public List <CUserEntity> ListUsers()
{
List <CUserEntity> users = new List <CUserEntity>();
String filter = "this.Urg_Group=" + Grp_Id;
List <CUserGroupEntity> userGroups = new CUserGroupEntity(ConnString).GetObjectList(filter);
foreach (CUserGroupEntity ug in userGroups)
{
CUserEntity user = new CUserEntity(ConnString).Load(ug.Urg_User);
users.Add(user);
}
return(users);
}
public void AddUser2Group(int groupId, int userId)
{
// Check privilege
CACLEntity acl = new CACLEntity();
acl.Acl_Operation = (int)ACLOPERATION.CREATENORMALUSER;
acl.Acl_Resource = Usr_Organize;
if (!CheckPrivilege(acl))
{
throw new Exception("当前用户无修改用户组权限");
}
CUserGroupEntity userGroup = new CUserGroupEntity(ConnString);
userGroup.Urg_Group = groupId;
userGroup.Urg_User = userId;
userGroup.Insert();
}
public List <CGroupEntity> GetUserGroups()
{
String filter = "this.Urg_User=" + this.Usr_Id;
CUserGroupEntity userGroup = new CUserGroupEntity(ConnString);
List <CUserGroupEntity> userGroups = userGroup.GetObjectList(filter);
List <CGroupEntity> groups = new List <CGroupEntity>();
CGroupEntity group = new CGroupEntity(ConnString);
foreach (CUserGroupEntity ug in userGroups)
{
CGroupEntity g = group.Load(ug.Urg_Group);
if (g != null)
{
groups.Add(g);
}
}
return(groups);
}
public bool CheckPrivilege(CACLEntity acl)
{
// system admin has all privileges
if (Usr_Type == (int)USERTYPE.SYSTEMADMIN)
{
return(true);
}
// if resourceid of acl is 0, it's a system management
// and no users have the privilege except system admin
if (acl.Acl_Resource == 0)
{
return(false);
}
// if resourceid is the organize id of current user,
// the user must be system admin
if (acl.Acl_Resource == this.Usr_Organize)
{
if (this.Usr_Type == (int)USERTYPE.ORGANIZEADMIN)
{
return(true);
}
else
{
return(false);
}
}
// get all groups containing current user
String filter = "this.Urg_User="******"this.Acl_Operation=" + acl.Acl_Operation.ToString();
filter += " and this.Acl_Resource=" + resId.ToString();
filter += " and this.Acl_Role=" + Usr_Id.ToString();
filter += " and this.Acl_RType=" + ((int)ACLROLETYPE.USERROLE).ToString();
List <CACLEntity> acls = acl.GetObjectList(filter);
if (acls.Count > 0)
{
return(true);
}
// check if user's groups have right on this resource
foreach (CUserGroupEntity ug in userGroups)
{
filter = "this.Acl_Operation=" + acl.Acl_Operation.ToString();
filter += " and this.Acl_Resource=" + resId.ToString();
filter += " and this.Acl_Role=" + ug.Urg_Group.ToString();
filter += " and this.Acl_RType=" + ((int)ACLROLETYPE.GROUPROLE).ToString();
acls = acl.GetObjectList(filter);
if (acls.Count > 0)
{
return(true);
}
}
// get parent id of this resource
CResourceEntity resource = new CResourceEntity(ConnString).Load(resId);
if (resource == null)
{
break;
}
else
{
resId = resource.Res_Parent;
}
}
return(false);
}
