用户权限设计
来源:互联网 发布:ibm服务器安装linux 编辑:程序博客网 时间:2024/06/09 16:53
详细的以后再说:需要精确到控件的用户权限设计。
先了解一下:
1 用户表:User
用户名 姓名 员工号 激活标志 密码 注册日期 。。。 SN
Mrl 马如林 。。。。。。
2 详细功能:DetailFunction(该表手动录入,不可修改。除非需求变动才可。类似于系统字典。经过培训后可以修改。)
序号 功能编号 页面ID 页面名称 具体功能名称 具体功能标志 SN
1 2 ASP.Infor_aspx 信息中心信息发布 添加 ButtonAdd Button01020101
2 2 ASP.Infor_aspx 信息中心信息发布 删除 ButtonDel Button01020102
3 5 ASP.RenshiXinXi_aspx人事中心基本信息 删除 ButtonDel Button01020103
其中的页面ID和具体功能标志需要程序员根据编程确定。这样就可以具体确定到每个页面的每个按钮(通过SN编码进行确定)。
3 用户功能表:UserFunction(User表和DetailFunction的关联表)
用户名
功能编号
页面ID
页面名称
具体功能名称
具体功能标识
是否可用
SN
Mrl
2
ASP.Infor_aspx
信息中心信息发布
添加
ButtonAdd
是
对应上面的SN
Mrl
2
ASP. RenshiXinXi _aspx
人事中心基本信息
添加
ButtonAdd
否
…..
zqx
…….
……
通过上表建立用户和对应页面及该页面控件的关系,如果可用则其标志为是,否则为否。进入页面时对页面进行检查设置。
页面设计
<%...@ Page Language="C#" AutoEventWireup="true" CodeFile="UserRights.aspx.cs" Inherits="InterFace_Rights_UserRights" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>用户权限管理</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:DropDownList ID="DropDownListDepart" runat="server" AutoPostBack="True" OnSelectedIndexChanged="DropDownListDepart_SelectedIndexChanged">
<asp:ListItem Value="部门选择">部门选择</asp:ListItem>
</asp:DropDownList>
<asp:DropDownList ID="DropDownListUser" runat="server" AutoPostBack="True" OnSelectedIndexChanged="DropDownListUser_SelectedIndexChanged">
<asp:ListItem Value="人员列表">人员列表</asp:ListItem>
</asp:DropDownList><br />
<asp:Table ID="TableFunc" runat="server">
</asp:Table>
<asp:Button ID="ButtonSubmit" runat="server" OnClick="ButtonSubmit_Click" Text="确定" />
</div>
</form>
</body>
</html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>用户权限管理</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:DropDownList ID="DropDownListDepart" runat="server" AutoPostBack="True" OnSelectedIndexChanged="DropDownListDepart_SelectedIndexChanged">
<asp:ListItem Value="部门选择">部门选择</asp:ListItem>
</asp:DropDownList>
<asp:DropDownList ID="DropDownListUser" runat="server" AutoPostBack="True" OnSelectedIndexChanged="DropDownListUser_SelectedIndexChanged">
<asp:ListItem Value="人员列表">人员列表</asp:ListItem>
</asp:DropDownList><br />
<asp:Table ID="TableFunc" runat="server">
</asp:Table>
<asp:Button ID="ButtonSubmit" runat="server" OnClick="ButtonSubmit_Click" Text="确定" />
</div>
</form>
</body>
</html>
相关代码
/**//*----------------------------------------------------------------
// Copyright (C) 2007 桂林电子科技大学昊华南方项目组
// 作者:马如林
// 时间:2008/03/08
// 文件名:
// 文件功能描述:
// 用户权限管理
//
//
// 修改标识:
// 修改描述:
//
//----------------------------------------------------------------*/
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Drawing;
using System.Data.OracleClient;
using Hhxx.App_Code.Database;
public partial class InterFace_Rights_UserRights : System.Web.UI.Page
...{
protected void Page_Load(object sender, EventArgs e)
...{
// 每次页面装载即运行
initRights();
if (!Page.IsPostBack)
...{
readDepartment();
}
}
private void readDepartment()
...{
DropDownListDepart.Items.Clear();
String conn = OracleHelper.DatabaseConnStr;
// 读取部门列表
String querySql = "SELECT 名称 FROM XITONGZIDIAN WHERE ID='00000000' ";
OracleDataReader rdDepartment = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdDepartment.Read())
...{
DropDownListDepart.Items.Add(rdDepartment.GetString(0).ToString());
}
rdDepartment.Close();
DropDownListDepart.Items.Add("没有部门人员");
}
/**//// <summary>
/// 部门选择改变
