黄聪：Delphi实现软件中登录用户的操作权限

 经常在坛子里看到有朋友问如何对软件的登录用户，进行权限控制，可以设定到每一个菜单或按钮上，这里来实现一个最普通的方法，通过数据库，维护一个权限列表（里面有一个字段和节目上菜单项或Button等的tag对应），在执行时，通过到数据库去查询与之匹配的记录是否开通，来决定用户是否有权限。

    数据库结构：包括两张表BaseData和UserRightData，BaseData中是一张基本表，里面不区分用户，UserRightData是用户权限表，结构和BaseData一样，只是多了用户字段，增加用户时，就是从BaseData表中复制数据到UserRightData中，并标识用户ID。

字段说明：

FucCode:该字段与控件tag对应

FucName:功能名称

IsSel:是否有权限的标志

IsFuc:标识该项是否是可以执行的功能

FucPID:父节点ID，用来生成树形结构时用

 

 权限管理单元：UserRightCenter

unit UserRightCenter;
    interface
    uses
    Windows, Messages, SysUtils, Classes, Forms, Dialogs,ADODB;    type
    TUserRight = class
      private
        FConnection : TADOConnection;
        FData: TADOQuery;
        FUserID: Integer;
      public
        constructor Create(AConnection:TADOConnection);overload;          //根据用户id创建对应的权限列表
        function CreateRightListByUserID(uid:Integer):Boolean;        //根据用户id取得对应的权限列表
        function GetRightListByUserID(uid:Integer):Boolean;        //根据用户id删除对应的权限列表
        function DeleteRightListByUserID(uid:Integer):Boolean;        //根据记录id设置某个功能是否可用,funid:记录id，uid:用户ID，issel:是否可用
        procedure SetFunEnable(funid,uid,issel:Integer);        //判断某个功能是否可用
        function IsRightEnable(uid:Integer;fuccode:string):Boolean;
          procedure ShowUserRigthView(uid:Integer);
          property Connection: TADOConnection read FConnection;
        property Data: TADOQuery read FData;
        property UserID: Integer read FUserID write FUserID;    end;
    implementation
  uses
    UserRightView;
    { TUserRight }
    constructor TUserRight.Create(AConnection: TADOConnection);
  begin
    FConnection := AConnection;
    FData := TADOQuery.Create(nil);
    FData.Connection := FConnection;
  end;
    function TUserRight.CreateRightListByUserID(uid: Integer): Boolean;
  begin
    Result := False;
    DeleteRightListByUserID(uid);
    FData.Close;
    FData.SQL.Text := 'insert into UserRightData(fucid,fucpid,fuccode,fucname,IsFuc,IsSel,userid)
 '+ 'select fucid,fucpid,fuccode,fucname,IsFuc,IsSel,'+IntToStr(uid)+' from BaseData';
    FData.ExecSQL;
    Result := True;
  end;
    function TUserRight.DeleteRightListByUserID(uid: Integer): Boolean;
  begin
    Result := False; 
   FData.Close;
    FData.SQL.Text := 'delete from UserRightData where userid='+IntToStr(uid);
    FData.ExecSQL;
    Result := True;
  end;
    function TUserRight.GetRightListByUserID(uid: Integer): Boolean;
  begin
    FData.Close;
    FData.SQL.Text := 'select * from UserRightData where UserID='+IntToStr(uid);
    FData.Open;
  end;
    function TUserRight.IsRightEnable(uid:Integer;fuccode: string): Boolean;
  begin
    FData.Close;
    FData.SQL.Text := 'select * from UserRightData where userid='+IntToStr(uid)+
                      ' and fuccode='+fuccode;
    FData.Open;
    if (FData.IsEmpty) or (FData.FieldByName('IsSel').AsInteger = 0) then
      Result := False
    else
      Result := True;
  end;
    procedure TUserRight.SetFunEnable(funid,uid,issel: Integer);  begin
    FData.Close;
    FData.SQL.Text := 'update UserRightData set IsSel='+IntToStr(issel)+
                      ' where UserID='+IntToStr(uid)+' and FucID='+IntToStr(funid);
    FData.ExecSQL;
  end;
    //这是现实权限管理界面的，也就是在上面设置用户权限，这个大家可以根据自己的需要用不同的方式去展现
  procedure TUserRight.ShowUserRigthView(uid: Integer);
  var
    frm: TfrmUserRightView;
  begin
    frm := TfrmUserRightView.Create(nil);
    try
      frm.Caption := '用户权限列表';
      frm.SetUserRight(Self);
      Self.GetRightListByUserID(uid);
      frm.ShowModal;
    finally
      FreeAndNil(frm);
    end;
  end;
end.

unit Main;    interface    uses    Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms, Dialogs,UserRightCenter, StdCtrls, DB, ADODB;    type    TfrmMain = class(TForm)      Button1: TButton;      Button2: TButton;      Edit1: TEdit;      Label1: TLabel;      ADOConnection1: TADOConnection;      Button3: TButton;      procedure Button1Click(Sender: TObject);      procedure FormCreate(Sender: TObject);      procedure Button2Click(Sender: TObject);      procedure Button3Click(Sender: TObject);    private      { Private declarations }      FUserRight : TUserRight;    public      { Public declarations }    end;    var    frmMain: TfrmMain;    implementation    {$R *.dfm}    //现实用户权限列表  procedure TfrmMain.Button1Click(Sender: TObject);  begin    FUserRight.UserID := 1;    FUserRight.ShowUserRigthView(1);  end;    procedure TfrmMain.FormCreate(Sender: TObject);  begin    //ADOConnection1是你的数据库连接    ADOConnection1.Open;    FUserRight := TUserRight.Create(ADOConnection1);  end;    //创建用户权限列表  procedure TfrmMain.Button2Click(Sender: TObject);  begin    FUserRight.CreateRightListByUserID(StrToInt(Edit1.Text));  end;    //测试，查看权限，Button3的tag设置为10100003  procedure TfrmMain.Button3Click(Sender: TObject);  begin    if FUserRight.IsRightEnable(1,IntToStr(TButton(Sender).Tag)) then      ShowMessage('可以使用')    else      ShowMessage('你没有使用权限')  end;    end.

 

 以上都是最基本的操作，没有考虑更多的细节，大家可以根据需要填充。