You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
DS7/DSWeb/Areas/MvcShipping/DAL/MsUerAuthority/MsUerAuthorityDAL.cs

798 lines
41 KiB
C#

3 years ago
using System;
using System.Data;
using System.Collections.Generic;
using System.Text;
using DSWeb.MvcShipping.Models.MsUserAuthority;
using Microsoft.Practices.EnterpriseLibrary.Data;
using DSWeb.Areas.CommMng.Models;
using HcUtility.Comm;
using DSWeb.MvcShipping.Models.ModuTreeRef;
using DSWeb.Areas.CommMng.DAL;
namespace DSWeb.MvcShipping.DAL.MsUerAuthority
{
public class MsUerAuthorityDAL
{
#region Inquery DataList
static public List<UserAuthority> GetUserAuthorityList(string userid, string sort = null)
{
var strSql = new StringBuilder();
strSql.Append("SELECT * FROM ( ");
strSql.Append("SELECT GID,USERID,VISIBLERANGE,OPERATERANGE,AUTHORITYID,DESCRIPTION,NAME,ISNULL((case VISIBLERANGE when 0 then '全部' when 1 then '本公司' ");
strSql.Append("when 2 then '本部门' when 3 then '本人' when 4 then '无' when 5 then '选择公司' ");
strSql.Append("when 6 then '选择人员' end),'') VISIBLERANGEREF,ISNULL((case OPERATERANGE when 0 then '全部' when 1 then '本公司' ");
strSql.Append("when 2 then '本部门' when 3 then '本人' when 4 then '无' when 5 then '选择公司' ");
strSql.Append("when 6 then '选择人员' end),'') OPERATERANGEREF,VSSQL ");
strSql.Append(" from VW_User_Authority ");
strSql.Append(" where USERID='" + userid + "'");
strSql.Append(" UNION SELECT '' GID,'" + userid + "' USERID, 4 VISIBLERANGE,4 OPERATERANGE,GID AUTHORITYID,DESCRIPTION,NAME, ");
strSql.Append(" '无' VISIBLERANGEREF,'无' OPERATERANGEREF,'' VSSQL ");
strSql.Append(" from user_authority_info ");
strSql.Append(" where GID NOT IN (SELECT AUTHORITYID FROM user_authority_range WHERE USERID='" + userid + "')");
strSql.Append(" ) AS DL ");
var sortstring = DatasetSort.Getsortstring(sort);
if (!string.IsNullOrEmpty(sortstring) && sortstring.Trim()!="")
{
strSql.Append(" order by " + sortstring);
}
else {
strSql.Append(" order by DESCRIPTION");
}
return SetData(strSql);
}
private static List<UserAuthority> SetData(StringBuilder strSql)
{
var headList = new List<UserAuthority>();
Database db = DatabaseFactory.CreateDatabase();
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
{
while (reader.Read())
{
UserAuthority data = new UserAuthority();
#region Set DB data to Object
data.GID = Convert.ToString(reader["GID"]);
data.USERID = Convert.ToString(reader["USERID"]);
data.VISIBLERANGE = Convert.ToString(reader["VISIBLERANGE"]);
data.OPERATERANGE = Convert.ToString(reader["OPERATERANGE"]);
data.VISIBLERANGEREF = Convert.ToString(reader["VISIBLERANGEREF"]);
data.OPERATERANGEREF = Convert.ToString(reader["OPERATERANGEREF"]);
data.AUTHORITYID = Convert.ToString(reader["AUTHORITYID"]);
data.DESCRIPTION = Convert.ToString(reader["DESCRIPTION"]);
data.NAME = Convert.ToString(reader["NAME"]);
data.VSSQL = Convert.ToString(reader["VSSQL"]);
#endregion
headList.Add(data);
}
reader.Close();
}
return headList;
}
#endregion
static public List<UserTreeRefModel> GetUserTreeRefList(string PARENTID, bool exp = false,string condition="")
{
var strSql = new StringBuilder();
strSql.Append("SELECT ");
strSql.Append(" GID,NAME,DESCRIPTION,PARENTID,TYPE");
strSql.Append(" from VW_user_company_tree ");
strSql.Append(" where parentid='" + PARENTID + "'");
if (!string.IsNullOrEmpty(condition))
{
strSql.Append(" and " + condition);
}
strSql.Append(" order by TYPE,DESCRIPTION ");
return SetUserTreeRefData(strSql, exp);
}
