1 | unit UPermission;
|
---|
2 |
|
---|
3 | {$mode Delphi}{$H+}
|
---|
4 |
|
---|
5 | interface
|
---|
6 |
|
---|
7 | uses
|
---|
8 | Classes, SysUtils, UWebObject, UCommon, USqlDatabase, UStringListEx;
|
---|
9 |
|
---|
10 | type
|
---|
11 | { TPermissionACL }
|
---|
12 |
|
---|
13 | TPermissionACL = class
|
---|
14 | procedure Add(ARO, ACO: Integer);
|
---|
15 | procedure Copy(SourceARO, DestARO: Integer);
|
---|
16 | procedure Delete(ARO: Integer);
|
---|
17 | end;
|
---|
18 |
|
---|
19 | { TPermissionACO }
|
---|
20 |
|
---|
21 | TPermissionACO = class(TWebObject)
|
---|
22 | ACL: TPermissionACL;
|
---|
23 | procedure Delete(ACO: Integer);
|
---|
24 | procedure Add(Module, Action, Item: Integer);
|
---|
25 | end;
|
---|
26 |
|
---|
27 | { TPermissionARO }
|
---|
28 |
|
---|
29 | TPermissionARO = class(TWebObject)
|
---|
30 | ACL: TPermissionACL;
|
---|
31 | procedure Delete(ARO: Integer);
|
---|
32 | procedure Add(Group, User: Integer);
|
---|
33 | end;
|
---|
34 |
|
---|
35 | { TPermission }
|
---|
36 |
|
---|
37 | TPermission = class(TWebObject)
|
---|
38 | private
|
---|
39 | public
|
---|
40 | constructor Create;
|
---|
41 | destructor Destroy; override;
|
---|
42 | procedure RebuildCache;
|
---|
43 | function AppendFilter(SourceSQL: string; User, Action, ObjectId: Integer): string;
|
---|
44 | function GetARO(User, Group: Integer): Integer;
|
---|
45 | function GetACO(AObject, Row: Integer): Integer;
|
---|
46 | function Check(ARO, ACO, Action: Integer): Boolean;
|
---|
47 | function GetAROListForUser(User: Integer): TStringListEx;
|
---|
48 | function GetAROListForGroup(Group: Integer): TStringListEx;
|
---|
49 | end;
|
---|
50 |
|
---|
51 | implementation
|
---|
52 |
|
---|
53 |
|
---|
54 | { TPermission }
|
---|
55 |
|
---|
56 | constructor TPermission.Create;
|
---|
57 | begin
|
---|
58 |
|
---|
59 | end;
|
---|
60 |
|
---|
61 | destructor TPermission.Destroy;
|
---|
62 | begin
|
---|
63 | inherited Destroy;
|
---|
64 | end;
|
---|
65 |
|
---|
66 | procedure TPermission.RebuildCache;
|
---|
67 | begin
|
---|
68 |
|
---|
69 | end;
|
---|
70 |
|
---|
71 | function TPermission.AppendFilter(SourceSQL: string; User, Action, ObjectId: Integer): string;
|
---|
72 | var
|
---|
73 | AROList: TStringListEx;
|
---|
74 | begin
|
---|
75 | AROList := GetAROListForUser(User);
|
---|
76 | Result := 'SELECT `T`.* FROM (' + SourceSQL + ') AS `T` JOIN `PermissionACL` ON `PermissionACL`.`ARO` IN (' +
|
---|
77 | AROList.Implode(',') + ') AND `PermissionACL`.`Action` = ' + IntToStr(Action) +
|
---|
78 | ' JOIN `PermissionACO` ON `PermissionACO`.`Id` = `PermissionACL`.`ACO` AND `PermissionACO`.`Item` = `T`.`Id` AND `PermissionACO`.`Object` = ' +
|
---|
79 | IntToStr(ObjectId) + ' GROUP BY `T`.`Id`';
|
---|
80 | AROList.Destroy;
|
---|
81 | end;
|
---|
82 |
|
---|
83 | function TPermission.GetARO(User, Group: Integer): Integer;
|
---|
84 | begin
|
---|
85 |
|
---|
86 | end;
|
---|
87 |
|
---|
88 | function TPermission.GetACO(AObject, Row: Integer): Integer;
|
---|
89 | begin
|
---|
90 |
|
---|
91 | end;
|
---|
92 |
|
---|
93 | function TPermission.Check(ARO, ACO, Action: Integer): Boolean;
|
---|
94 | //var
|
---|
95 | // ItemFilter: string;
