You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

553 lines
27 KiB
C#

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

using System;
using System.Data;
using System.Configuration;
using System.Data.SqlClient;
using System.Collections;
using System.Collections.Generic;
using DSWeb.Models;
using WebSqlHelper;
namespace DSWeb.EntityDA
{
public class UserAuthorityDA
{
//user_authority_info
private const string PARM_USER_AUTHORIYT_INFO_GID = "@gid";
private const string PARM_USER_AUTHORITY_INFO_NAME = "@name";
private const string PARM_USER_AUTHORITY_INFO_DESCRIPTION = "@description";
private const string PARM_USER_AUTHORITY_INFO_MODULE_URL = "@module_url";
private const string PARM_USER_AUTHORITY_INFO_IS_ALL = "@is_all";
private const string PARM_USER_AUTHORITY_INFO_IS_COMPANY = "@is_company";
private const string PARM_USER_AUTHORITY_INFO_IS_DEPT = "@is_dept";
private const string PARM_USER_AUTHORITY_INFO_IS_PERSON = "@is_person";
private const string PARM_USER_AUTHORITY_INFO_CREATE_USER = "@create_user";
private const string PARM_USER_AUTHORITY_INFO_CREATE_TIME = "@create_time";
private const string PARM_USER_AUTHORITY_INFO_MODIFIED_USER = "@modified_user";
private const string PARM_USER_AUTHORITY_INFO_MODIFIED_TIME = "@modified_time";
private const string PARM_USER_AUTHORITY_INFO_IS_DELETE = "@is_delete";
//user_authority_range
private const string PARM_USER_AUTHORITY_RANGE_GID = "@gid";
private const string PARM_USER_AUTHORITY_RANGE_USER_ID = "@user_id";
private const string PARM_USER_AUTHORITY_RANGE_AUTHORITY_ID = "@authority_id";
private const string PARM_USER_AUTHORITY_RANGE_VISIBLE_RANGE = "@visible_range";
private const string PARM_USER_AUTHORITY_RANGE_OPERATE_RANGE = "@operate_range";
private const string PARM_USER_AUTHORITY_RANGE_CREATE_USER = "@create_user";
private const string PARM_USER_AUTHORITY_RANGE_CREATE_TIME = "@create_time";
private const string PARM_USER_AUTHORITY_RANGE_MODIFIED_USER = "@modified_user";
private const string PARM_USER_AUTHORITY_RANGE_MODIFIED_TIME = "@modified_time";
private const string SQL_SELECT_USER_AUTHORITY_INFO_BY_GID = " SELECT GID, NAME, DESCRIPTION, MODULEURL, ISALL, ISCOMPANY, ISDEPT, ISPERSON, CREATEUSER,"
+ " CREATETIME, MODIFIEDUSER, MODIFIEDTIME,ISDELETE FROM user_authority_info WHERE GID = @gid ";
private const string SQL_SELECT_USER_AUTHORITY_RANGE_BY_USERID_AND_NAME = " SELECT A.GID, A.USERID, A.AUTHORITYID, A.VISIBLERANGE, A.OPERATERANGE, A.CREATEUSER, A.CREATETIME, A.MODIFIEDUSER, A.MODIFIEDTIME "
+ " FROM user_authority_range as A INNER JOIN user_authority_info as B ON A.AUTHORITYID = B.GID WHERE A.USERID = @user_id AND B.NAME = @name ";
private const string SQL_SELECT_USER_AUTHORITY_RANGE_BY_NAME_AND_TYPE = " SELECT DISTINCT A.GID, A.USERID, A.AUTHORITYID, A.VISIBLERANGE, A.OPERATERANGE, A.CREATEUSER, A.CREATETIME, A.MODIFIEDUSER, A.MODIFIEDTIME "