private static List<UserTreeRefModel> SetUserTreeRefData(StringBuilder strSql,bool exp=false)
{
var headList = new List<UserTreeRefModel>();
Database db = DatabaseFactory.CreateDatabase();
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
{
while (reader.Read())
{
UserTreeRefModel data = new UserTreeRefModel();
#region Set DB data to Object
data.id = Convert.ToString(reader["GID"]);
data.NAME = Convert.ToString(reader["NAME"]);
data.DESCRIPTION = Convert.ToString(reader["DESCRIPTION"]);
data.PARENTID = Convert.ToString(reader["PARENTID"]);
data.TYPE = Convert.ToString(reader["TYPE"]);
if (data.TYPE == "2")
{
data.leaf = true;
data.expanded = true;
}
else
{
data.leaf = false;
data.expanded = exp;
};
#endregion
headList.Add(data);
}
reader.Close();
}
return headList;
}
public static DBResult SaveDetail(List<UserAuthority> bodyList, string userid)
{
var result = new DBResult();
Database db = DatabaseFactory.CreateDatabase();
using (var conn = db.CreateConnection())
{
conn.Open();
var tran = conn.BeginTransaction();
try
{
var cmdUpdate =
db.GetSqlStringCommand(
@"update user_authority_range set VISIBLERANGE=@VISIBLERANGE,OPERATERANGE=@OPERATERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME,VSSQL=@VSSQL where GID=@GID ");
var cmdInsert =
db.GetSqlStringCommand(
@"insert into user_authority_range (GID,USERID,AUTHORITYID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME,VSSQL)
values (@GID,@USERID,@AUTHORITYID,@VISIBLERANGE,@OPERATERANGE,@CREATEUSER,@CREATETIME,@VSSQL) ");
if (bodyList != null)
{
foreach (var enumValue in bodyList)
{
if (enumValue.GID == "")
{
cmdInsert.Parameters.Clear();
db.AddInParameter(cmdInsert, "@GID", DbType.String, Guid.NewGuid().ToString());
db.AddInParameter(cmdInsert, "@USERID", DbType.String, enumValue.USERID);
db.AddInParameter(cmdInsert, "@AUTHORITYID", DbType.String, enumValue.AUTHORITYID);
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String, enumValue.VISIBLERANGE);
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String, enumValue.OPERATERANGE);
db.AddInParameter(cmdInsert, "@CREATEUSER", DbType.String, userid);
db.AddInParameter(cmdInsert, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
db.AddInParameter(cmdInsert, "@VSSQL", DbType.String, enumValue.VSSQL);
db.ExecuteNonQuery(cmdInsert, tran);
}
else
{
cmdUpdate.Parameters.Clear();
db.AddInParameter(cmdUpdate, "@GID", DbType.String, enumValue.GID);
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, enumValue.VISIBLERANGE);
db.AddInParameter(cmdUpdate, "@OPERATERANGE", DbType.String, enumValue.OPERATERANGE);
db.AddInParameter(cmdUpdate, "@MODIFIEDUSER", DbType.String, userid);
db.AddInParameter(cmdUpdate, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
db.AddInParameter(cmdUpdate, "@VSSQL", DbType.String, enumValue.VSSQL);
db.ExecuteNonQuery(cmdUpdate, tran);
}
}
}
tran.Commit();
}
catch (Exception)
{
tran.Rollback();
result.Success = false;
result.Message = "保存出现错误,请重试或联系系统管理员";
return result;
}
}
result.Success = true;
result.Message = "保存成功" + result.Message;
return result;
}
#region 公司范围
static public List<UserAuthorityCompany> GetUserAuthorityCompanyList(string userid,string AUTHORITYID, string sort = null)
{
var strSql = new StringBuilder();
strSql.Append("SELECT * FROM ( ");
strSql.Append("SELECT GID,USERID,VISIBLERANGE,OPERATERANGE,AUTHORITYID,COMPANYID, ");
strSql.Append("(SELECT NAME FROM company WHERE GID=user_authority_range_company.COMPANYID) COMPANY");
strSql.Append(" from user_authority_range_company ");
