/// <summary> /// 获取用户的某个权限域的组织范围 /// </summary> /// <param name="userInfo">用户</param> /// <param name="userId">用户主键</param> /// <param name="permissionCode">权限编号</param> /// <returns>主键数组</returns> public string[] GetUserScopeOrganizationIds(BaseUserInfo userInfo, string userId, string permissionCode) { string[] result = null; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) => { var tableName = userInfo.SystemCode + "PermissionScope"; var manager = new BaseUserScopeManager(dbHelper, userInfo, tableName); result = manager.GetOrganizationIds(userInfo.SystemCode, userId, permissionCode); }); return(result); }
private string GetSearchConditional(string systemCode, string permissionCode, string condition, string[] roleIds, bool?enabled, string auditStates, string companyId = null, string departmentId = null, bool onlyOnline = false) { var sb = BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldDeleted + " = 0 " + " AND " + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldIsVisible + " = 1 "; if (enabled.HasValue) { if (enabled == true) { sb += " AND " + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldEnabled + " = 1 "; } else { sb += " AND " + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldEnabled + " = 0 "; } } if (onlyOnline) { sb += " AND " + BaseUserEntity.CurrentTableName + ".Id IN (SELECT Id FROM " + BaseUserLogonEntity.CurrentTableName + " WHERE UserOnline = 1) "; } if (!string.IsNullOrEmpty(condition)) { // 传递过来的表达式,还是搜索值? if (condition.IndexOf("AND", StringComparison.OrdinalIgnoreCase) < 0 && condition.IndexOf("=", StringComparison.OrdinalIgnoreCase) < 0) { condition = StringUtil.GetSearchString(condition); sb += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldUserName + " LIKE '%" + condition + "%'" + " OR " + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldSimpleSpelling + " LIKE '%" + condition + "%'" + " OR " + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldCode + " LIKE '%" + condition + "%'" + " OR " + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldRealName + " LIKE '%" + condition + "%'" + " OR " + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldQuickQuery + " LIKE '%" + condition + "%'" + " OR " + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldCompanyName + " LIKE '%" + condition + "%'" + " OR " + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldDepartmentName + " LIKE '%" + condition + "%'" // + " OR " + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldDescription + " LIKE '%" + search + "%'" + ")"; } else { sb += " AND (" + condition + ")"; } } if (!string.IsNullOrEmpty(departmentId)) { /* * BaseOrganizationManager organizationManager = new BaseOrganizationManager(this.DbHelper, this.UserInfo); * string[] ids = organizationManager.GetChildrensId(BaseOrganizationEntity.FieldId, departmentId, BaseOrganizationEntity.FieldParentId); * if (ids != null && ids.Length > 0) * { * condition += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldCompanyId + " IN (" + StringUtil.ArrayToList(ids) + ")" + " OR " + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldDepartmentId + " IN (" + StringUtil.ArrayToList(ids) + ")" + " OR " + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldWorkgroupId + " IN (" + StringUtil.ArrayToList(ids) + "))"; + } */ sb += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldDepartmentId + " = '" + departmentId + "')"; } if (!string.IsNullOrEmpty(companyId)) { sb += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldCompanyId + " = '" + companyId + "')"; } if (!string.IsNullOrEmpty(auditStates)) { sb += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldAuditStatus + " = '" + auditStates + "'"; // 待审核 if (auditStates.Equals(AuditStatus.WaitForAudit.ToString())) { sb += " OR " + BaseUserEntity.CurrentTableName + ".Id IN ( SELECT Id FROM " + BaseUserLogonEntity.CurrentTableName + " WHERE LockEndTime > " + dbHelper.GetDbNow() + ") "; } sb += ")"; } if (enabled != null) { sb += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldEnabled + " = " + ((bool)enabled ? 1 : 0) + ")"; } if ((roleIds != null) && (roleIds.Length > 0)) { var roles = StringUtil.ArrayToList(roleIds, "'"); sb += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldId + " IN (" + "SELECT " + BaseUserRoleEntity.FieldUserId + " FROM " + BaseUserRoleEntity.CurrentTableName + " WHERE " + BaseUserRoleEntity.FieldRoleId + " IN (" + roles + ")" + "))"; } // 是否过滤用户, 获得组织机构列表, 这里需要一个按用户过滤得功能 if (!string.IsNullOrEmpty(permissionCode) && (!IsAdministrator(UserInfo.Id.ToString())) && (BaseSystemInfo.UsePermissionScope)) { // string permissionCode = "Resource.ManagePermission"; var permissionId = new BaseModuleManager().GetIdByCodeByCache(systemCode, permissionCode); if (!string.IsNullOrEmpty(permissionId)) { // 从小到大的顺序进行显示,防止错误发生 var userPermissionScopeManager = new BaseUserScopeManager(DbHelper, UserInfo); var organizationIds = userPermissionScopeManager.GetOrganizationIds(UserInfo.SystemCode, UserInfo.Id.ToString(), permissionId); // 没有任何数据权限 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.NotAllowed).ToString())) { sb += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldId + " = NULL ) "; } // 按详细设定的数据 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.ByDetails).ToString())) { var permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, CurrentTableName); var userIds = permissionScopeManager.GetUserIds(UserInfo.SystemCode, UserInfo.Id.ToString(), permissionCode); sb += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldId + " IN (" + StringUtil.ArrayToList(userIds) + ")) "; } // 自己的数据,仅本人 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.OnlyOwnData).ToString())) { sb += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldId + " = " + UserInfo.Id + ") "; } // 用户所在工作组数据 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.UserWorkgroup).ToString())) { // condition += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldWorkgroupId + " = " + this.UserInfo.WorkgroupId + ") "; } // 用户所在部门数据 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.UserDepartment).ToString())) { sb += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldDepartmentId + " = " + UserInfo.DepartmentId + ") "; } // 用户所在分支机构数据 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.UserSubCompany).ToString())) { // condition += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldSubCompanyId + " = '" + this.UserInfo.SubCompanyId + "') "; } // 用户所在公司数据 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.UserCompany).ToString())) { sb += " AND (" + BaseUserEntity.CurrentTableName + "." + BaseUserEntity.FieldCompanyId + " = '" + UserInfo.CompanyId + "') "; } // 全部数据,这里就不用设置过滤条件了 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.AllData).ToString())) { } } } return(sb); }