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void DropDownListDepart_SelectedIndexChanged(object sender, EventArgs e)
...{
readDepartmentUser();
}
/**//// <summary>
/// 获取部门用户列表
/// </summary>
private void readDepartmentUser()
...{
DropDownListUser.Items.Clear();
DropDownListUser.Items.Add("部门员工");
DropDownListUser.Items.FindByText("部门员工").Value = "部门员工";
String conn = OracleHelper.DatabaseConnStr;
// 读取部门列表
String querySql = "SELECT 用户名,姓名 FROM userinfor WHERE 所属部门='" + DropDownListDepart.SelectedItem.Text.Trim() +"' and 激活状态='1'";
OracleDataReader rdDepartment = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdDepartment.Read())
...{
String strValue = rdDepartment.GetString(0).ToString();
String strName = rdDepartment.GetString(1).ToString();
DropDownListUser.Items.Add(strName);
DropDownListUser.Items.FindByText(strName).Value = strValue;
}
rdDepartment.Close();
if (DropDownListUser.Items.Count == 0)
...{
DropDownListUser.Items.Add("该部门现在无员工");
DropDownListUser.Items.FindByText("该部门现在无员工").Value = "该部门现在无员工";
}
}
/**//// <summary>
/// 用户名改变
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void DropDownListUser_SelectedIndexChanged(object sender, EventArgs e)
...{
TableFunc.Rows.Clear();
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT Distinct 功能编号,页面名称 FROM detailfunction order by 功能编号";
OracleDataReader rdFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdFunc.Read())
...{
// 页面名称的写出
String strFuncNum = rdFunc.GetInt32(0).ToString();
String strPageName = rdFunc.GetString(1).ToString();
TableRow tr = new TableRow();
TableCell tc = new TableCell();
tc.BackColor = Color.RoyalBlue;
Label lbl = new Label();
//lbl.ID = rdFunc.GetString(2).ToString().Trim();
lbl.Text = strPageName;
tc.Controls.Add(lbl);
tr.Cells.Add(tc);
// 该页面对应的具体功能名称等
String detailQuery = "SELECT 具体功能名称,具体功能标志,SN FROM detailfunction WHERE 功能编号='" + strFuncNum + "'AND 页面名称='" + strPageName + "' order by 功能编号";
OracleDataReader rdDetail = OracleHelper.ExecuteReader(conn, CommandType.Text, detailQuery, null);
while (rdDetail.Read())
...{
String concreteFunc = rdDetail.GetString(0).ToString();
String concretePageFlag = rdDetail.GetString(1).ToString();
CheckBox chkBox = new CheckBox();
// SN 进行唯一确定
chkBox.ID = rdDetail.GetString(2).ToString().Trim();
chkBox.Text = concreteFunc;
// 判断该checkbox是否被选择 根据该用户是否选择了该功能
if (userFlag(DropDownListUser.SelectedValue.Trim(),chkBox.ID))
...{
chkBox.Checked = true;
}
TableCell tcDetail = new TableCell();
tcDetail.Controls.Add(chkBox);
tr.Cells.Add(tcDetail);
}
rdDetail.Close();
TableFunc.Rows.Add(tr);
}
rdFunc.Close();
}
/**//// <summary>
/// 判断该用户是否选择了该功能
/// </summary>
/// <param name="userName"></param>
/// <param name="id"></param>
/// <returns></returns>
private Boolean userFlag(String userName,String id)
...{
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT 是否可用 FROM userfunction WHERE 用户名='" + userName + "' AND ID='" + id + "'" ;
OracleDataReader rdFlag = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdFlag.Read())
...{
// 页面名称的写出
String flag = rdFlag.GetString(0).Trim();
if (flag.Equals("1"))
return true;
}
rdFlag.Close();
return false;
}
/**//// <summary>
/// 初始化权限
/// </summary>
private void initRights()
...{
//TableRow tr = new TableRow();
//TableCell tc = new TableCell();
//CheckBox chkBox = new CheckBox();
//chkBox.ID = "ttt";
//chkBox.Text = "fff";
//tc.Controls.Add(chkBox);
//Label lbl = new Label();
