|
|
|
|
using System;
|
|
|
|
|
using System.Data;
|
|
|
|
|
using System.Collections.Generic;
|
|
|
|
|
using System.Text;
|
|
|
|
|
using DSWeb.MvcShipping.Models.MsUserAuthority;
|
|
|
|
|
using Microsoft.Practices.EnterpriseLibrary.Data;
|
|
|
|
|
using DSWeb.Areas.CommMng.Models;
|
|
|
|
|
using HcUtility.Comm;
|
|
|
|
|
using DSWeb.MvcShipping.Models.ModuTreeRef;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
namespace DSWeb.MvcShipping.DAL.MsUerAuthority
|
|
|
|
|
{
|
|
|
|
|
public class MsUerAuthorityDAL
|
|
|
|
|
{
|
|
|
|
|
#region Inquery DataList
|
|
|
|
|
|
|
|
|
|
static public List<UserAuthority> GetUserAuthorityList(string userid, string sort = null)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
var strSql = new StringBuilder();
|
|
|
|
|
strSql.Append("SELECT * FROM ( ");
|
|
|
|
|
strSql.Append("SELECT GID,USERID,VISIBLERANGE,OPERATERANGE,AUTHORITYID,DESCRIPTION,NAME,ISNULL((case VISIBLERANGE when 0 then '全部' when 1 then '本公司' ");
|
|
|
|
|
strSql.Append("when 2 then '本部门' when 3 then '本人' when 4 then '无' when 5 then '选择公司' ");
|
|
|
|
|
strSql.Append("when 6 then '选择人员' end),'') VISIBLERANGEREF,ISNULL((case OPERATERANGE when 0 then '全部' when 1 then '本公司' ");
|
|
|
|
|
strSql.Append("when 2 then '本部门' when 3 then '本人' when 4 then '无' when 5 then '选择公司' ");
|
|
|
|
|
strSql.Append("when 6 then '选择人员' end),'') OPERATERANGEREF ");
|
|
|
|
|
strSql.Append(" from VW_User_Authority ");
|
|
|
|
|
strSql.Append(" where USERID='" + userid + "'");
|
|
|
|
|
strSql.Append(" UNION SELECT '' GID,'" + userid + "' USERID, 4 VISIBLERANGE,4 OPERATERANGE,GID AUTHORITYID,DESCRIPTION,NAME, ");
|
|
|
|
|
strSql.Append(" '无' VISIBLERANGEREF,'无' OPERATERANGEREF ");
|
|
|
|
|
strSql.Append(" from user_authority_info ");
|
|
|
|
|
strSql.Append(" where GID NOT IN (SELECT AUTHORITYID FROM user_authority_range WHERE USERID='" + userid + "')");
|
|
|
|
|
strSql.Append(" ) AS DL ");
|
|
|
|
|
|
|
|
|
|
var sortstring = DatasetSort.Getsortstring(sort);
|
|
|
|
|
if (!string.IsNullOrEmpty(sortstring) && sortstring.Trim()!="")
|
|
|
|
|
{
|
|
|
|
|
strSql.Append(" order by " + sortstring);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
strSql.Append(" order by DESCRIPTION");
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
return SetData(strSql);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private static List<UserAuthority> SetData(StringBuilder strSql)
|
|
|
|
|
{
|
|
|
|
|
var headList = new List<UserAuthority>();
|
|
|
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
|
|
|
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
|
|
|
|
|
{
|
|
|
|
|
while (reader.Read())
|
|
|
|
|
{
|
|
|
|
|
UserAuthority data = new UserAuthority();
|
|
|
|
|
#region Set DB data to Object
|
|
|
|
|
data.GID = Convert.ToString(reader["GID"]);
|
|
|
|
|
data.USERID = Convert.ToString(reader["USERID"]);
|
|
|
|
|
data.VISIBLERANGE = Convert.ToString(reader["VISIBLERANGE"]);
|
|
|
|
|
data.OPERATERANGE = Convert.ToString(reader["OPERATERANGE"]);
|
|
|
|
|
data.VISIBLERANGEREF = Convert.ToString(reader["VISIBLERANGEREF"]);
|
|
|
|
|
data.OPERATERANGEREF = Convert.ToString(reader["OPERATERANGEREF"]);
|
|
|
|
|
data.AUTHORITYID = Convert.ToString(reader["AUTHORITYID"]);
|
|
|
|
|
data.DESCRIPTION = Convert.ToString(reader["DESCRIPTION"]);
|
|
|
|
|
data.NAME = Convert.ToString(reader["NAME"]);
|
|
|
|
|
|
|
|
|
|
#endregion
|
|
|
|
|
headList.Add(data);
|
|
|
