From 2bf053827c10f3b9d74f9fae8c956a0f2266997f Mon Sep 17 00:00:00 2001
From: duhe <226547893@qq.com>
Date: 星期一, 25 十二月 2023 09:34:07 +0800
Subject: [PATCH] Security_Log_second方法无法判断角色权限问题解决; Security_Log方法判断角色权限时对于id最大的一个权限的判断无法判断问题解决。 信用额度申请单、特批申请单、销售订单变更单、应收退款单、收款单:增加查询权限判断。 工艺路线查询:增加查询权限判断。 生产班组、生产资源:增加查询权限判断
---
WebAPI/Controllers/JHGL/Gy_RoutingBillController.cs | 18 +++---
WebAPI/Controllers/XSGL/YS_ReceiveBillController.cs | 16 ++--
WebAPI/Controllers/XSGL/YS_ReceiveBackBillController.cs | 16 ++--
WebAPI/Controllers/BaseSet/Gy_GroupController.cs | 16 ++--
WebAPI/Controllers/XSGL/Xs_ExceptiveCheckRequestBillController.cs | 16 ++--
WebAPI/Controllers/XSGL/Xs_SeOrderChangeBillController.cs | 16 ++--
Pub_Class/CustomerCls/ClsPub.cs | 8 +-
WebAPI/Controllers/BaseSet/Gy_SourceController.cs | 34 +++++-----
WebAPI/Controllers/XSGL/Xs_CusRatingChangeBillController.cs | 16 ++--
9 files changed, 78 insertions(+), 78 deletions(-)
diff --git a/Pub_Class/CustomerCls/ClsPub.cs b/Pub_Class/CustomerCls/ClsPub.cs
index a6d9f87..d9636d8 100644
--- a/Pub_Class/CustomerCls/ClsPub.cs
+++ b/Pub_Class/CustomerCls/ClsPub.cs
@@ -966,7 +966,7 @@
//HavRight = false;
for (int i = 0; i < DsJS.Tables[0].Rows.Count; i++)
{
- if (ClsPub.isStrNull(DsJS.Tables[0].Rows[i]["AuthorityID"]).Length > ModID)
+ if (ClsPub.isStrNull(DsJS.Tables[0].Rows[i]["AuthorityID"]).Length >= ModID)
{
if (DsJS.Tables[0].Rows[i]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
{
@@ -1055,7 +1055,7 @@
}
else
{
- if (DsUser.Tables[0].Rows[0]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
+ if (ClsPub.isStrNull(DsUser.Tables[0].Rows[0]["AuthorityID"]).Length >= ModID && DsUser.Tables[0].Rows[0]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
{
HavRight = true;
}
@@ -1064,7 +1064,7 @@
//鑾峰彇鐢ㄦ埛缁� 骞跺惊鐜垽鏂潈闄�
//鍒ゆ柇瑙掕壊鏄惁鏈夋潈闄�
DsJS = oCn.RunProcReturn("select isnull(AuthorityID,'') AuthorityID from System_UserGroupinfo a inner join System_UserGroup b on a.GroupID=b.GroupID " +
- " Where a.USERID='" + UserID.Trim() + "'", "gy_czygl");
+ " Where a.USERID='" + DsUser.Tables[0].Rows[0]["Czybm"].ToString().Trim() + "'", "gy_czygl");
if (DsJS == null)
{
HavRight = false;
@@ -1074,7 +1074,7 @@
HavRight = false;
for (int i = 0; i < DsJS.Tables[0].Rows.Count; i++)
{
- if (ClsPub.isStrNull(DsJS.Tables[0].Rows[i]["AuthorityID"]).Length > ModID)
+ if (ClsPub.isStrNull(DsJS.Tables[0].Rows[i]["AuthorityID"]).Length >= ModID)
{
if (DsJS.Tables[0].Rows[i]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
{
diff --git a/WebAPI/Controllers/BaseSet/Gy_GroupController.cs b/WebAPI/Controllers/BaseSet/Gy_GroupController.cs
index dc84d4b..22c0e61 100644
--- a/WebAPI/Controllers/BaseSet/Gy_GroupController.cs
