using System; using System.Collections.Generic; using System.Text; using System.Data; using System.Web; using SysBaseLibs; using SysDataLibs.TableClass; namespace SysDataLibs { public class UserSession : IErrorMsg { public UserSession(Sys_Users_info poUsers, DBConnSql poConn) { _UserInfo = poUsers; _DBConn = poConn; } // Methods #region 权限菜单相关方法 //private Dictionary _PowHas; private UIAndPowerList _powerList; public bool CheckPowerNoErrRedirect(PowerType poType) { UserSession loSession = WebLibs.GetUserSession(); if (loSession != null) { ThreadLog.LogInfo(loSession.UserInfo.UserID + " --- " + WebLibs.CurPageName + " --- " + poType.ToString()); } string pcUIID = UtilStr.UAndT(WebLibs.CurPageName); bool lbRetVal = false; if (this._powerList.ContainPageName(pcUIID)) { UIAndPower power = this._powerList.getUIAndPowerByPageName(pcUIID); switch (poType) { case PowerType.IsBrowse: lbRetVal = power.IsBrowse; break; case PowerType.IsAdd: lbRetVal = power.IsAdd; break; case PowerType.IsUpdate: lbRetVal = power.IsUpdate; break; case PowerType.IsDelete: lbRetVal = power.IsDelete; break; case PowerType.IsAudit: lbRetVal = power.IsAudit; break; case PowerType.IsPrint: lbRetVal = power.IsPrint; break; } } return lbRetVal; } ///

/// 权限检查 ///

/// 检查的类型 /// public bool CheckPower(PowerType poType) { UserSession loSession = WebLibs.GetUserSession(); if (loSession != null) { ThreadLog.LogInfo(loSession.UserInfo.UserID + " --- " + WebLibs.CurPageName + " --- " + poType.ToString()); } string pcUIID = UtilStr.UAndT(WebLibs.CurPageName); bool lbRetVal = false; if (this._powerList.ContainPageName(pcUIID)) { UIAndPower power = this._powerList.getUIAndPowerByPageName(pcUIID); switch (poType) { case PowerType.IsBrowse: lbRetVal = power.IsBrowse; if (!lbRetVal) WebLibs.NotPower(1); break; case PowerType.IsAdd: lbRetVal = power.IsAdd; if (!lbRetVal) WebLibs.NotPower(2); break; case PowerType.IsUpdate: lbRetVal = power.IsUpdate; if (!lbRetVal) WebLibs.NotPower(3); break; case PowerType.IsDelete: lbRetVal = power.IsDelete; if (!lbRetVal) WebLibs.NotPower(4); break; case PowerType.IsAudit: lbRetVal = power.IsAudit; if (!lbRetVal) WebLibs.NotPower(5); break; case PowerType.IsPrint: lbRetVal = power.IsPrint; //if (!lbRetVal) // WebLibs.NotPower(5); break; } } else { WebLibs.NotPower(7); } return lbRetVal; } ///

/// 权限检查不跳转 ///

/// 检查的类型 /// public bool CheckPowerNotRe(PowerType poType) { UserSession loSession = WebLibs.GetUserSession(); if (loSession != null) { ThreadLog.LogInfo(loSession.UserInfo.UserID + " --- " + WebLibs.CurPageName + " --- " + poType.ToString()); } string pcUIID = UtilStr.UAndT(WebLibs.CurPageName); bool lbRetVal = false; if (this._powerList.ContainPageName(pcUIID)) { UIAndPower power = this._powerList.getUIAndPowerByPageName(pcUIID); switch (poType) { case PowerType.IsBrowse: lbRetVal = power.IsBrowse; break; case PowerType.IsAdd: lbRetVal = power.IsAdd; break; case PowerType.IsUpdate: lbRetVal = power.IsUpdate; break; case PowerType.IsDelete: lbRetVal = power.IsDelete; break; case PowerType.IsAudit: lbRetVal = power.IsAudit; break; case PowerType.IsPrint: lbRetVal = power.IsPrint; //if (!lbRetVal) // WebLibs.NotPower(5); break; } } else { //WebLibs.NotPower(7); } return lbRetVal; } ///

