详细的以后再说:需要精确到控件的用户权限设计。
先了解一下:
1 用户表:User
用户名 姓名
员工号 激活标志 密码 注册日期 。。。 SN
Mrl
马如林
。。。。。。
2 详细功能:DetailFunction
(
该表手动录入,不可修改。除非需求变动才可。类似于系统字典。经过培训后可以修改。
)
序号 功能编号
页面
ID
页面名称
具体功能名称
具体功能标志 SN
1 2
ASP.Infor_aspx
信息中心信息发布
添加
ButtonAdd
Button01020101
2 2
ASP.Infor_aspx
信息中心信息发布
删除
ButtonDel
Button01020102
3 5
ASP.RenshiXinXi_aspx
人事中心基本信息
删除
ButtonDel
Button01020103
其中的
页面
ID和
具体功能标志需要程序员根据编程确定。这样就可以具体确定到每个页面的每个按钮(
通过
SN
编码进行确定)。
3 用户功能表:UserFunction(User表和DetailFunction的关联表)
用户名
|
功能编号
|
页面
ID
|
页面名称
|
具体功能名称
|
具体功能标识
|
是否可用
|
SN
|
Mrl
|
2
|
ASP.Infor_aspx
|
信息中心信息发布
|
添加
|
ButtonAdd
|
是
|
对应上面的SN
|
Mrl
|
2
|
ASP.
RenshiXinXi _aspx
|
人事中心基本信息
|
添加
|
ButtonAdd
|
否
|
|
…..
|
|
|
|
|
|
|
|
zqx
|
…….
|
|
|
|
|
|
|
……
|
|
|
|
|
|
|
|
通过上表建立用户和对应页面及该页面控件的关系,如果可用则其标志为是,否则为否。进入页面时对页面进行检查设置。
页面设计
<%
...
@ Page Language="C#" AutoEventWireup="true" CodeFile="UserRights.aspx.cs" Inherits="InterFace_Rights_UserRights"
%>
<! DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
< html xmlns ="http://www.w3.org/1999/xhtml" >
< head runat ="server" >
< title > 用户权限管理 </ title >
</ head >
< body >
< form id ="form1" runat ="server" >
< div >
< asp:DropDownList ID ="DropDownListDepart" runat ="server" AutoPostBack ="True" OnSelectedIndexChanged ="DropDownListDepart_SelectedIndexChanged" >
< asp:ListItem Value ="部门选择" > 部门选择 </ asp:ListItem >
</ asp:DropDownList >
< asp:DropDownList ID ="DropDownListUser" runat ="server" AutoPostBack ="True" OnSelectedIndexChanged ="DropDownListUser_SelectedIndexChanged" >
< asp:ListItem Value ="人员列表" > 人员列表 </ asp:ListItem >
</ asp:DropDownList >< br />
< asp:Table ID ="TableFunc" runat ="server" >
</ asp:Table >
< asp:Button ID ="ButtonSubmit" runat ="server" OnClick ="ButtonSubmit_Click" Text ="确定" />
</ div >
</ form >
</ body >
</ html >
<! DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
< html xmlns ="http://www.w3.org/1999/xhtml" >
< head runat ="server" >
< title > 用户权限管理 </ title >
</ head >
< body >
< form id ="form1" runat ="server" >
< div >
< asp:DropDownList ID ="DropDownListDepart" runat ="server" AutoPostBack ="True" OnSelectedIndexChanged ="DropDownListDepart_SelectedIndexChanged" >
< asp:ListItem Value ="部门选择" > 部门选择 </ asp:ListItem >
</ asp:DropDownList >
< asp:DropDownList ID ="DropDownListUser" runat ="server" AutoPostBack ="True" OnSelectedIndexChanged ="DropDownListUser_SelectedIndexChanged" >
< asp:ListItem Value ="人员列表" > 人员列表 </ asp:ListItem >
</ asp:DropDownList >< br />
< asp:Table ID ="TableFunc" runat ="server" >
</ asp:Table >
< asp:Button ID ="ButtonSubmit" runat ="server" OnClick ="ButtonSubmit_Click" Text ="确定" />
</ div >
</ form >
</ body >
</ html >
相关代码
/**/
/*----------------------------------------------------------------
// Copyright (C) 2007 桂林电子科技大学昊华南方项目组
// 作者:马如林
// 时间:2008/03/08
// 文件名:
// 文件功能描述:
// 用户权限管理
//
//
// 修改标识:
// 修改描述:
//
//----------------------------------------------------------------*/
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Drawing;
using System.Data.OracleClient;
using Hhxx.App_Code.Database;
public partial class InterFace_Rights_UserRights : System.Web.UI.Page
... {
protected void Page_Load(object sender, EventArgs e)
...{
// 每次页面装载即运行
initRights();
if (!Page.IsPostBack)
...{
readDepartment();
}
}
private void readDepartment()
...{
DropDownListDepart.Items.Clear();
String conn = OracleHelper.DatabaseConnStr;
// 读取部门列表
