You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
865 lines
45 KiB
C#
865 lines
45 KiB
C#
using System;
|
|
using System.Data;
|
|
using System.Collections.Generic;
|
|
using System.Text;
|
|
using DSWeb.MvcShipping.Models.MsUserAuthority;
|
|
using Microsoft.Practices.EnterpriseLibrary.Data;
|
|
using DSWeb.Areas.CommMng.Models;
|
|
using HcUtility.Comm;
|
|
using DSWeb.MvcShipping.Models.ModuTreeRef;
|
|
using DSWeb.Areas.CommMng.DAL;
|
|
|
|
namespace DSWeb.MvcShipping.DAL.MsUerAuthority
|
|
{
|
|
public class MsUerAuthorityDAL
|
|
{
|
|
#region Inquery DataList
|
|
|
|
static public List<UserAuthority> GetUserAuthorityList(string userid, string sort = null)
|
|
{
|
|
|
|
var strSql = new StringBuilder();
|
|
strSql.Append("SELECT * FROM ( ");
|
|
strSql.Append("SELECT GID,USERID,VISIBLERANGE,OPERATERANGE,AUTHORITYID,DESCRIPTION,NAME,ISNULL((case VISIBLERANGE when 0 then '全部' when 1 then '本公司' ");
|
|
strSql.Append("when 2 then '本部门' when 3 then '本人' when 4 then '无' when 5 then '选择公司' ");
|
|
strSql.Append("when 6 then '选择人员' end),'') VISIBLERANGEREF,ISNULL((case OPERATERANGE when 0 then '全部' when 1 then '本公司' ");
|
|
strSql.Append("when 2 then '本部门' when 3 then '本人' when 4 then '无' when 5 then '选择公司' ");
|
|
strSql.Append("when 6 then '选择人员' end),'') OPERATERANGEREF,VSSQL ");
|
|
strSql.Append(" from VW_User_Authority ");
|
|
strSql.Append(" where USERID='" + userid + "'");
|
|
strSql.Append(" UNION SELECT '' GID,'" + userid + "' USERID, 4 VISIBLERANGE,4 OPERATERANGE,GID AUTHORITYID,DESCRIPTION,NAME, ");
|
|
strSql.Append(" '无' VISIBLERANGEREF,'无' OPERATERANGEREF,'' VSSQL ");
|
|
strSql.Append(" from user_authority_info ");
|
|
strSql.Append(" where GID NOT IN (SELECT AUTHORITYID FROM user_authority_range WHERE USERID='" + userid + "')");
|
|
strSql.Append(" ) AS DL ");
|
|
|
|
var sortstring = DatasetSort.Getsortstring(sort);
|
|
if (!string.IsNullOrEmpty(sortstring) && sortstring.Trim()!="")
|
|
{
|
|
strSql.Append(" order by " + sortstring);
|
|
}
|
|
else {
|
|
strSql.Append(" order by DESCRIPTION");
|
|
|
|
}
|
|
return SetData(strSql);
|
|
}
|
|
|
|
|
|
|
|
private static List<UserAuthority> SetData(StringBuilder strSql)
|
|
{
|
|
var headList = new List<UserAuthority>();
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
|
|
{
|
|
while (reader.Read())
|
|
{
|
|
UserAuthority data = new UserAuthority();
|
|
#region Set DB data to Object
|
|
data.GID = Convert.ToString(reader["GID"]);
|
|
data.USERID = Convert.ToString(reader["USERID"]);
|
|
data.VISIBLERANGE = Convert.ToString(reader["VISIBLERANGE"]);
|
|
data.OPERATERANGE = Convert.ToString(reader["OPERATERANGE"]);
|
|
data.VISIBLERANGEREF = Convert.ToString(reader["VISIBLERANGEREF"]);
|
|
data.OPERATERANGEREF = Convert.ToString(reader["OPERATERANGEREF"]);
|
|
data.AUTHORITYID = Convert.ToString(reader["AUTHORITYID"]);
|
|
data.DESCRIPTION = Convert.ToString(reader["DESCRIPTION"]);
|
|
data.NAME = Convert.ToString(reader["NAME"]);
|
|
data.VSSQL = Convert.ToString(reader["VSSQL"]);
|
|
|
|
#endregion
|
|
headList.Add(data);
|
|
}
|
|
reader.Close();
|
|
}
|
|
return headList;
|
|
}
|
|
#endregion
|
|
|
|
|
|
static public List<UserTreeRefModel> GetUserTreeRefList(string PARENTID, bool exp = false,string condition="")
|
|
{
|
|
var strSql = new StringBuilder();
|
|
strSql.Append("SELECT ");
|
|
strSql.Append(" GID,NAME,DESCRIPTION,PARENTID,TYPE");
|
|
strSql.Append(" from VW_user_company_tree ");
|
|
strSql.Append(" where parentid='" + PARENTID + "'");
|
|
if (!string.IsNullOrEmpty(condition))
|
|
{
|
|
strSql.Append(" and " + condition);
|
|
}
|
|
|
|
|
|
strSql.Append(" order by TYPE,DESCRIPTION ");
|
|
return SetUserTreeRefData(strSql, exp);
|
|
}
|
|
|
|
private static List<UserTreeRefModel> SetUserTreeRefData(StringBuilder strSql,bool exp=false)
|
|
{
|
|
var headList = new List<UserTreeRefModel>();
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
|
|
{
|
|
while (reader.Read())
|
|
{
|
|
UserTreeRefModel data = new UserTreeRefModel();
|
|
#region Set DB data to Object
|
|
data.id = Convert.ToString(reader["GID"]);
|
|
data.NAME = Convert.ToString(reader["NAME"]);
|
|
data.DESCRIPTION = Convert.ToString(reader["DESCRIPTION"]);
|
|
data.PARENTID = Convert.ToString(reader["PARENTID"]);
