?? wssecurity.~pas
字號:
unit WSSecurity;
{******************************************
模塊:用戶基類 權限實現
日期:2002年11月1日
作者:胡建平
更新:
******************************************}
interface
uses
SysUtils, Windows, Messages, Classes, Graphics, Controls,
Forms, Dialogs, ADODB, DB, WSLogin, CommonDM, mxArrays, ActnList, Types;
type
TGuarder = class(TObject)
private
FConnected: Boolean;
FLoginPrompt: Boolean;
FPassword: string;
FUserID: Integer;
FActionArray: TIntArray;
FPmsArray: TIntArray;
FOldAppActionExecute: TActionEvent;
function GetUserName: string;
function GetCompanyUserName: string;
procedure SetConnected(Value: Boolean);
procedure SetUserID(Value: Integer);
function GetPackToGoalUnit: string;
function GetForeignCurrencyFlag: string;
function GetGoodsCodeToGoodsName: string;
function GetContractSLPrice: string;
function GetLastSLPrice: string;
function GetLastadjustSLPrice: string;
function GetUseDiscountSLFlag: string;
function GetContractPCPrice: string;
function GetLastPCPrice: string;
function GetLastadjustPCPrice: string;
function GetFillInPrintFlag: string;
function GetRepeatPrintFlag: string;
function GetExportCashACReckoningFlag: string;
function GetPrintCashACReckoningFlag: string;
function GetPermissionID(const PermissionName: string): Integer;
procedure DoActionExecute(Action: TBasicAction; var Handled: Boolean);
protected
procedure RegisterAction(Action: TBasicAction; PermissionID: Integer);
procedure UnRegisterAction(Action: TBasicAction);
public
constructor Create;
destructor Destroy; override;
procedure Close;
procedure Open;
function HasPermission(PermissionID: Integer): Boolean; overload;
function HasPermission(Action: TBasicAction): Boolean; overload;
function HasRight(PermissionName: String): Boolean; // 胡建平 2002-11-11
procedure RegisterActions(Actions: array of TBasicAction;
PermissionIDs: TIntegerDynArray); overload;
procedure RegisterActions(Actions: array of TBasicAction;
PermissionNames: TStringDynArray); overload;
procedure UnRegisterActions(Actions: array of TBasicAction);
property Connected: Boolean read FConnected write SetConnected;
property LoginPrompt: Boolean read FLoginPrompt write FLoginPrompt;
property Password: string read FPassword write FPassword;
property UserID: Integer read FUserID write SetUserID;
property UserName: string read GetUserName;
property CompanyUserName: string read GetCompanyUserName;
property PackToGoalUnit: string read GetPackToGoalUnit;
property GoodsCodeToGoodsName: string read GetGoodsCodeToGoodsName;
property ForeignCurrencyFlag: string read GetForeignCurrencyFlag;
property ContractSLPrice: string read GetContractSLPrice;
property LastSLPrice: string read GetLastSLPrice;
property LastadjustSLPrice: string read GetLastadjustSLPrice;
property UseDiscountSLFlag: string read GetUseDiscountSLFlag;
property ContractPCPrice: string read GetContractPCPrice;
property LastPCPrice: string read GetLastPCPrice;
property LastadjustPCPrice: string read GetLastadjustPCPrice;
property FillInPrintFlag: string read GetFillInPrintFlag;
property RepeatPrintFlag: string read GetRepeatPrintFlag;
property ExportCashACReckoningFlag: string read GetExportCashACReckoningFlag;
property PrintCashACReckoningFlag: string read GetPrintCashACReckoningFlag;
end;
function IsCorrectPassword(UserID: Integer; const Password: string): Boolean;
function Guarder: TGuarder;
implementation
uses WSUtils, MAIN, Variants;
var
FGuarder: TGuarder;
function IsCorrectPassword(UserID: Integer; const Password: string): Boolean;
// 用戶口令驗證
var
ADOTemp: TADODataSet;
begin
{ TODO -cCode : 添加判斷密碼是否正確的代碼 }
ADOTemp := TADODataSet.Create(nil);
ADOTemp.Connection := CommonData.acnConnection;
with ADOTemp do
begin
close;
if inttostr(UserID)<>'-1' then
CommandText :='select * from MSUser where ID=' + inttostr(UserID)
+' and Password=' + inttostr(GetPassword(Password))
+' and RecordState<>' + QuotedStr('刪除')
else
CommandText :='select * from MSRole where RoleID=' + inttostr(UserID)
+' and Password=' + inttostr(GetPassword(Password))
+' and RecordState<>' + QuotedStr('刪除') ;
// showmessage(CommandText);
open;
if RecordCount > 0 then
Result := true
else
Result := false;
end;
ADOTemp.Free;
end;
function Guarder: TGuarder;
begin
if FGuarder = nil then
begin
FGuarder := TGuarder.Create;
end;
Result := FGuarder;
end;
{
*********************************** TGuarder ***********************************
}
procedure TGuarder.Close;
begin
SetConnected(False);
end;
procedure TGuarder.Open;
begin
SetConnected(True);
end;
procedure TGuarder.SetUserID(Value: Integer);
begin
if FUserID <> Value then
begin
FUserID := Value;