|
|
}
|
|
|
|
|
reader.Close();
|
|
|
|
|
}
|
|
|
|
|
return headList;
|
|
|
|
|
}
|
|
|
|
|
#endregion
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static public List<UserTreeRefModel> GetUserTreeRefList(string PARENTID, bool exp = false,string condition="")
|
|
|
|
|
{
|
|
|
|
|
var strSql = new StringBuilder();
|
|
|
|
|
strSql.Append("SELECT ");
|
|
|
|
|
strSql.Append(" GID,NAME,DESCRIPTION,PARENTID,TYPE");
|
|
|
|
|
strSql.Append(" from VW_user_company_tree ");
|
|
|
|
|
strSql.Append(" where parentid='" + PARENTID + "' ");
|
|
|
|
|
if (!string.IsNullOrEmpty(condition))
|
|
|
|
|
{
|
|
|
|
|
strSql.Append(" and " + condition);
|
|
|
|
|
}
|
|
|
|
|
return SetUserTreeRefData(strSql, exp);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private static List<UserTreeRefModel> SetUserTreeRefData(StringBuilder strSql,bool exp=false)
|
|
|
|
|
{
|
|
|
|
|
var headList = new List<UserTreeRefModel>();
|
|
|
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
|
|
|
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
|
|
|
|
|
{
|
|
|
|
|
while (reader.Read())
|
|
|
|
|
{
|
|
|
|
|
UserTreeRefModel data = new UserTreeRefModel();
|
|
|
|
|
#region Set DB data to Object
|
|
|
|
|
data.id = Convert.ToString(reader["GID"]);
|
|
|
|
|
data.NAME = Convert.ToString(reader["NAME"]);
|
|
|
|
|
data.DESCRIPTION = Convert.ToString(reader["DESCRIPTION"]);
|
|
|
|
|
data.PARENTID = Convert.ToString(reader["PARENTID"]);
|
|
|
|
|
data.TYPE = Convert.ToString(reader["TYPE"]);
|
|
|
|
|
if (data.TYPE == "2")
|
|
|
|
|
{
|
|
|
|
|
data.leaf = true;
|
|
|
|
|
data.expanded = true;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
data.leaf = false;
|
|
|
|
|
data.expanded = exp;
|
|
|
|
|
|
|
|
|
|
};
|
|
|
|
|
#endregion
|
|
|
|
|
headList.Add(data);
|
|
|
|
|
}
|
|
|
|
|
reader.Close();
|
|
|
|
|
}
|
|
|
|
|
return headList;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static DBResult SaveDetail(List<UserAuthority> bodyList, string userid)
|
|
|
|
|
{
|
|
|
|
|
var result = new DBResult();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
|
|
|
using (var conn = db.CreateConnection())
|
|
|
|
|
{
|
|
|
|
|
conn.Open();
|
|
|
|
|
var tran = conn.BeginTransaction();
|
|
|
|
|
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
var cmdUpdate =
|
|
|
|
|
db.GetSqlStringCommand(
|
|
|
|
|
@"update user_authority_range set VISIBLERANGE=@VISIBLERANGE,OPERATERANGE=@OPERATERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where GID=@GID ");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
var cmdInsert =
|
|
|
|
|
db.GetSqlStringCommand(
|
|
|
|
|
@"insert into user_authority_range (GID,USERID,AUTHORITYID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME)
|
|
|
|
|
values (@GID,@USERID,@AUTHORITYID,@VISIBLERANGE,@OPERATERANGE,@CREATEUSER,@CREATETIME) ");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (bodyList != null)
|
|
|
|
|
{
|
|
|
|
|
foreach (var enumValue in bodyList)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
if (enumValue.GID == "")
|
|
|
|
|
{
|
|
|
|
|
cmdInsert.Parameters.Clear();
|
|
|
|
|
db.AddInParameter(cmdInsert, "@GID", DbType.String, Guid.NewGuid().ToString());
|
|
|
|
|
db.AddInParameter(cmdInsert, "@USERID", DbType.String, enumValue.USERID);
|
|
|
|
|
db.AddInParameter(cmdInsert, "@AUTHORITYID", DbType.String, enumValue.AUTHORITYID);
|
|
|
|
|
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String, enumValue.VISIBLERANGE);