|
|
data.TYPE = Convert.ToString(reader["TYPE"]);
|
|
if (data.TYPE == "2")
|
|
{
|
|
data.leaf = true;
|
|
data.expanded = true;
|
|
}
|
|
else
|
|
{
|
|
data.leaf = false;
|
|
data.expanded = exp;
|
|
|
|
};
|
|
#endregion
|
|
headList.Add(data);
|
|
}
|
|
reader.Close();
|
|
}
|
|
return headList;
|
|
}
|
|
|
|
public static DBResult SaveDetail(List<UserAuthority> bodyList, string userid)
|
|
{
|
|
var result = new DBResult();
|
|
|
|
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
using (var conn = db.CreateConnection())
|
|
{
|
|
conn.Open();
|
|
var tran = conn.BeginTransaction();
|
|
|
|
try
|
|
{
|
|
|
|
|
|
var cmdUpdate =
|
|
db.GetSqlStringCommand(
|
|
@"update user_authority_range set VISIBLERANGE=@VISIBLERANGE,OPERATERANGE=@OPERATERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME,VSSQL=@VSSQL where GID=@GID ");
|
|
|
|
|
|
var cmdInsert =
|
|
db.GetSqlStringCommand(
|
|
@"insert into user_authority_range (GID,USERID,AUTHORITYID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME,VSSQL)
|
|
values (@GID,@USERID,@AUTHORITYID,@VISIBLERANGE,@OPERATERANGE,@CREATEUSER,@CREATETIME,@VSSQL) ");
|
|
|
|
|
|
if (bodyList != null)
|
|
{
|
|
foreach (var enumValue in bodyList)
|
|
{
|
|
|
|
if (enumValue.GID == "")
|
|
{
|
|
cmdInsert.Parameters.Clear();
|
|
db.AddInParameter(cmdInsert, "@GID", DbType.String, Guid.NewGuid().ToString());
|
|
db.AddInParameter(cmdInsert, "@USERID", DbType.String, enumValue.USERID);
|
|
db.AddInParameter(cmdInsert, "@AUTHORITYID", DbType.String, enumValue.AUTHORITYID);
|
|
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String, enumValue.VISIBLERANGE);
|
|
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String, enumValue.OPERATERANGE);
|
|
db.AddInParameter(cmdInsert, "@CREATEUSER", DbType.String, userid);
|
|
db.AddInParameter(cmdInsert, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
db.AddInParameter(cmdInsert, "@VSSQL", DbType.String, enumValue.VSSQL);
|
|
db.ExecuteNonQuery(cmdInsert, tran);
|
|
|
|
}
|
|
else
|
|
{
|
|
cmdUpdate.Parameters.Clear();
|
|
db.AddInParameter(cmdUpdate, "@GID", DbType.String, enumValue.GID);
|
|
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, enumValue.VISIBLERANGE);
|
|
db.AddInParameter(cmdUpdate, "@OPERATERANGE", DbType.String, enumValue.OPERATERANGE);
|
|
db.AddInParameter(cmdUpdate, "@MODIFIEDUSER", DbType.String, userid);
|
|
db.AddInParameter(cmdUpdate, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
db.AddInParameter(cmdUpdate, "@VSSQL", DbType.String, enumValue.VSSQL);
|
|
db.ExecuteNonQuery(cmdUpdate, tran);
|
|
}
|
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
tran.Commit();
|
|
}
|
|
catch (Exception)
|
|
{
|
|
tran.Rollback();
|
|
|
|
result.Success = false;
|
|
result.Message = "保存出现错误,请重试或联系系统管理员";
|
|
|
|
return result;
|
|
}
|
|
}
|
|
|
|
result.Success = true;
|
|
result.Message = "保存成功" + result.Message;
|
|
|
|
return result;
|
|
}
|
|
|
|
|
|
#region 公司范围
|
|
|
|
|
|
static public List<UserAuthorityCompany> GetUserAuthorityCompanyList(string userid,string AUTHORITYID, string sort = null)
|
|
{
|
|
|
|
var strSql = new StringBuilder();
|
|
strSql.Append("SELECT * FROM ( ");
|
|
strSql.Append("SELECT GID,USERID,VISIBLERANGE,OPERATERANGE,AUTHORITYID,COMPANYID, ");
|
|
strSql.Append("(SELECT NAME FROM company WHERE GID=user_authority_range_company.COMPANYID) COMPANY");
|
|
strSql.Append(" from user_authority_range_company ");
|
|
strSql.Append(" where USERID='" + userid + "' AND AUTHORITYID='" + AUTHORITYID + "' ");
|
|
strSql.Append(" UNION SELECT '' GID,'" + userid + "' USERID, 0 VISIBLERANGE,0 OPERATERANGE,'" + AUTHORITYID + "' AUTHORITYID,GID COMPANYID, ");
|
|
strSql.Append(" NAME COMPANY ");
|
|
strSql.Append(" from company ");
|
|
strSql.Append(" where GID NOT IN (SELECT COMPANYID FROM user_authority_range_company WHERE USERID='" + userid + "' AND AUTHORITYID='" + AUTHORITYID + "')");
|
|
strSql.Append(" ) AS DL ");
|
|
|
|
var sortstring = DatasetSort.Getsortstring(sort);
|
|
if (!string.IsNullOrEmpty(sortstring) && sortstring.Trim() != "")
|
|
{
|
|
strSql.Append(" order by " + sortstring);
|
|
}
|
|
else
|
|
{
|
|
strSql.Append(" order by COMPANY");
|
|
|
|
}
|
|
return SetCompanyData(strSql);
|
|
}
|
|
|
|
|
|
|
|
