using System; using System.Data; using System.Collections.Generic; using System.Text; using System.Web.Mvc; using HcUtility.Comm; using Microsoft.Practices.EnterpriseLibrary.Data; using DSWeb.TruckMng.Helper; using DSWeb.TruckMng.Helper.Repository; using DSWeb.Areas.SysMng.Models.SysTask; using DSWeb.Areas.CommMng.DAL; using DSWeb.Areas.SysMng.Models.SysUser; using DSWeb.Areas.CommMng.Models; using System.Data.SqlClient; using WebSqlHelper; using DSWeb.EntityDA; using DSWeb.SoftMng.BLL; using DSWeb.SoftMng.Model; using System.Web.Script.Serialization; using System.Linq; using DSWeb.SoftMng.Filter; using System.Data.Common; using DSWeb.SoftMng.Controllers; namespace DSWeb.Areas.SysMng.DAL.SysUser { public class SysUserDAL { static public List GetDataList(string condition, string sortstring = null) { SysUserMC u = new SysUserMC(); StringBuilder strSql = new StringBuilder(); strSql.Append(u.getSQL()); if (!string.IsNullOrEmpty(condition)) { strSql.Append(" and " + condition); } else { } var sort = DatasetSort.Getsortstring(sortstring); if (!string.IsNullOrEmpty(sort)) { strSql.Append(" order by " + sort); } else { strSql.Append(" order by CODENAME"); } return SetData(strSql.ToString()); } private static List SetData(String strSql) { var headList = new List(); Database db = DatabaseFactory.CreateDatabase(); using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString())) { while (reader.Read()) { SysUserMC data = new SysUserMC(); #region Set DB data to Object data.GID = Convert.ToString(reader["GID"]); data.USERNAME = Convert.ToString(reader["USERNAME"]); data.CODENAME = Convert.ToString(reader["CODENAME"]); data.PASSWORD = Convert.ToString(reader["PASSWORD"]); data.SHOWNAME = Convert.ToString(reader["SHOWNAME"]); data.ENROLLTIME = Convert.ToString(reader["ENROLLTIME"]); data.CREATEUSER = Convert.ToString(reader["CREATEUSER"]); data.CREATETIME = Convert.ToString(reader["CREATETIME"]); data.MODIFIEDUSER = Convert.ToString(reader["MODIFIEDUSER"]); data.MODIFIEDTIME = Convert.ToString(reader["MODIFIEDTIME"]); data.ISDELETED = Convert.ToString(reader["ISDELETED"]); data.ISDISABLE = Convert.ToString(reader["ISDISABLE"]); data.DELETEUSER = Convert.ToString(reader["DELETEUSER"]); data.DELETETIME = Convert.ToString(reader["DELETETIME"]); data.NOCODE = Convert.ToString(reader["NOCODE"]); data.OPENID = Convert.ToString(reader["OPENID"]); data.WECHATACCOUNT = Convert.ToString(reader["WECHATACCOUNT"]); data.DINGTALKACCOUNT = Convert.ToString(reader["DINGTALKACCOUNT"]); data.COMPANYID = Convert.ToString(reader["COMPANYID"]); data.COMPANYNAME = Convert.ToString(reader["COMPANYNAME"]); data.DEPTNAME = Convert.ToString(reader["DEPTNAME"]); data.OFFICEADDR = Convert.ToString(reader["OFFICEADDR"]); data.OFFICEPHONE = Convert.ToString(reader["OFFICEPHONE"]); data.HOMEPHONE = Convert.ToString(reader["HOMEPHONE"]); data.MOBILE = Convert.ToString(reader["MOBILE"]); data.FAX = Convert.ToString(reader["FAX"]); data.EMAIL1 = Convert.ToString(reader["EMAIL1"]); data.EMAIL2 = Convert.ToString(reader["EMAIL2"]); data.HOMEADDRESS = Convert.ToString(reader["HOMEADDRESS"]); data.REMARK = Convert.ToString(reader["REMARK"]); data.EMERGUSER = Convert.ToString(reader["EMERGUSER"]); data.EMERGPHONE = Convert.ToString(reader["EMERGPHONE"]); data.EMERGEMAIL = Convert.ToString(reader["EMERGEMAIL"]); data.POSTCODE = Convert.ToString(reader["POSTCODE"]); data.QQ = Convert.ToString(reader["QQ"]); data.MSN = Convert.ToString(reader["MSN"]); //data.SIGNATURE = Convert.ToString(reader["SIGNATURE"]); data.FINANCESOFTCODE = Convert.ToString(reader["FINANCESOFTCODE"]); data.IMAGEURL = Convert.ToString(reader["IMAGEURL"]); data.SIGNATUREURL = Convert.ToString(reader["SIGNATUREURL"]); data.MAILSIGN = Convert.ToString(reader["MAILSIGN"]); data.CWUSERNAME = Convert.ToString(reader["CWUSERNAME"]); data.CWPASSWORD = Convert.ToString(reader["CWPASSWORD"]); data.USERCOMPANYGID = Convert.ToString(reader["USERCOMPANYGID"]); data.USERBASEINFOGID = Convert.ToString(reader["USERBASEINFOGID"]); data.isUseSystem = Convert.ToString(reader["isUseSystem"]); data.isDisable = Convert.ToString(reader["isDisable"]); #endregion headList.Add(data); //把data的数据加入List对象 } reader.Close(); } return headList; //返回List对象 } static public SysUserMC GetData(string condition)//, List fieldlist { var list = GetDataList(condition, "");//, fieldlist SysUserMC result = new SysUserMC(); if (list.Count > 0) { result = list[0]; //然后取得该用户的属性并设置在result里 var attrlist = GetAttr(result.GID); result.setAttribute(attrlist); } else { result.isUseSystem = "true"; result.isOperator = "false"; result.isSaleMan = "false"; result.isDriver = "false"; result.isCustomsDeclarer = "false"; result.isDocument = "false"; result.isFinancialStaff = "false"; result.isDisable = "false"; result.isCustomsService = "false"; result.isVehiclesDispatcher = "false"; } return result; } static public List GetUserTreeRefList(string PARENTID) { var strSql = new StringBuilder(); strSql.Append(" SELECT "); strSql.Append(" GID,NAME,DESCRIPTION,PARENTID,TYPE"); strSql.Append(" from VW_user_company_tree "); strSql.Append(" where parentid='" + PARENTID + "' order by TYPE,DESCRIPTION"); return SetUserTreeRefData(strSql); } public static List SetUserTreeRefData(StringBuilder strSql) { var headList = new List(); Database db = DatabaseFactory.CreateDatabase(); using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString())) { while (reader.Read()) { UserTreeRefModel data = new UserTreeRefModel(); #region Set DB data to Object data.id = Convert.ToString(reader["GID"]); data.GID = Convert.ToString(reader["GID"]); data.NAME = Convert.ToString(reader["NAME"]); data.DESCRIPTION = Convert.ToString(reader["DESCRIPTION"]); data.PARENTID = Convert.ToString(reader["PARENTID"]); data.TYPE = Convert.ToString(reader["TYPE"]); data.icon = ""; if (data.TYPE == "2") { data.leaf = true; data.expanded = true; data.icon = "../TruckMng/Content/Images/business/people.ico"; } else { data.leaf = false; data.expanded = false; if (data.TYPE == "0") data.icon = "../TruckMng/Content/Images/business/company.ico"; if (data.TYPE == "1") data.icon = "../TruckMng/Content/Images/business/group.ico"; }; #endregion headList.Add(data); } reader.Close(); } return headList; } static public List GetList_USERINFO(string USERID) { USER_BASEINFOMC userinfo = new USER_BASEINFOMC(); StringBuilder strSql = new StringBuilder(); strSql.Append(userinfo.getSQL()); strSql.Append(" where USERID='" + USERID + "'"); return SetData_USERINFO(strSql.ToString()); } private static List SetData_USERINFO(String strSql) { var headList = new List(); Database db = DatabaseFactory.CreateDatabase(); using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString())) { while (reader.Read()) { USER_BASEINFOMC data = new USER_BASEINFOMC(); #region Set DB data to Object data.GID = Convert.ToString(reader["GID"]); data.USERID = Convert.ToString(reader["USERID"]); data.CREATEUSER = Convert.ToString(reader["CREATEUSER"]); data.CREATETIME = Convert.ToString(reader["CREATETIME"]); data.MODIFIEDUSER = Convert.ToString(reader["MODIFIEDUSER"]); data.MODIFIEDTIME = Convert.ToString(reader["MODIFIEDTIME"]); data.OFFICEPHONE = Convert.ToString(reader["OFFICEPHONE"]); data.HOMEPHONE = Convert.ToString(reader["HOMEPHONE"]); data.MOBILE = Convert.ToString(reader["MOBILE"]); data.FAX = Convert.ToString(reader["FAX"]); data.EMAIL1 = Convert.ToString(reader["EMAIL1"]); data.EMAIL2 = Convert.ToString(reader["EMAIL2"]); data.HOMEADDRESS = Convert.ToString(reader["HOMEADDRESS"]); data.REMARK = Convert.ToString(reader["REMARK"]); data.EMERGUSER = Convert.ToString(reader["EMERGUSER"]); data.EMERGPHONE = Convert.ToString(reader["EMERGPHONE"]); data.EMERGEMAIL = Convert.ToString(reader["EMERGEMAIL"]); data.POSTCODE = Convert.ToString(reader["POSTCODE"]); data.QQ = Convert.ToString(reader["QQ"]); data.MSN = Convert.ToString(reader["MSN"]); //data.SIGNATURE = Convert.ToString(reader["SIGNATURE"]); data.FINANCESOFTCODE = Convert.ToString(reader["FINANCESOFTCODE"]); data.IMAGEURL = Convert.ToString(reader["IMAGEURL"]); data.SIGNATUREURL = Convert.ToString(reader["SIGNATUREURL"]); data.MAILSIGN = Convert.ToString(reader["MAILSIGN"]); #endregion headList.Add(data); //把data的数据加入List对象 } reader.Close(); } return headList; //返回List对象 } static public List GetList_USERCOMPANY(string USERID) { USER_COMPANYMC userinfo = new USER_COMPANYMC(); StringBuilder strSql = new StringBuilder(); strSql.Append(userinfo.getSQL()); strSql.Append(" where USERID='" + USERID + "'"); return SetData_USERCOMPANY(strSql.ToString()); } private static List SetData_USERCOMPANY(String strSql) { var headList = new List(); Database db = DatabaseFactory.CreateDatabase(); using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString())) { while (reader.Read()) { USER_COMPANYMC data = new USER_COMPANYMC(); #region Set DB data to Object data.GID = Convert.ToString(reader["GID"]); data.USERID = Convert.ToString(reader["USERID"]); data.COMPANYID = Convert.ToString(reader["COMPANYID"]); #endregion headList.Add(data); //把data的数据加入List对象 } reader.Close(); } return headList; //返回List对象 } static public List GetAttr(string USERID) { user_userattributeMC userinfo = new user_userattributeMC(); StringBuilder strSql = new StringBuilder(); strSql.Append(userinfo.getSQL()); strSql.Append(" where USERID='" + USERID + "'"); return SetData_Attr(strSql.ToString()); } private static List SetData_Attr(String strSql) { var headList = new List(); Database db = DatabaseFactory.CreateDatabase(); using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString())) { while (reader.Read()) { user_userattributeMC data = new user_userattributeMC(); #region Set DB data to Object data.GID = Convert.ToString(reader["GID"]); data.USERID = Convert.ToString(reader["USERID"]); data.ATTRIBUTEID = Convert.ToString(reader["ATTRIBUTEID"]); data.ATTRIBUTENAME = Convert.ToString(reader["ATTRIBUTENAME"]); data.VALUE = Convert.ToString(reader["VALUE"]); #endregion headList.Add(data); //把data的数据加入List对象 } reader.Close(); } return headList; //返回List对象 } #region 显示树形结构 static public List GetOPRange(string PARENTID) { USEROPRangeMC OPCODE = new USEROPRangeMC(PARENTID); return SetOPRange(OPCODE.getSQL()); } static public List GetOPRange(string PARENTID, string USERID) { if (string.IsNullOrWhiteSpace( USERID) && PARENTID== "0"){ return new List(); }else{ USEROPRangeMC OPCODE = new USEROPRangeMC(USERID, PARENTID); return SetOPRange(OPCODE.getSQL()); } } public static List SetOPRange(String strSql) { var headList = new List(); Database db = DatabaseFactory.CreateDatabase(); SqlCommand cmd = new SqlCommand(); cmd.CommandText = strSql.ToString(); cmd.CommandTimeout = 120000; //要加这一句 using (IDataReader reader = db.ExecuteReader(cmd)) { while (reader.Read()) { USEROPRangeMC data = new USEROPRangeMC(""); #region Set DB data to Object data.id = Convert.ToString(reader["id"]); data.GID = Convert.ToString(reader["id"]); data.NAME = Convert.ToString(reader["NAME"]); data.DESCRIPTION = Convert.ToString(reader["DESCRIPTION"]); data.PARENTID = Convert.ToString(reader["PARENTID"]); data.TYPE = Convert.ToString(reader["TYPE"]); //data.icon = "";//Convert.ToString(reader["ICON"]); data.MODULEURL = Convert.ToString(reader["MODULEURL"]); if (reader["leaf"] != DBNull.Value) data.leaf = Convert.ToBoolean(reader["leaf"]); //原逻辑为MODULEURL==== "#" //现改为 gid为其他节点的父节点 isleaf=0 if (!data.leaf) { data.leaf = false; data.expanded = false; //data.icon="../images/business/people.ico"; } else { data.leaf = true; data.expanded = true; //if (data.TYPE == "0") data.icon = "../images/business/company.ico"; //if (data.TYPE == "1") data.icon = "../images/business/group.ico"; }; #endregion headList.Add(data); } reader.Close(); } return headList; } #endregion #region 用户权限 增加删除 public static DBResult AddRange(string IDList,string USERID,string MODIFIEDUSER) { //var CURRUSERID = ""; var json = ""; DBResult result = new DBResult(); result.Success = true; if (string.IsNullOrEmpty(IDList)) { result.SetErrorInfo("没有选择任何模块"); } if(string.IsNullOrEmpty(USERID)) { result.SetErrorInfo("没有选中一个用户"); } if (!result.Success) return result; var ModelIDList = JsonConvert.Deserialize>(IDList); foreach (var tempSelectedModuleID in ModelIDList) { if (string.IsNullOrWhiteSpace(tempSelectedModuleID)) continue; UserActionDA userActionDA = new UserActionDA(); sys_secCompanyBLL arg_1C_0 = new sys_secCompanyBLL(); sys_module model = new sys_moduleBLL().GetModel(tempSelectedModuleID); sys_secCompany sys_secCompany = arg_1C_0.GetModelList("").FirstOrDefault(); if (sys_secCompany == null) { result.SetErrorInfo("未配置相关参数,表 [Sys_SecCompany] 无数据"); continue; } if (new JavaScriptSerializer().Deserialize(DSWeb.SoftMng.Common.Common.string_Decrypt(sys_secCompany.CompanySecretKey, "Dw9pVb9r")).MenuControl) { int recordCount = new user_actionBLL().GetRecordCount("ACTIONID =(SELECT TOP 1 GID FROM [ACTION] WHERE MODULEID='" + tempSelectedModuleID + "') AND USERID in (select Gid from [user]) and USERID NOT IN (SELECT [USERID] FROM user_userattribute where ATTRIBUTEID = '2E5E6066-1C5D-4B04-BF8C-56637C20FC8C' and VALUE = 'true') "); sys_secModule sys_secModule = new sys_secModuleBLL().GetModelList("IdenSecretkey = '" + DSWeb.SoftMng.Common.Common.string_Encrypt(tempSelectedModuleID, "2cP46Gox") + "'").FirstOrDefault(); if (sys_secModule == null) { result.SetErrorInfo("模块【" + model.DESCRIPTION + "】已被禁用,无操作权限"); continue; } SecrietStr secrietStr = new JavaScriptSerializer().Deserialize(DSWeb.SoftMng.Common.Common.string_Decrypt(sys_secModule.ModuleSecretkey, "2cP46Gox")); if (!Convert.ToBoolean(secrietStr.Enabled)) { result.SetErrorInfo("模块【" + secrietStr.Name + "】已被禁用"); continue; } var _xianzhi = Convert.ToInt32(secrietStr.Times); if (recordCount >= _xianzhi) { result.SetErrorInfo(string.Concat(new object[] { "模块【", secrietStr.Name, "】使用人数超出系统限制,限制", _xianzhi, "人,已分配", recordCount, "人" }) ); continue; } if (!userActionDA.IsExistUserModule(USERID, tempSelectedModuleID)) { result.SetErrorInfo(userActionDA.InsertUserAction(USERID, tempSelectedModuleID, MODIFIEDUSER) == 