|
|
|
|
|
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String, enumValue.OPERATERANGE);
|
|
|
|
|
db.AddInParameter(cmdInsert, "@CREATEUSER", DbType.String, userid);
|
|
|
|
|
db.AddInParameter(cmdInsert, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
|
db.ExecuteNonQuery(cmdInsert, tran);
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
cmdUpdate.Parameters.Clear();
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@GID", DbType.String, enumValue.GID);
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, enumValue.VISIBLERANGE);
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@OPERATERANGE", DbType.String, enumValue.OPERATERANGE);
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@MODIFIEDUSER", DbType.String, userid);
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
|
db.ExecuteNonQuery(cmdUpdate, tran);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
tran.Commit();
|
|
|
|
|
}
|
|
|
|
|
catch (Exception)
|
|
|
|
|
{
|
|
|
|
|
tran.Rollback();
|
|
|
|
|
|
|
|
|
|
result.Success = false;
|
|
|
|
|
result.Message = "保存出现错误,请重试或联系系统管理员";
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
result.Success = true;
|
|
|
|
|
result.Message = "保存成功" + result.Message;
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#region 公司范围
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static public List<UserAuthorityCompany> GetUserAuthorityCompanyList(string userid,string AUTHORITYID, string sort = null)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
var strSql = new StringBuilder();
|
|
|
|
|
strSql.Append("SELECT * FROM ( ");
|
|
|
|
|
strSql.Append("SELECT GID,USERID,VISIBLERANGE,OPERATERANGE,AUTHORITYID,COMPANYID, ");
|
|
|
|
|
strSql.Append("(SELECT NAME FROM company WHERE GID=user_authority_range_company.COMPANYID) COMPANY");
|
|
|
|
|
strSql.Append(" from user_authority_range_company ");
|
|
|
|
|
strSql.Append(" where USERID='" + userid + "' AND AUTHORITYID='" + AUTHORITYID + "' ");
|
|
|
|
|
strSql.Append(" UNION SELECT '' GID,'" + userid + "' USERID, 0 VISIBLERANGE,0 OPERATERANGE,'" + AUTHORITYID + "' AUTHORITYID,GID COMPANYID, ");
|
|
|
|
|
strSql.Append(" NAME COMPANY ");
|
|
|
|
|
strSql.Append(" from company ");
|
|
|
|
|
strSql.Append(" where GID NOT IN (SELECT COMPANYID FROM user_authority_range_company WHERE USERID='" + userid + "' AND AUTHORITYID='" + AUTHORITYID + "')");
|
|
|
|
|
strSql.Append(" ) AS DL ");
|
|
|
|
|
|
|
|
|
|
var sortstring = DatasetSort.Getsortstring(sort);
|
|
|
|
|
if (!string.IsNullOrEmpty(sortstring) && sortstring.Trim() != "")
|
|
|
|
|
{
|
|
|
|
|
strSql.Append(" order by " + sortstring);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
strSql.Append(" order by COMPANY");
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
return SetCompanyData(strSql);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private static List<UserAuthorityCompany> SetCompanyData(StringBuilder strSql)
|
|
|
|
|
{
|
|
|
|
|
var headList = new List<UserAuthorityCompany>();
|
|
|
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
|
|
|
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
|
|
|
|
|
{
|
|
|
|
|
while (reader.Read())
|
|
|
|
|
{
|
|
|
|
|
UserAuthorityCompany data = new UserAuthorityCompany();
|
|
|
|
|
#region Set DB data to Object
|
|
|
|
|
data.GID = Convert.ToString(reader["GID"]);
|
|
|
|
|
data.USERID = Convert.ToString(reader["USERID"]);
|
|
|
|
