2016-10-22 16:58:31 +08:00
using Longbow.Caching ;
using Longbow.Caching.Configuration ;
2016-10-29 09:24:55 +08:00
using Longbow.Data ;
2016-10-22 16:58:31 +08:00
using Longbow.ExceptionManagement ;
2016-10-23 15:46:18 +08:00
using Longbow.Security ;
2016-10-22 16:58:31 +08:00
using System ;
using System.Collections.Generic ;
using System.Data ;
using System.Data.Common ;
2016-10-28 20:18:12 +08:00
using System.Data.SqlClient ;
2016-10-22 16:58:31 +08:00
using System.Globalization ;
using System.Linq ;
namespace Bootstrap.DataAccess
{
/// <summary>
/// 用户表相关操作类
/// </summary>
public static class UserHelper
{
private const string UserDataKey = "UserData-CodeUserHelper" ;
2016-10-24 01:01:29 +08:00
private const string UserDisplayNameDataKey = "UserData-CodeUserHelper-" ;
2016-10-28 20:18:12 +08:00
private const string UserRoleIDDataKey = "UserData-CodeUserHelper-Role-" ;
2016-10-29 17:38:23 +08:00
private const string UserGroupIDDataKey = "UserData-CodeUserHelper-Group-" ;
2016-10-22 16:58:31 +08:00
/// <summary>
/// 查询所有用户
/// </summary>
/// <param name="pIds"></param>
/// <returns></returns>
public static IEnumerable < User > RetrieveUsers ( string tId = null )
{
2016-10-24 01:01:29 +08:00
string sql = "select ID, UserName, DisplayName from Users" ;
2016-10-22 16:58:31 +08:00
var ret = CacheManager . GetOrAdd ( UserDataKey , CacheSection . RetrieveIntervalByKey ( UserDataKey ) , key = >
{
List < User > Users = new List < User > ( ) ;
DbCommand cmd = DBAccessManager . SqlDBAccess . CreateCommand ( CommandType . Text , sql ) ;
try
{
using ( DbDataReader reader = DBAccessManager . SqlDBAccess . ExecuteReader ( cmd ) )
{
while ( reader . Read ( ) )
{
Users . Add ( new User ( )
{
ID = ( int ) reader [ 0 ] ,
2016-10-24 01:01:29 +08:00
UserName = ( string ) reader [ 1 ] ,
DisplayName = ( string ) reader [ 2 ]
2016-10-22 16:58:31 +08:00
} ) ;
}
}
}
catch ( Exception ex ) { ExceptionManager . Publish ( ex ) ; }
return Users ;
} , CacheSection . RetrieveDescByKey ( UserDataKey ) ) ;
return string . IsNullOrEmpty ( tId ) ? ret : ret . Where ( t = > tId . Equals ( t . ID . ToString ( ) , StringComparison . OrdinalIgnoreCase ) ) ;
}
/// <summary>
2016-10-24 19:59:07 +08:00
/// 根据用户名查询用户
2016-10-23 15:46:18 +08:00
/// </summary>
/// <param name="userName"></param>
/// <returns></returns>
2016-10-24 01:01:29 +08:00
public static User RetrieveUsersByName ( string userName )
2016-10-23 15:46:18 +08:00
{
2016-10-24 01:01:29 +08:00
string key = string . Format ( "{0}{1}" , UserDisplayNameDataKey , userName ) ;
return CacheManager . GetOrAdd ( key , CacheSection . RetrieveIntervalByKey ( UserDisplayNameDataKey ) , k = >
2016-10-23 15:46:18 +08:00
{
2016-10-24 01:01:29 +08:00
User user = null ;
string sql = "select ID, UserName, [Password], PassSalt, DisplayName from Users where UserName = @UserName" ;
DbCommand cmd = DBAccessManager . SqlDBAccess . CreateCommand ( CommandType . Text , sql ) ;
try
2016-10-23 15:46:18 +08:00
{
2016-10-24 01:01:29 +08:00
cmd . Parameters . Add ( DBAccessManager . SqlDBAccess . CreateParameter ( "@UserName" , userName , ParameterDirection . Input ) ) ;
using ( DbDataReader reader = DBAccessManager . SqlDBAccess . ExecuteReader ( cmd ) )
2016-10-23 15:46:18 +08:00
{
2016-10-24 01:01:29 +08:00
if ( reader . Read ( ) )
2016-10-23 15:46:18 +08:00
{
2016-10-24 01:01:29 +08:00
user = new User ( )
{
ID = ( int ) reader [ 0 ] ,
UserName = ( string ) reader [ 1 ] ,
Password = ( string ) reader [ 2 ] ,