strSql.Append(" where USERID='" + userid + "' AND AUTHORITYID='" + AUTHORITYID + "' ");
strSql.Append(" UNION SELECT '' GID,'" + userid + "' USERID, 0 VISIBLERANGE,0 OPERATERANGE,'" + AUTHORITYID + "' AUTHORITYID,GID COMPANYID, ");
strSql.Append(" NAME COMPANY ");
strSql.Append(" from company ");
strSql.Append(" where GID NOT IN (SELECT COMPANYID FROM user_authority_range_company WHERE USERID='" + userid + "' AND AUTHORITYID='" + AUTHORITYID + "')");
strSql.Append(" ) AS DL ");
var sortstring = DatasetSort.Getsortstring(sort);
if (!string.IsNullOrEmpty(sortstring) && sortstring.Trim() != "")
{
strSql.Append(" order by " + sortstring);
}
else
{
strSql.Append(" order by COMPANY");
}
return SetCompanyData(strSql);
}
private static List<UserAuthorityCompany> SetCompanyData(StringBuilder strSql)
{
var headList = new List<UserAuthorityCompany>();
Database db = DatabaseFactory.CreateDatabase();
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
{
while (reader.Read())
{
UserAuthorityCompany data = new UserAuthorityCompany();
#region Set DB data to Object
data.GID = Convert.ToString(reader["GID"]);
data.USERID = Convert.ToString(reader["USERID"]);
if (Convert.ToString(reader["VISIBLERANGE"])=="1")
data.VISIBLERANGE =true;
else
data.VISIBLERANGE = false;
if (Convert.ToString(reader["OPERATERANGE"]) == "1")
data.OPERATERANGE =true;
else
data.OPERATERANGE =false;
data.COMPANYID = Convert.ToString(reader["COMPANYID"]);
data.COMPANY = Convert.ToString(reader["COMPANY"]);
data.AUTHORITYID = Convert.ToString(reader["AUTHORITYID"]);
#endregion
headList.Add(data);
}
reader.Close();
}
return headList;
}
public static DBResult SaveAuthorityCompanyDetail(List<UserAuthorityCompany> bodyList, string userid,string rtype)
{
var result = new DBResult();
Database db = DatabaseFactory.CreateDatabase();
using (var conn = db.CreateConnection())
{
conn.Open();
var tran = conn.BeginTransaction();
try
{
var cmdUpdate =
db.GetSqlStringCommand(
@"update user_authority_range_company set VISIBLERANGE=@VISIBLERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where GID=@GID ");
var cmdUpdateop =
db.GetSqlStringCommand(
@"update user_authority_range_company set OPERATERANGE=@OPERATERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where GID=@GID ");
var cmdInsert =
db.GetSqlStringCommand(
@"insert into user_authority_range_company (GID,USERID,AUTHORITYID,COMPANYID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME)
values (@GID,@USERID,@AUTHORITYID,@COMPANYID,@VISIBLERANGE,@OPERATERANGE,@CREATEUSER,@CREATETIME) ");
if (bodyList != null)
{
foreach (var enumValue in bodyList)
{
if (enumValue.GID == "")
{
cmdInsert.Parameters.Clear();
db.AddInParameter(cmdInsert, "@GID", DbType.String, Guid.NewGuid().ToString());
db.AddInParameter(cmdInsert, "@USERID", DbType.String, enumValue.USERID);
db.AddInParameter(cmdInsert, "@AUTHORITYID", DbType.String, enumValue.AUTHORITYID);
db.AddInParameter(cmdInsert, "@COMPANYID", DbType.String, enumValue.COMPANYID);
if (enumValue.VISIBLERANGE)
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String,"1");
else
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String,"0");
if (enumValue.OPERATERANGE)
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String,"1");
else
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String,"0");
db.AddInParameter(cmdInsert, "@CREATEUSER", DbType.String, userid);
db.AddInParameter(cmdInsert, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