private string GetSearchConditional(string permissionCode, string condition, bool?enabled, string auditStates, string companyId = null, string departmentId = null) { var sb = BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldDeleted + " = 0 "; if (enabled.HasValue) { if (enabled == true) { sb += " AND " + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldEnabled + " = 1 "; } else { sb += " AND " + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldEnabled + " = 0 "; } } if (!string.IsNullOrEmpty(condition)) { // 传递过来的表达式,还是搜索值? if (condition.IndexOf("AND") < 0 && condition.IndexOf("=") < 0) { condition = StringUtil.GetSearchString(condition); sb += " AND (" + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldUserName + " LIKE '%" + condition + "%'" // + " OR " + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldSimpleSpelling + " LIKE '%" + where + "%'" + " OR " + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldEmployeeNumber + " LIKE '%" + condition + "%'" + " OR " + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldRealName + " LIKE '%" + condition + "%'" + " OR " + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldQuickQuery + " LIKE '%" + condition + "%'" + " OR " + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldCompanyName + " LIKE '%" + condition + "%'" + " OR " + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldDepartmentName + " LIKE '%" + condition + "%'" // + " OR " + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldDescription + " LIKE '%" + search + "%'" + ")"; } else { sb += " AND (" + condition + ")"; } } if (!string.IsNullOrEmpty(departmentId)) { /* * BaseOrganizationManager organizationManager = new BaseOrganizationManager(this.DbHelper, this.UserInfo); * string[] ids = organizationManager.GetChildrensId(BaseOrganizationEntity.FieldId, departmentId, BaseOrganizationEntity.FieldParentId); * if (ids != null && ids.Length > 0) * { * condition += " AND (" + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldCompanyId + " IN (" + StringUtil.ArrayToList(ids) + ")" + " OR " + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldDepartmentId + " IN (" + StringUtil.ArrayToList(ids) + ")" + " OR " + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldWorkgroupId + " IN (" + StringUtil.ArrayToList(ids) + "))"; + } */ sb += " AND (" + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldDepartmentId + " = " + departmentId + ")"; } if (!string.IsNullOrEmpty(companyId)) { sb += " AND (" + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldCompanyId + " = " + companyId + ")"; } if (enabled != null) { sb += " AND (" + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldEnabled + " = " + ((bool)enabled ? 1 : 0) + ")"; } // 是否过滤用户, 获得组织机构列表, 这里需要一个按用户过滤得功能 if (!string.IsNullOrEmpty(permissionCode) && (!BaseUserManager.IsAdministrator(UserInfo.Id.ToString())) && (BaseSystemInfo.UsePermissionScope)) { // string permissionCode = "Resource.ManagePermission"; var permissionId = new BaseModuleManager().GetIdByCodeByCache(UserInfo.SystemCode, permissionCode); if (!string.IsNullOrEmpty(permissionId)) { // 从小到大的顺序进行显示,防止错误发生 var userPermissionScopeManager = new BaseUserScopeManager(DbHelper, UserInfo); var organizationIds = userPermissionScopeManager.GetOrganizationIds(UserInfo.SystemCode, UserInfo.Id.ToString(), permissionId); // 没有任何数据权限 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.NotAllowed).ToString())) { sb += " AND (" + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldId + " = NULL ) "; } // 按详细设定的数据 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.ByDetails).ToString())) { var permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo, CurrentTableName);; var userIds = permissionScopeManager.GetUserIds(UserInfo.SystemCode, UserInfo.Id.ToString(), permissionCode); sb += " AND (" + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldId + " IN (" + StringUtil.ArrayToList(userIds) + ")) "; } // 自己的数据,仅本人 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.OnlyOwnData).ToString())) { sb += " AND (" + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldId + " = " + UserInfo.Id + ") "; } // 用户所在工作组数据 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.UserWorkgroup).ToString())) { // condition += " AND (" + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldWorkgroupId + " = " + this.UserInfo.WorkgroupId + ") "; } // 用户所在部门数据 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.UserDepartment).ToString())) { sb += " AND (" + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldDepartmentId + " = " + UserInfo.DepartmentId + ") "; } // 用户所在分支机构数据 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.UserSubCompany).ToString())) { // condition += " AND (" + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldSubCompanyId + " = " + this.UserInfo.SubCompanyId + ") "; } // 用户所在公司数据 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.UserCompany).ToString())) { sb += " AND (" + BaseStaffEntity.CurrentTableName + "." + BaseStaffEntity.FieldCompanyId + " = " + UserInfo.CompanyId + ") "; } // 全部数据,这里就不用设置过滤条件了 if (StringUtil.Exists(organizationIds, ((int)PermissionOrganizationScope.AllData).ToString())) { } } } return(sb); }