/// <summary>
/// 用户角色关系是否有模块权限
/// </summary>
/// <param name="roleId">角色主键</param>
/// <param name="permissionItemCode">权限编号</param>
/// <returns>有角色权限</returns>
public bool CheckPermissionByRole(string roleId, string permissionItemCode)
{
BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(DbHelper, UserInfo);
string permissionItemId = permissionItemManager.GetProperty(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode), BasePermissionItemEntity.FieldId);
// 判断当前判断的权限是否存在,否则很容易出现前台设置了权限,后台没此项权限
// 需要自动的能把前台判断过的权限,都记录到后台来
#if (DEBUG)
if (String.IsNullOrEmpty(permissionItemId))
{
BasePermissionItemEntity permissionItemEntity = new BasePermissionItemEntity();
permissionItemEntity.Code = permissionItemCode;
permissionItemEntity.FullName = permissionItemCode;
permissionItemEntity.ParentId = string.Empty;
permissionItemEntity.IsScope = 0;
permissionItemEntity.AllowDelete = 1;
permissionItemEntity.AllowEdit = 1;
permissionItemEntity.DeletionStateCode = 0;
permissionItemEntity.Enabled = 1;
// 这里是防止主键重复?
// permissionEntity.ID = BaseBusinessLogic.NewGuid();
permissionItemManager.AddEntity(permissionItemEntity);
}
else
{
// 更新最后一次访问日期,设置为当前服务器日期
SQLBuilder sqlBuilder = new SQLBuilder(DbHelper);
sqlBuilder.BeginUpdate(this.CurrentTableName);
sqlBuilder.SetDBNow(BasePermissionItemEntity.FieldLastCall);
sqlBuilder.SetWhere(BasePermissionItemEntity.FieldId, permissionItemId);
sqlBuilder.EndUpdate();
}
#endif
if (string.IsNullOrEmpty(permissionItemId))
{
return(false);
}
string sqlQuery = " SELECT COUNT(*) "
+ " FROM " + this.CurrentTableName
+ " WHERE " + "(" + BasePermissionEntity.FieldResourceCategory + " = '" + BaseRoleEntity.TableName + "') "
+ " AND (" + BasePermissionEntity.FieldEnabled + " = 1) "
+ " AND (" + BasePermissionEntity.FieldResourceId + " = '" + roleId + "' ) "
+ " AND (" + BasePermissionEntity.FieldPermissionItemId + " = '" + permissionItemId + "') ";
int rowCount = 0;
object returnObject = DbHelper.ExecuteScalar(sqlQuery);
if (returnObject != null)
{
rowCount = int.Parse(returnObject.ToString());
}
return(rowCount > 0);
}
/// <summary>
/// 用户角色关系是否有模块权限
/// </summary>
/// <param name="roleId">角色主键</param>
/// <param name="permissionItemCode">权限编号</param>
/// <returns>有角色权限</returns>
public bool CheckPermissionByRole(string roleId, string permissionItemCode)
{
BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(DbHelper, UserInfo);
string permissionItemId = permissionItemManager.GetProperty(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode), BasePermissionItemEntity.FieldId);
// 判断当前判断的权限是否存在,否则很容易出现前台设置了权限,后台没此项权限
// 需要自动的能把前台判断过的权限,都记录到后台来
#if (DEBUG)
if (String.IsNullOrEmpty(permissionItemId))
{
BasePermissionItemEntity permissionItemEntity = new BasePermissionItemEntity();
permissionItemEntity.Code = permissionItemCode;
permissionItemEntity.FullName = permissionItemCode;
permissionItemEntity.ParentId = string.Empty;
permissionItemEntity.IsScope = 0;
permissionItemEntity.AllowDelete = 1;
permissionItemEntity.AllowEdit = 1;
permissionItemEntity.DeletionStateCode = 0;
permissionItemEntity.Enabled = 1;
// 这里是防止主键重复?
// permissionEntity.ID = BaseBusinessLogic.NewGuid();
permissionItemManager.AddEntity(permissionItemEntity);
}
else
{
// 更新最后一次访问日期,设置为当前服务器日期
SQLBuilder sqlBuilder = new SQLBuilder(DbHelper);
sqlBuilder.BeginUpdate(this.CurrentTableName);
sqlBuilder.SetDBNow(BasePermissionItemEntity.FieldLastCall);
sqlBuilder.SetWhere(BasePermissionItemEntity.FieldId, permissionItemId);
sqlBuilder.EndUpdate();
}
#endif
if (string.IsNullOrEmpty(permissionItemId))
{
return false;
}
string sqlQuery = " SELECT COUNT(*) "
+ " FROM " + this.CurrentTableName
+ " WHERE " + "(" + BasePermissionEntity.FieldResourceCategory + " = '" + BaseRoleEntity.TableName + "') "
+ " AND (" + BasePermissionEntity.FieldEnabled + " = 1) "
+ " AND (" + BasePermissionEntity.FieldResourceId + " = '" + roleId + "' ) "
+ " AND (" + BasePermissionEntity.FieldPermissionItemId + " = '" + permissionItemId + "') ";
int rowCount = 0;
object returnObject = DbHelper.ExecuteScalar(sqlQuery);
if (returnObject != null)
{
rowCount = int.Parse(returnObject.ToString());
}
return rowCount > 0;
}
/// <summary>
/// 用户的所有可授权范围(有授权权限的权限列表)
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userId">用户主键</param>
/// <param name="permissionItemCode">权限域编号</param>
/// <returns>数据表</returns>
public DataTable GetPermissionItemDTByPermissionScope(BaseUserInfo userInfo, string userId, string permissionItemCode)
{
// 写入调试信息
#if (DEBUG)
int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
#endif
// 加强安全验证防止未授权匿名调用
#if (!DEBUG)
LogOnService.UserIsLogOn(userInfo);
#endif
DataTable dataTable = new DataTable(BasePermissionItemEntity.TableName);
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
{
try
{
dbHelper.Open(UserCenterDbConnection);
BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo);
string permissionItemId = permissionItemManager.GetId(new KeyValuePair<string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode));
// 数据库里没有设置可授权的权限项,系统自动增加一个权限配置项
if (String.IsNullOrEmpty(permissionItemId) && permissionItemCode.Equals("Resource.ManagePermission"))
{
BasePermissionItemEntity permissionItemEntity = new BasePermissionItemEntity();
permissionItemEntity.Code = "Resource.ManagePermission";
permissionItemEntity.FullName = "资源管理范围权限(系统默认)";
permissionItemEntity.IsScope = 1;
permissionItemEntity.Enabled = 1;
permissionItemEntity.AllowDelete = 0;
permissionItemEntity.AllowDelete = 0;
permissionItemManager.AddEntity(permissionItemEntity);
}
dataTable = permissionItemManager.GetDataTableByUser(userId, permissionItemCode);
dataTable.TableName = BasePermissionItemEntity.TableName;
BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_GetPermissionItemDTByPermission, MethodBase.GetCurrentMethod());
}
catch (Exception ex)
{
BaseExceptionManager.LogException(dbHelper, userInfo, ex);
throw ex;
}
finally
{
dbHelper.Close();
}
}
// 写入调试信息
#if (DEBUG)
BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
#endif
return dataTable;
}