String querySql = "SELECT 名称 FROM XITONGZIDIAN WHERE ID='00000000' ";
OracleDataReader rdDepartment = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdDepartment.Read())
...{
DropDownListDepart.Items.Add(rdDepartment.GetString(0).ToString());
}
rdDepartment.Close();
DropDownListDepart.Items.Add("没有部门人员");
}
/**//// <summary>
/// 部门选择改变
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void DropDownListDepart_SelectedIndexChanged(object sender, EventArgs e)
...{
readDepartmentUser();
}
/**//// <summary>
/// 获取部门用户列表
/// </summary>
private void readDepartmentUser()
...{
DropDownListUser.Items.Clear();
DropDownListUser.Items.Add("部门员工");
DropDownListUser.Items.FindByText("部门员工").Value = "部门员工";
String conn = OracleHelper.DatabaseConnStr;
// 读取部门列表
String querySql = "SELECT 用户名,姓名 FROM userinfor WHERE 所属部门='" + DropDownListDepart.SelectedItem.Text.Trim() +"' and 激活状态='1'";
OracleDataReader rdDepartment = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdDepartment.Read())
...{
String strValue = rdDepartment.GetString(0).ToString();
String strName = rdDepartment.GetString(1).ToString();
DropDownListUser.Items.Add(strName);
DropDownListUser.Items.FindByText(strName).Value = strValue;
}
rdDepartment.Close();
if (DropDownListUser.Items.Count == 0)
...{
DropDownListUser.Items.Add("该部门现在无员工");
DropDownListUser.Items.FindByText("该部门现在无员工").Value = "该部门现在无员工";
}
}
/**//// <summary>
/// 用户名改变
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void DropDownListUser_SelectedIndexChanged(object sender, EventArgs e)
...{
TableFunc.Rows.Clear();
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT Distinct 功能编号,页面名称 FROM detailfunction order by 功能编号";
OracleDataReader rdFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdFunc.Read())
...{
// 页面名称的写出
String strFuncNum = rdFunc.GetInt32(0).ToString();
String strPageName = rdFunc.GetString(1).ToString();
TableRow tr = new TableRow();
TableCell tc = new TableCell();
tc.BackColor = Color.RoyalBlue;
Label lbl = new Label();
//lbl.ID = rdFunc.GetString(2).ToString().Trim();
lbl.Text = strPageName;
tc.Controls.Add(lbl);
tr.Cells.Add(tc);
// 该页面对应的具体功能名称等
String detailQuery = "SELECT 具体功能名称,具体功能标志,SN FROM detailfunction WHERE 功能编号='" + strFuncNum + "'AND 页面名称='" + strPageName + "' order by 功能编号";
OracleDataReader rdDetail = OracleHelper.ExecuteReader(conn, CommandType.Text, detailQuery, null);
while (rdDetail.Read())
...{
String concreteFunc = rdDetail.GetString(0).ToString();
String concretePageFlag = rdDetail.GetString(1).ToString();
CheckBox chkBox = new CheckBox();
// SN 进行唯一确定
chkBox.ID = rdDetail.GetString(2).ToString().Trim();
chkBox.Text = concreteFunc;
// 判断该checkbox是否被选择 根据该用户是否选择了该功能
if (userFlag(DropDownListUser.SelectedValue.Trim(),chkBox.ID))
...{
chkBox.Checked = true;
}
TableCell tcDetail = new TableCell();
tcDetail.Controls.Add(chkBox);
tr.Cells.Add(tcDetail);
}
rdDetail.Close();
TableFunc.Rows.Add(tr);
}
rdFunc.Close();
}
/**//// <summary>
/// 判断该用户是否选择了该功能
/// </summary>
/// <param name="userName"></param>
/// <param name="id"></param>
/// <returns></returns>
private Boolean userFlag(String userName,String id)
...{
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT 是否可用 FROM userfunction WHERE 用户名='" + userName + "' AND ID='" + id + "'" ;
OracleDataReader rdFlag = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdFlag.Read())
...{
// 页面名称的写出
String flag = rdFlag.GetString(0).Trim();