private static List<UserAuthorityCompany> SetCompanyData(StringBuilder strSql)
|
|
{
|
|
var headList = new List<UserAuthorityCompany>();
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
|
|
{
|
|
while (reader.Read())
|
|
{
|
|
UserAuthorityCompany data = new UserAuthorityCompany();
|
|
#region Set DB data to Object
|
|
data.GID = Convert.ToString(reader["GID"]);
|
|
data.USERID = Convert.ToString(reader["USERID"]);
|
|
if (Convert.ToString(reader["VISIBLERANGE"])=="1")
|
|
data.VISIBLERANGE =true;
|
|
else
|
|
data.VISIBLERANGE = false;
|
|
|
|
if (Convert.ToString(reader["OPERATERANGE"]) == "1")
|
|
data.OPERATERANGE =true;
|
|
else
|
|
data.OPERATERANGE =false;
|
|
|
|
data.COMPANYID = Convert.ToString(reader["COMPANYID"]);
|
|
data.COMPANY = Convert.ToString(reader["COMPANY"]);
|
|
data.AUTHORITYID = Convert.ToString(reader["AUTHORITYID"]);
|
|
|
|
|
|
#endregion
|
|
headList.Add(data);
|
|
}
|
|
reader.Close();
|
|
}
|
|
return headList;
|
|
}
|
|
|
|
public static DBResult SaveAuthorityCompanyDetail(List<UserAuthorityCompany> bodyList, string userid,string rtype)
|
|
{
|
|
var result = new DBResult();
|
|
|
|
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
using (var conn = db.CreateConnection())
|
|
{
|
|
conn.Open();
|
|
var tran = conn.BeginTransaction();
|
|
|
|
try
|
|
{
|
|
|
|
|
|
var cmdUpdate =
|
|
db.GetSqlStringCommand(
|
|
@"update user_authority_range_company set VISIBLERANGE=@VISIBLERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where GID=@GID ");
|
|
|
|
var cmdUpdateop =
|
|
db.GetSqlStringCommand(
|
|
@"update user_authority_range_company set OPERATERANGE=@OPERATERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where GID=@GID ");
|
|
|
|
|
|
var cmdInsert =
|
|
db.GetSqlStringCommand(
|
|
@"insert into user_authority_range_company (GID,USERID,AUTHORITYID,COMPANYID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME)
|
|
values (@GID,@USERID,@AUTHORITYID,@COMPANYID,@VISIBLERANGE,@OPERATERANGE,@CREATEUSER,@CREATETIME) ");
|
|
|
|
|
|
|
|
if (bodyList != null)
|
|
{
|
|
foreach (var enumValue in bodyList)
|
|
{
|
|
|
|
if (enumValue.GID == "")
|
|
{
|
|
cmdInsert.Parameters.Clear();
|
|
db.AddInParameter(cmdInsert, "@GID", DbType.String, Guid.NewGuid().ToString());
|
|
db.AddInParameter(cmdInsert, "@USERID", DbType.String, enumValue.USERID);
|
|
db.AddInParameter(cmdInsert, "@AUTHORITYID", DbType.String, enumValue.AUTHORITYID);
|
|
db.AddInParameter(cmdInsert, "@COMPANYID", DbType.String, enumValue.COMPANYID);
|
|
if (enumValue.VISIBLERANGE)
|
|
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String,"1");
|
|
else
|
|
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String,"0");
|
|
if (enumValue.OPERATERANGE)
|
|
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String,"1");
|
|
else
|
|
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String,"0");
|
|
db.AddInParameter(cmdInsert, "@CREATEUSER", DbType.String, userid);
|
|
db.AddInParameter(cmdInsert, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
db.ExecuteNonQuery(cmdInsert, tran);
|
|
|
|
}
|
|
else
|
|
{
|
|
if (rtype == "OP")
|
|
{
|
|
cmdUpdateop.Parameters.Clear();
|
|
db.AddInParameter(cmdUpdateop, "@GID", DbType.String, enumValue.GID);
|
|
if (enumValue.OPERATERANGE)
|
|
db.AddInParameter(cmdUpdateop, "@OPERATERANGE", DbType.String, "1");
|
|
else
|
|
db.AddInParameter(cmdUpdateop, "@OPERATERANGE", DbType.String, "0");
|
|
db.AddInParameter(cmdUpdateop, "@MODIFIEDUSER", DbType.String, userid);
|
|
db.AddInParameter(cmdUpdateop, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
db.ExecuteNonQuery(cmdUpdateop, tran);
|
|
}
|
|
else {
|
|
cmdUpdate.Parameters.Clear();
|
|
db.AddInParameter(cmdUpdate, "@GID", DbType.String, enumValue.GID);
|
|
if (enumValue.VISIBLERANGE)
|
|
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, "1");
|
|
else
|
|
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, "0");
|
|
db.AddInParameter(cmdUpdate, "@MODIFIEDUSER", DbType.String, userid);
|
|
db.AddInParameter(cmdUpdate, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
db.ExecuteNonQuery(cmdUpdate, tran);
|
|
|
|
|
|
}
|
|
}
|
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
tran.Commit();
|
|
}
|
|
catch (Exception)
|
|
{
|
|
tran.Rollback();