+ " FROM user_authority_range as A INNER JOIN user_authority_info as B ON A.AUTHORITYID = B.GID WHERE B.NAME = @name AND B.ISDELETE <> 1 "
+ " AND OPERATERANGE <= @operate_range ";
private const string SQL_SELECT_USER_AUTHORITY_RANGE_BY_USERID_AND_AUTHORITY = " SELECT COUNT(*) FROM user_authority_range WHERE USERID = @user_id AND AUTHORITYID = @authority_id ";
private const string SQL_UPDATE_USER_AUTHORITY_RANGE_VIS_BY_USERID_AND_AUTHORITY = " UPDATE user_authority_range SET VISIBLERANGE = @visible_range,MODIFIEDUSER = @modified_user,MODIFIEDTIME = GETDATE() "
+ " WHERE USERID = @user_id AND AUTHORITYID = @authority_id ";
private const string SQL_UPDATE_USER_AUTHORITY_RANGE_OP_BY_USERID_AND_AUTHORITY = " UPDATE user_authority_range SET OPERATERANGE = @operate_range,MODIFIEDUSER = @modified_user,MODIFIEDTIME = GETDATE() "
+ " WHERE USERID = @user_id AND AUTHORITYID = @authority_id ";
private const string SQL_INSERT_USER_AUTHORITY_RANGE = " INSERT INTO user_authority_range(GID,USERID,AUTHORITYID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME) "
+ " VALUES(@gid,@user_id,@authority_id,@visible_range,@operate_range,@create_user,GETDATE()) ";
private const string SQL_SELECT_USER_AUTHORITY_INFO_ALL_NO_DELETE = " SELECT GID, NAME, DESCRIPTION, MODULEURL, ISALL, ISCOMPANY, ISDEPT, ISPERSON, CREATEUSER,"
+ " CREATETIME, MODIFIEDUSER, MODIFIEDTIME,ISDELETE FROM user_authority_info WHERE ISDELETE <> 1 ";
private const string SQL_INSERT_USER_AUTHORITY_RANGE_FOR_NEWUSER = " INSERT INTO user_authority_range(GID,USERID,AUTHORITYID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME) "
+ " SELECT newid(),@user_id,GID,3,3,@create_user,GETDATE() FROM user_authority_info WHERE ISNULL(ISDELETE,0) <> 1 ";
#region 根据权限范围名称获取所有权限范围内的用户
/// <summary>
/// 根据权限范围名称获取所有权限范围内的用户
/// </summary>
/// <param name="tempModuleName">权限范围名称</param>
/// <param name="tempOperateRange">可操作权限范围</param>
/// <returns>返回所有符合条件的用户权限范围</returns>
public IList<UserAuthorityRangeEntity> GetAuthorityUsersByNameAndRange(string tempModuleName,int tempOperateRange)
{
//初始化返回变量
IList<UserAuthorityRangeEntity> userAuthorityRangeEntities = new List<UserAuthorityRangeEntity>();
//初始化参数并赋值
SqlParameter[] parms = new SqlParameter[] {
new SqlParameter(PARM_USER_AUTHORITY_INFO_NAME, SqlDbType.VarChar, 50),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_OPERATE_RANGE, SqlDbType.Int)
};
parms[0].Value = tempModuleName;
parms[1].Value = tempOperateRange;
using (SqlDataReader sqlRead = SqlHelper.ExecuteReader(SqlHelper.ConnectionStringLocalTransaction, CommandType.Text, SQL_SELECT_USER_AUTHORITY_RANGE_BY_NAME_AND_TYPE, parms))
{
try
{
//读取字段值
while (sqlRead.Read())
{
UserAuthorityRangeEntity userAuthorityRangeEntity = new UserAuthorityRangeEntity();
if (!sqlRead.IsDBNull(0))
{