+++ b/WebAPI/Controllers/BaseSet/Gy_GroupController.cs
@@ -33,14 +33,14 @@
{
List<object> columnNameList = new List<object>();
////鏌ョ湅鏉冮檺
- //if (!DBUtility.ClsPub.Security_Log("Gy_Group_Query", 1, false, user))
- //{
- // objJsonResult.code = "0";
- // objJsonResult.count = 0;
- // objJsonResult.Message = "鏃犳煡鐪嬫潈闄愶紒";
- // objJsonResult.data = null;
- // return objJsonResult;
- //}
+ if (!DBUtility.ClsPub.Security_Log("Gy_Group_Query", 1, false, user))
+ {
+ objJsonResult.code = "0";
+ objJsonResult.count = 0;
+ objJsonResult.Message = "鏃犳煡鐪嬫潈闄愶紒";
+ objJsonResult.data = null;
+ return objJsonResult;
+ }
if (sWhere == null || sWhere.Equals(""))
{
ds = oCN.RunProcReturn("select * from h_v_GroupList " + sWhere+ " order by 鐝粍浠g爜 ", "h_v_GroupList");
diff --git a/WebAPI/Controllers/BaseSet/Gy_SourceController.cs b/WebAPI/Controllers/BaseSet/Gy_SourceController.cs
index e5bed9c..2b0e6a7 100644
--- a/WebAPI/Controllers/BaseSet/Gy_SourceController.cs
+++ b/WebAPI/Controllers/BaseSet/Gy_SourceController.cs
@@ -38,14 +38,14 @@
{
List<object> columnNameList = new List<object>();
//鍒ゆ柇鏄惁鏈夋煡璇㈡潈闄�
- //if (!DBUtility.ClsPub.Security_Log("Gy_Source_Query", 1, false, user))
- //{
- // objJsonResult.code = "0";
- // objJsonResult.count = 0;
- // objJsonResult.Message = "鏃犳潈闄愭煡璇�!";
- // objJsonResult.data = null;
- // return objJsonResult;
- //}
+ if (!DBUtility.ClsPub.Security_Log("Gy_Source_Query", 1, false, user))
+ {
+ objJsonResult.code = "0";
+ objJsonResult.count = 0;
+ objJsonResult.Message = "鏃犳潈闄愭煡璇�!";
+ objJsonResult.data = null;
+ return objJsonResult;
+ }
if (sWhere == null || sWhere.Equals(""))
{
@@ -110,15 +110,15 @@
string msg1 = sArray[0].ToString();
string msg2 = sArray[1].ToString();
- ////鏌ョ湅鏉冮檺
- //if (!DBUtility.ClsPub.Security_Log("Gy_Source_Edit", 1, false, msg2))
- //{
- // objJsonResult.code = "0";
- // objJsonResult.count = 0;
- // objJsonResult.Message = "鏃犱繚瀛樻潈闄愶紒";
- // objJsonResult.data = null;
- // return objJsonResult;
- //}
+ //鏌ョ湅鏉冮檺
+ if (!DBUtility.ClsPub.Security_Log("Gy_Source_Edit", 1, false, msg2))
+ {
+ objJsonResult.code = "0";
+ objJsonResult.count = 0;
+ objJsonResult.Message = "鏃犱繚瀛樻潈闄愶紒";
+ objJsonResult.data = null;
+ return objJsonResult;
+ }
Int64 HItemID = 0;
SQLHelper.ClsCN oCN = new SQLHelper.ClsCN();
diff --git a/WebAPI/Controllers/JHGL/Gy_RoutingBillController.cs b/WebAPI/Controllers/JHGL/Gy_RoutingBillController.cs
index 4fbc2ed..cde5732 100644
--- a/WebAPI/Controllers/JHGL/Gy_RoutingBillController.cs
+++ b/WebAPI/Controllers/JHGL/Gy_RoutingBillController.cs
@@ -1243,14 +1243,14 @@
try
{
//鍒ゆ柇鏄惁鏈夋煡璇㈡潈闄�
- //if (!DBUtility.ClsPub.Security_Log("Gy_RoutingBill_Query", 1, false, user))
