程序博客网 > 淘宝上的经典搞笑好评

第六章 电子政务系统的用户权限管理 -- RBAC(四)

来源:互联网 发布:淘宝上的经典搞笑好评 编辑:程序博客网 时间:2024/04/27 13:38

6.6 角色用户管理设计与实现

6.6.1 角色用户管理板块程序原型设计

 

    角色用户管理板块包括管理组织部门、管理角色、角色权限分配、管理员工信息、管理用户、用户权限分配等多个ASPX服务器端Web程序。

图6.13 组织部门管理

 

图6.14 管理角色

 

图6.15 管理角色权限

 

图6.16 管理员工信息

 

 图6.17 管理用户

 

图6.18 用户角色分配

6.6.2 用户与资源管理组件的实现

    在编制用户及资源权限管理程序时要调用用户管理组件类UserManagement,其文件UserManagement.cs的代码如下:

    using System.Configuration;
    using System.Web.Security;

    ......

    using DataAccess;

    namespace UserResourceManagement
    {

       public class UserManagement
       {
          private string BaseSqlErrDes = "";//sql异常信息

          //空构造函数

          public UserManagement(){}

          //用户验证
          public string UserAuthentication(string username,string password)
          {

              //用户密码加密保存在数据库中,所以用户输入的密码要同样加密后进行比较
              string authenticatedpassword=FormsAuthentication

                          .HashPasswordForStoringInConfigFile(password, "MD5");
              string strSql="select UserID from Users where UserName=@UserName and

                      PassWord=@PassWord and Active='A'";//登录用户必须是活动用户
              DataSet ds;
              try
              {
                 SqlCommand cmd=new SqlCommand(strSql);
                 cmd.Parameters.Add(new SqlParameter("@UserName",SqlDbType.VarChar,30));
                 cmd.Parameters.Add(new SqlParameter("@PassWord",SqlDbType.VarChar,60));
                 cmd.Parameters["@UserName"].Value=username;
                 cmd.Parameters["@PassWord"].Value=authenticatedpassword;
                 Base basecode=new Base();
                 ds=basecode.SQLExeDataSet(cmd);
                 if(ds == null)
                 {
                    BaseSqlErrDes=basecode.BaseSqlErrDes;
                    return null;
                 }
                 if(ds.Tables[0].Rows.Count<1)
                 {
                    BaseSqlErrDes="用户名或密码输入错误!";
                    return null;
                 }
                 return ds.Tables[0].Rows[0]["UserID"].ToString();
              }
              catch(System.FormatException exc)
              {
                  BaseSqlErrDes=exc.Message;
                  return null;
              }
           }

           //获取用户名
           public string GetUserName(string userID)
           {
              string strSql="select UserName from Users where UserID="+userID;
              Base basecode=new Base();
              DataSet ds=basecode.SQLExeDataSet(strSql);
              if(ds == null)
              {
                 BaseSqlErrDes=basecode.BaseSqlErrDes;
                 return null;
              }
              return ds.Tables[0].Rows[0]["UserName"].ToString();
           }

           //获取员工姓名
           public string GetEmployeeName(string userID)
           {
              string strSql="select EmployeeName from Employees where EmployeeID=(select

                    EmployeeID from Users where UserID="+userID+")";
              Base basecode=new Base();
              DataSet ds=basecode.SQLExeDataSet(strSql);
              if(ds == null)
              {
                  BaseSqlErrDes=basecode.BaseSqlErrDes;
                  return null;
              }
              return ds.Tables[0].Rows[0]["EmployeeName"].ToString();
           }

           //获取用户角色列表
           public DataSet GetRoles(string userID)
           {
              string strSql="select RoleID from RolesAssigned where UserID="+userID;
              Base basecode=new Base();
              DataSet ds=basecode.SQLExeDataSet(strSql);
              if(ds == null)
                  BaseSqlErrDes=basecode.BaseSqlErrDes;
              return ds;
           }

           //修改密码
           public bool UpdatePassword(string userid,string password)
           {
              string authenticatedpassword=FormsAuthentication

                         .HashPasswordForStoringInConfigFile(password, "MD5");
              string strSql="update Users set PassWord=@PassWord where UserID="+userid;

              try
              {
                  SqlCommand cmd=new SqlCommand(strSql);
                  cmd.Parameters.Add(new SqlParameter("@PassWord",SqlDbType.VarChar,60));
                  cmd.Parameters["@PassWord"].Value=authenticatedpassword;
                  Base basecode=new Base();
                  if(! basecode.SQLExeNonQuery_proc(cmd))
                  {
                     BaseSqlErrDes=basecode.BaseSqlErrDes;
                     return false;
                  }
              }
              catch(System.FormatException exc)
              {
                 BaseSqlErrDes=exc.Message;
                 return false;
              }
              return true;
          }

          //获取sql异常
          public string SqlErrDes
          {
             get
             {
                return BaseSqlErrDes;
             }
          }
          //获取角色有权限的办公桌面板块(办公桌面板块下的资源分类名称)
          public DataSet GetOfficeResourceType(string roleID)
          {
              string strSql="select distinct CateGoryID,CategoryName from ResourceCategories 

                   where CategoryID in (select ResourceType from Resource where ResourceID in

                    (select ResourceID from Privilege where OperationID=4 and PrivilegeID in

                     (select PrivilegeID from PrivilegesAssigned where RoleID="+roleID+")))

                        and InheritedCategoryID=1 order by CategoryID ASC";