end;
end;
function TGuarder.GetUserName: string;
var
aqrTemp: TADODataSet;
begin
if Connected then { TODO : 根據 UserID 查詢取得用戶名 }
begin
aqrTemp := TADODataSet.Create(nil);
aqrTemp.Connection := CommonData.acnConnection;
with aqrTemp do
begin
close;
if inttostr(UserID)='-1' then
CommandText := 'select Name from MSRole where RoleID=' + inttostr(UserID)
else CommandText := 'select Name from MSUser where ID=' + inttostr(UserID) ;
open;
first;
Result := Fieldbyname('Name').AsString;
end;
end;
end;
function TGuarder.HasRight(PermissionName: String): Boolean;//胡建平 2002-11-11
var aqrTemp: TADODataSet;
begin
if Connected then { TODO : 根據 UserID 查詢取用戶是否具有指定權限 }
begin
aqrTemp := TADODataSet.Create(nil);
aqrTemp.Connection := CommonData.acnConnection;
with aqrTemp do
begin
close;
CommandText :=' select id , name from MSPermission '
+' where id in (select PermissionID from '
+' MSRolePermissions where RoleID='+inttostr(UserID)+' ) '
+' and name = ' + QuotedStr(Trim(PermissionName)) ;
open;
if IsEmpty then
Result := False
else
Result := True;
end;
end
else
Result := False;
end;
function TGuarder.HasPermission(PermissionID: Integer): Boolean;
var
aqrTemp: TADODataSet;
begin
if UserID = 1 then Result := True // 系統管理員擁有全部全限
else if Connected then { TODO : 根據 UserID 查詢取用戶是否具有指定權限 }
begin
aqrTemp := TADODataSet.Create(nil);
aqrTemp.Connection := CommonData.acnConnection;
with aqrTemp do
begin
close;
CommandText := 'SELECT * FROM MSRolePermissions WHERE RoleID = ' + IntToStr(UserID) +
' AND PermissionID = ' + IntToStr(PermissionID);
//
// CommandText := ' select a.Name from MSPermission as a ' +
// ' inner join MSRolePermissions as b on a.ID=b.PermissionID and a.ID=' + inttostr(PermissionID) +
// ' inner join MSRole as c on b.RoleID=c.ID ' +
// ' and ((c.ID=' + inttostr(UserID) + ' and c.IsUserTerm=0) or ' +
// ' (' + inttostr(UserID) + '=(select UserID from MSUserTeamUsers where UserTermID=b.RoleID) and c.IsUserTerm=1))';
Open;
if IsEmpty then
Result := False
else
Result := True;
end;
end
else
Result := False;
end;
procedure TGuarder.SetConnected(Value: Boolean);
var
WSLoginForm: TWSLoginForm;
begin
if FConnected <> Value then
begin
if Value then
begin
if LoginPrompt then { TODO : 顯示 WSLoginForm 登錄對話框以獲取 UserID 和 Password };
{ TODO : 檢查 UserID 和 Password,如不正確則觸發登錄異常 }
begin
WSLoginForm := TWSLoginForm.Create(nil);
if WSLoginForm.ShowModal = mrOk then
// Application.CreateForm(TMainForm, MainForm)
//showmessage('Login IN!')
else
begin
Application.Terminate;
end;
end;
end;
FConnected := Value;
end;
end;
procedure TGuarder.UnRegisterActions(Actions: array of TBasicAction);
var
I: Integer;
begin
for I := 0 to Length(Actions) do UnRegisterAction(Actions[I]);
end;
function TGuarder.GetCompanyUserName: string;
var aqrTemp: TADODataSet;
begin
if Connected then { TODO : 直接取得用戶公司名稱--MSCompanyUser.name }
begin
aqrTemp := TADODataSet.Create(nil);
aqrTemp.Connection := CommonData.acnConnection;
with aqrTemp do
begin
close;
CommandText := 'select Name from MSCompanyUser where RecordState<>'
+ QuotedStr('刪除');
open;
first;
if Fieldbyname('Name').IsNull then
Result := 'NiceSoft.net'
else Result := Fieldbyname('Name').AsString;
end;
end;
end;
function TGuarder.GetPackToGoalUnit: string;
var ADSTemp: TADODataSet;
begin
if Connected then { TODO : 直接取得先輸入包裝單位的值--MSSysParametar.name }
begin
ADSTemp := TADODataSet.Create(nil);
ADSTemp.Connection := CommonData.acnConnection;
with ADSTemp do
begin
close;
CommandText := 'select * from MSSysParameter where ParaName like '
+ QuotedStr('%輸入包裝單位%');
open;
first;
if Fieldbyname('ParaValues').IsNull then
Result := '否'
else Result := Fieldbyname('ParaValues').AsString;
end;
end;
end;
function TGuarder.GetGoodsCodeToGoodsName: string;
var ADSTemp: TADODataSet;
begin
if Connected then { TODO : 直接取得先輸入包裝單位的值--MSSysParametar.name }
begin
ADSTemp := TADODataSet.Create(nil);
ADSTemp.Connection := CommonData.acnConnection;
with ADSTemp do
begin
close;
CommandText := 'select * from MSSysParameter where ParaName like '
+ QuotedStr('%先按商品編號輸入單據%');
open;
first;
if Fieldbyname('ParaValues').IsNull then
Result := '否'
else Result := Fieldbyname('ParaValues').AsString;
end;
end;
end;
constructor TGuarder.Create;
begin
with Application do
begin
FOldAppActionExecute := OnActionExecute;
OnActionExecute := DoActionExecute;
end;
FActionArray := TIntArray.Create(0, 0);
FPmsArray := TIntArray.Create(0, 0);
end;
destructor TGuarder.Destroy;
begin
with Application do
OnActionExecute := FOldAppActionExecute;
FPmsArray.Free;
FActionArray.Free;
inherited;
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -