第六章 电子政务系统的用户权限管理 -- RBAC（四）

6.6 角色用户管理设计与实现

6.6.1 角色用户管理板块程序原型设计

 

    角色用户管理板块包括管理组织部门、管理角色、角色权限分配、管理员工信息、管理用户、用户权限分配等多个ASPX服务器端Web程序。

图6.13 组织部门管理

 

图6.14 管理角色

 

图6.15 管理角色权限

 

图6.16 管理员工信息

 

 图6.17 管理用户

 

图6.18 用户角色分配

6.6.2 用户与资源管理组件的实现

    在编制用户及资源权限管理程序时要调用用户管理组件类UserManagement，其文件UserManagement.cs的代码如下：

    using System.Configuration;
    using System.Web.Security;

    ......

    using DataAccess;

    namespace UserResourceManagement
    {

       public class UserManagement
       {
          private string BaseSqlErrDes = "";//sql异常信息

          //空构造函数

          public UserManagement(){｝

          //用户验证
          public string UserAuthentication(string username,string password)
          {

              //用户密码加密保存在数据库中，所以用户输入的密码要同样加密后进行比较
              string authenticatedpassword=FormsAuthentication

                          .HashPasswordForStoringInConfigFile(password, "MD5");
              string strSql="select UserID from Users where UserName=@UserName and

                      PassWord=@PassWord and Active='A'";//登录用户必须是活动用户
              DataSet ds;
              try
              {
                 SqlCommand cmd=new SqlCommand(strSql);
                 cmd.Parameters.Add(new SqlParameter("@UserName",SqlDbType.VarChar,30));
                 cmd.Parameters.Add(new SqlParameter("@PassWord",SqlDbType.VarChar,60));
                 cmd.Parameters["@UserName"].Value=username;
                 cmd.Parameters["@PassWord"].Value=authenticatedpassword;
                 Base basecode=new Base();
                 ds=basecode.SQLExeDataSet(cmd);
                 if(ds == null)
                 {
                    BaseSqlErrDes=basecode.BaseSqlErrDes;
                    return null;
                 }
                 if(ds.Tables[0].Rows.Count<1)
                 {
                    BaseSqlErrDes="用户名或密码输入错误!";
                    return null;
                 }
                 return ds.Tables[0].Rows[0]["UserID"].ToString();
              }
              catch(System.FormatException exc)
              {
                  BaseSqlErrDes=exc.Message;
                  return null;
              }
           }

           //获取用户名
           public string GetUserName(string userID)
           {
              string strSql="select UserName from Users where UserID="+userID;
              Base basecode=new Base();
              DataSet ds=basecode.SQLExeDataSet(strSql);
              if(ds == null)
              {
                 BaseSqlErrDes=basecode.BaseSqlErrDes;
                 return null;
              }
              return ds.Tables[0].Rows[0]["UserName"].ToString();
           }

           //获取员工姓名
           public string GetEmployeeName(string userID)
           {
              string strSql="select EmployeeName from Employees where EmployeeID=(select

                    EmployeeID from Users where UserID="+userID+")";
              Base basecode=new Base();
              DataSet ds=basecode.SQLExeDataSet(strSql);
              if(ds == null)
              {
                  BaseSqlErrDes=basecode.BaseSqlErrDes;
                  return null;
              }
              return ds.Tables[0].Rows[0]["EmployeeName"].ToString();
           }

           //获取用户角色列表
           public DataSet GetRoles(string userID)
           {
              string strSql="select RoleID from RolesAssigned where UserID="+userID;
              Base basecode=new Base();
              DataSet ds=basecode.SQLExeDataSet(strSql);
              if(ds == null)
                  BaseSqlErrDes=basecode.BaseSqlErrDes;
              return ds;
           }

           //修改密码
           public bool UpdatePassword(string userid,string password)
           {
              string authenticatedpassword=FormsAuthentication

                         .HashPasswordForStoringInConfigFile(password, "MD5");
              string strSql="update Users set PassWord=@PassWord where UserID="+userid;

              try
              {
                  SqlCommand cmd=new SqlCommand(strSql);
                  cmd.Parameters.Add(new SqlParameter("@PassWord",SqlDbType.VarChar,60));
                  cmd.Parameters["@PassWord"].Value=authenticatedpassword;
                  Base basecode=new Base();
                  if(! basecode.SQLExeNonQuery_proc(cmd))
                  {
                     BaseSqlErrDes=basecode.BaseSqlErrDes;
                     return false;
                  }
              }
              catch(System.FormatException exc)
              {
                 BaseSqlErrDes=exc.Message;
                 return false;
              }
              return true;
          }