|
if (Convert.ToString(reader["VISIBLERANGE"])=="1")
|
|
|
|
|
data.VISIBLERANGE =true;
|
|
|
|
|
else
|
|
|
|
|
data.VISIBLERANGE = false;
|
|
|
|
|
|
|
|
|
|
if (Convert.ToString(reader["OPERATERANGE"]) == "1")
|
|
|
|
|
data.OPERATERANGE =true;
|
|
|
|
|
else
|
|
|
|
|
data.OPERATERANGE =false;
|
|
|
|
|
|
|
|
|
|
data.COMPANYID = Convert.ToString(reader["COMPANYID"]);
|
|
|
|
|
data.COMPANY = Convert.ToString(reader["COMPANY"]);
|
|
|
|
|
data.AUTHORITYID = Convert.ToString(reader["AUTHORITYID"]);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#endregion
|
|
|
|
|
headList.Add(data);
|
|
|
|
|
}
|
|
|
|
|
reader.Close();
|
|
|
|
|
}
|
|
|
|
|
return headList;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static DBResult SaveAuthorityCompanyDetail(List<UserAuthorityCompany> bodyList, string userid,string rtype)
|
|
|
|
|
{
|
|
|
|
|
var result = new DBResult();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
|
|
|
using (var conn = db.CreateConnection())
|
|
|
|
|
{
|
|
|
|
|
conn.Open();
|
|
|
|
|
var tran = conn.BeginTransaction();
|
|
|
|
|
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
var cmdUpdate =
|
|
|
|
|
db.GetSqlStringCommand(
|
|
|
|
|
@"update user_authority_range_company set VISIBLERANGE=@VISIBLERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where GID=@GID ");
|
|
|
|
|
|
|
|
|
|
var cmdUpdateop =
|
|
|
|
|
db.GetSqlStringCommand(
|
|
|
|
|
@"update user_authority_range_company set OPERATERANGE=@OPERATERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where GID=@GID ");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
var cmdInsert =
|
|
|
|
|
db.GetSqlStringCommand(
|
|
|
|
|
@"insert into user_authority_range_company (GID,USERID,AUTHORITYID,COMPANYID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME)
|
|
|
|
|
values (@GID,@USERID,@AUTHORITYID,@COMPANYID,@VISIBLERANGE,@OPERATERANGE,@CREATEUSER,@CREATETIME) ");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (bodyList != null)
|
|
|
|
|
{
|
|
|
|
|
foreach (var enumValue in bodyList)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
if (enumValue.GID == "")
|
|
|
|
|
{
|
|
|
|
|
cmdInsert.Parameters.Clear();
|
|
|
|
|
db.AddInParameter(cmdInsert, "@GID", DbType.String, Guid.NewGuid().ToString());
|
|
|
|
|
db.AddInParameter(cmdInsert, "@USERID", DbType.String, enumValue.USERID);
|
|
|
|
|
db.AddInParameter(cmdInsert, "@AUTHORITYID", DbType.String, enumValue.AUTHORITYID);
|
|
|
|
|
db.AddInParameter(cmdInsert, "@COMPANYID", DbType.String, enumValue.COMPANYID);
|
|
|
|
|
if (enumValue.VISIBLERANGE)
|
|
|
|
|
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String,"1");
|
|
|
|
|
else
|
|
|
|
|
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String,"0");
|
|
|
|
|
if (enumValue.OPERATERANGE)
|
|
|
|
|
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String,"1");
|
|
|
|
|
else
|
|
|
|
|
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String,"0");
|
|
|
|
|
db.AddInParameter(cmdInsert, "@CREATEUSER", DbType.String, userid);
|
|
|
|
|
db.AddInParameter(cmdInsert, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
|
db.ExecuteNonQuery(cmdInsert, tran);
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
if (rtype == "OP")
|
|
|
|
|
{
|
|
|
|
|
cmdUpdateop.Parameters.Clear();
|
|
|
|
|
db.AddInParameter(cmdUpdateop, "@GID", DbType.String, enumValue.GID);
|
|
|
|
|
if (enumValue.OPERATERANGE)
|
|
|
|
|