/// ///

/// /// /// public bool CheckPowerMvc(PowerType poType,ref string msg) { UserSession loSession = WebLibs.GetUserSession(); if (loSession != null) { ThreadLog.LogInfo(loSession.UserInfo.UserID + " --- " + WebLibs.CurPageName + " --- " + poType); } string pcUiid = UtilStr.UAndT(WebLibs.CurPageName); bool lbRetVal = false; if (_powerList.ContainPageName(pcUiid)) { UIAndPower power = _powerList.getUIAndPowerByPageName(pcUiid); switch (poType) { case PowerType.IsBrowse: lbRetVal = power.IsBrowse; break; case PowerType.IsAdd: lbRetVal = power.IsAdd; break; case PowerType.IsUpdate: lbRetVal = power.IsUpdate; break; case PowerType.IsDelete: lbRetVal = power.IsDelete; break; case PowerType.IsAudit: lbRetVal = power.IsAudit; break; case PowerType.IsPrint: lbRetVal = power.IsPrint; break; } } if (!lbRetVal) NotPower(poType,ref msg); return lbRetVal; } public static void NotPower(PowerType poType,ref string msg) { if (msg == null) throw new ArgumentNullException(nameof(msg)); msg = SysRebackDisplayInfo.Instance.GetDisplayValue("Oper_Auth_Error"); switch (poType) { case PowerType.IsBrowse: msg = SysRebackDisplayInfo.Instance.GetDisplayValue("Oper_Auth_Browse"); break; case PowerType.IsAdd: msg = SysRebackDisplayInfo.Instance.GetDisplayValue("Oper_Auth_Add"); break; case PowerType.IsUpdate: msg = SysRebackDisplayInfo.Instance.GetDisplayValue("Oper_Auth_Edit"); break; case PowerType.IsDelete: msg = SysRebackDisplayInfo.Instance.GetDisplayValue("Oper_Auth_Del"); break; case PowerType.IsAudit: msg = SysRebackDisplayInfo.Instance.GetDisplayValue("Oper_Auth_Audit"); break; case PowerType.IsPrint: msg = SysRebackDisplayInfo.Instance.GetDisplayValue("Oper_Auth_Print"); break; } } public bool CheckPower() { string lcPageName = UtilStr.UAndT(WebLibs.CurPageName); bool lbRetVal = false; if (this._powerList.ContainPageName(lcPageName)) { UIAndPower power = this._powerList.getUIAndPowerByPageName(lcPageName); if (power.IsBrowse && power.IsAdd && power.IsUpdate && power.IsDelete) { lbRetVal = true; } else WebLibs.NotPower(6); } else { WebLibs.NotPower(7); } return lbRetVal; } private void CreatePowHasDict(DataTable poDataTable) { if (this._powerList == null) this._powerList = new UIAndPowerList(); else this._powerList.Clear(); if (poDataTable!=null) { try { _powerList.SetData(poDataTable); } catch (Exception e) { ThreadLog.LogException(e); _ErrorMsg = e.Message; } } } public void refreshFunctions() { //string lcSql = "select * from " + Tn.v_UserHasAllFunctions_New + " where UserID='" + this._UserInfo.UserID + "' order by FunctionID "; string lcSql = "select * from v_UserHasAllFunctions_New where UserID='" + this._UserInfo.UserID + "' order by FunctionID "; rsQuery loQuery = DBConn.OpenQuery(lcSql); if (loQuery != null && loQuery.IsOpened && loQuery.RecCount > 0) { CreatePowHasDict(loQuery.CurrentTable); } else { _ErrorMsg = DBConn.ErrorMsg; ThreadLog.LogErr(_ErrorMsg); } } #endregion // Methods #region 市场相关的方法 private void GetMarketListByUserID() { if (_UserInfo != null) { string lcSql = "select * from " + Tn.vwUserHasAllMarkets + " where " + vwUserHasAllMarkets_info.cUserID + "='" + _UserInfo.UserID + "'"; rsQuery loQuery = _DBConn.OpenQuery(lcSql); if (loQuery != null && loQuery.IsOpened && loQuery.RecCount > 0) { loQuery.MoveFirst(); _MarketIdList = ""; for (int i = 0; i < loQuery.RecCount; i++) { string lcMarketId = loQuery.GetString(Markets_info.cMarketID); if (lcMarketId.Trim().Length > 0) { lcMarketId = "'" + lcMarketId + "'"; _MarketIdList += (_MarketIdList == "" ? "" : ",") + lcMarketId; } loQuery.MoveNext(); } } } } private void GetMarketInfobyMarketId() { if (IsMarketSysAccount) { _MarketInfo = new Markets_info(MarketId, _DBConn); } } #endregion List _DenyList = null; private List DenyList { get { if (_DenyList == null && !IsSystem) { string lcSql = " select * from " + Tn.v_UserDenyColumns + " where " + v_UserDenyColumns_info.cUserID + "='" + _UserInfo.UserID + "'"; rsQuery loQuery = DBConn.OpenQuery(lcSql); if (loQuery != null && loQuery.IsOpened && loQuery.RecCount > 0) { _DenyList = new List(); loQuery.MoveFirst(); for (int i = 0; i < loQuery.RecCount; i++) { string lcTCol = loQuery.GetString("TableId") + "." + loQuery.GetString("ColumnId"); lcTCol = UtilStr.UAndT(lcTCol); _DenyList.Add(lcTCol); loQuery.MoveNext(); } } } return _DenyList; } } public bool ColDeny(string pcTableId,string pcColumnId) { bool lbRetVal = false; if (DenyList != null) { string lcTCol = pcTableId + "." + pcColumnId; lcTCol = UtilStr.UAndT(lcTCol); lbRetVal = DenyList.Contains(lcTCol); } return lbRetVal; } #region 基础属性 private string _ErrorMsg = ""; public string ErrorMsg { get { return _ErrorMsg; } set { _ErrorMsg = value; } } public bool IsSystem { get { return UtilStr.StrToBool(_UserInfo.IsSystem); } } public bool IsAdvance { get { return UtilStr.StrToBool(_UserInfo.IsAdvance); } } private DBConnSql _DBConn = null; public DBConnSql DBConn { get { if (_DBConn == null) { _DBConn = new DBConnSql(); //_DBConn.OnlyExec = false; _DBConn.OnDBConnectionError += new evDBConnectionError(loDbcon_OnDBConnectionError); _DBConn.OnDBConnectionAction += new evDBConnectionAction(loConn_OnDBConnectionAction); } if (!_DBConn.IsOpened) { _DBConn.Open(); } return _DBConn; } } private Sys_Users_info _UserInfo = null; public Sys_Users_info UserInfo { get { return _UserInfo; } } private Farms_info _FarmsInfo = null; public Farms_info FarmsInfo { get { if (_FarmsInfo == null) _FarmsInfo = new Farms_info(UserInfo.FarmID, DBConn); return _FarmsInfo; } } GSSystem_info _UserBelongToSystem; public GSSystem_info BelongToSystem { get { if (_UserBelongToSystem == null) _UserBelongToSystem = new GSSystem_info(UserInfo.SystemID, DBConn); return _UserBelongToSystem; } } public string GetSysName { get { if (BelongToSystem != null) { return BelongToSystem.shortName; } return ""; } } private Markets_info _MarketInfo = null; public Markets_info MarketInfo { get { if (IsMarketSysAccount && (MarketId.Trim().Length > 0)) { if (_MarketInfo == null) GetMarketInfobyMarketId(); return _MarketInfo; } return null; } } private string _MarketIdList = ""; private string MarketIdList { get { if (_MarketIdList.Trim().Length == 0) GetMarketListByUserID(); return _MarketIdList; } } ///