1 ? "模块【" + model.DESCRIPTION + "】添加成功" : "模块【" + model.DESCRIPTION + "】添加失败"); }else result.SetErrorInfo(""); } else { if (!userActionDA.IsExistUserModule(USERID, tempSelectedModuleID)) { result.SetErrorInfo(userActionDA.InsertUserAction(USERID, tempSelectedModuleID, MODIFIEDUSER) == 1 ? "模块【" + model.DESCRIPTION + "】添加成功" : "模块【" + model.DESCRIPTION + "】添加失败"); }else result.SetErrorInfo(""); } } #region 批量执行的旧逻辑 //var bodyList = JsonConvert.Deserialize>(IDList); //var GIDLIST = ""; //for (var _i = 0; _i < bodyList.Count; _i++) //{ // if (GIDLIST != "") GIDLIST += ","; // GIDLIST += "'" + bodyList[_i] + "'"; //} //using (SqlTransaction sqlTran = SqlHelper.BeginTransaction(SqlHelper.ConnectionStringLocalTransaction)) //{ // try // { // string strSql = @"insert into [user_action] (GID,ACTIONID,USERID,CREATEUSER,CREATETIME) select newid(),GID,@USERID,@CREATEUSER,@CREATETIME from action where MODULEID in (" + GIDLIST + ") " // + " and GID not in(select ACTIONID from user_action where USERID=@USERID2) "; // SqlParameter[] parameters = { // new SqlParameter("@USERID", SqlDbType.VarChar,50) , // new SqlParameter("@CREATEUSER", SqlDbType.VarChar,50) , // new SqlParameter("@CREATETIME", SqlDbType.VarChar,50) , // new SqlParameter("@USERID2", SqlDbType.VarChar,50) // }; // parameters[0].Value = USERID; // parameters[1].Value = MODIFIEDUSER; // parameters[2].Value = DateTime.Now.ToString(); // parameters[3].Value = USERID; // SqlHelper.ExecuteNonQuery(sqlTran, CommandType.Text, strSql, parameters); // sqlTran.Commit(); // result.Success = true; // } // catch (Exception e) // { // result.SetErrorInfo(e.Message); // } //} #endregion return result; } public static DBResult DelRange(string IDList, string USERID, string MODIFIEDUSER) { DBResult result = new DBResult(); if (string.IsNullOrEmpty(IDList)) { result.SetErrorInfo("没有选择任何模块"); } if (string.IsNullOrEmpty(USERID)) { result.SetErrorInfo("没有选中一个用户"); } var bodyList = JsonConvert.Deserialize>(IDList); var GIDLIST = ""; for (var _i = 0; _i < bodyList.Count; _i++) { if (GIDLIST != "") GIDLIST += ","; GIDLIST += "'" + bodyList[_i] + "'"; } using (SqlTransaction sqlTran = SqlHelper.BeginTransaction(SqlHelper.ConnectionStringLocalTransaction)) { try { string strSql = @"delete from [USER_action] where ACTIONID in (select gid from action where moduleid in(" + GIDLIST + ")) and USERID=@USERID"; SqlParameter[] parameters = { new SqlParameter("@USERID", SqlDbType.VarChar,50) }; parameters[0].Value = USERID; SqlHelper.ExecuteNonQuery(sqlTran, CommandType.Text, strSql, parameters); sqlTran.Commit(); result.Success = true; } catch (Exception e) { result.SetErrorInfo(e.Message); } } return result; } #endregion public static DBResult GetUserIsUse(string userid, string usercode, string username) { DBResult result = new DBResult(); Database db = DatabaseFactory.CreateDatabase(); var cmd = db.GetStoredProcCommand("proc_isUserBeing"); db.AddInParameter(cmd, "@GID", DbType.String, userid); db.AddInParameter(cmd, "@CODENAME", DbType.String, usercode); db.AddInParameter(cmd, "@SHOWNAME", DbType.String, username); db.AddOutParameter(cmd, "@RETURN_VALUE", DbType.Int16,10); db.ExecuteNonQuery(cmd); var iResult=Convert.ToInt16(db.GetParameterValue(cmd, "@RETURN_VALUE")); if (iResult == 1) { result.Success = false; result.Message = "已使用,不允许删除修改"; } else { result.Success = true; result.Message = ""; } return result; } static public List GetUserTeamList(string strCondition, string sort = null) { var strSql = new