db.ExecuteNonQuery(cmdInsert, tran);
}
else
{
if (rtype == "OP")
{
cmdUpdateop.Parameters.Clear();
db.AddInParameter(cmdUpdateop, "@GID", DbType.String, enumValue.GID);
if (enumValue.OPERATERANGE)
db.AddInParameter(cmdUpdateop, "@OPERATERANGE", DbType.String, "1");
else
db.AddInParameter(cmdUpdateop, "@OPERATERANGE", DbType.String, "0");
db.AddInParameter(cmdUpdateop, "@MODIFIEDUSER", DbType.String, userid);
db.AddInParameter(cmdUpdateop, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
db.ExecuteNonQuery(cmdUpdateop, tran);
}
else {
cmdUpdate.Parameters.Clear();
db.AddInParameter(cmdUpdate, "@GID", DbType.String, enumValue.GID);
if (enumValue.VISIBLERANGE)
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, "1");
else
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, "0");
db.AddInParameter(cmdUpdate, "@MODIFIEDUSER", DbType.String, userid);
db.AddInParameter(cmdUpdate, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
db.ExecuteNonQuery(cmdUpdate, tran);
}
}
}
}
tran.Commit();
}
catch (Exception)
{
tran.Rollback();
result.Success = false;
result.Message = "保存出现错误,请重试或联系系统管理员";
return result;
}
}
result.Success = true;
result.Message = "保存成功" + result.Message;
return result;
}
#endregion
#region 人员范围
static public List<UserAuthorityOp> GetUserAuthorityOpList(string userid, string AUTHORITYID, string sort = null)
{
var strSql = new StringBuilder();
strSql.Append("SELECT * FROM ( ");
strSql.Append("SELECT GID,USERID,VISIBLERANGE,OPERATERANGE,AUTHORITYID,OPID, ");
strSql.Append("(SELECT SHOWNAME+'('+companyname+')' FROM [VW_user] WHERE userid=user_authority_range_op.OPID) OPNAME,");
strSql.Append("(SELECT companyname FROM [VW_user] WHERE userid=user_authority_range_op.OPID) COMPANYNAME,");
strSql.Append("(SELECT DEPTNAME FROM [VW_user] WHERE userid=user_authority_range_op.OPID) DEPTNAME");
strSql.Append(" from user_authority_range_op ");
strSql.Append(" where USERID='" + userid + "' AND AUTHORITYID='" + AUTHORITYID + "' ");
strSql.Append(" UNION SELECT '' GID,'" + userid + "' USERID, 0 VISIBLERANGE,0 OPERATERANGE,'" + AUTHORITYID + "' AUTHORITYID,userid OPID, ");
strSql.Append(" SHOWNAME+'('+companyname+')' OPNAME,COMPANYNAME,DEPTNAME ");
strSql.Append(" from VW_user ");
strSql.Append(" where userid NOT IN (SELECT OPID FROM user_authority_range_op WHERE USERID='" + userid + "' AND AUTHORITYID='" + AUTHORITYID + "')");
strSql.Append(" ) AS DL ");
var sortstring = DatasetSort.Getsortstring(sort);
if (!string.IsNullOrEmpty(sortstring) && sortstring.Trim() != "")
{
strSql.Append(" order by " + sortstring);
}
else
{
strSql.Append(" order by COMPANYNAME,DEPTNAME,OPNAME");
}
return SetOpData(strSql);
}
#region 组成树形的选择人员数据结构
static public List<UserAuthorityOp> GetUserAuthorityVISIBLE_Tree(string PARENTID, string userid, string AUTHORITYID)
{
var strSql = new StringBuilder();
strSql.Append(" select *,id OPID,0 OPERATERANGE ,'' DEPTNAME,'" + AUTHORITYID + "' AUTHORITYID,VISIBLERANGE checked from ");
strSql.Append(" ( ");
strSql.Append(" select u.userid id,SHOWNAME OPNAME, deptgid PARENTID, 1 isleaf, isnull(r.VISIBLERANGE, 0)VISIBLERANGE,r.GID,'"+ userid + "' USERID ");
strSql.Append(" from vw_user u ");
strSql.Append(" left join user_authority_range_op r on AUTHORITYID = '" + AUTHORITYID + "' and r.OPID = u.userid ");
strSql.Append(" and r.userid = '" + userid + "' ");
strSql.Append(" union all ");
