You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

166 lines
6.6 KiB
C#

using DSWeb.Areas.CommMng.Models;
using DSWeb.EntityDA;
using Microsoft.Practices.EnterpriseLibrary.Data;
using System;
using System.Collections.Generic;
using System.Data;
using System.Linq;
using System.Text;
using System.Web;
namespace DSWeb.MvcShipping.DAL.MsOpSeaeRunBill
{
public class MsOpSeaeRunBillDAL
{
public static string GetDataListSql(string strCondition, string userid, string usercode, string companyid, string sort = null, int start = 1, int limit = 50)
{
var rangstr = GetRangDAStr(userid, usercode, companyid);
if (!string.IsNullOrEmpty(rangstr))
{
if (!string.IsNullOrEmpty(strCondition))
{
strCondition = strCondition + " and " + rangstr;
}
else
{
strCondition = rangstr;
}
}
var sortstring = DatasetSort.Getsortstring(sort);
if (string.IsNullOrEmpty(sortstring))
{
sortstring = "createtime desc";
}
var strSql = new StringBuilder();
strSql.AppendLine("select * from ");
strSql.AppendLine("(");
strSql.AppendLine($"select row_number() over(order by {sortstring}) as rownum,* from op_seae_run_bill");
strSql.AppendLine($") t where rownum>={start} and rownum<={limit} and {strCondition}");
return strSql.ToString();
}
public static string GetDataCountSql(string strCondition, string userid, string usercode, string companyid)
{
var rangstr = GetRangDAStr(userid, usercode, companyid);
if (!string.IsNullOrEmpty(rangstr))
{
if (!string.IsNullOrEmpty(strCondition))
{
strCondition = strCondition + " and " + rangstr;
}
else
{
strCondition = rangstr;
}
}
var strSql = new StringBuilder();
strSql.AppendLine($"select count(1) from op_seae_run_bill where {strCondition}");
return strSql.ToString();
}
#region 权限范围
public static string GetRangDAStr(string userid, string username, string companyid)
{
string str = "";
var strSql = new StringBuilder();
strSql.Append("SELECT ");
strSql.Append(" VISIBLERANGE,OPERATERANGE,AUTHORITYID ");
strSql.Append(" from VW_User_Authority ");
strSql.Append(" where [NAME]='modSeaeRunBillList' and USERID='" + userid + "' and ISDELETE=0");
string visiblerange = "4";
string operaterange = "4";
string AUTHORITYID = "";
Database db = DatabaseFactory.CreateDatabase();
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
{
while (reader.Read())
{
visiblerange = Convert.ToString(reader["VISIBLERANGE"]);
operaterange = Convert.ToString(reader["OPERATERANGE"]);
AUTHORITYID = Convert.ToString(reader["AUTHORITYID"]);
break;
}
reader.Close();
}
if (visiblerange == "4")
{
str = "1=2";
}
else if (visiblerange == "3")
{
str = " (CREATEUSER='" + userid + "' OR USERID='" + userid + "')";
}
else if (visiblerange == "2")
{
}
else if (visiblerange == "1")
{
str = " (CREATEUSER in (select gid from [user] where GID in (select USERID from user_company where COMPANYID='" + companyid + "'))"
+ " OR USERID in (select gid from [user] where GID in (select USERID from user_company where COMPANYID='" + companyid + "')))";
}
else if (visiblerange == "5")
{
var userstr = new StringBuilder();
userstr.Append(" select COMPANYID from user_authority_range_company where userid='" + userid + "' and AUTHORITYID='" + AUTHORITYID + "' and VISIBLERANGE=1");
Database userdb = DatabaseFactory.CreateDatabase();
using (IDataReader reader = userdb.ExecuteReader(CommandType.Text, userstr.ToString()))
{
str = "";
while (reader.Read())
{
if (str == "")
{
str = " (CREATEUSER in (select USERID from user_company where COMPANYID='" + companyid + "') or USERID in (select USERID from user_company where COMPANYID='" + companyid + "')";
}
else
{
str = str + " or CREATEUSER in (select USERID from user_company where COMPANYID='" + companyid + "') or USERID in (select USERID from user_company where COMPANYID='" + companyid + "')";
};
}
if (str != "")
str = str + ")";
reader.Close();
}
}
else if (visiblerange == "6")
{
var userstr = new StringBuilder();
userstr.Append(" select OPID from user_authority_range_op where userid='" + userid + "' and AUTHORITYID='" + AUTHORITYID + "' and VISIBLERANGE=1");
Database userdb = DatabaseFactory.CreateDatabase();
using (IDataReader reader = userdb.ExecuteReader(CommandType.Text, userstr.ToString()))
{
str = "";
while (reader.Read())
{
if (str == "")
{
str = " (CREATEUSER='" + Convert.ToString(reader["OPID"]) + "' or USERID='" + Convert.ToString(reader["OPID"]) + "' ";
}
else
{
str = str + " or CREATEUSER='" + Convert.ToString(reader["OPID"]) + "' or USERID='" + Convert.ToString(reader["OPID"]) + "' ";
};
}
if (str != "")
str = str + ")";
reader.Close();
}
}
else if (visiblerange == "0")
{
str = " 1=1 ";
}
return str;
}
#endregion
}
}