/// 得到筛选相关市场数据的SQL 语句 ///

/// true 在前面添加 and ，否则不添加 /// public string MarketDataSql(bool pbAddAnd) { string lcRetVal = ""; switch (AT) { case AcountType.System: // 如果是系统管理员用户则可以查看所有被监管者的数据 lcRetVal = " 1=1 "; break; case AcountType.Advance: if (this.UserInfo.RegionID.Trim().Length > 0) // 如果是高级用户则看到其所在区域里的所有市场的数据 { lcRetVal = Markets_info.cMarketID + " in ( " + Markets_info.GetAllMarketIDByRegionId(UserInfo.RegionID, this) + " )"; } break; case AcountType.AdvanceMarket: // 市场的高级用户 case AcountType.CommonMarket: // 市场普通用户 case AcountType.Common: // 普通用户只能看到指定给该账户的被监管者的数据，可以指定多个被监管对象的数据 if (MarketIdList.Trim().Length > 0) { lcRetVal = Markets_info.cMarketID + " in ( " + MarketIdList + " )"; } else { lcRetVal = " 1=2 "; } break; } if (lcRetVal.Length > 0 && pbAddAnd) lcRetVal = " AND " + lcRetVal; return lcRetVal; } ///

/// 得到筛选相关市场数据的SQL 语句 ///

/// true 在前面添加 and ，否则不添加 /// public string GSSystemDataSql(bool pbAddAnd) { string lcRetVal = " 1=1 "; if (this.IsMarketSysAccount) { if (this.UserInfo.GSSystem.SystemID == "Industry") { lcRetVal = GSSystem_info.cSystemID + " = 'Industry' "; } else { lcRetVal = GSSystem_info.cSystemID + " <> 'Industry' "; } // } if (pbAddAnd) { lcRetVal = " AND " + lcRetVal; } return lcRetVal; } public string MarketId { get { if (IsMarketSysAccount) return MarketIdList.Replace("'", ""); else return ""; } } public bool IsMarketSysAccount { get { return _UserInfo.IsMarketSys; } } public AcountType AT { get { if (IsSystem) // 系统用户 { return AcountType.System; } else if (IsAdvance && !IsMarketSysAccount) // 高级监管用户 { return AcountType.Advance; } else if (IsAdvance && IsMarketSysAccount) // 高级被监管者用户 { return AcountType.AdvanceMarket; } else if (!IsAdvance && !IsMarketSysAccount) // 普通监管者用户 { return AcountType.Common; } else return AcountType.CommonMarket; // 普通被监管者用户 } } #endregion // #region 获得菜单列表的方法 // ///

// /// 得到用户能查看的菜单所有列表的string型 // ///

// public string UserFunctionIdList // { // get // { // if (_PowerList != null) // { // return _PowerList.UserFunctionIdList; // } // else // return "''"; // } // } // public string GetMenuData(MenuType poMType) // { // string lcRetVal = ""; // string lcSql = "select FunctionID,FunctionName,URL,FatherID ,Depth,IsLeaf,Sort from " + Tn.Sys_Functions+ " where 1=1 "; // switch (poMType) // { // case MenuType.Back: // lcSql += " and IsBack='Y' "; // break; // case MenuType.Front: // lcSql += " and IsFront='Y' "; // break; // } // lcSql += " and FunctionID in ( " + _PowerList.UserFunctionIdList + " )"; // lcSql += " order by sort asc "; // DataSet loDataSet = DBConn.OpenDataSet(lcSql); // if (loDataSet != null && loDataSet.Tables.Count > 0) // { // lcRetVal = loDataSet.GetXml(); // if (UserInfo.SystemID == SysDataLibs.AppEnv.SysSetObj.GetString("SUPERMARKET")) // lcRetVal = lcRetVal.Replace("市场", "超市"); // 写死了，以后考虑处理掉 // } // else // { // JSComm.ShowMessage(Sys_Info_Qry.GetMsgByMsgCode("1011007")); // System.Web.HttpContext.Current.Response.Write(""); // System.Web.HttpContext.Current.Response.End(); // } // return lcRetVal; // } //#endregion #region 获得菜单列表的方法 ///