strSql.Append(" select distinct vu.companyid id, vu.companyname OPNAME, '0' parentid, 0 isleaf, (case when exists(select 1 from user_authority_range_op op where AUTHORITYID = '" + AUTHORITYID + "' and userid = '" + userid + "' and op.VISIBLERANGE=1 and exists(select(1) from vw_user v2 where v2.COMPANYID = vu.companyid and op.OPID = v2.USERID )) then 1 else 0 end) VISIBLERANGE,'' GID,'' USERID ");
strSql.Append(" from vw_user vu ");
strSql.Append(" union all ");
strSql.Append(" select distinct vu.deptgid id, vu.DEPTNAME OPNAME, vu.companyid parentid, 0 isleaf, (case when exists(select 1 from user_authority_range_op op where AUTHORITYID = '" + AUTHORITYID + "' and userid = '" + userid + "' and op.VISIBLERANGE=1 and exists(select(1) from vw_user v2 where v2.deptgid = vu.deptgid and op.OPID = v2.USERID)) then 1 else 0 end) VISIBLERANGE,'' GID,'' USERID ");
strSql.Append(" from vw_user vu ");
strSql.Append(" )t where PARENTID = '" + PARENTID + "' ");
return SetOpData(strSql);
}
static public List<UserAuthorityOp> GetUserAuthorityOPERATE_Tree(string PARENTID,string userid, string AUTHORITYID)
{
var strSql = new StringBuilder();
strSql.Append(" select *,id OPID,0 VISIBLERANGE,'' DEPTNAME,'"+ AUTHORITYID + "' AUTHORITYID,OPERATERANGE checked from ");
strSql.Append(" ( ");
strSql.Append(" select u.userid id,SHOWNAME OPNAME, deptgid PARENTID, 1 isleaf, isnull(r.OPERATERANGE, 0)OPERATERANGE,r.GID,'" + userid + "' USERID ");
strSql.Append(" from vw_user u ");
strSql.Append(" left join user_authority_range_op r on AUTHORITYID = '"+ AUTHORITYID + "' and r.OPID = u.userid ");
strSql.Append(" and r.userid = '"+ userid + "' ");
strSql.Append(" union all ");
strSql.Append(" select distinct vu.companyid id, vu.companyname OPNAME, '0' parentid, 0 isleaf, (case when exists(select 1 from user_authority_range_op op where AUTHORITYID = '" + AUTHORITYID + "' and userid = '" + userid + "' and op.OPERATERANGE=1 and exists(select(1) from vw_user v2 where v2.COMPANYID = vu.companyid and op.OPID = v2.USERID )) then 1 else 0 end) OPERATERANGE,'' GID,'' USERID ");
strSql.Append(" from vw_user vu ");
strSql.Append(" union all ");
strSql.Append(" select distinct vu.deptgid id, vu.DEPTNAME OPNAME, vu.companyid parentid, 0 isleaf, (case when exists(select 1 from user_authority_range_op op where AUTHORITYID = '" + AUTHORITYID + "' and userid = '" + userid + "' and op.OPERATERANGE=1 and exists(select(1) from vw_user v2 where v2.deptgid = vu.deptgid and op.OPID = v2.USERID)) then 1 else 0 end) OPERATERANGE,'' GID,'' USERID ");
strSql.Append(" from vw_user vu ");
strSql.Append(" )t where PARENTID = '"+ PARENTID + "' ");
return SetOpData(strSql);
}
static public List<UserAuthorityOp> GetUserAuthority_All(string USERID, string AUTHORITYID)
{
var strSql = new StringBuilder();
strSql.Append(" select *,id OPID,'' DEPTNAME,'" + AUTHORITYID + "' AUTHORITYID from ");
strSql.Append(" ( ");
strSql.Append(" select u.userid id,SHOWNAME OPNAME, deptgid PARENTID, 1 isleaf, isnull(r.OPERATERANGE, 0)OPERATERANGE, isnull(r.VISIBLERANGE, 0)VISIBLERANGE,r.GID,'" + USERID + "' USERID ");
strSql.Append(" from vw_user u ");
strSql.Append(" left join user_authority_range_op r on AUTHORITYID = '" + AUTHORITYID + "' and r.OPID = u.userid ");
strSql.Append(" and r.userid = '" + USERID + "' ");
strSql.Append(" )t ");
return SetOpData(strSql);
}
#endregion
private static List<UserAuthorityOp> SetOpData(StringBuilder strSql)
{
var headList = new List<UserAuthorityOp>();
Database db = DatabaseFactory.CreateDatabase();