userAuthorityRangeEntity.GID = sqlRead.GetString(0);
}
if (!sqlRead.IsDBNull(1))
{
userAuthorityRangeEntity.UserID = sqlRead.GetString(1);
}
if (!sqlRead.IsDBNull(2))
{
userAuthorityRangeEntity.AuthorityID = sqlRead.GetString(2);
}
if (!sqlRead.IsDBNull(3))
{
userAuthorityRangeEntity.VisableRange = sqlRead.GetInt32(3);
}
if (!sqlRead.IsDBNull(4))
{
userAuthorityRangeEntity.OperateRange = sqlRead.GetInt32(4);
}
if (!sqlRead.IsDBNull(5))
{
userAuthorityRangeEntity.CreateUser = sqlRead.GetString(5);
}
if (!sqlRead.IsDBNull(6))
{
userAuthorityRangeEntity.CreateTime = sqlRead.GetDateTime(6);
}
if (!sqlRead.IsDBNull(7))
{
userAuthorityRangeEntity.ModifiedUser = sqlRead.GetString(7);
}
if (!sqlRead.IsDBNull(8))
{
userAuthorityRangeEntity.ModifiedTime = sqlRead.GetDateTime(8);
}
userAuthorityRangeEntities.Add(userAuthorityRangeEntity);
}
}
catch (Exception exceError)
{
//抛出异常
throw exceError;
}
}
return userAuthorityRangeEntities;
}
#endregion
#region 获取用户权限范围信息
/// <summary>
/// 获取用户权限范围信息
/// </summary>
/// <param name="tempUserAuthorityGID">权限范围GID</param>
/// <returns>返回用户权限范围实体类</returns>
public UserAuthorityEntity GetUserAuthorityInfo(string tempUserAuthorityGID)
{
//初始化返回变量
UserAuthorityEntity userAuthorityEntity = null;
//初始化参数并赋值
SqlParameter parm = new SqlParameter(PARM_USER_AUTHORIYT_INFO_GID, SqlDbType.VarChar, 36);
parm.Value = tempUserAuthorityGID;
using (SqlDataReader sqlRead = SqlHelper.ExecuteReader(SqlHelper.ConnectionStringLocalTransaction, CommandType.Text, SQL_SELECT_USER_AUTHORITY_INFO_BY_GID, parm))
{
try
{
userAuthorityEntity = new UserAuthorityEntity();
//读取字段值
while (sqlRead.Read())
{
if (!sqlRead.IsDBNull(0))
{
userAuthorityEntity.GID = sqlRead.GetString(0);
}
if (!sqlRead.IsDBNull(1))
{
userAuthorityEntity.Name = sqlRead.GetString(1);
}
if (!sqlRead.IsDBNull(2))
{
userAuthorityEntity.Description = sqlRead.GetString(2);
}
if (!sqlRead.IsDBNull(3))
{
userAuthorityEntity.ModuleUrl = sqlRead.GetString(3);
}
if (!sqlRead.IsDBNull(4))
{
userAuthorityEntity.IsAll = sqlRead.GetBoolean(4);
}
if (!sqlRead.IsDBNull(5))
{
userAuthorityEntity.IsCompany = sqlRead.GetBoolean(5);
}
if (!sqlRead.IsDBNull(6))
{
userAuthorityEntity.IsDepartment = sqlRead.GetBoolean(6);
}
if (!sqlRead.IsDBNull(7))
{
userAuthorityEntity.IsPerson = sqlRead.GetBoolean(7);
}
if (!sqlRead.IsDBNull(8))
{
userAuthorityEntity.CreateUser = sqlRead.GetString(8);
}
if (!sqlRead.IsDBNull(9))
{
userAuthorityEntity.CreateTime = sqlRead.GetDateTime(9);
}
if (!sqlRead.IsDBNull(10))
{
userAuthorityEntity.ModifiedUser = sqlRead.GetString(10);
}
if (!sqlRead.IsDBNull(11))
{
userAuthorityEntity.ModifiedTime = sqlRead.GetDateTime(11);
}
if (!sqlRead.IsDBNull(12))
{
userAuthorityEntity.IsDelete = sqlRead.GetBoolean(12);
}
}
}
catch (Exception exceError)
{
//抛出异常
throw exceError;
}
}
return userAuthorityEntity;
}