//lbl.Text = " test";
//tc.Controls.Add(lbl);
//tr.Cells.Add(tc);
//TableFunc.Rows.Add(tr);
//TableRow tr2 = new TableRow();
//TableCell tc2 = new TableCell();
//CheckBox chkBox2 = new CheckBox();
//chkBox2.ID = "ass";
//chkBox2.Text = "xxx";
//tc2.Controls.Add(chkBox2);
//tr2.Cells.Add(tc2);
//TableFunc.Rows.Add(tr2);
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT Distinct 功能编号,页面名称 FROM detailfunction order by 功能编号";
OracleDataReader rdFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdFunc.Read())
...{
// 页面名称的写出
String strFuncNum = rdFunc.GetInt32(0).ToString();
String strPageName = rdFunc.GetString(1).ToString();
TableRow tr = new TableRow();
TableCell tc = new TableCell();
tc.BackColor = Color.RoyalBlue;
Label lbl = new Label();
//lbl.ID = rdFunc.GetString(2).ToString().Trim();
lbl.Text = strPageName;
tc.Controls.Add(lbl);
tr.Cells.Add(tc);
// 该页面对应的具体功能名称等
String detailQuery = "SELECT 具体功能名称,具体功能标志,SN FROM detailfunction WHERE 功能编号='" + strFuncNum + "'AND 页面名称='" + strPageName + "' order by 功能编号";
OracleDataReader rdDetail = OracleHelper.ExecuteReader(conn, CommandType.Text, detailQuery, null);
while (rdDetail.Read())
...{
String concreteFunc = rdDetail.GetString(0).ToString();
String concretePageFlag = rdDetail.GetString(1).ToString();
CheckBox chkBox = new CheckBox();
// SN 进行唯一确定
chkBox.ID = rdDetail.GetString(2).ToString().Trim();
chkBox.Text = concreteFunc;
TableCell tcDetail = new TableCell();
tcDetail.Controls.Add(chkBox);
tr.Cells.Add(tcDetail);
}
rdDetail.Close();
TableFunc.Rows.Add(tr);
}
rdFunc.Close();
}
/**//// <summary>
/// 添加用户权限表
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void ButtonSubmit_Click(object sender, EventArgs e)
...{
// 首先删除用户所有权限
// 添加用户所有权限
// 非用户名
if (DropDownListUser.SelectedItem.Text.Trim().Equals("部门员工"))
...{
Response.Write("请选择用户");
}
else
...{
if (delUserRight())
...{
//for (int i = 0; i < Page.Controls.Count; i++)
//{
// foreach (System.Web.UI.Control control in Page.Controls[i].Controls)
// {
// if (control is Table)
// {
// //if (control is CheckBox)
// //{
// // //btnText.Add(control.ID);
// // //btnText.Add((control as Button).Text);
// // String name = (control as CheckBox).Text;
// // String id = (control as CheckBox).ID;
// // CheckBox temp = (CheckBox)control;
// // if (temp.Checked)
// // {
// // Response.Write(name + " " + id + " " + temp.Checked);
// // }
// //}
// }
// }
//}
}
// 测试代码
//int i = TableFunc.Rows.Count;
//if (TableFunc.Rows[0].FindControl("Button01010101") is CheckBox)
//{
// String name = (TableFunc.FindControl("Button01010101") as CheckBox).Text;
// String id = (TableFunc.FindControl("Button01010101") as CheckBox).ID;
// CheckBox temp = (CheckBox)TableFunc.FindControl("Button01010101");
// if (temp.Checked)
// {
// Response.Write(name + " " + id + " " + temp.Checked);
// }
//}
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT Distinct 功能编号,页面名称 FROM detailfunction order by 功能编号";
OracleDataReader rdFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
int i = 0;
while (rdFunc.Read())
...{
// 页面名称的写出
String strFuncNum = rdFunc.GetInt32(0).ToString();
String strPageName = rdFunc.GetString(1).ToString();
// 该页面对应的具体功能名称等
String detailQuery = "SELECT 具体功能名称,具体功能标志,SN FROM detailfunction WHERE 功能编号='" + strFuncNum + "'AND 页面名称='" + strPageName + "' order by 功能编号";