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
{
while (reader.Read())
{
UserAuthorityOp data = new UserAuthorityOp();
#region Set DB data to Object
data.GID = Convert.ToString(reader["GID"]);
data.USERID = Convert.ToString(reader["USERID"]);
if (Convert.ToString(reader["VISIBLERANGE"]) == "1")
data.VISIBLERANGE = true;
else
data.VISIBLERANGE = false;
if (Convert.ToString(reader["OPERATERANGE"]) == "1")
data.OPERATERANGE = true;
else
data.OPERATERANGE = false;
data.OPID = Convert.ToString(reader["OPID"]);
data.OPNAME = Convert.ToString(reader["OPNAME"]);
data.DEPTNAME = Convert.ToString(reader["DEPTNAME"]);
data.AUTHORITYID = Convert.ToString(reader["AUTHORITYID"]);
if (BasicDataRefDAL.ReadFieldExist(reader, "id"))
data.id = Convert.ToString(reader["id"]);
if (BasicDataRefDAL.ReadFieldExist(reader, "PARENTID"))
data.PARENTID = Convert.ToString(reader["PARENTID"]);
if (BasicDataRefDAL.ReadFieldExist(reader, "isleaf")) {
if(Convert.ToString(reader["isleaf"])=="1")
data.leaf = true;
if (Convert.ToString(reader["isleaf"]) == "0")
data.leaf = false;
}
if (BasicDataRefDAL.ReadFieldExist(reader, "checked"))
{
if (Convert.ToString(reader["checked"]) == "1")
data.@checked = true;
if (Convert.ToString(reader["checked"]) == "0")
data.@checked = false;
}
#endregion
headList.Add(data);
}
reader.Close();
}
//遍历headList 寻找其中的
return headList;
}
public static DBResult SaveAuthorityOpDetail(List<UserAuthorityOp> bodyList, string userid, string rtype)
{
var result = new DBResult();
Database db = DatabaseFactory.CreateDatabase();
using (var conn = db.CreateConnection())
{
conn.Open();
var tran = conn.BeginTransaction();
try
{
var cmdUpdate =
db.GetSqlStringCommand(
@"update user_authority_range_op set VISIBLERANGE=@VISIBLERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where GID=@GID ");
var cmdUpdateop =
db.GetSqlStringCommand(
@"update user_authority_range_op set OPERATERANGE=@OPERATERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where GID=@GID ");
var cmdInsert =
db.GetSqlStringCommand(
@"insert into user_authority_range_op (GID,USERID,AUTHORITYID,OPID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME)
values (@GID,@USERID,@AUTHORITYID,@OPID,@VISIBLERANGE,@OPERATERANGE,@CREATEUSER,@CREATETIME) ");
if (bodyList != null)
{
foreach (var enumValue in bodyList)
{
if (enumValue.GID == "")
{
cmdInsert.Parameters.Clear();
db.AddInParameter(cmdInsert, "@GID", DbType.String, Guid.NewGuid().ToString());
db.AddInParameter(cmdInsert, "@USERID", DbType.String, enumValue.USERID);
db.AddInParameter(cmdInsert, "@AUTHORITYID", DbType.String, enumValue.AUTHORITYID);
db.AddInParameter(cmdInsert, "@OPID", DbType.String, enumValue.OPID);
if (enumValue.VISIBLERANGE)
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String, "1");
else
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String, "0");
if (enumValue.OPERATERANGE)
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String, "1");
else
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String, "0");
db.AddInParameter(cmdInsert, "@CREATEUSER", DbType.String, userid);
db.AddInParameter(cmdInsert, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
db.ExecuteNonQuery(cmdInsert, tran);
}
else
{
if (rtype == "OP")
{
cmdUpdateop.Parameters.Clear();
db.AddInParameter(cmdUpdateop, "@GID", DbType.String, enumValue.GID);
if (enumValue.OPERATERANGE)
db.AddInParameter(cmdUpdateop, "@OPERATERANGE", DbType.String, "1");
else