if (flag.Equals("1"))
return true;
}
rdFlag.Close();
return false;
}
/**//// <summary>
/// 初始化权限
/// </summary>
private void initRights()
...{
//TableRow tr = new TableRow();
//TableCell tc = new TableCell();
//CheckBox chkBox = new CheckBox();
//chkBox.ID = "ttt";
//chkBox.Text = "fff";
//tc.Controls.Add(chkBox);
//Label lbl = new Label();
//lbl.Text = " test";
//tc.Controls.Add(lbl);
//tr.Cells.Add(tc);
//TableFunc.Rows.Add(tr);
//TableRow tr2 = new TableRow();
//TableCell tc2 = new TableCell();
//CheckBox chkBox2 = new CheckBox();
//chkBox2.ID = "ass";
//chkBox2.Text = "xxx";
//tc2.Controls.Add(chkBox2);
//tr2.Cells.Add(tc2);
//TableFunc.Rows.Add(tr2);
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT Distinct 功能编号,页面名称 FROM detailfunction order by 功能编号";
OracleDataReader rdFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdFunc.Read())
...{
// 页面名称的写出
String strFuncNum = rdFunc.GetInt32(0).ToString();
String strPageName = rdFunc.GetString(1).ToString();
TableRow tr = new TableRow();
TableCell tc = new TableCell();
tc.BackColor = Color.RoyalBlue;
Label lbl = new Label();
//lbl.ID = rdFunc.GetString(2).ToString().Trim();
lbl.Text = strPageName;
tc.Controls.Add(lbl);
tr.Cells.Add(tc);
// 该页面对应的具体功能名称等
String detailQuery = "SELECT 具体功能名称,具体功能标志,SN FROM detailfunction WHERE 功能编号='" + strFuncNum + "'AND 页面名称='" + strPageName + "' order by 功能编号";
OracleDataReader rdDetail = OracleHelper.ExecuteReader(conn, CommandType.Text, detailQuery, null);
while (rdDetail.Read())
...{
String concreteFunc = rdDetail.GetString(0).ToString();
String concretePageFlag = rdDetail.GetString(1).ToString();
CheckBox chkBox = new CheckBox();
// SN 进行唯一确定
chkBox.ID = rdDetail.GetString(2).ToString().Trim();
chkBox.Text = concreteFunc;
TableCell tcDetail = new TableCell();
tcDetail.Controls.Add(chkBox);
tr.Cells.Add(tcDetail);
}
rdDetail.Close();
TableFunc.Rows.Add(tr);
}
rdFunc.Close();
}
/**//// <summary>
/// 添加用户权限表
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void ButtonSubmit_Click(object sender, EventArgs e)
...{
// 首先删除用户所有权限
// 添加用户所有权限
// 非用户名
if (DropDownListUser.SelectedItem.Text.Trim().Equals("部门员工"))
...{
Response.Write("请选择用户");
}
else
...{
if (delUserRight())
...{
//for (int i = 0; i < Page.Controls.Count; i++)
//{
// foreach (System.Web.UI.Control control in Page.Controls[i].Controls)
// {
// if (control is Table)
// {
// //if (control is CheckBox)
// //{
// // //btnText.Add(control.ID);
// // //btnText.Add((control as Button).Text);
// // String name = (control as CheckBox).Text;
// // String id = (control as CheckBox).ID;
// // CheckBox temp = (CheckBox)control;
// // if (temp.Checked)
// // {
// // Response.Write(name + " " + id + " " + temp.Checked);
// // }
// //}
// }
// }
//}
}
// 测试代码
//int i = TableFunc.Rows.Count;
//if (TableFunc.Rows[0].FindControl("Button01010101") is CheckBox)
//{
// String name = (TableFunc.FindControl("Button01010101") as CheckBox).Text;
// String id = (TableFunc.FindControl("Button01010101") as CheckBox).ID;
// CheckBox temp = (CheckBox)TableFunc.FindControl("Button01010101");
// if (temp.Checked)
// {
// Response.Write(name + " " + id + " " + temp.Checked);
// }
//}
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT Distinct 功能编号,页面名称 FROM detailfunction order by 功能编号";
OracleDataReader rdFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
int i = 0;