OracleDataReader rdDetail = OracleHelper.ExecuteReader(conn, CommandType.Text, detailQuery, null);
while (rdDetail.Read())
...{
String concreteFunc = rdDetail.GetString(0).ToString();
String concretePageFlag = rdDetail.GetString(1).ToString();
String concreteid = rdDetail.GetString(2).ToString().Trim();
try
...{
if (TableFunc.Rows[i].FindControl(concreteid) is CheckBox)
...{
String name = (TableFunc.FindControl(concreteid) as CheckBox).Text;
String id = (TableFunc.FindControl(concreteid) as CheckBox).ID;
CheckBox temp = (CheckBox)TableFunc.FindControl(concreteid);
String userName = DropDownListUser.SelectedValue.Trim();
int funcNumber = 0;
String pageID = "";
String pageName = "";
String concreteFuncName = "";
String concreteFuncid = "";
// 根据id主键获取detailFunction表的详细信息
String detailFunctionQuery = "SELECT 功能编号,页面ID,页面名称,具体功能名称,具体功能标志,SN FROM detailfunction WHERE SN='" + id + "'";
OracleDataReader rddetailFunctionQuery = OracleHelper.ExecuteReader(conn, CommandType.Text, detailFunctionQuery, null);
while (rddetailFunctionQuery.Read())
...{
funcNumber = rddetailFunctionQuery.GetInt32(0);
pageID = rddetailFunctionQuery.GetString(1).ToString().Trim();
pageName = rddetailFunctionQuery.GetString(2).ToString().Trim();
concreteFuncName = rddetailFunctionQuery.GetString(3).ToString().Trim();
concreteFuncid = rddetailFunctionQuery.GetString(4).ToString().Trim();
}
rddetailFunctionQuery.Close();
// 该功能被选中
if (temp.Checked)
...{
Response.Write(name + " " + id + " " + temp.Checked);
insertTable(userName, funcNumber, pageID, pageName, concreteFuncName, concreteFuncid, "1", id);
}
else
...{
insertTable(userName, funcNumber, pageID, pageName, concreteFuncName, concreteFuncid, "0", id);
}
}
}
catch (Exception ex)
...{
ex.ToString();
}
}
rdDetail.Close();
// 行自增
i++;
}
rdFunc.Close();
}
}
/**//// <summary>
/// 删除该用户的所有权限
/// </summary>
/// <returns></returns>
private Boolean delUserRight()
...{
String delSql = "DELETE FROM userfunction WHERE 用户名 = '" + DropDownListUser.SelectedValue.Trim() + "'";
OracleConnection conn = new OracleConnection(OracleHelper.DatabaseConnStr);
conn.Open();
OracleTransaction trans = conn.BeginTransaction(IsolationLevel.ReadCommitted);
try
...{
OracleHelper.ExecuteNonQuery(trans, CommandType.Text, delSql, null);
trans.Commit();
}
catch (Exception ex)
...{
trans.Rollback();
ex.ToString();
return false;
}
finally
...{
conn.Close();
}
return true;
}
/**//// <summary>
/// 插入该用户的所有权限
/// </summary>
/// <returns></returns>
private Boolean insertUserRight()
...{
// 查找详细功能列表里的功能
String conn = OracleHelper.DatabaseConnStr;
// 读取详细功能
String querySql = "SELECT 序号,功能编号,页面ID,页面名称,具体功能名称,具体功能标志 FROM detailfunction order by 序号";
OracleDataReader rdDetailFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdDetailFunc.Read())
...{
String strValue = rdDetailFunc.GetString(0).ToString();
String strName = rdDetailFunc.GetString(1).ToString();
// 按照规则进行查找和插入数据库
//insertTable();
}
rdDetailFunc.Close();
return true;
}
/**//// <summary>
/// 插入用户权限数据库
/// </summary>
private void insertTable(String userName,Int32 funcNum,String pageID,String pageName,String funcName,String funcID,String flag,String id)
...{
String sqlInsert = "INSERT INTO userfunction(用户名,功能编号,页面ID,页面名称,具体功能名称,具体功能标志,是否可用,ID) "
+ "VALUES(:yhm,:gnbh,:yeid,:yemc,:jtgnmc,:jtgnbz,:sfky,:id)";
OracleParameter[] parms = ...{
new OracleParameter(":yhm", OracleType.Char, 32),
new OracleParameter(":gnbh", OracleType.Number, 10),