db.AddInParameter(cmdUpdateop, "@OPERATERANGE", DbType.String, "0");
db.AddInParameter(cmdUpdateop, "@MODIFIEDUSER", DbType.String, userid);
db.AddInParameter(cmdUpdateop, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
db.ExecuteNonQuery(cmdUpdateop, tran);
}
if (rtype == "VS")
{
cmdUpdate.Parameters.Clear();
db.AddInParameter(cmdUpdate, "@GID", DbType.String, enumValue.GID);
if (enumValue.VISIBLERANGE)
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, "1");
else
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, "0");
db.AddInParameter(cmdUpdate, "@MODIFIEDUSER", DbType.String, userid);
db.AddInParameter(cmdUpdate, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
db.ExecuteNonQuery(cmdUpdate, tran);
}
}
}
}
tran.Commit();
}
catch (Exception)
{
tran.Rollback();
result.Success = false;
result.Message = "保存出现错误,请重试或联系系统管理员";
return result;
}
}
result.Success = true;
result.Message = "保存成功" + result.Message;
return result;
}
public static DBResult SaveAuthorityOpDetailAll(string AUTHORITYID,string op, string userid, string rtype)
{
var result = new DBResult();
//var UserAuthorityList=GetUserAuthorityList(userid);
//if (rtype == "OP")
//{
// UserAuthorityList.FindAll(x=>x.OPERATERANGEREF=="选择人员");
//}
//else {
// UserAuthorityList.FindAll(x => x.VISIBLERANGEREF == "选择人员");
//}
Database db = DatabaseFactory.CreateDatabase();
using (var conn = db.CreateConnection())
{
conn.Open();
var tran = conn.BeginTransaction();
try
{
var cmdInsertOp =
db.GetSqlStringCommand(
@"if (select GID from user_authority_range_op where USERID='" + op + "' and OPID=@OPID AND AUTHORITYID=@AUTHORITYID) is null "
+ " insert into user_authority_range_op (GID,USERID,AUTHORITYID,OPID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME)"
+ " values (@GID,@USERID,@AUTHORITYID,@OPID,@VISIBLERANGE,@OPERATERANGE,@CREATEUSER,@CREATETIME) else "
+ "update user_authority_range_op set OPERATERANGE=@OPERATERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where USERID='" + userid + "' and OPID=@OPID AND AUTHORITYID=@AUTHORITYID");
if (rtype == "OP")
{
var cmdInsertOP =
db.GetSqlStringCommand(
@"update user_authority_range_op set OPERATERANGE=0 from user_authority_range_op p where USERID='" + op + "' and AUTHORITYID<>'" + AUTHORITYID + "' "
+ " update user_authority_range_op set OPERATERANGE=1,MODIFIEDUSER='" + userid + "',MODIFIEDTIME=getdate() from user_authority_range_op p where USERID='" + op + "' and AUTHORITYID<>'" + AUTHORITYID + "' "
+ " and opid in (select opid from user_authority_range_op where AUTHORITYID='" + AUTHORITYID + "' and OPERATERANGE=1 and USERID='" + op + "') "
+ " insert into user_authority_range_op (GID,USERID,AUTHORITYID,OPID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME) "
+ " select newid() GID,'" + op + "' USERID,A.AUTHORITYID,U.OPID,0 VISIBLERANGE,U.OPERATERANGE,'" + userid + "' CREATEUSER,GETDATE() CREATETIME from VW_User_Authority A, user_authority_range_op U where A.OPERATERANGE=6 AND A.USERID='" + op + "' AND U.AUTHORITYID='" + AUTHORITYID + "' and U.OPERATERANGE=1"
+ " and a.AUTHORITYID<>'" + AUTHORITYID + "' and u.userid='" +op+ "' and not EXISTS (select 1 from user_authority_range_op y where y.AUTHORITYID=a.AUTHORITYID and y.USERID='" + op + "' and y.OPID=u.OPID)");
db.ExecuteNonQuery(cmdInsertOP, tran);
}
else
{
var cmdInsertVs =
db.GetSqlStringCommand(
@"update user_authority_range_op set VISIBLERANGE=0 from user_authority_range_op p where USERID='"+ op + "' and AUTHORITYID<>'"+ AUTHORITYID + "' "