db.AddInParameter(cmdUpdateop, "@OPERATERANGE", DbType.String, "1");
|
|
|
|
|
else
|
|
|
|
|
db.AddInParameter(cmdUpdateop, "@OPERATERANGE", DbType.String, "0");
|
|
|
|
|
db.AddInParameter(cmdUpdateop, "@MODIFIEDUSER", DbType.String, userid);
|
|
|
|
|
db.AddInParameter(cmdUpdateop, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
|
db.ExecuteNonQuery(cmdUpdateop, tran);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
cmdUpdate.Parameters.Clear();
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@GID", DbType.String, enumValue.GID);
|
|
|
|
|
if (enumValue.VISIBLERANGE)
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, "1");
|
|
|
|
|
else
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, "0");
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@MODIFIEDUSER", DbType.String, userid);
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
|
db.ExecuteNonQuery(cmdUpdate, tran);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
tran.Commit();
|
|
|
|
|
}
|
|
|
|
|
catch (Exception)
|
|
|
|
|
{
|
|
|
|
|
tran.Rollback();
|
|
|
|
|
|
|
|
|
|
result.Success = false;
|
|
|
|
|
result.Message = "保存出现错误,请重试或联系系统管理员";
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
result.Success = true;
|
|
|
|
|
result.Message = "保存成功" + result.Message;
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#endregion
|
|
|
|
|
|
|
|
|
|
#region 人员范围
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static public List<UserAuthorityOp> GetUserAuthorityOpList(string userid, string AUTHORITYID, string sort = null)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
var strSql = new StringBuilder();
|
|
|
|
|
strSql.Append("SELECT * FROM ( ");
|
|
|
|
|
strSql.Append("SELECT GID,USERID,VISIBLERANGE,OPERATERANGE,AUTHORITYID,OPID, ");
|
|
|
|
|
strSql.Append("(SELECT SHOWNAME+'('+companyname+')' FROM [VW_user] WHERE userid=user_authority_range_op.OPID) OPNAME,");
|
|
|
|
|
strSql.Append("(SELECT companyname FROM [VW_user] WHERE userid=user_authority_range_op.OPID) COMPANYNAME,");
|
|
|
|
|
strSql.Append("(SELECT DEPTNAME FROM [VW_user] WHERE userid=user_authority_range_op.OPID) DEPTNAME");
|
|
|
|
|
strSql.Append(" from user_authority_range_op ");
|
|
|
|
|
strSql.Append(" where USERID='" + userid + "' AND AUTHORITYID='" + AUTHORITYID + "' ");
|
|
|
|
|
strSql.Append(" UNION SELECT '' GID,'" + userid + "' USERID, 0 VISIBLERANGE,0 OPERATERANGE,'" + AUTHORITYID + "' AUTHORITYID,userid OPID, ");
|
|
|
|
|
strSql.Append(" SHOWNAME+'('+companyname+')' OPNAME,COMPANYNAME,DEPTNAME ");
|
|
|
|
|
strSql.Append(" from VW_user ");
|
|
|
|
|
strSql.Append(" where userid NOT IN (SELECT OPID FROM user_authority_range_op WHERE USERID='" + userid + "' AND AUTHORITYID='" + AUTHORITYID + "')");
|
|
|
|
|
strSql.Append(" ) AS DL ");
|
|
|
|
|
|
|
|
|
|
var sortstring = DatasetSort.Getsortstring(sort);
|
|
|
|
|
if (!string.IsNullOrEmpty(sortstring) && sortstring.Trim() != "")
|
|
|
|
|
{
|
|
|
|
|
strSql.Append(" order by " + sortstring);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
strSql.Append(" order by COMPANYNAME,OPNAME");
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
return SetOpData(strSql);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private static List<UserAuthorityOp> SetOpData(StringBuilder strSql)
|
|
|
|
|
{
|
|
|
|
|
var headList = new List<UserAuthorityOp>();
|
|
|
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
|
|
|
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