new OracleParameter(":yeid", OracleType.VarChar,256),
new OracleParameter(":yemc", OracleType.VarChar, 256),
new OracleParameter(":jtgnmc", OracleType.VarChar, 256),
new OracleParameter(":jtgnbz", OracleType.Char, 64),
new OracleParameter(":sfky", OracleType.Char, 2),
new OracleParameter(":id", OracleType.Char, 32),
};
parms[0].Value = userName;
parms[1].Value = funcNum;
parms[2].Value = pageID;
parms[3].Value = pageName;
parms[4].Value = funcName;
parms[5].Value = funcID;
parms[6].Value = flag;
parms[7].Value = id;
OracleConnection conn = new OracleConnection(OracleHelper.DatabaseConnStr);
conn.Open();
OracleTransaction trans = conn.BeginTransaction(IsolationLevel.ReadCommitted);
try
...{
OracleHelper.ExecuteNonQuery(trans, CommandType.Text, sqlInsert, parms);
trans.Commit();
}
catch (Exception ex)
...{
trans.Rollback();
ex.ToString();
}
finally
...{
conn.Close();
}
}
}
// Copyright (C) 2007 桂林电子科技大学昊华南方项目组
// 作者:马如林
// 时间:2008/03/08
// 文件名:
// 文件功能描述:
// 用户权限管理
//
//
// 修改标识:
// 修改描述:
//
//----------------------------------------------------------------*/
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Drawing;
using System.Data.OracleClient;
using Hhxx.App_Code.Database;
public partial class InterFace_Rights_UserRights : System.Web.UI.Page
...{
protected void Page_Load(object sender, EventArgs e)
...{
// 每次页面装载即运行
initRights();
if (!Page.IsPostBack)
...{
readDepartment();
}
}
private void readDepartment()
...{
DropDownListDepart.Items.Clear();
String conn = OracleHelper.DatabaseConnStr;
// 读取部门列表
String querySql = "SELECT 名称 FROM XITONGZIDIAN WHERE ID='00000000' ";
OracleDataReader rdDepartment = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdDepartment.Read())
...{
DropDownListDepart.Items.Add(rdDepartment.GetString(0).ToString());
}
rdDepartment.Close();
DropDownListDepart.Items.Add("没有部门人员");
}
/**//// <summary>
/// 部门选择改变
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void DropDownListDepart_SelectedIndexChanged(object sender, EventArgs e)
...{
readDepartmentUser();
}
/**//// <summary>
/// 获取部门用户列表
/// </summary>
private void readDepartmentUser()
...{
DropDownListUser.Items.Clear();
DropDownListUser.Items.Add("部门员工");
DropDownListUser.Items.FindByText("部门员工").Value = "部门员工";
String conn = OracleHelper.DatabaseConnStr;
// 读取部门列表
String querySql = "SELECT 用户名,姓名 FROM userinfor WHERE 所属部门='" + DropDownListDepart.SelectedItem.Text.Trim() +"' and 激活状态='1'";
OracleDataReader rdDepartment = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdDepartment.Read())
...{
String strValue = rdDepartment.GetString(0).ToString();
String strName = rdDepartment.GetString(1).ToString();
DropDownListUser.Items.Add(strName);
DropDownListUser.Items.FindByText(strName).Value = strValue;
}
rdDepartment.Close();
if (DropDownListUser.Items.Count == 0)
...{
DropDownListUser.Items.Add("该部门现在无员工");
DropDownListUser.Items.FindByText("该部门现在无员工").Value = "该部门现在无员工";
}
}
/**//// <summary>
/// 用户名改变
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void DropDownListUser_SelectedIndexChanged(object sender, EventArgs e)
...{
TableFunc.Rows.Clear();
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT Distinct 功能编号,页面名称 FROM detailfunction order by 功能编号";
OracleDataReader rdFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdFunc.Read())
...{
// 页面名称的写出
String strFuncNum = rdFunc.GetInt32(0).ToString();