while (rdFunc.Read())
...{
// 页面名称的写出
String strFuncNum = rdFunc.GetInt32(0).ToString();
String strPageName = rdFunc.GetString(1).ToString();
// 该页面对应的具体功能名称等
String detailQuery = "SELECT 具体功能名称,具体功能标志,SN FROM detailfunction WHERE 功能编号='" + strFuncNum + "'AND 页面名称='" + strPageName + "' order by 功能编号";
OracleDataReader rdDetail = OracleHelper.ExecuteReader(conn, CommandType.Text, detailQuery, null);
while (rdDetail.Read())
...{
String concreteFunc = rdDetail.GetString(0).ToString();
String concretePageFlag = rdDetail.GetString(1).ToString();
String concreteid = rdDetail.GetString(2).ToString().Trim();
try
...{
if (TableFunc.Rows[i].FindControl(concreteid) is CheckBox)
...{
String name = (TableFunc.FindControl(concreteid) as CheckBox).Text;
String id = (TableFunc.FindControl(concreteid) as CheckBox).ID;
CheckBox temp = (CheckBox)TableFunc.FindControl(concreteid);
String userName = DropDownListUser.SelectedValue.Trim();
int funcNumber = 0;
String pageID = "";
String pageName = "";
String concreteFuncName = "";
String concreteFuncid = "";
// 根据id主键获取detailFunction表的详细信息
String detailFunctionQuery = "SELECT 功能编号,页面ID,页面名称,具体功能名称,具体功能标志,SN FROM detailfunction WHERE SN='" + id + "'";
OracleDataReader rddetailFunctionQuery = OracleHelper.ExecuteReader(conn, CommandType.Text, detailFunctionQuery, null);
while (rddetailFunctionQuery.Read())
...{
funcNumber = rddetailFunctionQuery.GetInt32(0);
pageID = rddetailFunctionQuery.GetString(1).ToString().Trim();
pageName = rddetailFunctionQuery.GetString(2).ToString().Trim();
concreteFuncName = rddetailFunctionQuery.GetString(3).ToString().Trim();
concreteFuncid = rddetailFunctionQuery.GetString(4).ToString().Trim();
}
rddetailFunctionQuery.Close();
// 该功能被选中
if (temp.Checked)
...{
Response.Write(name + " " + id + " " + temp.Checked);
insertTable(userName, funcNumber, pageID, pageName, concreteFuncName, concreteFuncid, "1", id);
}
else
...{
insertTable(userName, funcNumber, pageID, pageName, concreteFuncName, concreteFuncid, "0", id);
}
}
}
catch (Exception ex)
...{
ex.ToString();
}
}
rdDetail.Close();
// 行自增
i++;
}
rdFunc.Close();
}
}
/**//// <summary>
/// 删除该用户的所有权限
/// </summary>
/// <returns></returns>
private Boolean delUserRight()
...{
String delSql = "DELETE FROM userfunction WHERE 用户名 = '" + DropDownListUser.SelectedValue.Trim() + "'";
OracleConnection conn = new OracleConnection(OracleHelper.DatabaseConnStr);
conn.Open();
OracleTransaction trans = conn.BeginTransaction(IsolationLevel.ReadCommitted);
try
...{
OracleHelper.ExecuteNonQuery(trans, CommandType.Text, delSql, null);
trans.Commit();
}
catch (Exception ex)
...{
trans.Rollback();
ex.ToString();
return false;
}
finally
...{
conn.Close();
}
return true;
}
/**//// <summary>
/// 插入该用户的所有权限
/// </summary>
/// <returns></returns>
private Boolean insertUserRight()
...{
// 查找详细功能列表里的功能
String conn = OracleHelper.DatabaseConnStr;
// 读取详细功能
String querySql = "SELECT 序号,功能编号,页面ID,页面名称,具体功能名称,具体功能标志 FROM detailfunction order by 序号";
OracleDataReader rdDetailFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdDetailFunc.Read())
...{
String strValue = rdDetailFunc.GetString(0).ToString();
String strName = rdDetailFunc.GetString(1).ToString();
// 按照规则进行查找和插入数据库
//insertTable();
}
rdDetailFunc.Close();
return true;
}
/**//// <summary>
/// 插入用户权限数据库
/// </summary>
private void insertTable(String userName,Int32 funcNum,String pageID,String pageName,String funcName,String funcID,String flag,String id)