|
|
|
|
result.Success = false;
|
|
result.Message = "保存出现错误,请重试或联系系统管理员";
|
|
|
|
return result;
|
|
}
|
|
}
|
|
|
|
result.Success = true;
|
|
result.Message = "保存成功" + result.Message;
|
|
|
|
return result;
|
|
}
|
|
|
|
|
|
#endregion
|
|
|
|
#region 人员范围
|
|
|
|
|
|
static public List<UserAuthorityOp> GetUserAuthorityOpList(string userid, string AUTHORITYID, string sort = null)
|
|
{
|
|
|
|
var strSql = new StringBuilder();
|
|
strSql.Append("SELECT * FROM ( ");
|
|
strSql.Append("SELECT GID,USERID,VISIBLERANGE,OPERATERANGE,AUTHORITYID,OPID, ");
|
|
strSql.Append("(SELECT SHOWNAME+'('+companyname+')' FROM [VW_user] WHERE userid=user_authority_range_op.OPID) OPNAME,");
|
|
strSql.Append("(SELECT companyname FROM [VW_user] WHERE userid=user_authority_range_op.OPID) COMPANYNAME,");
|
|
strSql.Append("(SELECT DEPTNAME FROM [VW_user] WHERE userid=user_authority_range_op.OPID) DEPTNAME");
|
|
strSql.Append(" from user_authority_range_op ");
|
|
strSql.Append(" where USERID='" + userid + "' AND AUTHORITYID='" + AUTHORITYID + "' ");
|
|
strSql.Append(" UNION SELECT '' GID,'" + userid + "' USERID, 0 VISIBLERANGE,0 OPERATERANGE,'" + AUTHORITYID + "' AUTHORITYID,userid OPID, ");
|
|
strSql.Append(" SHOWNAME+'('+companyname+')' OPNAME,COMPANYNAME,DEPTNAME ");
|
|
strSql.Append(" from VW_user ");
|
|
strSql.Append(" where userid NOT IN (SELECT OPID FROM user_authority_range_op WHERE USERID='" + userid + "' AND AUTHORITYID='" + AUTHORITYID + "')");
|
|
strSql.Append(" ) AS DL ");
|
|
|
|
var sortstring = DatasetSort.Getsortstring(sort);
|
|
if (!string.IsNullOrEmpty(sortstring) && sortstring.Trim() != "")
|
|
{
|
|
strSql.Append(" order by " + sortstring);
|
|
}
|
|
else
|
|
{
|
|
strSql.Append(" order by COMPANYNAME,DEPTNAME,OPNAME");
|
|
|
|
}
|
|
return SetOpData(strSql);
|
|
}
|
|
|
|
#region 组成树形的选择人员数据结构
|
|
|
|
static public List<UserAuthorityOp> GetUserAuthorityVISIBLE_Tree(string PARENTID, string userid, string AUTHORITYID)
|
|
{
|
|
|
|
var strSql = new StringBuilder();
|
|
strSql.Append(" select *,id OPID,0 OPERATERANGE ,'' DEPTNAME,'" + AUTHORITYID + "' AUTHORITYID,VISIBLERANGE checked from ");
|
|
strSql.Append(" ( ");
|
|
strSql.Append(" select u.userid id,SHOWNAME OPNAME, deptgid PARENTID, 1 isleaf, isnull(r.VISIBLERANGE, 0)VISIBLERANGE,r.GID,'"+ userid + "' USERID ");
|
|
strSql.Append(" from vw_user u ");
|
|
strSql.Append(" left join user_authority_range_op r on AUTHORITYID = '" + AUTHORITYID + "' and r.OPID = u.userid ");
|
|
strSql.Append(" and r.userid = '" + userid + "' ");
|
|
strSql.Append(" union all ");
|
|
strSql.Append(" select distinct vu.companyid id, vu.companyname OPNAME, '0' parentid, 0 isleaf, (case when exists(select 1 from user_authority_range_op op where AUTHORITYID = '" + AUTHORITYID + "' and userid = '" + userid + "' and op.VISIBLERANGE=1 and exists(select(1) from vw_user v2 where v2.COMPANYID = vu.companyid and op.OPID = v2.USERID )) then 1 else 0 end) VISIBLERANGE,'' GID,'' USERID ");
|
|
strSql.Append(" from vw_user vu ");
|
|
strSql.Append(" union all ");
|
|
strSql.Append(" select distinct vu.deptgid id, vu.DEPTNAME OPNAME, vu.companyid parentid, 0 isleaf, (case when exists(select 1 from user_authority_range_op op where AUTHORITYID = '" + AUTHORITYID + "' and userid = '" + userid + "' and op.VISIBLERANGE=1 and exists(select(1) from vw_user v2 where v2.deptgid = vu.deptgid and op.OPID = v2.USERID)) then 1 else 0 end) VISIBLERANGE,'' GID,'' USERID ");
|
|
strSql.Append(" from vw_user vu ");
|
|
strSql.Append(" )t where PARENTID = '" + PARENTID + "' ");
|
|
|
|
return SetOpData(strSql);
|
|
}
|
|
static public List<UserAuthorityOp> GetUserAuthorityOPERATE_Tree(string PARENTID,string userid, string AUTHORITYID)
|
|
{
|
|
|
|
var strSql = new StringBuilder();
|
|
strSql.Append(" select *,id OPID,0 VISIBLERANGE,'' DEPTNAME,'"+ AUTHORITYID + "' AUTHORITYID,OPERATERANGE checked from ");
|
|
strSql.Append(" ( ");
|
|
strSql.Append(" select u.userid id,SHOWNAME OPNAME, deptgid PARENTID, 1 isleaf, isnull(r.OPERATERANGE, 0)OPERATERANGE,r.GID,'" + userid + "' USERID ");
|
|
strSql.Append(" from vw_user u ");
|
|
strSql.Append(" left join user_authority_range_op r on AUTHORITYID = '"+ AUTHORITYID + "' and r.OPID = u.userid ");
|
|