String strPageName = rdFunc.GetString(1).ToString();
TableRow tr = new TableRow();
TableCell tc = new TableCell();
tc.BackColor = Color.RoyalBlue;
Label lbl = new Label();
//lbl.ID = rdFunc.GetString(2).ToString().Trim();
lbl.Text = strPageName;
tc.Controls.Add(lbl);
tr.Cells.Add(tc);
// 该页面对应的具体功能名称等
String detailQuery = "SELECT 具体功能名称,具体功能标志,SN FROM detailfunction WHERE 功能编号='" + strFuncNum + "'AND 页面名称='" + strPageName + "' order by 功能编号";
OracleDataReader rdDetail = OracleHelper.ExecuteReader(conn, CommandType.Text, detailQuery, null);
while (rdDetail.Read())
...{
String concreteFunc = rdDetail.GetString(0).ToString();
String concretePageFlag = rdDetail.GetString(1).ToString();
CheckBox chkBox = new CheckBox();
// SN 进行唯一确定
chkBox.ID = rdDetail.GetString(2).ToString().Trim();
chkBox.Text = concreteFunc;
// 判断该checkbox是否被选择 根据该用户是否选择了该功能
if (userFlag(DropDownListUser.SelectedValue.Trim(),chkBox.ID))
...{
chkBox.Checked = true;
}
TableCell tcDetail = new TableCell();
tcDetail.Controls.Add(chkBox);
tr.Cells.Add(tcDetail);
}
rdDetail.Close();
TableFunc.Rows.Add(tr);
}
rdFunc.Close();
}
/**//// <summary>
/// 判断该用户是否选择了该功能
/// </summary>
/// <param name="userName"></param>
/// <param name="id"></param>
/// <returns></returns>
private Boolean userFlag(String userName,String id)
...{
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT 是否可用 FROM userfunction WHERE 用户名='" + userName + "' AND ID='" + id + "'" ;
OracleDataReader rdFlag = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdFlag.Read())
...{
// 页面名称的写出
String flag = rdFlag.GetString(0).Trim();
if (flag.Equals("1"))
return true;
}
rdFlag.Close();
return false;
}
/**//// <summary>
/// 初始化权限
/// </summary>
private void initRights()
...{
//TableRow tr = new TableRow();
//TableCell tc = new TableCell();
//CheckBox chkBox = new CheckBox();
//chkBox.ID = "ttt";
//chkBox.Text = "fff";
//tc.Controls.Add(chkBox);
//Label lbl = new Label();
//lbl.Text = " test";
//tc.Controls.Add(lbl);
//tr.Cells.Add(tc);
//TableFunc.Rows.Add(tr);
//TableRow tr2 = new TableRow();
//TableCell tc2 = new TableCell();
//CheckBox chkBox2 = new CheckBox();
//chkBox2.ID = "ass";
//chkBox2.Text = "xxx";
//tc2.Controls.Add(chkBox2);
//tr2.Cells.Add(tc2);
//TableFunc.Rows.Add(tr2);
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT Distinct 功能编号,页面名称 FROM detailfunction order by 功能编号";
OracleDataReader rdFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdFunc.Read())
...{
// 页面名称的写出
String strFuncNum = rdFunc.GetInt32(0).ToString();
String strPageName = rdFunc.GetString(1).ToString();
TableRow tr = new TableRow();
TableCell tc = new TableCell();
tc.BackColor = Color.RoyalBlue;
Label lbl = new Label();
//lbl.ID = rdFunc.GetString(2).ToString().Trim();
lbl.Text = strPageName;
tc.Controls.Add(lbl);
tr.Cells.Add(tc);
// 该页面对应的具体功能名称等
String detailQuery = "SELECT 具体功能名称,具体功能标志,SN FROM detailfunction WHERE 功能编号='" + strFuncNum + "'AND 页面名称='" + strPageName + "' order by 功能编号";
OracleDataReader rdDetail = OracleHelper.ExecuteReader(conn, CommandType.Text, detailQuery, null);
while (rdDetail.Read())
...{
String concreteFunc = rdDetail.GetString(0).ToString();
String concretePageFlag = rdDetail.GetString(1).ToString();
CheckBox chkBox = new CheckBox();
// SN 进行唯一确定
chkBox.ID = rdDetail.GetString(2).ToString().Trim();
chkBox.Text = concreteFunc;
TableCell tcDetail = new TableCell();