          //获取sql异常
          public string SqlErrDes
          {
             get
             {
                return BaseSqlErrDes;
             }
          }
          //获取角色有权限的办公桌面板块(办公桌面板块下的资源分类名称)
          public DataSet GetOfficeResourceType(string roleID)
          {
              string strSql="select distinct CateGoryID,CategoryName from ResourceCategories 

                   where CategoryID in (select ResourceType from Resource where ResourceID in

                    (select ResourceID from Privilege where OperationID=4 and PrivilegeID in

                     (select PrivilegeID from PrivilegesAssigned where RoleID="+roleID+")))

                        and InheritedCategoryID=1 order by CategoryID ASC";

              //sql语句说明：  是获取角色具有的权限编号集合；InheritedCategoryID=1为办公桌面板

              //块；  子句是查询权限表，获取权限编号集合中操作为link的权限所对应的资源编号。
              Base basecode=new Base();
              DataSet ds=basecode.SQLExeDataSet(strSql);
              if(ds == null)
                  BaseSqlErrDes=basecode.BaseSqlErrDes;
              return ds;
          }
          //获取角色的特定资源分类的桌面链接资源
          public DataSet GetOfficeLinkResource(string roleID,string resourceType)
          {
              string strSql="SELECT ResourceName, Link FROM Resource WHERE ResourceID IN

                  (SELECT ResourceID FROM Privilege WHERE OperationID = 4 AND PrivilegeID IN

                   (SELECT PrivilegeID FROM PrivilegesAssigned WHERE RoleID = "+roleID+"))

                       AND ResourceType = "+resourceType;
              Base basecode=new Base();
              DataSet ds=basecode.SQLExeDataSet(strSql);
              if(ds == null)
                   BaseSqlErrDes=basecode.BaseSqlErrDes;
              return ds;
          }
          //获取角色集的有权限的办公桌面板块(办公桌面板块下的资源分类名称)
          public DataSet GetOfficeResourceType(DataSet roleIDs)
          {
             string strSql="select distinct CateGoryID,CategoryName from ResourceCategories

                 where CategoryID in (select ResourceType from Resource where ResourceID in

                  (select ResourceID from Privilege where OperationID=4 and PrivilegeID in

                     (select PrivilegeID from PrivilegesAssigned where RoleID in

                      ("+roleIDs.Tables[0].Rows[0]["RoleID"].ToString();
             for(int i=1;i<roleIDs.Tables[0].Rows.Count;i++)
                 strSql=strSql+","+roleIDs.Tables[0].Rows[i]["RoleID"].ToString();
             strSql=strSql+")))) and InheritedCategoryID=1 order by CategoryID ASC";
             Base basecode=new Base();
             DataSet ds=basecode.SQLExeDataSet(strSql);
             if(ds == null)
                 BaseSqlErrDes=basecode.BaseSqlErrDes;
             return ds;
          }
          //获取角色集的的特定资源分类的桌面链接资源
          public DataSet GetOfficeLinkResource(DataSet roleIDs,string resourceType)
          {
              string strSql="SELECT ResourceName, Link FROM Resource WHERE ResourceID IN

                  (SELECT ResourceID FROM Privilege WHERE OperationID = 4 AND PrivilegeID IN

                    (SELECT PrivilegeID FROM PrivilegesAssigned WHERE RoleID in

                       ("+roleIDs.Tables[0].Rows[0]["RoleID"].ToString();
              for(int i=1;i<roleIDs.Tables[0].Rows.Count;i++)
                   strSql=strSql+","+roleIDs.Tables[0].Rows[i]["RoleID"].ToString();
              strSql=strSql+"))) AND ResourceType = "+resourceType;
              Base basecode=new Base();
              DataSet ds=basecode.SQLExeDataSet(strSql);
              if(ds == null)
                  BaseSqlErrDes=basecode.BaseSqlErrDes;
              return ds;
          }
          //判断用户是否具有重新指派任务的权限
          public bool HaveReassignTaskPrivilege(string userID)
          {
             string strSql="select * from PrivilegesAssigned where PrivilegeID=40 and RoleID

                     in (select RoleID from RolesAssigned where UserID="+userID+")"; 
             Base basecode=new Base();
             if(basecode.IfExistRecord(strSql))
                  return true;
             else
                  return false;
          }
       }
    }