PassSalt = ( string ) reader [ 3 ] ,
DisplayName = ( string ) reader [ 4 ]
} ;
}
2016-10-23 15:46:18 +08:00
}
}
2016-10-24 01:01:29 +08:00
catch ( Exception ex ) { ExceptionManager . Publish ( ex ) ; }
return user ;
} , CacheSection . RetrieveDescByKey ( UserDisplayNameDataKey ) ) ;
2016-10-23 15:46:18 +08:00
}
/// <summary>
2016-10-22 16:58:31 +08:00
/// 删除用户
/// </summary>
/// <param name="ids"></param>
2016-10-22 20:55:07 +08:00
public static bool DeleteUser ( string ids )
2016-10-22 16:58:31 +08:00
{
2016-10-22 20:55:07 +08:00
bool ret = false ;
if ( string . IsNullOrEmpty ( ids ) | | ids . Contains ( "'" ) ) return ret ;
try
2016-10-22 16:58:31 +08:00
{
2016-10-22 20:55:07 +08:00
string sql = string . Format ( CultureInfo . InvariantCulture , "Delete from Users where ID in ({0})" , ids ) ;
using ( DbCommand cmd = DBAccessManager . SqlDBAccess . CreateCommand ( CommandType . Text , sql ) )
{
DBAccessManager . SqlDBAccess . ExecuteNonQuery ( cmd ) ;
}
2016-10-22 16:58:31 +08:00
ClearCache ( ) ;
2016-10-22 20:55:07 +08:00
ret = true ;
2016-10-22 16:58:31 +08:00
}
2016-10-22 20:55:07 +08:00
catch ( Exception ex )
{
ExceptionManager . Publish ( ex ) ;
}
return ret ;
2016-10-22 16:58:31 +08:00
}
/// <summary>
/// 保存新建/更新的用户信息
/// </summary>
/// <param name="p"></param>
/// <returns></returns>
public static bool SaveUser ( User p )
{
if ( p = = null ) throw new ArgumentNullException ( "p" ) ;
bool ret = false ;
if ( p . UserName . Length > 50 ) p . UserName . Substring ( 0 , 50 ) ;
2016-10-23 15:46:18 +08:00
p . PassSalt = LgbCryptography . GenerateSalt ( ) ;
p . Password = LgbCryptography . ComputeHash ( p . Password , p . PassSalt ) ;
2016-10-24 19:59:07 +08:00
if ( p . DisplayName . Length > 50 ) p . DisplayName . Substring ( 0 , 50 ) ;
2016-10-22 16:58:31 +08:00
string sql = p . ID = = 0 ?
2016-10-24 01:01:29 +08:00
"Insert Into Users (UserName, Password, PassSalt, DisplayName) Values (@UserName, @Password, @PassSalt, @DisplayName)" :
"Update Users set UserName = @UserName, Password = @Password, PassSalt = @PassSalt, DisplayName = @DisplayName where ID = @ID" ;
2016-10-22 16:58:31 +08:00
try
{
using ( DbCommand cmd = DBAccessManager . SqlDBAccess . CreateCommand ( CommandType . Text , sql ) )
{
cmd . Parameters . Add ( DBAccessManager . SqlDBAccess . CreateParameter ( "@ID" , p . ID , ParameterDirection . Input ) ) ;
cmd . Parameters . Add ( DBAccessManager . SqlDBAccess . CreateParameter ( "@UserName" , p . UserName , ParameterDirection . Input ) ) ;
cmd . Parameters . Add ( DBAccessManager . SqlDBAccess . CreateParameter ( "@Password" , p . Password , ParameterDirection . Input ) ) ;
2016-10-23 15:46:18 +08:00
cmd . Parameters . Add ( DBAccessManager . SqlDBAccess . CreateParameter ( "@PassSalt" , p . PassSalt , ParameterDirection . Input ) ) ;
2016-10-24 01:01:29 +08:00
cmd . Parameters . Add ( DBAccessManager . SqlDBAccess . CreateParameter ( "@DisplayName" , p . DisplayName , ParameterDirection . Input ) ) ;
2016-10-22 16:58:31 +08:00
DBAccessManager . SqlDBAccess . ExecuteNonQuery ( cmd ) ;
}
ret = true ;
ClearCache ( ) ;
}
catch ( DbException ex )
{
ExceptionManager . Publish ( ex ) ;
}
return ret ;
}
2016-10-23 15:46:18 +08:00
/// <summary>
/// 验证用户登陆账号与密码正确
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <returns></returns>
public static bool Authenticate ( string userName , string password )
{
var user = RetrieveUsersByName ( userName ) ;
return user ! = null & & user . Password = = LgbCryptography . ComputeHash ( password , user . PassSalt ) ;