tcDetail.Controls.Add(chkBox);
tr.Cells.Add(tcDetail);
}
rdDetail.Close();
TableFunc.Rows.Add(tr);
}
rdFunc.Close();
}
/**//// <summary>
/// 添加用户权限表
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void ButtonSubmit_Click(object sender, EventArgs e)
...{
// 首先删除用户所有权限
// 添加用户所有权限
// 非用户名
if (DropDownListUser.SelectedItem.Text.Trim().Equals("部门员工"))
...{
Response.Write("请选择用户");
}
else
...{
if (delUserRight())
...{
//for (int i = 0; i < Page.Controls.Count; i++)
//{
// foreach (System.Web.UI.Control control in Page.Controls[i].Controls)
// {
// if (control is Table)
// {
// //if (control is CheckBox)
// //{
// // //btnText.Add(control.ID);
// // //btnText.Add((control as Button).Text);
// // String name = (control as CheckBox).Text;
// // String id = (control as CheckBox).ID;
// // CheckBox temp = (CheckBox)control;
// // if (temp.Checked)
// // {
// // Response.Write(name + " " + id + " " + temp.Checked);
// // }
// //}
// }
// }
//}
}
// 测试代码
//int i = TableFunc.Rows.Count;
//if (TableFunc.Rows[0].FindControl("Button01010101") is CheckBox)
//{
// String name = (TableFunc.FindControl("Button01010101") as CheckBox).Text;
// String id = (TableFunc.FindControl("Button01010101") as CheckBox).ID;
// CheckBox temp = (CheckBox)TableFunc.FindControl("Button01010101");
// if (temp.Checked)
// {
// Response.Write(name + " " + id + " " + temp.Checked);
// }
//}
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT Distinct 功能编号,页面名称 FROM detailfunction order by 功能编号";
OracleDataReader rdFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
int i = 0;
while (rdFunc.Read())
...{
// 页面名称的写出
String strFuncNum = rdFunc.GetInt32(0).ToString();
String strPageName = rdFunc.GetString(1).ToString();
// 该页面对应的具体功能名称等
String detailQuery = "SELECT 具体功能名称,具体功能标志,SN FROM detailfunction WHERE 功能编号='" + strFuncNum + "'AND 页面名称='" + strPageName + "' order by 功能编号";
OracleDataReader rdDetail = OracleHelper.ExecuteReader(conn, CommandType.Text, detailQuery, null);
while (rdDetail.Read())
...{
String concreteFunc = rdDetail.GetString(0).ToString();
String concretePageFlag = rdDetail.GetString(1).ToString();
String concreteid = rdDetail.GetString(2).ToString().Trim();
try
...{
if (TableFunc.Rows[i].FindControl(concreteid) is CheckBox)
...{
String name = (TableFunc.FindControl(concreteid) as CheckBox).Text;
String id = (TableFunc.FindControl(concreteid) as CheckBox).ID;
CheckBox temp = (CheckBox)TableFunc.FindControl(concreteid);
String userName = DropDownListUser.SelectedValue.Trim();
int funcNumber = 0;
String pageID = "";
String pageName = "";
String concreteFuncName = "";
String concreteFuncid = "";
// 根据id主键获取detailFunction表的详细信息
String detailFunctionQuery = "SELECT 功能编号,页面ID,页面名称,具体功能名称,具体功能标志,SN FROM detailfunction WHERE SN='" + id + "'";
OracleDataReader rddetailFunctionQuery = OracleHelper.ExecuteReader(conn, CommandType.Text, detailFunctionQuery, null);
while (rddetailFunctionQuery.Read())
...{
funcNumber = rddetailFunctionQuery.GetInt32(0);
pageID = rddetailFunctionQuery.GetString(1).ToString().Trim();
pageName = rddetailFunctionQuery.GetString(2).ToString().Trim();
concreteFuncName = rddetailFunctionQuery.GetString(3).ToString().Trim();
concreteFuncid = rddetailFunctionQuery.GetString(4).ToString().Trim();
}
rddetailFunctionQuery.Close();
// 该功能被选中
if (temp.Checked)
...{
Response.Write(name + " " + id + " " + temp.Checked);