|
|
|
|
|
{
|
|
|
|
|
while (reader.Read())
|
|
|
|
|
{
|
|
|
|
|
UserAuthorityOp data = new UserAuthorityOp();
|
|
|
|
|
#region Set DB data to Object
|
|
|
|
|
data.GID = Convert.ToString(reader["GID"]);
|
|
|
|
|
data.USERID = Convert.ToString(reader["USERID"]);
|
|
|
|
|
if (Convert.ToString(reader["VISIBLERANGE"]) == "1")
|
|
|
|
|
data.VISIBLERANGE = true;
|
|
|
|
|
else
|
|
|
|
|
data.VISIBLERANGE = false;
|
|
|
|
|
|
|
|
|
|
if (Convert.ToString(reader["OPERATERANGE"]) == "1")
|
|
|
|
|
data.OPERATERANGE = true;
|
|
|
|
|
else
|
|
|
|
|
data.OPERATERANGE = false;
|
|
|
|
|
|
|
|
|
|
data.OPID = Convert.ToString(reader["OPID"]);
|
|
|
|
|
data.OPNAME = Convert.ToString(reader["OPNAME"]);
|
|
|
|
|
data.DEPTNAME = Convert.ToString(reader["DEPTNAME"]);
|
|
|
|
|
data.AUTHORITYID = Convert.ToString(reader["AUTHORITYID"]);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#endregion
|
|
|
|
|
headList.Add(data);
|
|
|
|
|
}
|
|
|
|
|
reader.Close();
|
|
|
|
|
}
|
|
|
|
|
return headList;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static DBResult SaveAuthorityOpDetail(List<UserAuthorityOp> bodyList, string userid, string rtype)
|
|
|
|
|
{
|
|
|
|
|
var result = new DBResult();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
|
|
|
using (var conn = db.CreateConnection())
|
|
|
|
|
{
|
|
|
|
|
conn.Open();
|
|
|
|
|
var tran = conn.BeginTransaction();
|
|
|
|
|
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
var cmdUpdate =
|
|
|
|
|
db.GetSqlStringCommand(
|
|
|
|
|
@"update user_authority_range_op set VISIBLERANGE=@VISIBLERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where GID=@GID ");
|
|
|
|
|
|
|
|
|
|
var cmdUpdateop =
|
|
|
|
|
db.GetSqlStringCommand(
|
|
|
|
|
@"update user_authority_range_op set OPERATERANGE=@OPERATERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where GID=@GID ");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
var cmdInsert =
|
|
|
|
|
db.GetSqlStringCommand(
|
|
|
|
|
@"insert into user_authority_range_op (GID,USERID,AUTHORITYID,OPID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME)
|
|
|
|
|
values (@GID,@USERID,@AUTHORITYID,@OPID,@VISIBLERANGE,@OPERATERANGE,@CREATEUSER,@CREATETIME) ");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (bodyList != null)
|
|
|
|
|
{
|
|
|
|
|
foreach (var enumValue in bodyList)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
if (enumValue.GID == "")
|
|
|
|
|
{
|
|
|
|
|
cmdInsert.Parameters.Clear();
|
|
|
|
|
db.AddInParameter(cmdInsert, "@GID", DbType.String, Guid.NewGuid().ToString());
|
|
|
|
|
db.AddInParameter(cmdInsert, "@USERID", DbType.String, enumValue.USERID);
|
|
|
|
|
db.AddInParameter(cmdInsert, "@AUTHORITYID", DbType.String, enumValue.AUTHORITYID);
|
|
|
|
|
db.AddInParameter(cmdInsert, "@OPID", DbType.String, enumValue.OPID);
|
|
|
|
|
if (enumValue.VISIBLERANGE)
|
|
|
|
|
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String, "1");
|
|
|
|
|
else
|
|
|
|
|
db.AddInParameter(cmdInsert, "@VISIBLERANGE", DbType.String, "0");
|
|
|
|
|
if (enumValue.OPERATERANGE)
|
|
|
|
|
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String, "1");
|
|
|
|
|
else
|
|
|
|
|
db.AddInParameter(cmdInsert, "@OPERATERANGE", DbType.String, "0");
|
|
|
|
|
db.AddInParameter(cmdInsert, "@CREATEUSER", DbType.String, userid);
|
|
|
|
|
db.AddInParameter(cmdInsert, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
|
