Beispiel #1
0
    def GetTreeResourceScopeIds(self, userId, tableName, permissionItemCode,
                                childrens):
        """
          树型资源的权限范围
          Args:
              userId (string): 用户主键
              tableName (string): 资源分类
              permissionItemCode (string): 权限编号
              childrens (string): 是否含子节点
          Returns:
              returnValue(string[]): 主键列表
        """
        resourceScopeIds = PermissionScopeService.GetResourceScopeIds(
            self, userId, tableName, permissionItemCode)

        if not childrens:
            return resourceScopeIds

        idList = StringHelper.ObjectsToList(resourceScopeIds)
        if idList:
            sqlQuery = 'select id from ( select id from ' + tableName + ' where (id in (' + idList + ')) UNION ALL select ResourceTree.Id AS ID FROM ' + tableName + ' AS ResourceTree INNER JOIN pipermissionscope AS A ON A.Id = ResourceTree.ParentId) AS PermissionScopeTree'
            dataTable = DbCommonLibaray.executeQuery(self, sqlQuery)
            #TODO:这个地方需要把两个列表合并
            #resourceScopeIds + dataTable
        return resourceScopeIds
Beispiel #2
0
    def GetDTSql(userIds, name, value, beginDate, endDate):
        sqlQuery = " SELECT * FROM " + 'cilog' + " WHERE 1=1 "

        if value:
            sqlQuery = sqlQuery + " AND " + name + " = '" + value + "' "

        if beginDate and endDate:
            beginDate = str(time.strftime("%Y-%m-%d %H:%M:%S", beginDate))
            endDate = str(time.strftime("%Y-%m-%d %H:%M:%S", endDate))

        if userIds:
            sqlQuery = sqlQuery + " AND " + 'createuserid' + " IN (" + StringHelper.ObjectsToList(
                userIds) + ") "

        if len(beginDate.strip()) > 0:
            sqlQuery = sqlQuery + " AND CREATEON >= '" + beginDate + "'"
        if len(endDate.strip()) > 0:
            sqlQuery = sqlQuery + " AND CREATEON <= '" + endDate + "'"

        sqlQuery = sqlQuery + " ORDER BY CREATEON DESC "
        return sqlQuery
Beispiel #3
0
    def GetSearchConditional(self, userInfo, permissionScopeCode, search,
                             roleIds, enabled, auditStates, departmentId):

        LogService.WriteLog(userInfo, __class__.__name__,
                            FrameworkMessage.UserService,
                            sys._getframe().f_code.co_name,
                            FrameworkMessage.UserService_GetSearchConditional,
                            '')

        search = StringHelper.GetSearchString(self, search)
        whereConditional = 'piuser.deletemark=0 and piuser.isvisible=1 '
        if not enabled == None:
            if enabled == True:
                whereConditional = whereConditional + " and ( piuser.enabled = 1 )"
            else:
                whereConditional = whereConditional + " and ( piuser.enabled = 0 )"
        if search:
            whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'username' + " LIKE '" + search + "'" \
                            + " OR " + 'piuser' + "." + 'code' + " LIKE '" + search + "'" \
                            + " OR " + 'piuser' + "." + 'realname' + " LIKE '" + search + "'" \
                            + " OR " + 'piuser' + "." + 'quickquery' + " LIKE '" + search + "'" \
                            + " OR " + 'piuser' + "." + 'departmentname' + " LIKE '" + search + "'" \
                            + " OR " + 'piuser' + "." + 'description' + " LIKE '" + search + "')"
        if departmentId:
            organizeIds = OrganizeService.GetChildrensById(self, departmentId)
            if organizeIds and len(organizeIds) > 0:
                whereConditional =  whereConditional + " AND (" + 'piuser' + "." + 'companyid' + " IN (" + StringHelper.ArrayToList(self, organizeIds,"'") + ")" \
                     + " OR " + 'piuser' + "." + 'companyid' + " IN (" + StringHelper.ArrayToList(self, organizeIds, "'") + ")"   \
                     + " OR " + 'piuser' + "." + 'departmentid' + " IN (" + StringHelper.ArrayToList(self, organizeIds, "'") + ")"    \
                     + " OR " + 'piuser' + "." + 'subdepartmentid' + " IN (" + StringHelper.ArrayToList(self, organizeIds, "'") + ")" \
                     + " OR " + 'piuser' + "." + 'workgroupid' + " IN (" + StringHelper.ArrayToList(self, organizeIds, "'") + "))"
                whereConditional = whereConditional + " OR " + 'piuser' + "." + 'id' + " IN (" \
                            + " SELECT " + 'userid' \
                            + "   FROM " + 'piuserorganize' \
                            + "  WHERE (" + 'piuserorganize' + "." + 'deletemark' + " = 0 ) " \
                            + "       AND ("  \
                            + 'piuserorganize' + "." + 'companyid' + " = '" + departmentId + "' OR " \
                            + 'piuserorganize' + "." + 'subcompanyid' + " = '" + departmentId + "' OR " \
                            + 'piuserorganize' + "." + 'departmentid' + " = '" + departmentId + "' OR " \
                            + 'piuserorganize' + "." + 'subdepartmentid' + " = '" + departmentId + "' OR " \
                            + 'piuserorganize' + "." + 'workgroupid' + " = '" + departmentId + "')) "
        if auditStates:
            whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'auditstatus' + " = '" + auditStates + "')"

        if roleIds and len(roleIds) > 0:
            roles = StringHelper.ArrayToList(self, roleIds, "'")
            whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'id' + " IN (" + "SELECT " + 'userid' + " FROM " + 'piuserrole' + " WHERE " + 'roleid' + " IN (" + roles + ")" + "))"

        if (not userInfo.IsAdministrator
            ) and SystemInfo.EnableUserAuthorizationScope:
            permissionScopeItemId = PermissionItemService.GetId(
                self, permissionScopeCode)
            if permissionScopeItemId:
                #从小到大的顺序进行显示,防止错误发生
                organizeIds = PermissionScopeService.GetOrganizeIds(
                    self, userInfo.Id, permissionScopeCode)
                #没有任何数据权限
                if PermissionScope.PermissionScopeDic.get('No') in organizeIds:
                    whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'id' + " = NULL ) "
                #按详细设定的数据
                if PermissionScope.PermissionScopeDic.get(
                        'Detail') in organizeIds:
                    userIds = PermissionScopeService.GetUserIds(
                        self, userInfo.Id, permissionScopeCode)
                    whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'id' + " IN (" + StringHelper.ObjectsToList(
                        userIds) + ")) "
                #自己的数据,仅本人
                if PermissionScope.PermissionScopeDic.get(
                        'User') in organizeIds:
                    whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'id' + " = '" + userInfo.Id + "') "
                #用户所在工作组数据
                if PermissionScope.PermissionScopeDic.get(
                        'UserWorkgroup') in organizeIds:
                    whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'workgroupid' + " = '" + userInfo.WorkgroupId + "') "
                #用户所在部门数据
                if PermissionScope.PermissionScopeDic.get(
                        'UserDepartment') in organizeIds:
                    whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'departmentid' + " = '" + userInfo.DepartmentId + "') "
                #用户所在公司数据
                if PermissionScope.PermissionScopeDic.get(
                        'UserCompany') in organizeIds:
                    whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'companyid' + " = '" + userInfo.CompanyId + "') "
                #全部数据,这里就不用设置过滤条件了
                if PermissionScope.PermissionScopeDic.get(
                        'All') in organizeIds:
                    pass
        return whereConditional