1
仲国强
2021-08-30 dc2a2d957cceba96de5e46514e08ea52c9d51374
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
using System;
using System.Collections.Generic;
using System.Data;
using System.Linq;
using System.Text;
 
namespace Pub_Class
{
 
    public class WebClsPub
    {
        public static string ComputerName;
        public static string IPAddress;
 
        //判断是都存在权限,并写入日志
        public static bool Security_Log(string gnsy, int LogTF, bool Msg, string CurUserName,ref string StrMessage)
        {
            //gnsy 功能索引,模块
            //usercode 当前用户代码
            //LogTF 1判断权限并写日志,2只写日志,3只判断权限
            //Msg 没有权限时 是否提示框
            string UserID = CurUserName;
            try
            {
                ClsSqlHelper oCn = new ClsSqlHelper();
                DataSet Ds = new DataSet();
                DataSet DsUser = new DataSet();
                DataSet DsJS = new DataSet();//角色
                long ModID = 0;
                bool HavRight = false;
                //找到模块权限
                Ds = oCn.RunProcReturn("select * from xt_xtgnb where gnsy='" + gnsy.Trim() + "'", "xt_xtgnb");
                if (Ds.Tables[0].Rows.Count == 0)
                {
                    if (Msg == true)
                    {
                        StrMessage="没有找到该功能模块!";
                    }
                    return false;
                }
                else
                {
                    ModID = ClsPub.isLong(Ds.Tables[0].Rows[0]["ID"].ToString());  //返回模块
                }
                if (LogTF == 1 || LogTF == 3)//需要判断权限
                {
                    //根据用户名称判断权限
                    DsUser = oCn.RunProcReturn("select * from gy_czygl where czymc='" + UserID.Trim() + "'", "gy_czygl");
                    if (DsUser.Tables[0].Rows.Count == 0)
                    {
                        if (Msg == true)
                        {
                            StrMessage = "没有找到当前操作员!";
                        }
                        return false;
                    }
                    //根据用户名称判断权限
                    if ((bool)DsUser.Tables[0].Rows[0]["ManagerFlag"])  //是否管理员
                    {
                        HavRight = true;
                    }
                    else
                    {
                        if (DsUser.Tables[0].Rows[0]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
                        {
                            HavRight = true;
                        }
                        else
                        {
                            //获取用户组  并循环判断权限
                            //判断角色是否有权限
                            DsJS = oCn.RunProcReturn("select isnull(AuthorityID,'') AuthorityID from System_UserGroupinfo a inner join System_UserGroup b on a.GroupID=b.GroupID " +
                                " Where a.USERID='" + UserID.Trim() + "'", "gy_czygl");
                            if (DsJS == null)
                            {
                                HavRight = false;
                            }
                            else
                            {
                                HavRight = false;
                                for (int i = 0; i < DsJS.Tables[0].Rows.Count; i++)
                                {
                                    if (ClsPub.isStrNull(DsJS.Tables[0].Rows[i]["AuthorityID"]).Length > ModID)
                                    {
                                        if (DsJS.Tables[0].Rows[i]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
                                        {
                                            HavRight = true;
                                            break;
                                        }
                                    }
                                }
 
                            }
                        }
                    }
 
                    if (HavRight == false)
                    {
                        if (Msg == true)
                        {
                            StrMessage = "您没有权限,请与管理员联系!";
                        }
                    }
                }
                //需要写入日志
                if ((LogTF == 1 && HavRight) || LogTF == 2)
                {
                    Add_Log(Ds.Tables[0].Rows[0]["id"].ToString().Trim(), gnsy + "," + Ds.Tables[0].Rows[0]["gnmc"].ToString().Trim(), CurUserName, ref  StrMessage);
                }
                return HavRight;
            }
            catch (Exception e)
            {
                if (Msg == true)
                {
                    StrMessage = "判断权限时发现错误,请与管理员联系!";
                }
                return false;
            }
        }
 
        //写入日志
        /// <summary>
        /// 写入日志
        /// </summary>
        /// <param name="UserID">无用</param>
        /// <param name="WorkList">操作日志</param>
        /// <param name="CurUserName">操作员</param>
        /// <returns></returns>
        public static bool Add_Log(string UserID, string WorkList, string CurUserName,ref string StrMessage)
        {
            ClsSqlHelper oCn = new ClsSqlHelper();
            try
            {
                oCn.RunProc("Insert into  System_Log(GeginDate,userid,WorkstationName,WorkList,SystemName,NetUserName,State) values " +
                    "(getdate(),'" + CurUserName + "','" + ComputerName + "','" + WorkList + "','ERP系统','" + IPAddress + "','进入')"
                    );
                return true;
            }
            catch (Exception e)
            {
                StrMessage = "写入日志时发现错,原因是:" + e.Message;
                return false;
            }
        }
    }
}