              //sql语句说明:  是获取角色具有的权限编号集合;InheritedCategoryID=1为办公桌面板

              //块; 子句是查询权限表,获取权限编号集合中操作为link的权限所对应的资源编号。
              Base basecode=new Base();
              DataSet ds=basecode.SQLExeDataSet(strSql);
              if(ds == null)
                  BaseSqlErrDes=basecode.BaseSqlErrDes;
              return ds;
          }
          //获取角色的特定资源分类的桌面链接资源
          public DataSet GetOfficeLinkResource(string roleID,string resourceType)
          {
              string strSql="SELECT ResourceName, Link FROM Resource WHERE ResourceID IN

                  (SELECT ResourceID FROM Privilege WHERE OperationID = 4 AND PrivilegeID IN

                   (SELECT PrivilegeID FROM PrivilegesAssigned WHERE RoleID = "+roleID+"))

                       AND ResourceType = "+resourceType;
              Base basecode=new Base();
              DataSet ds=basecode.SQLExeDataSet(strSql);
              if(ds == null)
                   BaseSqlErrDes=basecode.BaseSqlErrDes;
              return ds;
          }
          //获取角色集的有权限的办公桌面板块(办公桌面板块下的资源分类名称)
          public DataSet GetOfficeResourceType(DataSet roleIDs)
          {
             string strSql="select distinct CateGoryID,CategoryName from ResourceCategories

                 where CategoryID in (select ResourceType from Resource where ResourceID in

                  (select ResourceID from Privilege where OperationID=4 and PrivilegeID in

                     (select PrivilegeID from PrivilegesAssigned where RoleID in

                      ("+roleIDs.Tables[0].Rows[0]["RoleID"].ToString();
             for(int i=1;i<roleIDs.Tables[0].Rows.Count;i++)
                 strSql=strSql+","+roleIDs.Tables[0].Rows[i]["RoleID"].ToString();
             strSql=strSql+")))) and InheritedCategoryID=1 order by CategoryID ASC";
             Base basecode=new Base();
             DataSet ds=basecode.SQLExeDataSet(strSql);
             if(ds == null)
                 BaseSqlErrDes=basecode.BaseSqlErrDes;
             return ds;
          }
          //获取角色集的的特定资源分类的桌面链接资源
          public DataSet GetOfficeLinkResource(DataSet roleIDs,string resourceType)
          {
              string strSql="SELECT ResourceName, Link FROM Resource WHERE ResourceID IN

                  (SELECT ResourceID FROM Privilege WHERE OperationID = 4 AND PrivilegeID IN

                    (SELECT PrivilegeID FROM PrivilegesAssigned WHERE RoleID in

                       ("+roleIDs.Tables[0].Rows[0]["RoleID"].ToString();
              for(int i=1;i<roleIDs.Tables[0].Rows.Count;i++)
                   strSql=strSql+","+roleIDs.Tables[0].Rows[i]["RoleID"].ToString();
              strSql=strSql+"))) AND ResourceType = "+resourceType;
              Base basecode=new Base();
              DataSet ds=basecode.SQLExeDataSet(strSql);
              if(ds == null)
                  BaseSqlErrDes=basecode.BaseSqlErrDes;
              return ds;
          }
          //判断用户是否具有重新指派任务的权限
          public bool HaveReassignTaskPrivilege(string userID)
          {
             string strSql="select * from PrivilegesAssigned where PrivilegeID=40 and RoleID

                     in (select RoleID from RolesAssigned where UserID="+userID+")"; 
             Base basecode=new Base();
             if(basecode.IfExistRecord(strSql))
                  return true;
             else
                  return false;
          }
       }
    }

淘宝上的经典搞笑好评 淘宝上的经典搞笑好评
原创粉丝点击
热门IT博客
网络热词一个亿七个字网络热词一个亿七个字
音乐壁纸动态软件音乐壁纸动态软件
我知你好百度云张国荣
对网络的看法1000字
卡特生涯数据
浙江省信访局网络投诉
淘宝加热管
java比较日期是否相同
mac怎么玩lol
存脐带血有必要吗 知乎
淘宝折800怎么报名
美国离线导航软件
java开发环境下载
旺格子软件
apache2 for windows
军事机构的因特网域名
信息化系统数据库选择
des算法实现
java创建日志
韩语翻译软件
热门问题 老师的惩罚 人脸识别 我在镇武司摸鱼那些年 重生之率土为王 我在大康的咸鱼生活 盘龙之生命进化 天生仙种 凡人之先天五行 春回大明朝 姑娘不必设防,我是瞎子 梦幻手游侠士副本攻略 水陆大会侠士副本攻略 侠女悲哀 江湖侠女泪 侠女泪 侠女 迷欲侠女 侠女的悲伤 侠女闯天关 侠女十三妹 白衣侠女 侠女传奇 江湖侠女 江湖四侠女 侠女水梦柔 神雕侠女 大唐侠女 侠女怨情 侠女魔劫 聊斋侠女 一代侠女 冰天侠女 宣璐侠女斗笠帽 侠女迎合挺送 侠女新婚夜被采花 侠女传奇之独孤九剑 采补冰山侠女 侠女被擒无力哀鸣 侠女泪李若竹 侠女被老魔采补 侠女泪梅开四度 侠女的悲伤哀 侠女江珊的悲哀 神奇四侠女主角凸凹点 侠女泪高函宇孕 江湖侠女水梦柔结局 江湖侠女吕雪云 老魔采补侠女 神奇四侠女主没穿胸衣 侠女悲哀白素云续集 江湖侠女泪魔女劫

程序博客网,程序员的互联网技术博客家园。csdn论坛精品 msdn技术资料都在这里