Security_Log_second方法无法判断角色权限问题解决;
Security_Log方法判断角色权限时对于id最大的一个权限的判断无法判断问题解决。
信用额度申请单、特批申请单、销售订单变更单、应收退款单、收款单:增加查询权限判断。
工艺路线查询:增加查询权限判断。
生产班组、生产资源:增加查询权限判断
9个文件已修改
156 ■■■■ 已修改文件
Pub_Class/CustomerCls/ClsPub.cs 8 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史
WebAPI/Controllers/BaseSet/Gy_GroupController.cs 16 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史
WebAPI/Controllers/BaseSet/Gy_SourceController.cs 34 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史
WebAPI/Controllers/JHGL/Gy_RoutingBillController.cs 18 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史
WebAPI/Controllers/XSGL/Xs_CusRatingChangeBillController.cs 16 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史
WebAPI/Controllers/XSGL/Xs_ExceptiveCheckRequestBillController.cs 16 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史
WebAPI/Controllers/XSGL/Xs_SeOrderChangeBillController.cs 16 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史
WebAPI/Controllers/XSGL/YS_ReceiveBackBillController.cs 16 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史
WebAPI/Controllers/XSGL/YS_ReceiveBillController.cs 16 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史
Pub_Class/CustomerCls/ClsPub.cs
@@ -966,7 +966,7 @@
                                //HavRight = false;
                                for (int i = 0; i < DsJS.Tables[0].Rows.Count; i++)
                                {
                                    if (ClsPub.isStrNull(DsJS.Tables[0].Rows[i]["AuthorityID"]).Length > ModID)
                                    if (ClsPub.isStrNull(DsJS.Tables[0].Rows[i]["AuthorityID"]).Length >= ModID)
                                    {
                                        if (DsJS.Tables[0].Rows[i]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
                                        {
@@ -1055,7 +1055,7 @@
                    }
                    else
                    {
                        if (DsUser.Tables[0].Rows[0]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
                        if (ClsPub.isStrNull(DsUser.Tables[0].Rows[0]["AuthorityID"]).Length >= ModID && DsUser.Tables[0].Rows[0]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
                        {
                            HavRight = true;
                        }
@@ -1064,7 +1064,7 @@
                            //获取用户组  并循环判断权限
                            //判断角色是否有权限
                            DsJS = oCn.RunProcReturn("select isnull(AuthorityID,'') AuthorityID from System_UserGroupinfo a inner join System_UserGroup b on a.GroupID=b.GroupID " +
                                " Where a.USERID='" + UserID.Trim() + "'", "gy_czygl");
                                " Where a.USERID='" + DsUser.Tables[0].Rows[0]["Czybm"].ToString().Trim() + "'", "gy_czygl");
                            if (DsJS == null)
                            {
                                HavRight = false;
@@ -1074,7 +1074,7 @@
                                HavRight = false;
                                for (int i = 0; i < DsJS.Tables[0].Rows.Count; i++)
                                {
                                    if (ClsPub.isStrNull(DsJS.Tables[0].Rows[i]["AuthorityID"]).Length > ModID)
                                    if (ClsPub.isStrNull(DsJS.Tables[0].Rows[i]["AuthorityID"]).Length >= ModID)
                                    {
                                        if (DsJS.Tables[0].Rows[i]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
                                        {
WebAPI/Controllers/BaseSet/Gy_GroupController.cs
@@ -33,14 +33,14 @@
            {
                List<object> columnNameList = new List<object>();
                ////查看权限
                //if (!DBUtility.ClsPub.Security_Log("Gy_Group_Query", 1, false, user))
                //{
                //    objJsonResult.code = "0";
                //    objJsonResult.count = 0;
                //    objJsonResult.Message = "无查看权限!";
                //    objJsonResult.data = null;
                //    return objJsonResult;
                //}
                if (!DBUtility.ClsPub.Security_Log("Gy_Group_Query", 1, false, user))
                {
                    objJsonResult.code = "0";
                    objJsonResult.count = 0;