}
2016-10-22 16:58:31 +08:00
// 更新缓存
2016-10-31 15:55:31 +08:00
private static void ClearCache ( string cacheKey = null )
2016-10-22 16:58:31 +08:00
{
2016-10-31 15:55:31 +08:00
CacheManager . Clear ( key = > string . IsNullOrEmpty ( cacheKey ) | | key = = cacheKey ) ;
2016-10-28 20:18:12 +08:00
}
/// <summary>
/// 通过roleId获取所有用户
/// </summary>
/// <param name="roleId"></param>
/// <returns></returns>
public static IEnumerable < User > RetrieveUsersByRoleId ( int roleId )
{
string key = string . Format ( "{0}{1}" , UserRoleIDDataKey , roleId ) ;
return CacheManager . GetOrAdd ( key , CacheSection . RetrieveIntervalByKey ( UserDisplayNameDataKey ) , k = >
{
List < User > Users = new List < User > ( ) ;
string sql = "select u.ID,u.UserName,u.DisplayName,case ur.UserID when u.ID then 'checked' else '' end [status] from Users u left join UserRole ur on u.ID=ur.UserID and RoleID =@RoleID" ;
DbCommand cmd = DBAccessManager . SqlDBAccess . CreateCommand ( CommandType . Text , sql ) ;
cmd . Parameters . Add ( DBAccessManager . SqlDBAccess . CreateParameter ( "@RoleID" , roleId , ParameterDirection . Input ) ) ;
try
{
using ( DbDataReader reader = DBAccessManager . SqlDBAccess . ExecuteReader ( cmd ) )
{
while ( reader . Read ( ) )
{
Users . Add ( new User ( )
{
ID = ( int ) reader [ 0 ] ,
UserName = ( string ) reader [ 1 ] ,
DisplayName = ( string ) reader [ 2 ] ,
Checked = ( string ) reader [ 3 ]
} ) ;
}
}
}
catch ( Exception ex ) { ExceptionManager . Publish ( ex ) ; }
return Users ;
} , CacheSection . RetrieveDescByKey ( UserRoleIDDataKey ) ) ;
}
/// <summary>
/// 通过角色ID保存当前授权用户( 插入)
/// </summary>
/// <param name="id">角色ID</param>
/// <param name="value">用户ID数组</param>
/// <returns></returns>
2016-10-29 09:24:55 +08:00
public static bool SaveUsersByRoleId ( int id , string userIds )
2016-10-28 20:18:12 +08:00
{
2016-10-29 09:24:55 +08:00
bool ret = false ;
2016-10-28 20:18:12 +08:00
DataTable dt = new DataTable ( ) ;
dt . Columns . Add ( "RoleID" , typeof ( int ) ) ;
dt . Columns . Add ( "UserID" , typeof ( int ) ) ;
2016-10-29 09:24:55 +08:00
if ( ! string . IsNullOrEmpty ( userIds ) )
2016-10-28 20:18:12 +08:00
{
2016-10-29 09:24:55 +08:00
userIds . Split ( ',' ) . ToList ( ) . ForEach ( userId = >
2016-10-28 20:18:12 +08:00
{
DataRow dr = dt . NewRow ( ) ;
2016-10-29 09:24:55 +08:00
dt . Rows . Add ( id , userId ) ;
} ) ;
2016-10-28 20:18:12 +08:00
}
2016-10-29 09:24:55 +08:00
using ( TransactionPackage transaction = DBAccessManager . SqlDBAccess . BeginTransaction ( ) )
2016-10-28 20:18:12 +08:00
{
2016-10-29 09:24:55 +08:00
try
2016-10-28 20:18:12 +08:00
{
2016-10-29 09:24:55 +08:00
//删除用户角色表该角色所有的用户
2016-10-31 15:55:31 +08:00
string sql = "delete from UserRole where RoleID=@RoleID" ;
2016-10-29 09:24:55 +08:00
using ( DbCommand cmd = DBAccessManager . SqlDBAccess . CreateCommand ( CommandType . Text , sql ) )
2016-10-28 20:18:12 +08:00
{
2016-10-29 09:24:55 +08:00
cmd . Parameters . Add ( DBAccessManager . SqlDBAccess . CreateParameter ( "@RoleID" , id , ParameterDirection . Input ) ) ;
DBAccessManager . SqlDBAccess . ExecuteNonQuery ( cmd , transaction ) ;
//批插入用户角色表
using ( SqlBulkCopy bulk = new SqlBulkCopy ( ( SqlConnection ) transaction . Transaction . Connection , SqlBulkCopyOptions . Default , ( SqlTransaction ) transaction . Transaction ) )
{
bulk . DestinationTableName = "UserRole" ;
bulk . ColumnMappings . Add ( "RoleID" , "RoleID" ) ;
bulk . ColumnMappings . Add ( "UserID" , "UserID" ) ;
