Changeset 103 for trunk/Packages/CoolWeb/Modules/UUser.pas

Timestamp:

Oct 8, 2012, 8:48:16 AM (12 years ago)

Author:

chronos

Message:

• Upraveno: TWebSession zobecněno pro možnost implementace více modulů s obsluhou vstupní stránky.

File:

• trunk/Packages/CoolWeb/Modules/UUser.pas (modified) (2 diffs)

trunk/Packages/CoolWeb/Modules/UUser.pas

@@ -31 +31 @@
     function GetIdByNamePassword(Name: string; PassWord: string): Integer;
     procedure Load;
+    function CheckPermission(Module, Operation: string; ItemType: string = '';
+      ItemId: Integer = 0): Boolean;
+    function CheckGroupPermission(Group, Operation: Integer): Boolean;
   end;
 
@@ -215 +218 @@
 end;
 
+function TWebUser.CheckPermission(Module, Operation: string;
+  ItemType: string = ''; ItemId: Integer = 0): Boolean;
+var
+  DbRows: TDbRows;
+  DbRows2: TDbRows;
+  OperationId: Integer;
+begin
+  Result := False;
+  try
+    DbRows := TDbRows.Create;
+    Database.Query(DbRows, 'SELECT `Id` FROM `PermissionOperation` WHERE `Module`="' + Module + '"' +
+    ' AND `Operation` = "' + Operation + '" AND `Item` = "' + ItemType + '"' +
+    ' AND `ItemId` = ' + IntToStr(ItemId));
+    if DbRows.Count > 0 then
+    try
+      DbRows2 := TDbRows.Create;
+      OperationId := StrToInt(DbRows[0].Values['Id']);
+
+      // Check user-operation relation
+      Database.Select(DbRows2, 'PermissionUserAssignment', 'Id',
+        '`User` = ' + IntToStr(Id) + ' AND `AssignedOperation` = ' + IntToStr(OperationId));
+      if DbRows2.Count > 0 then begin
+        Result := True;
+        Exit;
+      end;
+
+      // Check user-group relation
+      Database.Select(DbRows2, 'PermissionUserAssignment', 'AssignedGroup',
+        '`User` = ' + IntToStr(Id) + ' AND `AssignedGroup` IS NOT NULL');
+      if DbRows2.Count > 0 then begin
+        if CheckGroupPermission(StrToInt(DbRows2[0].Values['AssignedGroup']), OperationId) then begin
+          Result := True;
+          Exit;
+        end;
+      end;
+    finally
+      DbRows2.Free;
+    end;
+  finally
+    DBRows.Free;
+  end;
+end;
+
+function TWebUser.CheckGroupPermission(Group, Operation: Integer): Boolean;
+var
+  DbRows2: TDbRows;
+begin
+  Result := False;
+  try
+      DbRows2 := TDbRows.Create;
+
+      // Check group-operation relation
+      Database.Select(DbRows2, 'PermissionGroupAssignment', 'Id',
+        '`User` = ' + IntToStr(Id) + ' AND `AssignedOperation` = ' + IntToStr(Operation));
+      if DbRows2.Count > 0 then begin
+        Result := True;
+        Exit;
+      end;
+
+      // Check group-group relation
+      Database.Select(DbRows2, 'PermissionGroupAssignment', 'AssignedGroup',
+        '`User` = ' + IntToStr(Id) + ' AND `AssignedGroup` IS NOT NULL');
+      if DbRows2.Count > 0 then begin
+        if CheckGroupPermission(StrToInt(DbRows2[0].Values['AssignedGroup']), Operation) then begin
+          Result := True;
+          Exit;
+        end;
+      end;
+    finally
+      DbRows2.Free;
+    end;
+end;
+
 end.