#endregion
#region 获取用户的模块权限信息返回UserAuthorityRangeEntity
/// <summary>
/// 获取用户的模块权限信息返回UserAuthorityRangeEntity
/// </summary>
/// <param name="tempUserID">user_id</param>
/// <param name="tempModuleName">ModuleName</param>
/// <returns>返回UserAuthorityRangeEntity</returns>
public UserAuthorityRangeEntity GetUserAuthorityRange(string tempUserID,string tempModuleName)
{
//初始化返回变量
UserAuthorityRangeEntity userAuthorityRangeEntity = null;
//初始化参数并赋值
SqlParameter[] parms = new SqlParameter[] {
new SqlParameter(PARM_USER_AUTHORITY_RANGE_USER_ID, SqlDbType.VarChar, 36),
new SqlParameter(PARM_USER_AUTHORITY_INFO_NAME, SqlDbType.VarChar, 50)
};
parms[0].Value = tempUserID;
parms[1].Value = tempModuleName;
using (SqlDataReader sqlRead = SqlHelper.ExecuteReader(SqlHelper.ConnectionStringLocalTransaction, CommandType.Text, SQL_SELECT_USER_AUTHORITY_RANGE_BY_USERID_AND_NAME, parms))
{
try
{
userAuthorityRangeEntity = new UserAuthorityRangeEntity();
//读取字段值
while (sqlRead.Read())
{
if (!sqlRead.IsDBNull(0))
{
userAuthorityRangeEntity.GID = sqlRead.GetString(0);
}
if (!sqlRead.IsDBNull(1))
{
userAuthorityRangeEntity.UserID = sqlRead.GetString(1);
}
if (!sqlRead.IsDBNull(2))
{
userAuthorityRangeEntity.AuthorityID = sqlRead.GetString(2);
}
if (!sqlRead.IsDBNull(3))
{
userAuthorityRangeEntity.VisableRange = sqlRead.GetInt32(3);
}
if (!sqlRead.IsDBNull(4))
{
userAuthorityRangeEntity.OperateRange = sqlRead.GetInt32(4);
}
if (!sqlRead.IsDBNull(5))
{
userAuthorityRangeEntity.CreateUser = sqlRead.GetString(5);
}
if (!sqlRead.IsDBNull(6))
{
userAuthorityRangeEntity.CreateTime = sqlRead.GetDateTime(6);
}
if (!sqlRead.IsDBNull(7))
{
userAuthorityRangeEntity.ModifiedUser = sqlRead.GetString(7);
}
if (!sqlRead.IsDBNull(8))
{
userAuthorityRangeEntity.ModifiedTime = sqlRead.GetDateTime(8);
}
}
}
catch (Exception exceError)
{
//抛出异常
throw exceError;
}
}
return userAuthorityRangeEntity;
}
#endregion
public int GetSqlCount(string tempSql)
{
int iResult = 0;
using (SqlConnection conn = new SqlConnection(SqlHelper.ConnectionStringLocalTransaction))
{
int existVal = (int)SqlHelper.ExecuteScalar(conn, CommandType.Text, tempSql, null);
if (existVal > 0)
{
iResult = 1;
}
else
{
iResult = -1;//执行异常
}
}
return iResult;
}
#region 获取SQL语句查询数据集
/// <summary>
/// 获取SQL语句查询数据集
/// </summary>
/// <param name="strSql"></param>
/// <returns></returns>
public DataSet GetExcuteSql(string strSql)
{
DataSet tempSet = new DataSet();
tempSet = SqlHelper.ExecuteDataset(SqlHelper.ConnectionStringLocalTransaction, CommandType.Text, strSql);
return tempSet;
}
#endregion
public int UpdateUserAuthority(string tempUserID,int tempRangeType,int tempRangeVal,string tempAuthorityID,string tempCheckUserID)
{
int iResult = 0;
using (SqlConnection conn = new SqlConnection(SqlHelper.ConnectionStringLocalTransaction))
{
try
{