strSql.Append(" and r.userid = '"+ userid + "' ");
|
|
strSql.Append(" union all ");
|
|
strSql.Append(" select distinct vu.companyid id, vu.companyname OPNAME, '0' parentid, 0 isleaf, (case when exists(select 1 from user_authority_range_op op where AUTHORITYID = '" + AUTHORITYID + "' and userid = '" + userid + "' and op.OPERATERANGE=1 and exists(select(1) from vw_user v2 where v2.COMPANYID = vu.companyid and op.OPID = v2.USERID )) then 1 else 0 end) OPERATERANGE,'' GID,'' USERID ");
|
|
strSql.Append(" from vw_user vu ");
|
|
strSql.Append(" union all ");
|
|
strSql.Append(" select distinct vu.deptgid id, vu.DEPTNAME OPNAME, vu.companyid parentid, 0 isleaf, (case when exists(select 1 from user_authority_range_op op where AUTHORITYID = '" + AUTHORITYID + "' and userid = '" + userid + "' and op.OPERATERANGE=1 and exists(select(1) from vw_user v2 where v2.deptgid = vu.deptgid and op.OPID = v2.USERID)) then 1 else 0 end) OPERATERANGE,'' GID,'' USERID ");
|
|
strSql.Append(" from vw_user vu ");
|
|
strSql.Append(" )t where PARENTID = '"+ PARENTID + "' ");
|
|
|
|
return SetOpData(strSql);
|
|
}
|
|
|
|
static public List<UserAuthorityOp> GetUserAuthority_All(string USERID, string AUTHORITYID)
|
|
{
|
|
var strSql = new StringBuilder();
|
|
strSql.Append(" select *,id OPID,'' DEPTNAME,'" + AUTHORITYID + "' AUTHORITYID from ");
|
|
strSql.Append(" ( ");
|
|
strSql.Append(" select u.userid id,SHOWNAME OPNAME, deptgid PARENTID, 1 isleaf, isnull(r.OPERATERANGE, 0)OPERATERANGE, isnull(r.VISIBLERANGE, 0)VISIBLERANGE,r.GID,'" + USERID + "' USERID ");
|
|
strSql.Append(" from vw_user u ");
|
|
strSql.Append(" left join user_authority_range_op r on AUTHORITYID = '" + AUTHORITYID + "' and r.OPID = u.userid ");
|
|
strSql.Append(" and r.userid = '" + USERID + "' ");
|
|
strSql.Append(" )t ");
|
|
|
|
return SetOpData(strSql);
|
|
}
|
|
|
|
|
|
#endregion
|
|
|
|
|
|
private static List<UserAuthorityOp> SetOpData(StringBuilder strSql)
|
|
{
|
|
var headList = new List<UserAuthorityOp>();
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
|
|
{
|
|
while (reader.Read())
|
|
{
|
|
UserAuthorityOp data = new UserAuthorityOp();
|
|
#region Set DB data to Object
|
|
data.GID = Convert.ToString(reader["GID"]);
|
|
data.USERID = Convert.ToString(reader["USERID"]);
|
|
|
|
|
|
if (Convert.ToString(reader["VISIBLERANGE"]) == "1")
|
|
data.VISIBLERANGE = true;
|
|
else
|
|
data.VISIBLERANGE = false;
|
|
|
|
if (Convert.ToString(reader["OPERATERANGE"]) == "1")
|
|
data.OPERATERANGE = true;
|
|
else
|
|
data.OPERATERANGE = false;
|
|
|
|
data.OPID = Convert.ToString(reader["OPID"]);
|
|
data.OPNAME = Convert.ToString(reader["OPNAME"]);
|
|
data.DEPTNAME = Convert.ToString(reader["DEPTNAME"]);
|
|
data.AUTHORITYID = Convert.ToString(reader["AUTHORITYID"]);
|
|
|
|
if (BasicDataRefDAL.ReadFieldExist(reader, "id"))
|
|
data.id = Convert.ToString(reader["id"]);
|
|
if (BasicDataRefDAL.ReadFieldExist(reader, "PARENTID"))
|
|
data.PARENTID = Convert.ToString(reader["PARENTID"]);
|
|
if (BasicDataRefDAL.ReadFieldExist(reader, "isleaf")) {
|
|
if(Convert.ToString(reader["isleaf"])=="1")
|
|
data.leaf = true;
|
|
if (Convert.ToString(reader["isleaf"]) == "0")
|
|
data.leaf = false;
|
|
}
|
|
if (BasicDataRefDAL.ReadFieldExist(reader, "checked"))
|
|
{
|
|
if (Convert.ToString(reader["checked"]) == "1")
|
|
data.@checked = true;
|
|
if (Convert.ToString(reader["checked"]) == "0")
|
|
data.@checked = false;
|
|
}
|
|
|
|
#endregion
|
|
headList.Add(data);
|
|
}
|
|
reader.Close();
|
|
}
|
|
|
|
//遍历headList 寻找其中的
|
|
|
|
return headList;
|
|
}
|
|
|
|
public static DBResult SaveAuthorityOpDetail(List<UserAuthorityOp> bodyList, string userid, string rtype)
|
|
{
|
|
var result = new DBResult();
|
|
|
|
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
using (var conn = db.CreateConnection())
|
|
{
|
|
conn.Open();
|
|
var tran = conn.BeginTransaction();
|
|
|
|
try
|
|
{
|
|
|
|
|
|
var cmdUpdate =
|
|
db.GetSqlStringCommand(
|
|
@"update user_authority_range_op set VISIBLERANGE=@VISIBLERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where GID=@GID ");
|
|
|
|
var cmdUpdateop =
|
|
db.GetSqlStringCommand(
|
|
@"update user_authority_range_op set OPERATERANGE=@OPERATERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where GID=@GID ");
