C/S应用程序权限设计(2)
上一篇中,简单的说了一下,如何从窗体中获取所有的权限对象(我一般都称为权限实体),对于数据库开发而言,比较多的都是判断,当前用户是否有添加,查看,编辑,删除的权限.当然还有其它扩展的,如审核之类的.
下面就来说说权限实体 Lily.ComponentFramework.PermissionBase 要实现,我这样的权限管理,并不需要按我的权限实体来设计,当然你的系统必须要采用类似于ORM的东西或是有把表映射为对象的东西.Lily.ComponentFramework.PermissionBase就是从已有的实体对象继承而来的(我系统的ORM是一个轻量经的)
首先来看看,添加,查看,编辑,删除权限的实现
'''
-----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是添加的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasAdd() As Boolean
Get
Return Me .Has( " 添加 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有删除的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasDelete() As Boolean
Get
Return Me .Has( " 删除 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有更改的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasModify() As Boolean
Get
Return Me .Has( " 修改 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是有查看的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasLook() As Boolean
Get
Return Me .Has( " 查看 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有执行某项操作的权限.
''' </summary>
''' <param name="strDo"> 操作 </param>
''' <returns></returns>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-25 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable Function Has( ByVal strDo As String ) As Boolean
If strDo Is Nothing OrElse strDo.Length = 0 Then
Return True
Else
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.Has( Me , strDo)
Else
Return True
End If
End If
End Function
''' <summary>
''' 判断当前用户是否是添加的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasAdd() As Boolean
Get
Return Me .Has( " 添加 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有删除的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasDelete() As Boolean
Get
Return Me .Has( " 删除 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有更改的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasModify() As Boolean
Get
Return Me .Has( " 修改 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是有查看的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasLook() As Boolean
Get
Return Me .Has( " 查看 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有执行某项操作的权限.
''' </summary>
''' <param name="strDo"> 操作 </param>
''' <returns></returns>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-25 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable Function Has( ByVal strDo As String ) As Boolean
If strDo Is Nothing OrElse strDo.Length = 0 Then
Return True
Else
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.Has( Me , strDo)
Else
Return True
End If
End If
End Function
上面就是这个实体内置的几个权限判断方面的方法,其实最重要的就是Has方法,这里是通过另一个类进行权限判断的,实现细节,到以后的章节介绍.比如:我一个订单表,对应了一个实体对象,并且继承于PermissionBase.如果需要增加一个对订单批准的权限只需增加一个方法HasApprove 代码可以简单为 return has("批准") 即可.
下面来看一下,此对象的完整实现
'''
-----------------------------------------------------------------------------
''' Project : Lily.ComponentFramework
''' Class : ComponentFramework.PermissionBase
'''
''' -----------------------------------------------------------------------------
''' <summary>
''' 权限实体基类.
''' </summary>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2007-03-28 Created
''' </history>
''' -----------------------------------------------------------------------------
Public MustInherit Class PermissionBase
Inherits EntityBase
#Region "类实例化"
Public Sub New ()
MyBase .New()
End Sub
#End Region
#Region "访问控制"
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是添加的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasAdd() As Boolean
Get
Return Me .Has( " 添加 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有删除的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasDelete() As Boolean
Get
Return Me .Has( " 删除 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有更改的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasModify() As Boolean
Get
Return Me .Has( " 修改 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是有查看的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasLook() As Boolean
Get
Return Me .Has( " 查看 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有执行某项操作的权限.
''' </summary>
''' <param name="strDo"> 操作 </param>
''' <returns></returns>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-25 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable Function Has( ByVal strDo As String ) As Boolean
If strDo Is Nothing OrElse strDo.Length = 0 Then
Return True
Else
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.Has( Me , strDo)
Else
Return True
End If
End If
End Function
#End Region
#Region "资源权限"
''' -----------------------------------------------------------------------------
''' <summary>
''' 筛选表达式.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-22 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property Filter () As IExpression
Get
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.FilterExpression( Me )
End If
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 返回当前实体有那些字段对于当前用户设置了,不可见.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2007-03-09 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HideFields() As String ()
Get
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.HideAttribute( Me )
End If
End Get
End Property
#End Region
#Region "重写基类方法"
Public Overloads Overrides Function Retrieve( ByVal row As System.Data.DataRow, ByVal attributename() As String ) As Boolean
If row Is Nothing Then
Return False
End If
If attributename Is Nothing OrElse attributename.Length = 0 Then
Return False
End If
If Me .HideFields Is Nothing OrElse Me .HideFields.Length = 0 Then
Return MyBase .Retrieve(row, attributename)
Else
Dim name() As String
Dim m As Integer
For i As Integer = attributename.Length - 1 To 0 Step - 1
If Array.IndexOf( Me .HideFields, attributename(i)) = - 1 Then
ReDim Preserve name(m)
name(m) = attributename(i)
m += 1
End If
Next
Return MyBase .Retrieve(row, name)
End If
End Function
Public Overloads Overrides Function Retrieve( ByVal dr As System.Data.IDataRecord, ByVal attributename() As String ) As Boolean
If dr Is Nothing Then
Return False
End If
If attributename Is Nothing OrElse attributename.Length = 0 Then
Return False
End If
If Me .HideFields Is Nothing OrElse Me .HideFields.Length = 0 Then
Return MyBase .Retrieve(dr, attributename)
Else
Dim name() As String
Dim m As Integer
For i As Integer = attributename.Length - 1 To 0 Step - 1
If Array.IndexOf( Me .HideFields, attributename(i)) = - 1 Then
ReDim Preserve name(m)
name(m) = attributename(i)
m += 1
End If
Next
Return MyBase .Retrieve(dr, name)
End If
End Function
#End Region
#Region "实体其它方法"
Public Overrides ReadOnly Property AutoIncrement() As Core.IEntityField
Get
Return Nothing
End Get
End Property
Public Overrides ReadOnly Property TableName() As String
Get
Throw New FrameworkException( " 没有指定实体对象的TableName. " )
End Get
End Property
#End Region
End Class
''' Project : Lily.ComponentFramework
''' Class : ComponentFramework.PermissionBase
'''
''' -----------------------------------------------------------------------------
''' <summary>
''' 权限实体基类.