SqlParameter[] checkParms = new SqlParameter[] {
new SqlParameter(PARM_USER_AUTHORITY_RANGE_AUTHORITY_ID,SqlDbType.VarChar,36),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_USER_ID,SqlDbType.VarChar,36)
};
checkParms[0].Value = tempAuthorityID;
checkParms[1].Value = tempCheckUserID;
int checkState = (int)SqlHelper.ExecuteScalar(conn, CommandType.Text, SQL_SELECT_USER_AUTHORITY_RANGE_BY_USERID_AND_AUTHORITY, checkParms);
//如果用户未指定权限范围,则需要插入新的权限范围值
if (checkState > 0)
{
//用户已经指定过权限范围,执行更新操作
if (tempRangeType == 1)
{
SqlParameter[] updateParms = new SqlParameter[] {
new SqlParameter(PARM_USER_AUTHORITY_RANGE_AUTHORITY_ID,SqlDbType.VarChar,36),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_USER_ID,SqlDbType.VarChar,36),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_VISIBLE_RANGE,SqlDbType.Int),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_MODIFIED_USER,SqlDbType.VarChar,36)
};
updateParms[0].Value = tempAuthorityID;
updateParms[1].Value = tempCheckUserID;
updateParms[2].Value = tempRangeVal;
updateParms[3].Value = tempUserID;
iResult = SqlHelper.ExecuteNonQuery(conn, CommandType.Text, SQL_UPDATE_USER_AUTHORITY_RANGE_VIS_BY_USERID_AND_AUTHORITY, updateParms);
}
else
{
SqlParameter[] updateParms = new SqlParameter[] {
new SqlParameter(PARM_USER_AUTHORITY_RANGE_AUTHORITY_ID,SqlDbType.VarChar,36),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_USER_ID,SqlDbType.VarChar,36),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_OPERATE_RANGE,SqlDbType.Int),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_MODIFIED_USER,SqlDbType.VarChar,36)
};
updateParms[0].Value = tempAuthorityID;
updateParms[1].Value = tempCheckUserID;
updateParms[2].Value = tempRangeVal;
updateParms[3].Value = tempUserID;
iResult = SqlHelper.ExecuteNonQuery(conn, CommandType.Text, SQL_UPDATE_USER_AUTHORITY_RANGE_OP_BY_USERID_AND_AUTHORITY, updateParms);
}
}
else
{
//用户未指定过权限范围,执行插入操作
SqlParameter[] insertParm = new SqlParameter[] {
new SqlParameter(PARM_USER_AUTHORITY_RANGE_GID,SqlDbType.VarChar,36),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_USER_ID,SqlDbType.VarChar,36),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_AUTHORITY_ID,SqlDbType.VarChar,36),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_VISIBLE_RANGE,SqlDbType.Int),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_OPERATE_RANGE,SqlDbType.Int),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_CREATE_USER,SqlDbType.VarChar,36)
};
insertParm[0].Value = Guid.NewGuid().ToString();
insertParm[1].Value = tempCheckUserID;
insertParm[2].Value = tempAuthorityID;
if (tempRangeType == 1)
{
insertParm[3].Value = tempRangeVal;
insertParm[4].Value = 4;//无
}
else
{
insertParm[3].Value = 4;
insertParm[4].Value = tempRangeVal;//无
}
insertParm[5].Value = tempUserID;