|
|
|
|
|
|
var cmdInsert =
|
|
db.GetSqlStringCommand(
|
|
@"insert into user_authority_range_op (GID,USERID,AUTHORITYID,OPID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME)
|
|
values (@GID,@USERID,@AUTHORITYID,@OPID,@VISIBLERANGE,@OPERATERANGE,@CREATEUSER,@CREATETIME) ");
|
|
|
|
|
|
|
|
if (bodyList != null)
|
|
{
|
|
foreach (var enumValue in bodyList)
|
|
{
|
|
|
|
if (enumValue.GID == "")
|
|
{
|
|
cmdInsert.Parameters.Clear();
|
|
db.AddInParameter(cmdInsert, "@GID", DbType.String, Guid.NewGuid().ToString());
|
|
db.AddInParameter(cmdInsert, "@USERID", DbType.String, enumValue.USERID);
|
|
db.AddInParameter(cmdInsert, "@AUTHORITYID", DbType.String, enumValue.AUTHORITYID);
|
|
db.AddInParameter(cmdInsert, "@OPID", DbType.String, enumValue.OPID);
|
|
if (enumValue.VISIBLERANGE)
|
|
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String, "1");
|
|
else
|
|
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String, "0");
|
|
if (enumValue.OPERATERANGE)
|
|
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String, "1");
|
|
else
|
|
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String, "0");
|
|
db.AddInParameter(cmdInsert, "@CREATEUSER", DbType.String, userid);
|
|
db.AddInParameter(cmdInsert, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
db.ExecuteNonQuery(cmdInsert, tran);
|
|
|
|
}
|
|
else
|
|
{
|
|
if (rtype == "OP")
|
|
{
|
|
cmdUpdateop.Parameters.Clear();
|
|
db.AddInParameter(cmdUpdateop, "@GID", DbType.String, enumValue.GID);
|
|
if (enumValue.OPERATERANGE)
|
|
db.AddInParameter(cmdUpdateop, "@OPERATERANGE", DbType.String, "1");
|
|
else
|
|
db.AddInParameter(cmdUpdateop, "@OPERATERANGE", DbType.String, "0");
|
|
db.AddInParameter(cmdUpdateop, "@MODIFIEDUSER", DbType.String, userid);
|
|
db.AddInParameter(cmdUpdateop, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
db.ExecuteNonQuery(cmdUpdateop, tran);
|
|
}
|
|
if (rtype == "VS")
|
|
{
|
|
cmdUpdate.Parameters.Clear();
|
|
db.AddInParameter(cmdUpdate, "@GID", DbType.String, enumValue.GID);
|
|
if (enumValue.VISIBLERANGE)
|
|
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, "1");
|
|
else
|
|
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, "0");
|
|
db.AddInParameter(cmdUpdate, "@MODIFIEDUSER", DbType.String, userid);
|
|
db.AddInParameter(cmdUpdate, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
db.ExecuteNonQuery(cmdUpdate, tran);
|
|
|
|
|
|
}
|
|
}
|
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
tran.Commit();
|
|
}
|
|
catch (Exception)
|
|
{
|
|
tran.Rollback();
|
|
|
|
result.Success = false;
|
|
result.Message = "保存出现错误,请重试或联系系统管理员";
|
|
|
|
return result;
|
|
}
|
|
}
|
|
|
|
result.Success = true;
|
|
result.Message = "保存成功" + result.Message;
|
|
|
|
return result;
|
|
}
|
|
public static DBResult SaveAuthorityOpDetailAll(string AUTHORITYID,string op, string userid, string rtype)
|
|
{
|
|
var result = new DBResult();
|
|
|
|
//var UserAuthorityList=GetUserAuthorityList(userid);
|
|
|
|
//if (rtype == "OP")
|
|
//{
|
|
// UserAuthorityList.FindAll(x=>x.OPERATERANGEREF=="选择人员");
|
|
//}
|
|
//else {
|
|
// UserAuthorityList.FindAll(x => x.VISIBLERANGEREF == "选择人员");
|
|
//}
|
|
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
using (var conn = db.CreateConnection())
|
|
{
|
|
conn.Open();
|
|
var tran = conn.BeginTransaction();
|
|
|
|
try
|
|
{
|
|
|
|
|
|
var cmdInsertOp =
|
|
db.GetSqlStringCommand(
|
|
@"if (select GID from user_authority_range_op where USERID='" + op + "' and OPID=@OPID AND AUTHORITYID=@AUTHORITYID) is null "
|
|
+ " insert into user_authority_range_op (GID,USERID,AUTHORITYID,OPID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME)"
|
|
+ " values (@GID,@USERID,@AUTHORITYID,@OPID,@VISIBLERANGE,@OPERATERANGE,@CREATEUSER,@CREATETIME) else "
|
|
+ "update user_authority_range_op set OPERATERANGE=@OPERATERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where USERID='" + userid + "' and OPID=@OPID AND AUTHORITYID=@AUTHORITYID");
|
|
|
|
if (rtype == "OP")
|
|
{
|
|
var cmdInsertOP =
|
|
db.GetSqlStringCommand(
|
|
@"update user_authority_range_op set OPERATERANGE=0 from user_authority_range_op p where USERID='" + op + "' and AUTHORITYID<>'" + AUTHORITYID + "' "