- //{
- // objJsonResult.code = "0";
- // objJsonResult.count = 0;
- // objJsonResult.Message = "鏃犳潈闄愭煡璇�!";
- // objJsonResult.data = null;
- // return objJsonResult;
- //}
+ if (!DBUtility.ClsPub.Security_Log("Gy_RoutingBill_Query", 1, false, user))
+ {
+ objJsonResult.code = "0";
+ objJsonResult.count = 0;
+ objJsonResult.Message = "鏃犳潈闄愭煡璇�!";
+ objJsonResult.data = null;
+ return objJsonResult;
+ }
SQLHelper.ClsCN oCN = new SQLHelper.ClsCN();
string sql1 = "select top 1000 * from h_v_Gy_RoutingBillQuery where 1 = 1 ";
@@ -1283,7 +1283,7 @@
DataSet ds;
try
{
-
+
SQLHelper.ClsCN oCN = new SQLHelper.ClsCN();
string sql1 = "select top 1000 * from h_v_Gy_RoutingBillQuerySub where 1 = 1 and hmainid=" + sWhere;
string sql = sql1 + " order by hmainid desc,cast(宸ュ簭鍙� as int)";
diff --git a/WebAPI/Controllers/XSGL/Xs_CusRatingChangeBillController.cs b/WebAPI/Controllers/XSGL/Xs_CusRatingChangeBillController.cs
index a971c59..819685a 100644
--- a/WebAPI/Controllers/XSGL/Xs_CusRatingChangeBillController.cs
+++ b/WebAPI/Controllers/XSGL/Xs_CusRatingChangeBillController.cs
@@ -37,14 +37,14 @@
{
List<object> columnNameList = new List<object>();
//鏌ョ湅鏉冮檺
- //if (!DBUtility.ClsPub.Security_Log("Gy_ProjectStage_Query", 1, false, user))
- //{
- // objJsonResult.code = "0";
- // objJsonResult.count = 0;
- // objJsonResult.Message = "鏃犳煡鐪嬫潈闄愶紒";
- // objJsonResult.data = null;
- // return objJsonResult;
- //}
+ if (!DBUtility.ClsPub.Security_Log("Xs_CusRatingChangeBill_Query", 1, false, user))
+ {
+ objJsonResult.code = "0";
+ objJsonResult.count = 0;
+ objJsonResult.Message = "鏃犳煡鐪嬫潈闄愶紒";
+ objJsonResult.data = null;
+ return objJsonResult;
+ }
if (sWhere == null || sWhere.Equals(""))
{
diff --git a/WebAPI/Controllers/XSGL/Xs_ExceptiveCheckRequestBillController.cs b/WebAPI/Controllers/XSGL/Xs_ExceptiveCheckRequestBillController.cs
index cdbfc7f..f25fc0c 100644
--- a/WebAPI/Controllers/XSGL/Xs_ExceptiveCheckRequestBillController.cs
+++ b/WebAPI/Controllers/XSGL/Xs_ExceptiveCheckRequestBillController.cs
@@ -37,14 +37,14 @@
{
List<object> columnNameList = new List<object>();
//鏌ョ湅鏉冮檺
- //if (!DBUtility.ClsPub.Security_Log("Gy_ProjectStage_Query", 1, false, user))
- //{
- // objJsonResult.code = "0";
- // objJsonResult.count = 0;
- // objJsonResult.Message = "鏃犳煡鐪嬫潈闄愶紒";
- // objJsonResult.data = null;
- // return objJsonResult;
- //}
+ if (!DBUtility.ClsPub.Security_Log("Xs_ExceptiveCheckRequestBill_Query", 1, false, user))
+ {
+ objJsonResult.code = "0";
+ objJsonResult.count = 0;
+ objJsonResult.Message = "鏃犳煡鐪嬫潈闄愶紒";
+ objJsonResult.data = null;
+ return objJsonResult;
+ }
if (sWhere == null || sWhere.Equals(""))
{
diff --git a/WebAPI/Controllers/XSGL/Xs_SeOrderChangeBillController.cs b/WebAPI/Controllers/XSGL/Xs_SeOrderChangeBillController.cs
index 1b7cc31..dba32a3 100644
--- a/WebAPI/Controllers/XSGL/Xs_SeOrderChangeBillController.cs
+++ b/WebAPI/Controllers/XSGL/Xs_SeOrderChangeBillController.cs
@@ -37,14 +37,14 @@
{
List<object> columnNameList = new List<object>();
//鏌ョ湅鏉冮檺
- //if (!DBUtility.ClsPub.Security_Log("Gy_ProjectStage_Query", 1, false, user))
- //{
- // objJsonResult.code = "0";
- // objJsonResult.count = 0;
- // objJsonResult.Message = "鏃犳煡鐪嬫潈闄愶紒";
- // objJsonResult.data = null;
- // return objJsonResult;
- //}
+ if (!DBUtility.ClsPub.Security_Log("Xs_SeOrderChangeBill_Query", 1, false, user))
+ {
+ objJsonResult.code = "0";
+ objJsonResult.count = 0;
+ objJsonResult.Message = "鏃犳煡鐪嬫潈闄愶紒";
+ objJsonResult.data = null;
+ return objJsonResult;
+ }
if (sWhere == null || sWhere.Equals(""))
{
diff --git a/WebAPI/Controllers/XSGL/YS_ReceiveBackBillController.cs b/WebAPI/Controllers/XSGL/YS_ReceiveBackBillController.cs
index ac57109..cb373b9 100644
--- a/WebAPI/Controllers/XSGL/YS_ReceiveBackBillController.cs
+++ b/WebAPI/Controllers/XSGL/YS_ReceiveBackBillController.cs
@@ -38,14 +38,14 @@
{
List<object> columnNameList = new List<object>();
//鏌ョ湅鏉冮檺
- //if (!DBUtility.ClsPub.Security_Log("Gy_ProjectStage_Query", 1, false, user))
- //{
- // objJsonResult.code = "0";
- // objJsonResult.count = 0;
- // objJsonResult.Message = "鏃犳煡鐪嬫潈闄愶紒";
- // objJsonResult.data = null;
- // return objJsonResult;
- //}
+ if (!DBUtility.ClsPub.Security_Log("YS_ReceiveBackBillQuery", 1, false, user))
+ {
+ objJsonResult.code = "0";
+ objJsonResult.count = 0;
+ objJsonResult.Message = "鏃犳煡鐪嬫潈闄愶紒";
+ objJsonResult.data = null;
+ return objJsonResult;
+ }
if (sWhere == null || sWhere.Equals(""))
{
diff --git a/WebAPI/Controllers/XSGL/YS_ReceiveBillController.cs b/WebAPI/Controllers/XSGL/YS_ReceiveBillController.cs
index c9c1657..ecd8749 100644
--- a/WebAPI/Controllers/XSGL/YS_ReceiveBillController.cs
+++ b/WebAPI/Controllers/XSGL/YS_ReceiveBillController.cs
@@ -38,14 +38,14 @@
{
List<object> columnNameList = new List<object>();
//鏌ョ湅鏉冮檺
- //if (!DBUtility.ClsPub.Security_Log("Gy_ProjectStage_Query", 1, false, user))
- //{
- // objJsonResult.code = "0";
- // objJsonResult.count = 0;
- // objJsonResult.Message = "鏃犳煡鐪嬫潈闄愶紒";
- // objJsonResult.data = null;
- // return objJsonResult;
- //}
+ if (!DBUtility.ClsPub.Security_Log("YS_ReceiveBillQuery", 1, false, user))
+ {
+ objJsonResult.code = "0";
+ objJsonResult.count = 0;
+ objJsonResult.Message = "鏃犳煡鐪嬫潈闄愶紒";
+ objJsonResult.data = null;
+ return objJsonResult;
+ }
if (sWhere == null || sWhere.Equals(""))
{
--
Gitblit v1.9.1