...{
String sqlInsert = "INSERT INTO userfunction(用户名,功能编号,页面ID,页面名称,具体功能名称,具体功能标志,是否可用,ID) "
+ "VALUES(:yhm,:gnbh,:yeid,:yemc,:jtgnmc,:jtgnbz,:sfky,:id)";
OracleParameter[] parms = ...{
new OracleParameter(":yhm", OracleType.Char, 32),
new OracleParameter(":gnbh", OracleType.Number, 10),
new OracleParameter(":yeid", OracleType.VarChar,256),
new OracleParameter(":yemc", OracleType.VarChar, 256),
new OracleParameter(":jtgnmc", OracleType.VarChar, 256),
new OracleParameter(":jtgnbz", OracleType.Char, 64),
new OracleParameter(":sfky", OracleType.Char, 2),
new OracleParameter(":id", OracleType.Char, 32),
};
parms[0].Value = userName;
parms[1].Value = funcNum;
parms[2].Value = pageID;
parms[3].Value = pageName;
parms[4].Value = funcName;
parms[5].Value = funcID;
parms[6].Value = flag;
parms[7].Value = id;
OracleConnection conn = new OracleConnection(OracleHelper.DatabaseConnStr);
conn.Open();
OracleTransaction trans = conn.BeginTransaction(IsolationLevel.ReadCommitted);
try
...{
OracleHelper.ExecuteNonQuery(trans, CommandType.Text, sqlInsert, parms);
trans.Commit();
}
catch (Exception ex)
...{
trans.Rollback();
ex.ToString();
}
finally
...{
conn.Close();
}
}
}
// Copyright (C) 2007 桂林电子科技大学昊华南方项目组
// 作者:马如林
// 时间:2008/03/08
// 文件名:
// 文件功能描述:
// 用户权限管理
//
//
// 修改标识:
// 修改描述:
//
//----------------------------------------------------------------*/
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Drawing;
using System.Data.OracleClient;
using Hhxx.App_Code.Database;
public partial class InterFace_Rights_UserRights : System.Web.UI.Page
... {
protected void Page_Load(object sender, EventArgs e)
...{
// 每次页面装载即运行
initRights();
if (!Page.IsPostBack)
...{
readDepartment();
}
}
private void readDepartment()
...{
DropDownListDepart.Items.Clear();
String conn = OracleHelper.DatabaseConnStr;
// 读取部门列表
String querySql = "SELECT 名称 FROM XITONGZIDIAN WHERE ID='00000000' ";
OracleDataReader rdDepartment = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdDepartment.Read())
...{
DropDownListDepart.Items.Add(rdDepartment.GetString(0).ToString());
}
rdDepartment.Close();
DropDownListDepart.Items.Add("没有部门人员");
}
/**//// <summary>
/// 部门选择改变
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void DropDownListDepart_SelectedIndexChanged(object sender, EventArgs e)
...{
readDepartmentUser();
}
/**//// <summary>
/// 获取部门用户列表
/// </summary>
private void readDepartmentUser()
...{
DropDownListUser.Items.Clear();
DropDownListUser.Items.Add("部门员工");
DropDownListUser.Items.FindByText("部门员工").Value = "部门员工";
String conn = OracleHelper.DatabaseConnStr;
// 读取部门列表
String querySql = "SELECT 用户名,姓名 FROM userinfor WHERE 所属部门='" + DropDownListDepart.SelectedItem.Text.Trim() +"' and 激活状态='1'";
OracleDataReader rdDepartment = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdDepartment.Read())
...{
String strValue = rdDepartment.GetString(0).ToString();
String strName = rdDepartment.GetString(1).ToString();
DropDownListUser.Items.Add(strName);
DropDownListUser.Items.FindByText(strName).Value = strValue;
}
rdDepartment.Close();
if (DropDownListUser.Items.Count == 0)
...{
DropDownListUser.Items.Add("该部门现在无员工");
DropDownListUser.Items.FindByText("该部门现在无员工").Value = "该部门现在无员工";
}
}
/**//// <summary>
/// 用户名改变
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void DropDownListUser_SelectedIndexChanged(object sender, EventArgs e)