+ " update user_authority_range_op set VISIBLERANGE=1,MODIFIEDUSER='"+userid+"',MODIFIEDTIME=getdate() from user_authority_range_op p where USERID='"+ op + "' and AUTHORITYID<>'"+ AUTHORITYID + "' "
+ " and opid in (select opid from user_authority_range_op where AUTHORITYID='"+ AUTHORITYID + "' and VISIBLERANGE=1 and USERID='"+op+"') "
+ " insert into user_authority_range_op (GID,USERID,AUTHORITYID,OPID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME) "
+ " select newid() GID,'"+op+ "' USERID,A.AUTHORITYID,U.OPID,U.VISIBLERANGE,0 OPERATERANGE,'" + userid+ "' CREATEUSER,GETDATE() CREATETIME from VW_User_Authority A, user_authority_range_op U where A.VISIBLERANGE=6 AND A.USERID='" + op + "' AND U.AUTHORITYID='"+ AUTHORITYID + "' and U.VISIBLERANGE=1 "
+ " and a.AUTHORITYID<>'" + AUTHORITYID + "' and u.userid='" + op + "' and not EXISTS (select 1 from user_authority_range_op y where y.AUTHORITYID=a.AUTHORITYID and y.USERID='" + op + "' and y.OPID=u.OPID) ");
db.ExecuteNonQuery(cmdInsertVs, tran);
}
//if (UserAuthorityList != null)
//{
// foreach (var enumValueAuthority in UserAuthorityList)
// {
// if (bodyList != null)
// {
// foreach (var enumValue in bodyList)
// {
// if (rtype == "OP")
// {
// cmdInsertOp.Parameters.Clear();
// db.AddInParameter(cmdInsertOp, "@OPID", DbType.String, enumValue.OPID);
// db.AddInParameter(cmdInsertOp, "@AUTHORITYID", DbType.String, enumValueAuthority.AUTHORITYID);
// db.AddInParameter(cmdInsertOp, "@USERID", DbType.String,userid);
// db.AddInParameter(cmdInsertOp, "@GID", DbType.String, Guid.NewGuid().ToString());
// if (enumValue.OPERATERANGE)
// db.AddInParameter(cmdInsertOp, "@OPERATERANGE", DbType.String, "1");
// else
// db.AddInParameter(cmdInsertOp, "@OPERATERANGE", DbType.String, "0");
// db.AddInParameter(cmdInsertOp, "@VISIBLERANGE", DbType.String, "0");
// db.AddInParameter(cmdInsertOp, "@CREATEUSER", DbType.String, userid);
// db.AddInParameter(cmdInsertOp, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
// db.AddInParameter(cmdInsertOp, "@MODIFIEDUSER", DbType.String, userid);
// db.AddInParameter(cmdInsertOp, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
// db.ExecuteNonQuery(cmdInsertOp, tran);
// }
// else
// {
// cmdInsertVs.Parameters.Clear();
// db.AddInParameter(cmdInsertVs, "@OPID", DbType.String, enumValue.OPID);
// db.AddInParameter(cmdInsertVs, "@AUTHORITYID", DbType.String, enumValueAuthority.AUTHORITYID);
// db.AddInParameter(cmdInsertVs, "@USERID", DbType.String, userid);
// db.AddInParameter(cmdInsertVs, "@GID", DbType.String, Guid.NewGuid().ToString());
// if (enumValue.VISIBLERANGE)
// db.AddInParameter(cmdInsertVs, "@VISIBLERANGE", DbType.String, "1");
// else
// db.AddInParameter(cmdInsertVs, "@VISIBLERANGE", DbType.String, "0");
// db.AddInParameter(cmdInsertVs, "@OPERATERANGE", DbType.String, "0");
// db.AddInParameter(cmdInsertVs, "@CREATEUSER", DbType.String, userid);
// db.AddInParameter(cmdInsertVs, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
// db.AddInParameter(cmdInsertVs, "@MODIFIEDUSER", DbType.String, userid);
// db.AddInParameter(cmdInsertVs, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
// db.ExecuteNonQuery(cmdInsertVs, tran);
// }
// }
// }
// }
//}
tran.Commit();
}
catch (Exception)
{
tran.Rollback();
result.Success = false;
result.Message = "保存出现错误,请重试或联系系统管理员";
return result;
}
}
result.Success = true;
result.Message = "保存成功" + result.Message;
return result;
}
#endregion
}
}