/// 得到用户能查看的菜单所有列表的string型 ///

public string UserFunctionIdList { get { if (_powerList != null) { return _powerList.UserFunctionIdList; } else return ""; } } public string GetMenuTable(MenuType poMType) { string lcRetVal = ""; string lcSql = " select FunctionID,FunctionName,URL,FatherID,Depth,IsLeaf,Sort from Sys_Functions_N where 1=1 "; switch (poMType) { case MenuType.Back: lcSql += " and IsBack='Y' "; break; case MenuType.Front: lcSql += " and IsFront='Y' "; break; } lcSql += " and FunctionID in ( " + UserFunctionIdList + " )"; lcSql += " order by sort asc "; DataSet loDataSet = DBConn.OpenDataSet(lcSql); if (loDataSet != null && loDataSet.Tables.Count > 0) { lcRetVal = loDataSet.GetXml(); } else { JSComm.ShowMessage("该用户尚未配置相关权限,请与有关人员联系!"); System.Web.HttpContext.Current.Response.Write(""); System.Web.HttpContext.Current.Response.End(); } return lcRetVal; } public DataTable GetMenuTableDate(MenuType poMType) { DataTable loRetVal = null; string lcSql = "select FunctionID,FunctionName,URL,FatherID ,Depth,IsLeaf,Sort from Sys_Functions_N where 1=1 "; switch (poMType) { case MenuType.Back: lcSql += " and IsBack='Y' "; break; case MenuType.Front: lcSql += " and IsFront='Y' "; break; } lcSql += " and FunctionID in ( " + _powerList.UserFunctionIdList + " )"; lcSql += " order by sort asc "; loRetVal = DBConn.OpenDataTable(lcSql); return loRetVal; } public DataTable GetMenuDataTable(MenuType poMType) { DataTable loRetVal = null; string lcSql = "select FunctionID as id,FunctionName as name,URL,FatherID as parentId,Depth,IsLeaf,Sort from Sys_Functions where 1=1 "; switch (poMType) { case MenuType.Back: lcSql += " and IsBack='Y' "; break; case MenuType.Front: lcSql += " and IsFront='Y' "; break; } lcSql += " and FunctionID in ( " + UserFunctionIdList + " )"; lcSql += " order by sort asc "; rsQuery loQuery = DBConn.OpenQuery(lcSql); if (loQuery != null && loQuery.RecCount > 0 && loQuery.IsOpened) { // lcRetVal = loDataSet.GetXml(); loQuery.CurrentTable.Columns.Add("state", typeof(string)); loQuery.MoveFirst(); for (int i = 0; i < loQuery.RecCount; i++) { loQuery.SetField("state", loQuery.GetInt("Depth") >= 1&& loQuery.GetString("IsLeaf") == "N" ? "closed" : "open"); loQuery.MoveNext(); } loRetVal = loQuery.CurrentTable; } else { JSComm.ShowMessage("该用户尚未配置相关权限,请与有关人员联系!"); System.Web.HttpContext.Current.Response.Write(""); System.Web.HttpContext.Current.Response.End(); } return loRetVal; } #endregion public void Destroy() { if (_UserInfo != null) { _UserInfo = null; } if (_powerList!= null) { _powerList.Clear(); _powerList = null; } if (_ObjSave != null) { _ObjSave.Clear(); _ObjSave = null; } if (_DenyList != null) { _DenyList.Clear(); _DenyList = null; } if (_DBConn != null) { _DBConn.Close(); _DBConn = null; } } #region 静态用户登录方法 public static bool UserLogin(string pcUserID, string pcPassWord, ref string pcErrorMsg) { bool lbRetVal = false; if (pcPassWord.Length > 0 && pcUserID.Length > 0) { pcPassWord = SysSecLibs.SysSecurity.Encrypt(pcPassWord); DBConnSql loConn = new DBConnSql(); //loConn.OnlyExec = false; loConn.OnDBConnectionError += new evDBConnectionError(loDbcon_OnDBConnectionError); loConn.OnDBConnectionAction += new evDBConnectionAction(loConn_OnDBConnectionAction); if (loConn.Open()) { string lcSql = "select * from " + Tn.Sys_Users + " where " + Sys_Users_info.cIsLock + "='N' and " + Sys_Users_info.cUserCode + "='" + pcUserID + "' ";// and "+ Users_info.cPassword + "='" + pcPassWord + "'"; rsQuery loQuery = loConn.OpenQuery(lcSql); if (loQuery != null && loQuery.IsOpened && loQuery.RecCount == 1) { //检查用户是否已经被审核 if (!loQuery.GetBool(Sys_Users_info.cIsAudit)) { pcErrorMsg = "用户尚在审核中！"; return false; } string lcPassword = loQuery.GetString(Sys_Users_info.cPassword); if (pcPassWord == lcPassword) { Sys_Users_info loUserInfo = new Sys_Users_info(loQuery.CurrentRow); if (!Utils.ObjToBool(loUserInfo.IsSystem)) { if (!MyUtils.IsPerm) { System.Web.HttpContext.Current.Response.Redirect("LecenseShow.aspx", true); } } //if (loUserInfo.IsExpiry) //{ // pcErrorMsg = "用户帐号已经过期，请与系统管理员联系！"; // return false; //} UserSession loSession = new UserSession(loUserInfo, loConn); System.Web.HttpContext.Current.Session[Contants.UserInfoId] = loSession; lbRetVal = true; } else pcErrorMsg = "用户密码不正确！"; } else pcErrorMsg = "用户名不存在或已经被锁定！"; } else { pcErrorMsg = "错误信息：" + loConn.ErrorMsg; System.Web.HttpContext.Current.Response.Write(""); System.Web.HttpContext.Current.Response.End(); } } return lbRetVal; } static void loConn_OnDBConnectionAction(string pcCommand, string pcMessage) { UserSession loSession = WebLibs.GetUserSession(); if (loSession != null) { ThreadLog.LogInfo(loSession.UserInfo.UserID + " --- " + WebLibs.CurPageName); } ThreadLog.LogInfo("Command:" + pcCommand + "\r\n" + " Message:" + pcMessage); } private static void loDbcon_OnDBConnectionError(string pcCommand, string pcMessage, string pcErrorNumbers) { try { Sys_Log_info.LogMsg(LogType.ErrorMsg, pcCommand, pcMessage, pcErrorNumbers); UserSession loSession = WebLibs.GetUserSession(); if (loSession != null) { ThreadLog.LogInfo(loSession.UserInfo.UserID + " --- " + WebLibs.CurPageName); } ThreadLog.LogErr("Command:" + pcCommand + "\r\n" + " Message:" + pcMessage + " ErrorNumbers:" + pcErrorNumbers); } catch (Exception err) { ThreadLog.LogException(err); } } #endregion #region 对象存储 Dictionary _ObjSave = null; public void SetObj(string pcKey, object pcValue) { if (_ObjSave == null) _ObjSave = new Dictionary(); if (_ObjSave.ContainsKey(pcKey)) _ObjSave[pcKey] = pcValue; else _ObjSave.Add(pcKey, pcValue); } public object GetObj(string pcKey) { return GetObj(pcKey, true); } ///

/// 得到对象 ///

/// 索引值 /// 是否情况该对象 /// public object GetObj(string pcKey,bool pbClear) { object loRetVal = null; if (_ObjSave != null && _ObjSave.ContainsKey(pcKey)) { loRetVal = _ObjSave[pcKey]; if (pbClear) { // _ObjSave[pcKey] = null; _ObjSave.Remove(pcKey); } } return loRetVal; } ///

/// 清空对象 ///

public void ClearObj() { if (_ObjSave != null) { _ObjSave.Clear(); _ObjSave = null; } } #endregion 对象存储 } public enum MenuType { ///

/// 前台显示 ///

Front = 0, ///

/// 后台显示 ///

Back = 1, ///

/// 显示所有 ///

All = 2 } public enum AcountType { ///

/// 系统用户 ///

System = 0, ///

/// 高级用户 ///

Advance = 1, ///

/// 普通用户 ///

Common = 2, ///

/// 高级市场用户 ///

AdvanceMarket = 3, ///

/// 普通市场用户 ///

CommonMarket = 4 } }