...{
TableFunc.Rows.Clear();
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT Distinct 功能编号,页面名称 FROM detailfunction order by 功能编号";
OracleDataReader rdFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdFunc.Read())
...{
// 页面名称的写出
String strFuncNum = rdFunc.GetInt32(0).ToString();
String strPageName = rdFunc.GetString(1).ToString();
TableRow tr = new TableRow();
TableCell tc = new TableCell();
tc.BackColor = Color.RoyalBlue;
Label lbl = new Label();
//lbl.ID = rdFunc.GetString(2).ToString().Trim();
lbl.Text = strPageName;
tc.Controls.Add(lbl);
tr.Cells.Add(tc);
// 该页面对应的具体功能名称等
String detailQuery = "SELECT 具体功能名称,具体功能标志,SN FROM detailfunction WHERE 功能编号='" + strFuncNum + "'AND 页面名称='" + strPageName + "' order by 功能编号";
OracleDataReader rdDetail = OracleHelper.ExecuteReader(conn, CommandType.Text, detailQuery, null);
while (rdDetail.Read())
...{
String concreteFunc = rdDetail.GetString(0).ToString();
String concretePageFlag = rdDetail.GetString(1).ToString();
CheckBox chkBox = new CheckBox();
// SN 进行唯一确定
chkBox.ID = rdDetail.GetString(2).ToString().Trim();
chkBox.Text = concreteFunc;
// 判断该checkbox是否被选择 根据该用户是否选择了该功能
if (userFlag(DropDownListUser.SelectedValue.Trim(),chkBox.ID))
...{
chkBox.Checked = true;
}
TableCell tcDetail = new TableCell();
tcDetail.Controls.Add(chkBox);
tr.Cells.Add(tcDetail);
}
rdDetail.Close();
TableFunc.Rows.Add(tr);
}
rdFunc.Close();
}
/**//// <summary>
/// 判断该用户是否选择了该功能
/// </summary>
/// <param name="userName"></param>
/// <param name="id"></param>
/// <returns></returns>
private Boolean userFlag(String userName,String id)
...{
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT 是否可用 FROM userfunction WHERE 用户名='" + userName + "' AND ID='" + id + "'" ;
OracleDataReader rdFlag = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdFlag.Read())
...{
// 页面名称的写出
String flag = rdFlag.GetString(0).Trim();
if (flag.Equals("1"))
return true;
}
rdFlag.Close();
return false;
}
/**//// <summary>
/// 初始化权限
/// </summary>
private void initRights()
...{
//TableRow tr = new TableRow();
//TableCell tc = new TableCell();
//CheckBox chkBox = new CheckBox();
//chkBox.ID = "ttt";
//chkBox.Text = "fff";
//tc.Controls.Add(chkBox);
//Label lbl = new Label();
//lbl.Text = " test";
//tc.Controls.Add(lbl);
//tr.Cells.Add(tc);
//TableFunc.Rows.Add(tr);
//TableRow tr2 = new TableRow();
//TableCell tc2 = new TableCell();
//CheckBox chkBox2 = new CheckBox();
//chkBox2.ID = "ass";
//chkBox2.Text = "xxx";
//tc2.Controls.Add(chkBox2);
//tr2.Cells.Add(tc2);
//TableFunc.Rows.Add(tr2);
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT Distinct 功能编号,页面名称 FROM detailfunction order by 功能编号";
OracleDataReader rdFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdFunc.Read())
...{
// 页面名称的写出
String strFuncNum = rdFunc.GetInt32(0).ToString();
String strPageName = rdFunc.GetString(1).ToString();
TableRow tr = new TableRow();
TableCell tc = new TableCell();
tc.BackColor = Color.RoyalBlue;
Label lbl = new Label();
//lbl.ID = rdFunc.GetString(2).ToString().Trim();
lbl.Text = strPageName;
tc.Controls.Add(lbl);
tr.Cells.Add(tc);
// 该页面对应的具体功能名称等
String detailQuery = "SELECT 具体功能名称,具体功能标志,SN FROM detailfunction WHERE 功能编号='" + strFuncNum + "'AND 页面名称='" + strPageName + "' order by 功能编号";
OracleDataReader rdDetail = OracleHelper.ExecuteReader(conn, CommandType.Text, detailQuery, null);