db.ExecuteNonQuery(cmdInsert, tran);
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
if (rtype == "OP")
|
|
|
|
|
{
|
|
|
|
|
cmdUpdateop.Parameters.Clear();
|
|
|
|
|
db.AddInParameter(cmdUpdateop, "@GID", DbType.String, enumValue.GID);
|
|
|
|
|
if (enumValue.OPERATERANGE)
|
|
|
|
|
db.AddInParameter(cmdUpdateop, "@OPERATERANGE", DbType.String, "1");
|
|
|
|
|
else
|
|
|
|
|
db.AddInParameter(cmdUpdateop, "@OPERATERANGE", DbType.String, "0");
|
|
|
|
|
db.AddInParameter(cmdUpdateop, "@MODIFIEDUSER", DbType.String, userid);
|
|
|
|
|
db.AddInParameter(cmdUpdateop, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
|
db.ExecuteNonQuery(cmdUpdateop, tran);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
cmdUpdate.Parameters.Clear();
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@GID", DbType.String, enumValue.GID);
|
|
|
|
|
if (enumValue.VISIBLERANGE)
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, "1");
|
|
|
|
|
else
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@VISIBLERANGE", DbType.String, "0");
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@MODIFIEDUSER", DbType.String, userid);
|
|
|
|
|
db.AddInParameter(cmdUpdate, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
|
db.ExecuteNonQuery(cmdUpdate, tran);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
tran.Commit();
|
|
|
|
|
}
|
|
|
|
|
catch (Exception)
|
|
|
|
|
{
|
|
|
|
|
tran.Rollback();
|
|
|
|
|
|
|
|
|
|
result.Success = false;
|
|
|
|
|
result.Message = "保存出现错误,请重试或联系系统管理员";
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
result.Success = true;
|
|
|
|
|
result.Message = "保存成功" + result.Message;
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
public static DBResult SaveAuthorityOpDetailAll(List<UserAuthorityOp> bodyList, string userid, string rtype)
|
|
|
|
|
{
|
|
|
|
|
var result = new DBResult();
|
|
|
|
|
|
|
|
|
|
var UserAuthorityList=GetUserAuthorityList(userid);
|
|
|
|
|
|
|
|
|
|
if (rtype == "OP")
|
|
|
|
|
{
|
|
|
|
|
UserAuthorityList.FindAll(x=>x.OPERATERANGEREF=="选择人员");
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
UserAuthorityList.FindAll(x => x.VISIBLERANGEREF == "选择人员");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Database db = DatabaseFactory.CreateDatabase();
|
|
|
|
|
using (var conn = db.CreateConnection())
|
|
|
|
|
{
|
|
|
|
|
conn.Open();
|
|
|
|
|
var tran = conn.BeginTransaction();
|
|
|
|
|
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
var cmdInsertVs =
|
|
|
|
|
db.GetSqlStringCommand(
|
|
|
|
|
@"if (select GID from user_authority_range_op where USERID='" + userid + "' and OPID=@OPID AND AUTHORITYID=@AUTHORITYID) is null "
|
|
|
|
|
+" insert into user_authority_range_op (GID,USERID,AUTHORITYID,OPID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME)"
|
|
|
|
|
+" values (@GID,@USERID,@AUTHORITYID,@OPID,@VISIBLERANGE,@OPERATERANGE,@CREATEUSER,@CREATETIME) else "
|
|
|
|
|
+"update user_authority_range_op set VISIBLERANGE=@VISIBLERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where USERID='" + userid + "' and OPID=@OPID AND AUTHORITYID=@AUTHORITYID");
|
|
|
|
|
|
|
|
|
|
var cmdInsertOp =
|
|
|
|
|
db.GetSqlStringCommand(
|
|
|
|
|
@"if (select GID from user_authority_range_op where USERID='" + userid + "' and OPID=@OPID AND AUTHORITYID=@AUTHORITYID) is null "
|
|
|
|
|
+ " insert into user_authority_range_op (GID,USERID,AUTHORITYID,OPID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME)"