                    objJsonResult.Message = "无查看权限!";
                    objJsonResult.data = null;
                    return objJsonResult;
                }
                if (sWhere == null || sWhere.Equals(""))
                {
                    ds = oCN.RunProcReturn("select * from h_v_GroupList " + sWhere+ " order by 班组代码 ", "h_v_GroupList");
WebAPI/Controllers/BaseSet/Gy_SourceController.cs
@@ -38,14 +38,14 @@
            {
                List<object> columnNameList = new List<object>();
                //判断是否有查询权限
                //if (!DBUtility.ClsPub.Security_Log("Gy_Source_Query", 1, false, user))
                //{
                //    objJsonResult.code = "0";
                //    objJsonResult.count = 0;
                //    objJsonResult.Message = "无权限查询!";
                //    objJsonResult.data = null;
                //    return objJsonResult;
                //}
                if (!DBUtility.ClsPub.Security_Log("Gy_Source_Query", 1, false, user))
                {
                    objJsonResult.code = "0";
                    objJsonResult.count = 0;
                    objJsonResult.Message = "无权限查询!";
                    objJsonResult.data = null;
                    return objJsonResult;
                }
                if (sWhere == null || sWhere.Equals(""))
                {
@@ -110,15 +110,15 @@
            string msg1 = sArray[0].ToString();
            string msg2 = sArray[1].ToString();
            ////查看权限
            //if (!DBUtility.ClsPub.Security_Log("Gy_Source_Edit", 1, false, msg2))
            //{
            //    objJsonResult.code = "0";
            //    objJsonResult.count = 0;
            //    objJsonResult.Message = "无保存权限!";
            //    objJsonResult.data = null;
            //    return objJsonResult;
            //}
            //查看权限
            if (!DBUtility.ClsPub.Security_Log("Gy_Source_Edit", 1, false, msg2))
            {
                objJsonResult.code = "0";
                objJsonResult.count = 0;
                objJsonResult.Message = "无保存权限!";
                objJsonResult.data = null;
                return objJsonResult;
            }
            Int64 HItemID = 0;
            SQLHelper.ClsCN oCN = new SQLHelper.ClsCN();
WebAPI/Controllers/JHGL/Gy_RoutingBillController.cs
@@ -1243,14 +1243,14 @@
            try
            {
                //判断是否有查询权限
                //if (!DBUtility.ClsPub.Security_Log("Gy_RoutingBill_Query", 1, false, user))
                //{
                //    objJsonResult.code = "0";
                //    objJsonResult.count = 0;
                //    objJsonResult.Message = "无权限查询!";
                //    objJsonResult.data = null;
                //    return objJsonResult;
                //}
                if (!DBUtility.ClsPub.Security_Log("Gy_RoutingBill_Query", 1, false, user))
                {
                    objJsonResult.code = "0";
                    objJsonResult.count = 0;
                    objJsonResult.Message = "无权限查询!";
                    objJsonResult.data = null;
                    return objJsonResult;
                }
                SQLHelper.ClsCN oCN = new SQLHelper.ClsCN();
                string sql1 = "select  top 1000 * from h_v_Gy_RoutingBillQuery where 1 = 1 ";
@@ -1283,7 +1283,7 @@
            DataSet ds;
            try
            {
                SQLHelper.ClsCN oCN = new SQLHelper.ClsCN();
                string sql1 = "select  top 1000 * from h_v_Gy_RoutingBillQuerySub where 1 = 1 and hmainid=" + sWhere;
                string sql = sql1  + " order by hmainid desc,cast(工序号 as int)";
WebAPI/Controllers/XSGL/Xs_CusRatingChangeBillController.cs
@@ -37,14 +37,14 @@
            {
                List<object> columnNameList = new List<object>();
                //查看权限
                //if (!DBUtility.ClsPub.Security_Log("Gy_ProjectStage_Query", 1, false, user))
                //{
                //    objJsonResult.code = "0";
                //    objJsonResult.count = 0;
                //    objJsonResult.Message = "无查看权限!";
                //    objJsonResult.data = null;
                //    return objJsonResult;
                //}
                if (!DBUtility.ClsPub.Security_Log("Xs_CusRatingChangeBill_Query", 1, false, user))
                {
                    objJsonResult.code = "0";