while (rdDetail.Read())
...{
String concreteFunc = rdDetail.GetString(0).ToString();
String concretePageFlag = rdDetail.GetString(1).ToString();
CheckBox chkBox = new CheckBox();
// SN 进行唯一确定
chkBox.ID = rdDetail.GetString(2).ToString().Trim();
chkBox.Text = concreteFunc;
TableCell tcDetail = new TableCell();
tcDetail.Controls.Add(chkBox);
tr.Cells.Add(tcDetail);
}
rdDetail.Close();
TableFunc.Rows.Add(tr);
}
rdFunc.Close();
}
/**//// <summary>
/// 添加用户权限表
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void ButtonSubmit_Click(object sender, EventArgs e)
...{
// 首先删除用户所有权限
// 添加用户所有权限
// 非用户名
if (DropDownListUser.SelectedItem.Text.Trim().Equals("部门员工"))
...{
Response.Write("请选择用户");
}
else
...{
if (delUserRight())
...{
//for (int i = 0; i < Page.Controls.Count; i++)
//{
// foreach (System.Web.UI.Control control in Page.Controls[i].Controls)
// {
// if (control is Table)
// {
// //if (control is CheckBox)
// //{
// // //btnText.Add(control.ID);
// // //btnText.Add((control as Button).Text);
// // String name = (control as CheckBox).Text;
// // String id = (control as CheckBox).ID;
// // CheckBox temp = (CheckBox)control;
// // if (temp.Checked)
// // {
// // Response.Write(name + " " + id + " " + temp.Checked);
// // }
// //}
// }
// }
//}
}
// 测试代码
//int i = TableFunc.Rows.Count;
//if (TableFunc.Rows[0].FindControl("Button01010101") is CheckBox)
//{
// String name = (TableFunc.FindControl("Button01010101") as CheckBox).Text;
// String id = (TableFunc.FindControl("Button01010101") as CheckBox).ID;
// CheckBox temp = (CheckBox)TableFunc.FindControl("Button01010101");
// if (temp.Checked)
// {
// Response.Write(name + " " + id + " " + temp.Checked);
// }
//}
String conn = OracleHelper.DatabaseConnStr;
// 按照功能编号和页面名称进行读取
String querySql = "SELECT Distinct 功能编号,页面名称 FROM detailfunction order by 功能编号";
OracleDataReader rdFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
int i = 0;
while (rdFunc.Read())
...{
// 页面名称的写出
String strFuncNum = rdFunc.GetInt32(0).ToString();
String strPageName = rdFunc.GetString(1).ToString();
// 该页面对应的具体功能名称等
String detailQuery = "SELECT 具体功能名称,具体功能标志,SN FROM detailfunction WHERE 功能编号='" + strFuncNum + "'AND 页面名称='" + strPageName + "' order by 功能编号";
OracleDataReader rdDetail = OracleHelper.ExecuteReader(conn, CommandType.Text, detailQuery, null);
while (rdDetail.Read())
...{
String concreteFunc = rdDetail.GetString(0).ToString();
String concretePageFlag = rdDetail.GetString(1).ToString();
String concreteid = rdDetail.GetString(2).ToString().Trim();
try
...{
if (TableFunc.Rows[i].FindControl(concreteid) is CheckBox)
...{
String name = (TableFunc.FindControl(concreteid) as CheckBox).Text;
String id = (TableFunc.FindControl(concreteid) as CheckBox).ID;
CheckBox temp = (CheckBox)TableFunc.FindControl(concreteid);
String userName = DropDownListUser.SelectedValue.Trim();
int funcNumber = 0;
String pageID = "";
String pageName = "";
String concreteFuncName = "";
String concreteFuncid = "";
// 根据id主键获取detailFunction表的详细信息
String detailFunctionQuery = "SELECT 功能编号,页面ID,页面名称,具体功能名称,具体功能标志,SN FROM detailfunction WHERE SN='" + id + "'";
OracleDataReader rddetailFunctionQuery = OracleHelper.ExecuteReader(conn, CommandType.Text, detailFunctionQuery, null);
while (rddetailFunctionQuery.Read())
...{
funcNumber = rddetailFunctionQuery.GetInt32(0);
pageID = rddetailFunctionQuery.GetString(1).ToString().Trim();
