在aspx页面中检查用户拥有访问此页权限之后,即可检查到用户是否拥有相关的操作权限,如“添加”,“编辑”,“更新”,“删除”等操作权限。
存储过程:
代码
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE PROCEDURE [dbo].[usp_CheckOperationAction]
(
@UsersId int,
@PagesId int,
@OperationValue int
)
AS
DECLARE @UsersRoleCount INT,@UsersModuleCount INT,@Result BIT
--检索用户所拥有的角色
SELECT @UsersRoleCount =(SELECT COUNT(*) FROM [UsersRole] UR
INNER JOIN [RolePages] RP ON (UR.[RoleId] = RP.[RoleId])
WHERE UR.[IsEnable] = 1 AND RP.[IsEnable] = 1 AND UR.[UsersId] = @UsersId AND RP.[PagesId] = @PagesId )
--检索用户是否拥有操作权限。
SELECT @UsersModuleCount =(SELECT COUNT(*) FROM [UsersModule] UM
INNER JOIN [ModulePages] MP ON (UM.[ModuleId] = MP.[ModuleId])
WHERE (UM.[Purview] & @OperationValue = @OperationValue) AND MP.[IsEnable] = 1 AND UM.[UsersId] = @UsersId AND MP.[PagesId] = @PagesId )
IF ((@UsersRoleCount > 0) OR (@UsersModuleCount > 0))
--操作允许
SET @Result = 1
ELSE
--操作拒绝
SET @Result = 0
RETURN @Result
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE PROCEDURE [dbo].[usp_CheckOperationAction]
(
@UsersId int,
@PagesId int,
@OperationValue int
)
AS
DECLARE @UsersRoleCount INT,@UsersModuleCount INT,@Result BIT
--检索用户所拥有的角色
SELECT @UsersRoleCount =(SELECT COUNT(*) FROM [UsersRole] UR
INNER JOIN [RolePages] RP ON (UR.[RoleId] = RP.[RoleId])
WHERE UR.[IsEnable] = 1 AND RP.[IsEnable] = 1 AND UR.[UsersId] = @UsersId AND RP.[PagesId] = @PagesId )
--检索用户是否拥有操作权限。
SELECT @UsersModuleCount =(SELECT COUNT(*) FROM [UsersModule] UM
INNER JOIN [ModulePages] MP ON (UM.[ModuleId] = MP.[ModuleId])
WHERE (UM.[Purview] & @OperationValue = @OperationValue) AND MP.[IsEnable] = 1 AND UM.[UsersId] = @UsersId AND MP.[PagesId] = @PagesId )
IF ((@UsersRoleCount > 0) OR (@UsersModuleCount > 0))
--操作允许
SET @Result = 1
ELSE
--操作拒绝
SET @Result = 0
RETURN @Result