|
|
+ " update user_authority_range_op set OPERATERANGE=1,MODIFIEDUSER='" + userid + "',MODIFIEDTIME=getdate() from user_authority_range_op p where USERID='" + op + "' and AUTHORITYID<>'" + AUTHORITYID + "' "
|
|
+ " and opid in (select opid from user_authority_range_op where AUTHORITYID='" + AUTHORITYID + "' and OPERATERANGE=1 and USERID='" + op + "') "
|
|
+ " insert into user_authority_range_op (GID,USERID,AUTHORITYID,OPID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME) "
|
|
+ " select newid() GID,'" + op + "' USERID,A.AUTHORITYID,U.OPID,0 VISIBLERANGE,U.OPERATERANGE,'" + userid + "' CREATEUSER,GETDATE() CREATETIME from VW_User_Authority A, user_authority_range_op U where A.OPERATERANGE=6 AND A.USERID='" + op + "' AND U.AUTHORITYID='" + AUTHORITYID + "' and U.OPERATERANGE=1"
|
|
+ " and a.AUTHORITYID<>'" + AUTHORITYID + "' and u.userid='" +op+ "' and not EXISTS (select 1 from user_authority_range_op y where y.AUTHORITYID=a.AUTHORITYID and y.USERID='" + op + "' and y.OPID=u.OPID)");
|
|
|
|
db.ExecuteNonQuery(cmdInsertOP, tran);
|
|
|
|
}
|
|
else
|
|
{
|
|
var cmdInsertVs =
|
|
db.GetSqlStringCommand(
|
|
@"update user_authority_range_op set VISIBLERANGE=0 from user_authority_range_op p where USERID='"+ op + "' and AUTHORITYID<>'"+ AUTHORITYID + "' "
|
|
+ " update user_authority_range_op set VISIBLERANGE=1,MODIFIEDUSER='"+userid+"',MODIFIEDTIME=getdate() from user_authority_range_op p where USERID='"+ op + "' and AUTHORITYID<>'"+ AUTHORITYID + "' "
|
|
+ " and opid in (select opid from user_authority_range_op where AUTHORITYID='"+ AUTHORITYID + "' and VISIBLERANGE=1 and USERID='"+op+"') "
|
|
+ " insert into user_authority_range_op (GID,USERID,AUTHORITYID,OPID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME) "
|
|
+ " select newid() GID,'"+op+ "' USERID,A.AUTHORITYID,U.OPID,U.VISIBLERANGE,0 OPERATERANGE,'" + userid+ "' CREATEUSER,GETDATE() CREATETIME from VW_User_Authority A, user_authority_range_op U where A.VISIBLERANGE=6 AND A.USERID='" + op + "' AND U.AUTHORITYID='"+ AUTHORITYID + "' and U.VISIBLERANGE=1 "
|
|
+ " and a.AUTHORITYID<>'" + AUTHORITYID + "' and u.userid='" + op + "' and not EXISTS (select 1 from user_authority_range_op y where y.AUTHORITYID=a.AUTHORITYID and y.USERID='" + op + "' and y.OPID=u.OPID) ");
|
|
|
|
db.ExecuteNonQuery(cmdInsertVs, tran);
|
|
|
|
}
|
|
|
|
|
|
//if (UserAuthorityList != null)
|
|
//{
|
|
// foreach (var enumValueAuthority in UserAuthorityList)
|
|
// {
|
|
|
|
// if (bodyList != null)
|
|
// {
|
|
// foreach (var enumValue in bodyList)
|
|
// {
|
|
|
|
|
|
// if (rtype == "OP")
|
|
// {
|
|
// cmdInsertOp.Parameters.Clear();
|
|
// db.AddInParameter(cmdInsertOp, "@OPID", DbType.String, enumValue.OPID);
|
|
// db.AddInParameter(cmdInsertOp, "@AUTHORITYID", DbType.String, enumValueAuthority.AUTHORITYID);
|
|
// db.AddInParameter(cmdInsertOp, "@USERID", DbType.String,userid);
|
|
// db.AddInParameter(cmdInsertOp, "@GID", DbType.String, Guid.NewGuid().ToString());
|
|
// if (enumValue.OPERATERANGE)
|
|
// db.AddInParameter(cmdInsertOp, "@OPERATERANGE", DbType.String, "1");
|
|
// else
|
|
// db.AddInParameter(cmdInsertOp, "@OPERATERANGE", DbType.String, "0");
|
|
// db.AddInParameter(cmdInsertOp, "@VISIBLERANGE", DbType.String, "0");
|
|
// db.AddInParameter(cmdInsertOp, "@CREATEUSER", DbType.String, userid);
|
|
// db.AddInParameter(cmdInsertOp, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
// db.AddInParameter(cmdInsertOp, "@MODIFIEDUSER", DbType.String, userid);
|
|
// db.AddInParameter(cmdInsertOp, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
// db.ExecuteNonQuery(cmdInsertOp, tran);
|
|
// }
|
|
// else
|
|
// {
|
|
// cmdInsertVs.Parameters.Clear();
|
|
// db.AddInParameter(cmdInsertVs, "@OPID", DbType.String, enumValue.OPID);
|
|
// db.AddInParameter(cmdInsertVs, "@AUTHORITYID", DbType.String, enumValueAuthority.AUTHORITYID);
|
|
// db.AddInParameter(cmdInsertVs, "@USERID", DbType.String, userid);
|
|
// db.AddInParameter(cmdInsertVs, "@GID", DbType.String, Guid.NewGuid().ToString());
|
|
// if (enumValue.VISIBLERANGE)
|
|
// db.AddInParameter(cmdInsertVs, "@VISIBLERANGE", DbType.String, "1");
|
|
// else
|
|
// db.AddInParameter(cmdInsertVs, "@VISIBLERANGE", DbType.String, "0");