|
---|
96 | begin
|
---|
97 | // if Item <> 0 then ItemFilter := ' AND (Item=' + IntToStr(Item) + ')'
|
---|
98 | // else ItemFilter := ' AND (Item IS NULL)';
|
---|
99 |
|
---|
100 | end;
|
---|
101 |
|
---|
102 | function TPermission.GetAROListForUser(User: Integer): TStringListEx;
|
---|
103 | var
|
---|
104 | DbRows: TDbRows;
|
---|
105 | I: Integer;
|
---|
106 | GroupItems: TStringListEx;
|
---|
107 | begin
|
---|
108 | Result := TStringListEx.Create;
|
---|
109 | DbRows := Database.Query('SELECT * FROM `PermissionARO` WHERE `User`=' + IntToStr(User));
|
---|
110 | for I := 0 to DbRows.Count - 1 do begin
|
---|
111 | Result.Add(DbRows[I].Values['Id']);
|
---|
112 | end;
|
---|
113 | DbRows.Destroy;
|
---|
114 |
|
---|
115 | // Append group items
|
---|
116 | DbRows := Database.Query('SELECT * FROM `UserGroupAssignment` WHERE `User`=' + IntToStr(User));
|
---|
117 | for I := 0 to DbRows.Count - 1 do begin
|
---|
118 | GroupItems := GetAROListForGroup(StrToInt(DbRows[I].Values['ParentGroup']));
|
---|
119 | Result.AddStrings(GroupItems);
|
---|
120 | GroupItems.Destroy;
|
---|
121 | end;
|
---|
122 | DbRows.Destroy;
|
---|
123 | end;
|
---|
124 |
|
---|
125 | function TPermission.GetAROListForGroup(Group: Integer): TStringListEx;
|
---|
126 | var
|
---|
127 | DbRows: TDbRows;
|
---|
128 | I: Integer;
|
---|
129 | GroupItems: TStringListEx;
|
---|
130 | begin
|
---|
131 | Result := TStringListEx.Create;
|
---|
132 | DbRows := Database.Query('SELECT * FROM `PermissionARO` WHERE `Group`=' + IntToStr(Group));
|
---|
133 | for I := 0 to DbRows.Count - 1 do begin
|
---|
134 | Result.Add(DbRows[I].Values['Id']);
|
---|
135 | end;
|
---|
136 | DbRows.Destroy;
|
---|
137 |
|
---|
138 | // Append subgroup items
|
---|
139 | DbRows := Database.Query('SELECT * FROM `UserGroupAssignment` WHERE `Group`=' + IntToStr(Group));
|
---|
140 | for I := 0 to DbRows.Count - 1 do begin
|
---|
141 | GroupItems := GetAROListForGroup(StrToInt(DbRows[I].Values['ParentGroup']));
|
---|
142 | Result.AddStrings(GroupItems);
|
---|
143 | GroupItems.Destroy;
|
---|
144 | end;
|
---|
145 | DbRows.Destroy;
|
---|
146 | end;
|
---|
147 |
|
---|
148 | { TPermissionACL }
|
---|
149 |
|
---|
150 | procedure TPermissionACL.Add(ARO, ACO: Integer);
|
---|
151 | begin
|
---|
152 |
|
---|
153 | end;
|
---|
154 |
|
---|
155 | procedure TPermissionACL.Copy(SourceARO, DestARO: Integer);
|
---|
156 | begin
|
---|
157 |
|
---|
158 | end;
|
---|
159 |
|
---|
160 | procedure TPermissionACL.Delete(ARO: Integer);
|
---|
161 | begin
|
---|
162 |
|
---|
163 | end;
|
---|
164 |
|
---|
165 | { TPermissionARO }
|
---|
166 |
|
---|
167 | procedure TPermissionARO.Delete(ARO: Integer);
|
---|
168 | begin
|
---|
169 | end;
|
---|
170 |
|
---|
171 | procedure TPermissionARO.Add(Group, User: Integer);
|
---|
172 | begin
|
---|
173 |
|
---|
174 | end;
|
---|
175 |
|
---|
176 | { TPermissionACO }
|
---|
177 |
|
---|
178 | procedure TPermissionACO.Delete(ACO: Integer);
|
---|
179 | begin
|
---|
180 | end;
|
---|
181 |
|
---|
182 | procedure TPermissionACO.Add(Module, Action, Item: Integer);
|
---|
183 | begin
|
---|
184 |
|
---|
185 | end;
|
---|
186 |
|
---|
187 | end.
|
---|