using System;
using System.Collections.Generic;
using System.Data;
using System.Linq;
using System.Text;
namespace Pub_Class
{
public class WebClsPub
{
public static string ComputerName;
public static string IPAddress;
//判断是都存在权限,并写入日志
public static bool Security_Log(string gnsy, int LogTF, bool Msg, string CurUserName,ref string StrMessage)
{
//gnsy 功能索引,模块
//usercode 当前用户代码
//LogTF 1判断权限并写日志,2只写日志,3只判断权限
//Msg 没有权限时 是否提示框
string UserID = CurUserName;
try
{
ClsSqlHelper oCn = new ClsSqlHelper();
DataSet Ds = new DataSet();
DataSet DsUser = new DataSet();
DataSet DsJS = new DataSet();//角色
long ModID = 0;
bool HavRight = false;
//找到模块权限
Ds = oCn.RunProcReturn("select * from xt_xtgnb where gnsy='" + gnsy.Trim() + "'", "xt_xtgnb");
if (Ds.Tables[0].Rows.Count == 0)
{
if (Msg == true)
{
StrMessage="没有找到该功能模块!";
}
return false;
}
else
{
ModID = ClsPub.isLong(Ds.Tables[0].Rows[0]["ID"].ToString()); //返回模块
}
if (LogTF == 1 || LogTF == 3)//需要判断权限
{
//根据用户名称判断权限
DsUser = oCn.RunProcReturn("select * from gy_czygl where czymc='" + UserID.Trim() + "'", "gy_czygl");
if (DsUser.Tables[0].Rows.Count == 0)
{
if (Msg == true)
{
StrMessage = "没有找到当前操作员!";
}
return false;
}
//根据用户名称判断权限
if ((bool)DsUser.Tables[0].Rows[0]["ManagerFlag"]) //是否管理员
{
HavRight = true;
}
else
{
if (DsUser.Tables[0].Rows[0]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
{
HavRight = true;
}
else
{
//获取用户组 并循环判断权限
//判断角色是否有权限
DsJS = oCn.RunProcReturn("select isnull(AuthorityID,'') AuthorityID from System_UserGroupinfo a inner join System_UserGroup b on a.GroupID=b.GroupID " +
" Where a.USERID='" + UserID.Trim() + "'", "gy_czygl");
if (DsJS == null)
{
HavRight = false;
}
else
{
HavRight = false;
for (int i = 0; i < DsJS.Tables[0].Rows.Count; i++)
{
if (ClsPub.isStrNull(DsJS.Tables[0].Rows[i]["AuthorityID"]).Length > ModID)
{
if (DsJS.Tables[0].Rows[i]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
{
HavRight = true;
break;
}
}
}
}
}
}
if (HavRight == false)
{
if (Msg == true)
{
StrMessage = "您没有权限,请与管理员联系!";
}
}
}
//需要写入日志
if ((LogTF == 1 && HavRight) || LogTF == 2)
{
Add_Log(Ds.Tables[0].Rows[0]["id"].ToString().Trim(), gnsy + "," + Ds.Tables[0].Rows[0]["gnmc"].ToString().Trim(), CurUserName, ref StrMessage);
}
return HavRight;
}
catch (Exception e)
{
if (Msg == true)
{
StrMessage = "判断权限时发现错误,请与管理员联系!";
}
return false;
}
}
//写入日志
///
/// 写入日志
///
/// 无用
/// 操作日志
/// 操作员
///
public static bool Add_Log(string UserID, string WorkList, string CurUserName,ref string StrMessage)
{
ClsSqlHelper oCn = new ClsSqlHelper();
try
{
oCn.RunProc("Insert into System_Log(GeginDate,userid,WorkstationName,WorkList,SystemName,NetUserName,State) values " +
"(getdate(),'" + CurUserName + "','" + ComputerName + "','" + WorkList + "','ERP系统','" + IPAddress + "','进入')"
);
return true;
}
catch (Exception e)
{
StrMessage = "写入日志时发现错,原因是:" + e.Message;
return false;
}
}
}
}