C/S应用程序权限设计(2)
上一篇中,简单的说了一下,如何从窗体中获取所有的权限对象(我一般都称为权限实体),对于数据库开发而言,比较多的都是判断,当前用户是否有添加,查看,编辑,删除的权限.当然还有其它扩展的,如审核之类的.
下面就来说说权限实体 Lily.ComponentFramework.PermissionBase 要实现,我这样的权限管理,并不需要按我的权限实体来设计,当然你的系统必须要采用类似于ORM的东西或是有把表映射为对象的东西.Lily.ComponentFramework.PermissionBase就是从已有的实体对象继承而来的(我系统的ORM是一个轻量经的)
首先来看看,添加,查看,编辑,删除权限的实现
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是添加的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasAdd() As Boolean
Get
Return Me.Has("添加")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有删除的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasDelete() As Boolean
Get
Return Me.Has("删除")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有更改的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasModify() As Boolean
Get
Return Me.Has("修改")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是有查看的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasLook() As Boolean
Get
Return Me.Has("查看")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有执行某项操作的权限.
''' </summary>
''' <param name="strDo">操作</param>
''' <returns></returns>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-25 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable Function Has(ByVal strDo As String) As Boolean
If strDo Is Nothing OrElse strDo.Length = 0 Then
Return True
Else
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.Has(Me, strDo)
Else
Return True
End If
End If
End Function
''' <summary>
''' 判断当前用户是否是添加的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasAdd() As Boolean
Get
Return Me.Has("添加")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有删除的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasDelete() As Boolean
Get
Return Me.Has("删除")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有更改的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasModify() As Boolean
Get
Return Me.Has("修改")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是有查看的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasLook() As Boolean
Get
Return Me.Has("查看")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有执行某项操作的权限.
''' </summary>
''' <param name="strDo">操作</param>
''' <returns></returns>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-25 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable Function Has(ByVal strDo As String) As Boolean
If strDo Is Nothing OrElse strDo.Length = 0 Then
Return True
Else
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.Has(Me, strDo)
Else
Return True
End If
End If
End Function
上面就是这个实体内置的几个权限判断方面的方法,其实最重要的就是Has方法,这里是通过另一个类进行权限判断的,实现细节,到以后的章节介绍.比如:我一个订单表,对应了一个实体对象,并且继承于PermissionBase.如果需要增加一个对订单批准的权限只需增加一个方法HasApprove 代码可以简单为 return has("批准") 即可.
下面来看一下,此对象的完整实现
''' -----------------------------------------------------------------------------
''' Project : Lily.ComponentFramework
''' Class : ComponentFramework.PermissionBase
'''
''' -----------------------------------------------------------------------------
''' <summary>
''' 权限实体基类.
''' </summary>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2007-03-28 Created
''' </history>
''' -----------------------------------------------------------------------------
Public MustInherit Class PermissionBase
Inherits EntityBase
#Region "类实例化"
Public Sub New()
MyBase.New()
End Sub
#End Region
#Region "访问控制"
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是添加的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasAdd() As Boolean
Get
Return Me.Has("添加")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有删除的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasDelete() As Boolean
Get
Return Me.Has("删除")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有更改的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasModify() As Boolean
Get
Return Me.Has("修改")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是有查看的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasLook() As Boolean
Get
Return Me.Has("查看")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有执行某项操作的权限.
''' </summary>
''' <param name="strDo">操作</param>
''' <returns></returns>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-25 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable Function Has(ByVal strDo As String) As Boolean
If strDo Is Nothing OrElse strDo.Length = 0 Then
Return True
Else
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.Has(Me, strDo)
Else
Return True
End If
End If
End Function
#End Region
#Region "资源权限"
''' -----------------------------------------------------------------------------
''' <summary>
''' 筛选表达式.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-22 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property Filter() As IExpression
Get
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.FilterExpression(Me)
End If
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 返回当前实体有那些字段对于当前用户设置了,不可见.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2007-03-09 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HideFields() As String()
Get
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.HideAttribute(Me)
End If
End Get
End Property
#End Region
#Region "重写基类方法"
Public Overloads Overrides Function Retrieve(ByVal row As System.Data.DataRow, ByVal attributename() As String) As Boolean
If row Is Nothing Then
Return False
End If
If attributename Is Nothing OrElse attributename.Length = 0 Then
Return False
End If
If Me.HideFields Is Nothing OrElse Me.HideFields.Length = 0 Then
Return MyBase.Retrieve(row, attributename)
Else
Dim name() As String
Dim m As Integer
For i As Integer = attributename.Length - 1 To 0 Step -1
If Array.IndexOf(Me.HideFields, attributename(i)) = -1 Then
ReDim Preserve name(m)
name(m) = attributename(i)
m += 1
End If
Next
Return MyBase.Retrieve(row, name)
End If
End Function
Public Overloads Overrides Function Retrieve(ByVal dr As System.Data.IDataRecord, ByVal attributename() As String) As Boolean
If dr Is Nothing Then
Return False
End If
If attributename Is Nothing OrElse attributename.Length = 0 Then
Return False
End If
If Me.HideFields Is Nothing OrElse Me.HideFields.Length = 0 Then
Return MyBase.Retrieve(dr, attributename)
Else
Dim name() As String
Dim m As Integer
For i As Integer = attributename.Length - 1 To 0 Step -1
If Array.IndexOf(Me.HideFields, attributename(i)) = -1 Then
ReDim Preserve name(m)
name(m) = attributename(i)
m += 1
End If
Next
Return MyBase.Retrieve(dr, name)
End If
End Function
#End Region
#Region "实体其它方法"
Public Overrides ReadOnly Property AutoIncrement() As Core.IEntityField
Get
Return Nothing
End Get
End Property
Public Overrides ReadOnly Property TableName() As String
Get
Throw New FrameworkException("没有指定实体对象的TableName.")