StringBuilder(); strSql.Append("select GID,TEAM,USERID,SHOWNAME,ISDEF"); strSql.Append(" from user_team "); if (!string.IsNullOrEmpty(strCondition)) { strSql.Append(" where " + strCondition); } var sortstring = DatasetSort.Getsortstring(sort); if (!string.IsNullOrEmpty(sortstring)) { strSql.Append(" order by " + sortstring); } else { strSql.Append(" order by TEAM "); } return SetUserTeamData(strSql); } static public List GetUserTeamAllList(string strCondition, string sort = null) { var strSql = new StringBuilder(); strSql.Append("select GID,TEAM,USERID,SHOWNAME,ISDEF"); strSql.Append(" from user_team "); if (!string.IsNullOrEmpty(strCondition)) { strSql.Append(" where " + strCondition); } var sortstring = DatasetSort.Getsortstring(sort); if (!string.IsNullOrEmpty(sortstring)) { strSql.Append(" order by " + sortstring); } else { strSql.Append(" order by TEAM "); } return SetUserTeamData(strSql); } private static List SetUserTeamData(StringBuilder strSql) { var bodyList = new List(); Database db = DatabaseFactory.CreateDatabase(); using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString())) { while (reader.Read()) { UserTeam data = new UserTeam(); #region Set DB data to Object data.GID = Convert.ToString(reader["GID"]); data.TEAM = Convert.ToString(reader["TEAM"]); data.USERID = Convert.ToString(reader["USERID"]); data.SHOWNAME = Convert.ToString(reader["SHOWNAME"]); data.ISDEF = Convert.ToString(reader["ISDEF"]); #endregion bodyList.Add(data); } reader.Close(); } return bodyList; } public static DBResult SaveUserTeam(SysUserMC headData, List bodyList) { var result = new DBResult(); Database db = DatabaseFactory.CreateDatabase(); using (var conn = db.CreateConnection()) { conn.Open(); var tran = conn.BeginTransaction(); try { var cmdDelete = db.GetSqlStringCommand("delete from user_team where USERID='" + headData.GID + "'"); db.ExecuteNonQuery(cmdDelete, tran); var cmdInsert = db.GetSqlStringCommand( @"insert into user_team (GID,TEAM,USERID,SHOWNAME,ISDEF) values (@GID,@TEAM,@USERID,@SHOWNAME,@ISDEF) "); if (bodyList != null) { foreach (var enumValue in bodyList) { cmdInsert.Parameters.Clear(); db.AddInParameter(cmdInsert, "@GID", DbType.String, Guid.NewGuid().ToString()); db.AddInParameter(cmdInsert, "@USERID", DbType.String, headData.GID); db.AddInParameter(cmdInsert, "@SHOWNAME", DbType.String, headData.SHOWNAME); db.AddInParameter(cmdInsert, "@TEAM", DbType.String, enumValue.TEAM); db.AddInParameter(cmdInsert, "@ISDEF", DbType.String, enumValue.ISDEF); db.ExecuteNonQuery(cmdInsert, tran); } } tran.Commit(); } catch (Exception e) { tran.Rollback(); result.Success = false; result.Message = "保存出现错误,请重试或联系系统管理员" + e.Message; return result; } } result.Success = true; result.Message = "保存成功"; return result; } public static DBResult DeleteUserTeam(UserTeam headData) { var result = new DBResult(); Database db = DatabaseFactory.CreateDatabase(); using (var conn = db.CreateConnection()) { conn.Open(); var tran = conn.BeginTransaction(); try { var cmd = db.GetSqlStringCommand("delete from user_team where GID='" + headData.GID + "'"); db.ExecuteNonQuery(cmd, tran); tran.Commit(); } catch (Exception) { tran.Rollback(); result.Success = false; result.Message = "保存出现错误,请重试或联系系统管理员"; return result; } } result.Success = true; result.Message = "保存成功"; return result; } #region 检查一个USERID对应的一个MODULEID 看能否添加 public static DBResult CheckOPRangeByActionID(string ACTIONID, string USERIDList) { DBResult result = new DBResult(); UserActionDA userActionDA = new