pageName = rddetailFunctionQuery.GetString(2).ToString().Trim();
concreteFuncName = rddetailFunctionQuery.GetString(3).ToString().Trim();
concreteFuncid = rddetailFunctionQuery.GetString(4).ToString().Trim();
}
rddetailFunctionQuery.Close();
// 该功能被选中
if (temp.Checked)
...{
Response.Write(name + " " + id + " " + temp.Checked);
insertTable(userName, funcNumber, pageID, pageName, concreteFuncName, concreteFuncid, "1", id);
}
else
...{
insertTable(userName, funcNumber, pageID, pageName, concreteFuncName, concreteFuncid, "0", id);
}
}
}
catch (Exception ex)
...{
ex.ToString();
}
}
rdDetail.Close();
// 行自增
i++;
}
rdFunc.Close();
}
}
/**//// <summary>
/// 删除该用户的所有权限
/// </summary>
/// <returns></returns>
private Boolean delUserRight()
...{
String delSql = "DELETE FROM userfunction WHERE 用户名 = '" + DropDownListUser.SelectedValue.Trim() + "'";
OracleConnection conn = new OracleConnection(OracleHelper.DatabaseConnStr);
conn.Open();
OracleTransaction trans = conn.BeginTransaction(IsolationLevel.ReadCommitted);
try
...{
OracleHelper.ExecuteNonQuery(trans, CommandType.Text, delSql, null);
trans.Commit();
}
catch (Exception ex)
...{
trans.Rollback();
ex.ToString();
return false;
}
finally
...{
conn.Close();
}
return true;
}
/**//// <summary>
/// 插入该用户的所有权限
/// </summary>
/// <returns></returns>
private Boolean insertUserRight()
...{
// 查找详细功能列表里的功能
String conn = OracleHelper.DatabaseConnStr;
// 读取详细功能
String querySql = "SELECT 序号,功能编号,页面ID,页面名称,具体功能名称,具体功能标志 FROM detailfunction order by 序号";
OracleDataReader rdDetailFunc = OracleHelper.ExecuteReader(conn, CommandType.Text, querySql, null);
while (rdDetailFunc.Read())
...{
String strValue = rdDetailFunc.GetString(0).ToString();
String strName = rdDetailFunc.GetString(1).ToString();
// 按照规则进行查找和插入数据库
//insertTable();
}
rdDetailFunc.Close();
return true;
}
/**//// <summary>
/// 插入用户权限数据库
/// </summary>
private void insertTable(String userName,Int32 funcNum,String pageID,String pageName,String funcName,String funcID,String flag,String id)
...{
String sqlInsert = "INSERT INTO userfunction(用户名,功能编号,页面ID,页面名称,具体功能名称,具体功能标志,是否可用,ID) "
+ "VALUES(:yhm,:gnbh,:yeid,:yemc,:jtgnmc,:jtgnbz,:sfky,:id)";
OracleParameter[] parms = ...{
new OracleParameter(":yhm", OracleType.Char, 32),
new OracleParameter(":gnbh", OracleType.Number, 10),
new OracleParameter(":yeid", OracleType.VarChar,256),
new OracleParameter(":yemc", OracleType.VarChar, 256),
new OracleParameter(":jtgnmc", OracleType.VarChar, 256),
new OracleParameter(":jtgnbz", OracleType.Char, 64),
new OracleParameter(":sfky", OracleType.Char, 2),
new OracleParameter(":id", OracleType.Char, 32),
};
parms[0].Value = userName;
parms[1].Value = funcNum;
parms[2].Value = pageID;
parms[3].Value = pageName;
parms[4].Value = funcName;
parms[5].Value = funcID;
parms[6].Value = flag;
parms[7].Value = id;
OracleConnection conn = new OracleConnection(OracleHelper.DatabaseConnStr);
conn.Open();
OracleTransaction trans = conn.BeginTransaction(IsolationLevel.ReadCommitted);
try
...{
OracleHelper.ExecuteNonQuery(trans, CommandType.Text, sqlInsert, parms);
trans.Commit();
}
catch (Exception ex)
...{
trans.Rollback();
ex.ToString();
}
finally
...{
conn.Close();
}
}
}
运行界面:
<script type="text/javascript"> </script>
信息发布 | |||||
发布审批 | |||||
国内新闻 | |||||
奖罚登记 |
基本功能具备。
<script type="text/javascript"> </script>
信息发布 | |||||
发布审批 | |||||
国内新闻 | |||||
奖罚登记 |
在用户判断时可以根据页面和控件名称进行判定。