bulk . WriteToServer ( dt ) ;
transaction . CommitTransaction ( ) ;
}
2016-10-28 20:18:12 +08:00
}
2016-10-29 09:24:55 +08:00
ret = true ;
2016-10-28 20:18:12 +08:00
ClearCache ( ) ;
2016-10-29 09:24:55 +08:00
}
catch ( Exception ex )
{
ExceptionManager . Publish ( ex ) ;
transaction . RollbackTransaction ( ) ;
2016-10-28 20:18:12 +08:00
}
}
2016-10-29 09:24:55 +08:00
return ret ;
2016-10-22 16:58:31 +08:00
}
2016-10-29 17:38:23 +08:00
/// <summary>
/// 通过groupId获取所有用户
/// </summary>
/// <param name="roleId"></param>
/// <returns></returns>
public static IEnumerable < User > RetrieveUsersByGroupId ( int groupId )
{
string key = string . Format ( "{0}{1}" , UserGroupIDDataKey , groupId ) ;
return CacheManager . GetOrAdd ( key , CacheSection . RetrieveIntervalByKey ( UserGroupIDDataKey ) , k = >
{
List < User > Users = new List < User > ( ) ;
string sql = "select u.ID,u.UserName,u.DisplayName,case ur.UserID when u.ID then 'checked' else '' end [status] from Users u left join UserGroup ur on u.ID=ur.UserID and GroupID =@groupId" ;
DbCommand cmd = DBAccessManager . SqlDBAccess . CreateCommand ( CommandType . Text , sql ) ;
cmd . Parameters . Add ( DBAccessManager . SqlDBAccess . CreateParameter ( "@GroupID" , groupId , ParameterDirection . Input ) ) ;
try
{
using ( DbDataReader reader = DBAccessManager . SqlDBAccess . ExecuteReader ( cmd ) )
{
while ( reader . Read ( ) )
{
Users . Add ( new User ( )
{
ID = ( int ) reader [ 0 ] ,
UserName = ( string ) reader [ 1 ] ,
DisplayName = ( string ) reader [ 2 ] ,
Checked = ( string ) reader [ 3 ]
} ) ;
}
}
}
catch ( Exception ex ) { ExceptionManager . Publish ( ex ) ; }
return Users ;
} , CacheSection . RetrieveDescByKey ( UserRoleIDDataKey ) ) ;
}
/// <summary>
/// 通过部门ID保存当前授权用户( 插入)
/// </summary>
/// <param name="id">GroupID</param>
/// <param name="value">用户ID数组</param>
/// <returns></returns>
public static bool SaveUsersByGroupId ( int id , string userIds )
{
bool ret = false ;
DataTable dt = new DataTable ( ) ;
dt . Columns . Add ( "UserID" , typeof ( int ) ) ;
dt . Columns . Add ( "GroupID" , typeof ( int ) ) ;
if ( ! string . IsNullOrEmpty ( userIds ) )
{
userIds . Split ( ',' ) . ToList ( ) . ForEach ( userId = >
{
DataRow dr = dt . NewRow ( ) ;
dt . Rows . Add ( userId , id ) ;
} ) ;
}
using ( TransactionPackage transaction = DBAccessManager . SqlDBAccess . BeginTransaction ( ) )
{
try
{
//删除用户角色表该角色所有的用户
2016-10-31 15:55:31 +08:00
string sql = "delete from UserGroup where GroupID=@GroupID" ;
2016-10-29 17:38:23 +08:00
using ( DbCommand cmd = DBAccessManager . SqlDBAccess . CreateCommand ( CommandType . Text , sql ) )
{
2016-10-31 15:55:31 +08:00
cmd . Parameters . Add ( DBAccessManager . SqlDBAccess . CreateParameter ( "@GroupID" , id , ParameterDirection . Input ) ) ;
2016-10-29 17:38:23 +08:00
DBAccessManager . SqlDBAccess . ExecuteNonQuery ( cmd , transaction ) ;
//批插入用户角色表
using ( SqlBulkCopy bulk = new SqlBulkCopy ( ( SqlConnection ) transaction . Transaction . Connection , SqlBulkCopyOptions . Default , ( SqlTransaction ) transaction . Transaction ) )
{
bulk . DestinationTableName = "UserGroup" ;
bulk . ColumnMappings . Add ( "UserID" , "UserID" ) ;
bulk . ColumnMappings . Add ( "GroupID" , "GroupID" ) ;
bulk . WriteToServer ( dt ) ;
transaction . CommitTransaction ( ) ;
}
}
ret = true ;
ClearCache ( ) ;
}
catch ( Exception ex )
{
ExceptionManager . Publish ( ex ) ;
transaction . RollbackTransaction ( ) ;
}
}
return ret ;
}
2016-10-22 16:58:31 +08:00
}
}