UserActionDA(); sys_secCompanyBLL arg_1C_0 = new sys_secCompanyBLL(); sys_module model = new sys_moduleBLL().GetModel2(" gid=(select top 1 moduleid from [action] where gid='"+ ACTIONID + "') "); if (model == null) { result.SetErrorInfo(""); return result; } return CheckOPRange(model, USERIDList); } public static DBResult CheckOPRange(List modeules, string USERIDList) { var result = new DBResult(); result.Success = true; foreach (var modeule in modeules) { var _r = CheckOPRange(modeule.id, USERIDList); result.setMessage(result.Success, _r.Message); if (!_r.Success) result.Success = false; } return result; } public static DBResult CheckOPRange(string MODULEID, string USERIDList) { DBResult result = new DBResult(); UserActionDA userActionDA = new UserActionDA(); sys_secCompanyBLL arg_1C_0 = new sys_secCompanyBLL(); sys_module model = new sys_moduleBLL().GetModel2(" gid='" + MODULEID + "' "); if (model == null) { result.SetErrorInfo(""); return result; } return CheckOPRange(model, USERIDList); } public static DBResult CheckOPRange(sys_module model, string USERIDList) { DBResult result = new DBResult(); UserActionDA userActionDA = new UserActionDA(); sys_secCompanyBLL arg_1C_0 = new sys_secCompanyBLL(); //sys_module model = new sys_moduleBLL().GetModel2(" gid=(select top 1 moduleid from [action] where gid='" + ACTIONID + "') "); if (model == null) { result.SetErrorInfo(""); return result; } sys_secCompany sys_secCompany = arg_1C_0.GetModelList("").FirstOrDefault(); if (sys_secCompany == null) { result.SetErrorInfo("未配置相关参数,表 [Sys_SecCompany] 无数据"); return result; } if (new JavaScriptSerializer().Deserialize(DSWeb.SoftMng.Common.Common.string_Decrypt(sys_secCompany.CompanySecretKey, "Dw9pVb9r")).MenuControl) { //如被禁用则直接返回false sys_secModule sys_secModule = new sys_secModuleBLL().GetModelList("IdenSecretkey = '" + DSWeb.SoftMng.Common.Common.string_Encrypt(model.GID, "2cP46Gox") + "'").FirstOrDefault(); if (sys_secModule == null) { result.SetErrorInfo("模块【" + model.DESCRIPTION + "】已被禁用,无操作权限"); return result; } SecrietStr secrietStr = new JavaScriptSerializer().Deserialize(DSWeb.SoftMng.Common.Common.string_Decrypt(sys_secModule.ModuleSecretkey, "2cP46Gox")); if (!Convert.ToBoolean(secrietStr.Enabled)) { result.SetErrorInfo("模块【" + secrietStr.Name + "】已被禁用"); return result; } //看【加上本次这些人之后】,总人数是否超 var useridliststr = BasicDataRefDAL.getSqlString(USERIDList); int recordCount = new user_actionBLL().GetRecordCount("ACTIONID =(SELECT TOP 1 GID FROM [ACTION] WHERE MODULEID='" + model.GID + "') AND USERID in (select Gid from [user] where ISDELETED=0 and ISDISABLE=0 and gid not in(" + useridliststr + "))"); var useridarray = BasicDataRefDAL.getStringArray(USERIDList); var newcount = useridarray.Count(); if (recordCount + newcount > Convert.ToInt32(secrietStr.Times)) { result.SetErrorInfo(string.Concat(new object[] { "模块【", secrietStr.Name, "】使用人数超出系统限制,限制", secrietStr.Times, "人,此次将分配至", recordCount + newcount, "人" }) ); return result; } else { result.Success = true; return result; } //if (!userActionDA.IsExistUserModule(USERID, MODULEID)) //{ // result.Success = true; // return result; //} //else //{ // result.setMessage(true,"模块【" + model.DESCRIPTION + "】已经已经为用户指定了模块权限,不能重复添加"); // return result; //} } else { //如不限制则返回true //if (!userActionDA.IsExistUserModule(USERID, MODULEID)) //{ result.Success = true; return result; //} //else //{ // result.setMessage(true, "模块【" + model.DESCRIPTION + "】已经已经为用户指定了模块权限,不能重复添加"); // return result; //} } //return result; } #endregion } }