End Get
End Property
#End Region
End Class
''' Project : Lily.ComponentFramework
''' Class : ComponentFramework.PermissionBase
'''
''' -----------------------------------------------------------------------------
''' <summary>
''' 权限实体基类.
''' </summary>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2007-03-28 Created
''' </history>
''' -----------------------------------------------------------------------------
Public MustInherit Class PermissionBase
Inherits EntityBase
#Region "类实例化"
Public Sub New()
MyBase.New()
End Sub
#End Region
#Region "访问控制"
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是添加的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasAdd() As Boolean
Get
Return Me.Has("添加")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有删除的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasDelete() As Boolean
Get
Return Me.Has("删除")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有更改的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasModify() As Boolean
Get
Return Me.Has("修改")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否是有查看的权限.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-21 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HasLook() As Boolean
Get
Return Me.Has("查看")
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 判断当前用户是否有执行某项操作的权限.
''' </summary>
''' <param name="strDo">操作</param>
''' <returns></returns>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-25 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable Function Has(ByVal strDo As String) As Boolean
If strDo Is Nothing OrElse strDo.Length = 0 Then
Return True
Else
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.Has(Me, strDo)
Else
Return True
End If
End If
End Function
#End Region
#Region "资源权限"
''' -----------------------------------------------------------------------------
''' <summary>
''' 筛选表达式.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2006-12-22 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property Filter() As IExpression
Get
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.FilterExpression(Me)
End If
End Get
End Property
''' -----------------------------------------------------------------------------
''' <summary>
''' 返回当前实体有那些字段对于当前用户设置了,不可见.
''' </summary>
''' <value></value>
''' <remarks>
''' </remarks>
''' <history>
''' [zqonline] 2007-03-09 Created
''' </history>
''' -----------------------------------------------------------------------------
Public Overridable ReadOnly Property HideFields() As String()
Get
If Not ComponentManager.Permission Is Nothing Then
Return ComponentManager.Permission.HideAttribute(Me)
End If
End Get
End Property
#End Region
#Region "重写基类方法"
Public Overloads Overrides Function Retrieve(ByVal row As System.Data.DataRow, ByVal attributename() As String) As Boolean
If row Is Nothing Then
Return False
End If
If attributename Is Nothing OrElse attributename.Length = 0 Then
Return False
End If
If Me.HideFields Is Nothing OrElse Me.HideFields.Length = 0 Then
Return MyBase.Retrieve(row, attributename)
Else
Dim name() As String
Dim m As Integer
For i As Integer = attributename.Length - 1 To 0 Step -1
If Array.IndexOf(Me.HideFields, attributename(i)) = -1 Then
ReDim Preserve name(m)
name(m) = attributename(i)
m += 1
End If
Next
Return MyBase.Retrieve(row, name)
End If
End Function
Public Overloads Overrides Function Retrieve(ByVal dr As System.Data.IDataRecord, ByVal attributename() As String) As Boolean
If dr Is Nothing Then
Return False
End If
If attributename Is Nothing OrElse attributename.Length = 0 Then
Return False
End If
If Me.HideFields Is Nothing OrElse Me.HideFields.Length = 0 Then
Return MyBase.Retrieve(dr, attributename)
Else
Dim name() As String
Dim m As Integer
For i As Integer = attributename.Length - 1 To 0 Step -1
If Array.IndexOf(Me.HideFields, attributename(i)) = -1 Then
ReDim Preserve name(m)
name(m) = attributename(i)
m += 1
End If
Next
Return MyBase.Retrieve(dr, name)
End If
End Function
#End Region
#Region "实体其它方法"
Public Overrides ReadOnly Property AutoIncrement() As Core.IEntityField
Get
Return Nothing
End Get
End Property
Public Overrides ReadOnly Property TableName() As String
Get
Throw New FrameworkException("没有指定实体对象的TableName.")
End Get
End Property
#End Region
End Class
属性:Filter是用于控制用户只能获取那部份记录!如:只能显示自己的订单
属性:HideFields是当前用户不能查看的字段有那些.
待续