|
|
|
|
|
+ " values (@GID,@USERID,@AUTHORITYID,@OPID,@VISIBLERANGE,@OPERATERANGE,@CREATEUSER,@CREATETIME) else "
|
|
|
|
|
+ "update user_authority_range_op set OPERATERANGE=@OPERATERANGE,MODIFIEDUSER=@MODIFIEDUSER,MODIFIEDTIME=@MODIFIEDTIME where USERID='" + userid + "' and OPID=@OPID AND AUTHORITYID=@AUTHORITYID");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (UserAuthorityList != null)
|
|
|
|
|
{
|
|
|
|
|
foreach (var enumValueAuthority in UserAuthorityList)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
if (bodyList != null)
|
|
|
|
|
{
|
|
|
|
|
foreach (var enumValue in bodyList)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (rtype == "OP")
|
|
|
|
|
{
|
|
|
|
|
cmdInsertOp.Parameters.Clear();
|
|
|
|
|
db.AddInParameter(cmdInsertOp, "@OPID", DbType.String, enumValue.OPID);
|
|
|
|
|
db.AddInParameter(cmdInsertOp, "@AUTHORITYID", DbType.String, enumValueAuthority.AUTHORITYID);
|
|
|
|
|
db.AddInParameter(cmdInsertOp, "@USERID", DbType.String,userid);
|
|
|
|
|
db.AddInParameter(cmdInsertOp, "@GID", DbType.String, Guid.NewGuid().ToString());
|
|
|
|
|
if (enumValue.OPERATERANGE)
|
|
|
|
|
db.AddInParameter(cmdInsertOp, "@OPERATERANGE", DbType.String, "1");
|
|
|
|
|
else
|
|
|
|
|
db.AddInParameter(cmdInsertOp, "@OPERATERANGE", DbType.String, "0");
|
|
|
|
|
db.AddInParameter(cmdInsertOp, "@VISIBLERANGE", DbType.String, "0");
|
|
|
|
|
db.AddInParameter(cmdInsertOp, "@CREATEUSER", DbType.String, userid);
|
|
|
|
|
db.AddInParameter(cmdInsertOp, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
|
|
|
|
|
|
db.AddInParameter(cmdInsertOp, "@MODIFIEDUSER", DbType.String, userid);
|
|
|
|
|
db.AddInParameter(cmdInsertOp, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
|
db.ExecuteNonQuery(cmdInsertOp, tran);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
cmdInsertVs.Parameters.Clear();
|
|
|
|
|
db.AddInParameter(cmdInsertVs, "@OPID", DbType.String, enumValue.OPID);
|
|
|
|
|
db.AddInParameter(cmdInsertVs, "@AUTHORITYID", DbType.String, enumValueAuthority.AUTHORITYID);
|
|
|
|
|
db.AddInParameter(cmdInsertVs, "@USERID", DbType.String, userid);
|
|
|
|
|
db.AddInParameter(cmdInsertVs, "@GID", DbType.String, Guid.NewGuid().ToString());
|
|
|
|
|
if (enumValue.VISIBLERANGE)
|
|
|
|
|
db.AddInParameter(cmdInsertVs, "@VISIBLERANGE", DbType.String, "1");
|
|
|
|
|
else
|
|
|
|
|
db.AddInParameter(cmdInsertVs, "@VISIBLERANGE", DbType.String, "0");
|
|
|
|
|
db.AddInParameter(cmdInsertVs, "@OPERATERANGE", DbType.String, "0");
|
|
|
|
|
db.AddInParameter(cmdInsertVs, "@CREATEUSER", DbType.String, userid);
|
|
|
|
|
db.AddInParameter(cmdInsertVs, "@CREATETIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
|
|
|
|
|
|
db.AddInParameter(cmdInsertVs, "@MODIFIEDUSER", DbType.String, userid);
|
|
|
|
|
db.AddInParameter(cmdInsertVs, "@MODIFIEDTIME", DbType.String, DateTime.Now.ToString("yyyy-MM-dd"));
|
|
|
|
|
db.ExecuteNonQuery(cmdInsertVs, tran);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
tran.Commit();
|
|
|
|
|
}
|
|
|
|
|
catch (Exception)
|
|
|
|
|
{
|
|
|
|
|
tran.Rollback();
|
|
|
|
|
|
|
|
|
|
result.Success = false;
|
|
|
|
|
result.Message = "保存出现错误,请重试或联系系统管理员";
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
result.Success = true;
|
|
|
|
|
result.Message = "保存成功" + result.Message;
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endregion
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|