insertTable(userName, funcNumber, pageID, pageName, concreteFuncName, concreteFuncid, "1", id);
}
else
...{
insertTable(userName, funcNumber, pageID, pageName, concreteFuncName, concreteFuncid, "0", id);
}
}
}
catch (Exception ex)
...{
ex.ToString();
}
}
rdDetail.Close();
// 行自增
i++;
}
rdFunc.Close();
}
}
/**//// <summary>
/// 删除该用户的所有权限
/// </summary>
/// <returns></returns>
private Boolean delUserRight()
...{
String delSql = "DELETE FROM userfunction WHERE 用户名 = '" + DropDownListUser.SelectedValue.Trim() + "'";
OracleConnection conn = new OracleConnection(OracleHelper.DatabaseConnStr);
conn.Open();
OracleTransaction trans = conn.BeginTransaction(IsolationLevel.ReadCommitted);
try
...{
OracleHelper.ExecuteNonQuery(trans, CommandType.Text, delSql, null);
trans.Commit();
}
catch (Exception ex)
...{
trans.Rollback();
ex.ToString();
return false;
}
finally
...{
conn.Close();
}
return true;
}
/**//// <summary>
/// 插入该用户的所有权限
/// </summary>
/// <returns></returns>
private Boolean insertUserRight()
...{
// 查找详细功能列表里的功能
String conn = OracleHelper.DatabaseConnStr;
// 读取详细功能
String querySql = "SELECT 序号,功能编号,页面ID,页面名称,具体功能名称,具体功能标志 FROM detailfunction order by 序号";
OracleDataReader rdDetailFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdDetailFunc.Read())
...{
String strValue = rdDetailFunc.GetString(0).ToString();
String strName = rdDetailFunc.GetString(1).ToString();
// 按照规则进行查找和插入数据库
//insertTable();
}
rdDetailFunc.Close();
return true;
}
/**//// <summary>
/// 插入用户权限数据库
/// </summary>
private void insertTable(String userName,Int32 funcNum,String pageID,String pageName,String funcName,String funcID,String flag,String id)
...{
String sqlInsert = "INSERT INTO userfunction(用户名,功能编号,页面ID,页面名称,具体功能名称,具体功能标志,是否可用,ID) "
+ "VALUES(:yhm,:gnbh,:yeid,:yemc,:jtgnmc,:jtgnbz,:sfky,:id)";
OracleParameter[] parms = ...{
new OracleParameter(":yhm", OracleType.Char, 32),
new OracleParameter(":gnbh", OracleType.Number, 10),
new OracleParameter(":yeid", OracleType.VarChar,256),
new OracleParameter(":yemc", OracleType.VarChar, 256),
new OracleParameter(":jtgnmc", OracleType.VarChar, 256),
new OracleParameter(":jtgnbz", OracleType.Char, 64),
new OracleParameter(":sfky", OracleType.Char, 2),
new OracleParameter(":id", OracleType.Char, 32),
};
parms[0].Value = userName;
parms[1].Value = funcNum;
parms[2].Value = pageID;
parms[3].Value = pageName;
parms[4].Value = funcName;
parms[5].Value = funcID;
parms[6].Value = flag;
parms[7].Value = id;
OracleConnection conn = new OracleConnection(OracleHelper.DatabaseConnStr);
conn.Open();
OracleTransaction trans = conn.BeginTransaction(IsolationLevel.ReadCommitted);
try
...{
OracleHelper.ExecuteNonQuery(trans, CommandType.Text, sqlInsert, parms);
trans.Commit();
}
catch (Exception ex)
...{
trans.Rollback();
ex.ToString();
}
finally
...{
conn.Close();
}
}
}
运行界面:
信息发布发布审批国内新闻奖罚登记
基本功能具备。
信息发布发布审批国内新闻奖罚登记
在用户判断时可以根据页面和控件名称进行判定。
- 用户权限设计
- 用户权限设计
- 用户权限设计
- 用户权限设计
- 用户权限设计
- 用户权限设计
- 用户权限设计
- 用户权限设计
- 用户权限系统设计
- 用户权限管理设计(1)
- 通用用户权限系统设计
- 用户权限管理设计(2)
- 通用用户权限系统设计
- 设计用户权限杂谈
- Open4Cms用户权限管理设计
- 系统中的用户权限设计
- 通用用户权限系统设计
- 用户权限设计--转2
- 连接oracle的总结
- 论Sun的学究思路
- JSP连接mysql数据库
- Windows CE 编程的十点忠告
- 关于for(输出图形)
- 用户权限设计
- ubuntu server 安装 日记
- js目录
- 通用ShellCode深入剖析
- WinCE系统下BootLoader的开发【转载】
- 投资-理财书籍免费阅读
- 像样一点的js目录
- 2.1.1.1.1.3.2:2007年11月Windows Embedded CE 6.0文档更新的新特点
- 作品登记表上的思贝介绍