iResult = SqlHelper.ExecuteNonQuery(conn, CommandType.Text, SQL_INSERT_USER_AUTHORITY_RANGE, insertParm);
}
}
catch (Exception error)
{
throw error;
}
}
return iResult;
}
#region 获取所有已启动的权限范围信息
/// <summary>
/// 获取所有已启动的权限范围信息
/// </summary>
/// <returns>返回权限范围实体类组</returns>
public IList<UserAuthorityEntity> GetAllUserAuthorityInfo()
{
//初始化返回变量
IList<UserAuthorityEntity> userAuthorityEntities = new List<UserAuthorityEntity>();
using (SqlDataReader sqlRead = SqlHelper.ExecuteReader(SqlHelper.ConnectionStringLocalTransaction, CommandType.Text, SQL_SELECT_USER_AUTHORITY_INFO_ALL_NO_DELETE, null))
{
try
{
//读取字段值
while (sqlRead.Read())
{
UserAuthorityEntity userAuthorityEntity = new UserAuthorityEntity();
if (!sqlRead.IsDBNull(0))
{
userAuthorityEntity.GID = sqlRead.GetString(0);
}
if (!sqlRead.IsDBNull(1))
{
userAuthorityEntity.Name = sqlRead.GetString(1);
}
if (!sqlRead.IsDBNull(2))
{
userAuthorityEntity.Description = sqlRead.GetString(2);
}
if (!sqlRead.IsDBNull(3))
{
userAuthorityEntity.ModuleUrl = sqlRead.GetString(3);
}
if (!sqlRead.IsDBNull(4))
{
userAuthorityEntity.IsAll = sqlRead.GetBoolean(4);
}
if (!sqlRead.IsDBNull(5))
{
userAuthorityEntity.IsCompany = sqlRead.GetBoolean(5);
}
if (!sqlRead.IsDBNull(6))
{
userAuthorityEntity.IsDepartment = sqlRead.GetBoolean(6);
}
if (!sqlRead.IsDBNull(7))
{
userAuthorityEntity.IsPerson = sqlRead.GetBoolean(7);
}
if (!sqlRead.IsDBNull(8))
{
userAuthorityEntity.CreateUser = sqlRead.GetString(8);
}
if (!sqlRead.IsDBNull(9))
{
userAuthorityEntity.CreateTime = sqlRead.GetDateTime(9);
}
if (!sqlRead.IsDBNull(10))
{
userAuthorityEntity.ModifiedUser = sqlRead.GetString(10);
}
if (!sqlRead.IsDBNull(11))
{
userAuthorityEntity.ModifiedTime = sqlRead.GetDateTime(11);
}
if (!sqlRead.IsDBNull(12))
{
userAuthorityEntity.IsDelete = sqlRead.GetBoolean(12);
}
userAuthorityEntities.Add(userAuthorityEntity);
}
}
catch (Exception exceError)
{
//抛出异常
throw exceError;
}
}
return userAuthorityEntities;
}
#endregion
#region 新建用户默认将权限范围的查看和操作设置为个人
/// <summary>
/// 新建用户默认将权限范围的查看和操作设置为个人
/// </summary>
/// <param name="tempNewUserID">新建用户GID</param>
/// <param name="tempOperator">操作人GID</param>
/// <returns>值1表示更新成功 值不等于1表示更新失败</returns>
public int InsertUserAuthorityRangeForNewUser(string tempNewUserID,string tempOperator)
{
int iResult = 0;
using (SqlConnection conn = new SqlConnection(SqlHelper.ConnectionStringLocalTransaction))
{
try
{
SqlParameter[] insertParms = new SqlParameter[] {
new SqlParameter(PARM_USER_AUTHORITY_RANGE_USER_ID,SqlDbType.VarChar,36),
new SqlParameter(PARM_USER_AUTHORITY_RANGE_CREATE_USER,SqlDbType.VarChar,36)
};
insertParms[0].Value = tempNewUserID;
insertParms[1].Value = tempOperator;
iResult = SqlHelper.ExecuteNonQuery(conn, CommandType.Text, SQL_INSERT_USER_AUTHORITY_RANGE_FOR_NEWUSER, insertParms);
}
catch (Exception error)
{
throw error;
}
}
return iResult;
}
#endregion
}
}