                    objJsonResult.count = 0;
                    objJsonResult.Message = "无查看权限!";
                    objJsonResult.data = null;
                    return objJsonResult;
                }
                if (sWhere == null || sWhere.Equals(""))
                {
WebAPI/Controllers/XSGL/Xs_ExceptiveCheckRequestBillController.cs
@@ -37,14 +37,14 @@
            {
                List<object> columnNameList = new List<object>();
                //查看权限
                //if (!DBUtility.ClsPub.Security_Log("Gy_ProjectStage_Query", 1, false, user))
                //{
                //    objJsonResult.code = "0";
                //    objJsonResult.count = 0;
                //    objJsonResult.Message = "无查看权限!";
                //    objJsonResult.data = null;
                //    return objJsonResult;
                //}
                if (!DBUtility.ClsPub.Security_Log("Xs_ExceptiveCheckRequestBill_Query", 1, false, user))
                {
                    objJsonResult.code = "0";
                    objJsonResult.count = 0;
                    objJsonResult.Message = "无查看权限!";
                    objJsonResult.data = null;
                    return objJsonResult;
                }
                if (sWhere == null || sWhere.Equals(""))
                {
WebAPI/Controllers/XSGL/Xs_SeOrderChangeBillController.cs
@@ -37,14 +37,14 @@
            {
                List<object> columnNameList = new List<object>();
                //查看权限
                //if (!DBUtility.ClsPub.Security_Log("Gy_ProjectStage_Query", 1, false, user))
                //{
                //    objJsonResult.code = "0";
                //    objJsonResult.count = 0;
                //    objJsonResult.Message = "无查看权限!";
                //    objJsonResult.data = null;
                //    return objJsonResult;
                //}
                if (!DBUtility.ClsPub.Security_Log("Xs_SeOrderChangeBill_Query", 1, false, user))
                {
                    objJsonResult.code = "0";
                    objJsonResult.count = 0;
                    objJsonResult.Message = "无查看权限!";
                    objJsonResult.data = null;
                    return objJsonResult;
                }
                if (sWhere == null || sWhere.Equals(""))
                {
WebAPI/Controllers/XSGL/YS_ReceiveBackBillController.cs
@@ -38,14 +38,14 @@
            {
                List<object> columnNameList = new List<object>();
                //查看权限
                //if (!DBUtility.ClsPub.Security_Log("Gy_ProjectStage_Query", 1, false, user))
                //{
                //    objJsonResult.code = "0";
                //    objJsonResult.count = 0;
                //    objJsonResult.Message = "无查看权限!";
                //    objJsonResult.data = null;
                //    return objJsonResult;
                //}
                if (!DBUtility.ClsPub.Security_Log("YS_ReceiveBackBillQuery", 1, false, user))
                {
                    objJsonResult.code = "0";
                    objJsonResult.count = 0;
                    objJsonResult.Message = "无查看权限!";
                    objJsonResult.data = null;
                    return objJsonResult;
                }
                if (sWhere == null || sWhere.Equals(""))
                {
WebAPI/Controllers/XSGL/YS_ReceiveBillController.cs
@@ -38,14 +38,14 @@
            {
                List<object> columnNameList = new List<object>();
                //查看权限
                //if (!DBUtility.ClsPub.Security_Log("Gy_ProjectStage_Query", 1, false, user))
                //{
                //    objJsonResult.code = "0";
                //    objJsonResult.count = 0;
                //    objJsonResult.Message = "无查看权限!";
                //    objJsonResult.data = null;
                //    return objJsonResult;
                //}
                if (!DBUtility.ClsPub.Security_Log("YS_ReceiveBillQuery", 1, false, user))
                {
                    objJsonResult.code = "0";
                    objJsonResult.count = 0;
                    objJsonResult.Message = "无查看权限!";
                    objJsonResult.data = null;
                    return objJsonResult;
                }
                if (sWhere == null || sWhere.Equals(""))
                {