 写入调试信息 #if (DEBUG) int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod()); #endif // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif DataTable dataTable = new DataTable(BasePermissionItemEntity.TableName); using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); string tableName = BasePermissionItemEntity.TableName; if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode)) { tableName = BaseSystemInfo.SystemCode + "PermissionItem"; } BasePermissionItemManager permissionAdminManager = new BasePermissionItemManager(dbHelper, userInfo, tableName); string permissionItemId = permissionAdminManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0), new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, "Resource.ManagePermission")); dataTable = permissionAdminManager.GetDataTableByUser(userId, permissionItemId); dataTable.TableName = BasePermissionItemEntity.TableName; BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionItemService_GetLicensedDT, MethodBase.GetCurrentMethod()); } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } // 写入调试信息 #if (DEBUG) BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart); #endif return(dataTable); }
/// <summary> /// 撤销角色权限 /// </summary> /// <param name="userInfo">用户</param> /// <param name="roleName">角色名</param> /// <param name="permissionItemCode">权限编号</param> /// <returns>主键</returns> public int RevokeRolePermission(BaseUserInfo userInfo, string roleName, string permissionItemCode) { // 加强安全验证防止未授权匿名调用 #if (!DEBUG) LogOnService.UserIsLogOn(userInfo); #endif int returnValue = 0; using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType)) { try { dbHelper.Open(UserCenterDbConnection); BaseRoleManager roleManager = new BaseRoleManager(dbHelper, userInfo); string roleId = roleManager.GetId(new KeyValuePair <string, object>(BaseRoleEntity.FieldRealName, roleName)); BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo); string permissionItemId = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode)); if (!String.IsNullOrEmpty(roleId) && !String.IsNullOrEmpty(permissionItemId)) { BaseRolePermissionManager rolePermissionManager = new BaseRolePermissionManager(dbHelper, userInfo); returnValue = rolePermissionManager.Revoke(roleId, permissionItemId); } } catch (Exception ex) { BaseExceptionManager.LogException(dbHelper, userInfo, ex); throw ex; } finally { dbHelper.Close(); } } return(returnValue); }
public DataTable Search(string permissionScopeItemCode, string search, string[] roleIds, bool?enabled, string auditStates, string departmentId) { search = StringUtil.GetSearchString(search); string sqlQuery = " SELECT " + BaseUserEntity.TableName + ".* " + "," + BaseRoleEntity.TableName + "." + BaseRoleEntity.FieldRealName + " AS RoleName " + " FROM " + BaseUserEntity.TableName + " LEFT OUTER JOIN " + BaseRoleEntity.TableName + " ON " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldRoleId + " = " + BaseRoleEntity.TableName + "." + BaseRoleEntity.FieldId // 被删除的排出在外比较好一些 + " WHERE " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDeletionStateCode + " = 0 " + " AND " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldIsVisible + " = 1 "; if (!String.IsNullOrEmpty(search)) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldUserName + " LIKE '" + search + "'" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldCode + " LIKE '" + search + "'" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldRealName + " LIKE '" + search + "'" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldQuickQuery + " LIKE '" + search + "'" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDepartmentName + " LIKE '" + search + "'" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDescription + " LIKE '" + search + "')"; } if (!string.IsNullOrEmpty(departmentId)) { BaseOrganizeManager organizeManager = new BaseOrganizeManager(this.DbHelper, this.UserInfo); string[] organizeIds = organizeManager.GetChildrensId(BaseOrganizeEntity.FieldId, departmentId, BaseOrganizeEntity.FieldParentId); if (organizeIds != null && organizeIds.Length > 0) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldCompanyId + " IN (" + StringUtil.ArrayToList(organizeIds) + ")" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDepartmentId + " IN (" + StringUtil.ArrayToList(organizeIds) + ")" + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldWorkgroupId + " IN (" + StringUtil.ArrayToList(organizeIds) + "))"; } } if (!String.IsNullOrEmpty(auditStates)) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldAuditStatus + " = '" + auditStates + "')"; } if (enabled != null) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldEnabled + " = " + ((bool)enabled ? 1:0) + ")"; } if ((roleIds != null) && (roleIds.Length > 0)) { string roles = StringUtil.ArrayToList(roleIds, "'"); sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldRoleId + " IN (" + roles + ") "; sqlQuery += " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldId + " IN (" + "SELECT " + BaseUserRoleEntity.FieldUserId + " FROM " + BaseUserRoleEntity.TableName + " WHERE " + BaseUserRoleEntity.FieldRoleId + " IN (" + roles + ")" + "))"; } // 是否过滤用户, 获得组织机构列表, 这里需要一个按用户过滤得功能 if ((!UserInfo.IsAdministrator) && (BaseSystemInfo.UsePermissionScope)) { // string permissionScopeItemCode = "Resource.ManagePermission"; BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.DbHelper, this.UserInfo); string permissionScopeItemId = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionScopeItemCode)); if (!string.IsNullOrEmpty(permissionScopeItemId)) { // 从小到大的顺序进行显示,防止错误发生 BaseUserScopeManager userPermissionScopeManager = new BaseUserScopeManager(this.DbHelper, this.UserInfo); string[] organizeIds = userPermissionScopeManager.GetOrganizeIds(this.UserInfo.Id, permissionScopeItemId); // 没有任何数据权限 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.None).ToString())) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldId + " = NULL ) "; } // 按详细设定的数据 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.Detail).ToString())) { BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo); string[] userIds = permissionScopeManager.GetUserIds(UserInfo.Id, permissionScopeItemCode); sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldId + " IN (" + BaseBusinessLogic.ObjectsToList(userIds) + ")) "; } // 自己的数据,仅本人 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.User).ToString())) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldId + " = " + this.UserInfo.Id + ") "; } // 用户所在工作组数据 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.UserWorkgroup).ToString())) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldWorkgroupId + " = " + this.UserInfo.WorkgroupId + ") "; } // 用户所在部门数据 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.UserDepartment).ToString())) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDepartmentId + " = " + this.UserInfo.DepartmentId + ") "; } // 用户所在分支机构数据 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.UserSubCompany).ToString())) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldSubCompanyId + " = " + this.UserInfo.SubCompanyId + ") "; } // 用户所在公司数据 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.UserCompany).ToString())) { sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldCompanyId + " = " + this.UserInfo.CompanyId + ") "; } // 全部数据,这里就不用设置过滤条件了 if (StringUtil.Exists(organizeIds, ((int)PermissionScope.All).ToString())) { } } } sqlQuery += " ORDER BY " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldSortCode; return(DbHelper.Fill(sqlQuery)); }