''' </summary>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2007-03-28 Created
''' </history>
''' -----------------------------------------------------------------------------
Public MustInherit Class PermissionBase
Inherits EntityBase
#Region "类实例化"
Public Sub New ()
MyBase .New()
End Sub
#End Region
#Region "访问控制"
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是添加的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasAdd() As Boolean
Get
Return Me .Has( " 添加 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有删除的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasDelete() As Boolean
Get
Return Me .Has( " 删除 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有更改的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasModify() As Boolean
Get
Return Me .Has( " 修改 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是有查看的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasLook() As Boolean
Get
Return Me .Has( " 查看 " )
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有执行某项操作的权限.
''' </summary>
''' <param name="strDo"> 操作 </param>
''' <returns></returns>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-25 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable Function Has( ByVal strDo As String ) As Boolean
If strDo Is Nothing OrElse strDo.Length = 0 Then
Return True
Else
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.Has( Me , strDo)
Else
Return True
End If
End If
End Function
#End Region
#Region "资源权限"
''' -----------------------------------------------------------------------------
''' <summary>
''' 筛选表达式.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-22 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property Filter () As IExpression
Get
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.FilterExpression( Me )
End If
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 返回当前实体有那些字段对于当前用户设置了,不可见.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2007-03-09 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HideFields() As String ()
Get
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.HideAttribute( Me )
End If
End Get
End Property
#End Region
#Region "重写基类方法"
Public Overloads Overrides Function Retrieve( ByVal row As System.Data.DataRow, ByVal attributename() As String ) As Boolean
If row Is Nothing Then
Return False
End If
If attributename Is Nothing OrElse attributename.Length = 0 Then
Return False
End If
If Me .HideFields Is Nothing OrElse Me .HideFields.Length = 0 Then
Return MyBase .Retrieve(row, attributename)
Else
Dim name() As String
Dim m As Integer
For i As Integer = attributename.Length - 1 To 0 Step - 1
If Array.IndexOf( Me .HideFields, attributename(i)) = - 1 Then
ReDim Preserve name(m)
name(m) = attributename(i)
m += 1
End If
Next
Return MyBase .Retrieve(row, name)
End If
End Function
Public Overloads Overrides Function Retrieve( ByVal dr As System.Data.IDataRecord, ByVal attributename() As String ) As Boolean
If dr Is Nothing Then
Return False
End If
If attributename Is Nothing OrElse attributename.Length = 0 Then
Return False
End If
If Me .HideFields Is Nothing OrElse Me .HideFields.Length = 0 Then
Return MyBase .Retrieve(dr, attributename)
Else
Dim name() As String
Dim m As Integer
For i As Integer = attributename.Length - 1 To 0 Step - 1
If Array.IndexOf( Me .HideFields, attributename(i)) = - 1 Then
ReDim Preserve name(m)
name(m) = attributename(i)
m += 1
End If
Next
Return MyBase .Retrieve(dr, name)
End If
End Function
#End Region
#Region "实体其它方法"
Public Overrides ReadOnly Property AutoIncrement() As Core.IEntityField
Get
Return Nothing
End Get
End Property
Public Overrides ReadOnly Property TableName() As String
Get
Throw New FrameworkException( " 没有指定实体对象的TableName. " )
End Get
End Property
#End Region
End Class
属性:Filter是用于控制用户只能获取那部份记录!如:只能显示自己的订单
属性:HideFields是当前用户不能查看的字段有那些.
待续