|
|
// db.AddInParameter(cmdInsertVs, "@OPERATERANGE", DbType.String, "0");
|
|
// db.AddInParameter(cmdInsertVs, "@CREATEUSER", DbType.String, userid);
|
|
// db.AddInParameter(cmdInsertVs, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
// db.AddInParameter(cmdInsertVs, "@MODIFIEDUSER", DbType.String, userid);
|
|
// db.AddInParameter(cmdInsertVs, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
// db.ExecuteNonQuery(cmdInsertVs, tran);
|
|
|
|
|
|
// }
|
|
|
|
|
|
// }
|
|
// }
|
|
// }
|
|
//}
|
|
|
|
|
|
|
|
tran.Commit();
|
|
}
|
|
catch (Exception)
|
|
{
|
|
tran.Rollback();
|
|
|
|
result.Success = false;
|
|
result.Message = "保存出现错误,请重试或联系系统管理员";
|
|
|
|
return result;
|
|
}
|
|
}
|
|
|
|
result.Success = true;
|
|
result.Message = "保存成功" + result.Message;
|
|
|
|
return result;
|
|
}
|
|
|
|
|
|
public static DBResult SaveAuthorityCompanyDetailAll(string AUTHORITYID, string op, string userid, string rtype)
|
|
{
|
|
var result = new DBResult();
|
|
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
using (var conn = db.CreateConnection())
|
|
{
|
|
conn.Open();
|
|
var tran = conn.BeginTransaction();
|
|
|
|
try
|
|
{
|
|
|
|
if (rtype == "OP")
|
|
{
|
|
var cmdInsertOP =
|
|
db.GetSqlStringCommand(
|
|
@"update user_authority_range_company set OPERATERANGE=0 from user_authority_range_company p where USERID='" + op + "' and AUTHORITYID<>'" + AUTHORITYID + "' "
|
|
+ " update user_authority_range_company set OPERATERANGE=1,MODIFIEDUSER='" + userid + "',MODIFIEDTIME=getdate() from user_authority_range_company p where USERID='" + op + "' and AUTHORITYID<>'" + AUTHORITYID + "' "
|
|
+ " and companyid in (select companyid from user_authority_range_company where AUTHORITYID='" + AUTHORITYID + "' and OPERATERANGE=1 and USERID='" + op + "') "
|
|
+ " insert into user_authority_range_company (GID,USERID,AUTHORITYID,COMPANYID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME) "
|
|
+ " select newid() GID,'" + op + "' USERID,A.AUTHORITYID,U.COMPANYID,0 VISIBLERANGE,U.OPERATERANGE,'" + userid + "' CREATEUSER,GETDATE() CREATETIME from VW_User_Authority A, user_authority_range_company U where A.OPERATERANGE=5 AND A.USERID='" + op + "' AND U.AUTHORITYID='" + AUTHORITYID + "' and U.OPERATERANGE=1"
|
|
+ " and a.AUTHORITYID<>'" + AUTHORITYID + "' and u.userid='" + op + "' and not EXISTS (select 1 from user_authority_range_company y where y.AUTHORITYID=a.AUTHORITYID and y.USERID='" + op + "' and y.COMPANYID=u.COMPANYID)");
|
|
|
|
db.ExecuteNonQuery(cmdInsertOP, tran);
|
|
|
|
}
|
|
else
|
|
{
|
|
var cmdInsertVs =
|
|
db.GetSqlStringCommand(
|
|
@"update user_authority_range_company set VISIBLERANGE=0 from user_authority_range_company p where USERID='" + op + "' and AUTHORITYID<>'" + AUTHORITYID + "' "
|
|
+ " update user_authority_range_company set VISIBLERANGE=1,MODIFIEDUSER='" + userid + "',MODIFIEDTIME=getdate() from user_authority_range_company p where USERID='" + op + "' and AUTHORITYID<>'" + AUTHORITYID + "' "
|
|
+ " and COMPANYID in (select COMPANYID from user_authority_range_company where AUTHORITYID='" + AUTHORITYID + "' and VISIBLERANGE=1 and USERID='" + op + "') "
|
|
+ " insert into user_authority_range_company (GID,USERID,AUTHORITYID,COMPANYID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME) "
|
|
+ " select newid() GID,'" + op + "' USERID,A.AUTHORITYID,U.COMPANYID,U.VISIBLERANGE,0 OPERATERANGE,'" + userid + "' CREATEUSER,GETDATE() CREATETIME from VW_User_Authority A, user_authority_range_company U where A.VISIBLERANGE=5 AND A.USERID='" + op + "' AND U.AUTHORITYID='" + AUTHORITYID + "' and U.VISIBLERANGE=1 "
|
|
+ " and a.AUTHORITYID<>'" + AUTHORITYID + "' and u.userid='" + op + "' and not EXISTS (select 1 from user_authority_range_company y where y.AUTHORITYID=a.AUTHORITYID and y.USERID='" + op + "' and y.COMPANYID=u.COMPANYID) ");
|
|
|
|
db.ExecuteNonQuery(cmdInsertVs, tran);
|
|
|
|
}
|
|
|
|
|
|
|
|
tran.Commit();
|
|
}
|
|
catch (Exception)
|
|
{
|
|
tran.Rollback();
|
|
|
|
result.Success = false;
|
|
result.Message = "保存出现错误,请重试或联系系统管理员";
|
|
|
|
return result;
|
|
}
|
|
}
|
|
|
|
result.Success = true;
|
|
result.Message = "保存成功" + result.Message;
|
|
|
|
return result;
|
|
}
|
|
|
|
#endregion
|
|
|
|
|
|
|
|
}
|
|
}
|