Geekly Articles each Day

рдлреВрдЯ рдбрд╛рд▓реЛ рдФрд░ рдЬреАрддреЛред рдпрд╛ рдПрдПрд╕рдкреА рдПрдорд╡реАрд╕реА рдХреЗ рд▓рд┐рдП рдПрдХ рдЕрдзрд┐рдХрд╛рд░ рд╕рд╛рдЭрд╛рдХрд░рдг рдкреНрд░рдгрд╛рд▓реА

рдмрд╣реБрдд рдмрд╛рд░ рдореЗрд░реЗ рдХрд╛рдо рдореЗрдВ рдореБрдЭреЗ рд╕рд╛рдЗрдЯ рдФрд░ рдирд┐рдпрдВрддреНрд░рдгреЛрдВ рдХреЗ рдЙрдкрдпреЛрдЧ рдЕрдзрд┐рдХрд╛рд░реЛрдВ рдХреЗ рдкреГрдердХреНрдХрд░рдг рдХреА рд╕рдорд╕реНрдпрд╛ рдХрд╛ рд╕рд╛рдордирд╛ рдХрд░рдирд╛ рдкрдбрд╝рддрд╛ рд╣реИред
рдкрд╣рд▓реЗ рдореЗрд░реЗ рдкрд╛рд╕ рдкрд░реНрдпрд╛рдкреНрдд рдЙрдкрдХрд░рдг рдереЗ рдЬреЛ рдПрдПрд╕рдкреА рдПрдорд╡реАрд╕реА рдмреЙрдХреНрд╕ рд╕реЗ рдмрд╛рд╣рд░ рдкреНрд░рджрд╛рди рдХрд░рддрд╛ рд╣реИ, рд▓реЗрдХрд┐рди рд╕рдордп рдХреЗ рд╕рд╛рде, рдореБрдЭреЗ рдЕрдкрдирд╛ рдЕрдзрд┐рдХрд╛рд░-рд╕рд╛рдЭрд╛рдХрд░рдг рдЙрдкрдХрд░рдг рдмрдирд╛рдиреЗ рдХреА рдЖрд╡рд╢реНрдпрдХрддрд╛ рдХрд╛ рд╕рд╛рдордирд╛ рдХрд░рдирд╛ рдкрдбрд╝рд╛ред рдпрджрд┐ рдЖрдк, рдкреНрд░рд┐рдп% habrauser%, рдореЗрдВ рд░реБрдЪрд┐ рд░рдЦрддреЗ рд╣реИрдВ рдХрд┐ рдЖрдк рдЗрд╕ рд╕рдорд╕реНрдпрд╛ рдХреЛ рдХреИрд╕реЗ рд╣рд▓ рдХрд░ рд╕рдХрддреЗ рд╣реИрдВ, рддреЛ рдмрд┐рд▓реНрд▓реА рдХрд╛ рд╕реНрд╡рд╛рдЧрдд рдХрд░реЗрдВред

рдХреБрдЫ рдЧреАрдд


рдПрдХ рдкрд░рд┐рдпреЛрдЬрдирд╛ рдореЗрдВ рдореБрдЭреЗ рд╕рд╛рдЗрдЯ рдХреЗ рдЕрдиреБрднрд╛рдЧреЛрдВ рдФрд░ рддрддреНрд╡реЛрдВ рддрдХ рдкрд╣реБрдВрдЪ рдЕрдзрд┐рдХрд╛рд░ рд╕рд╛рдЭрд╛ рдХрд░рдиреЗ рдХреА рд╕рдорд╕реНрдпрд╛ рдХрд╛ рд╕рд╛рдордирд╛ рдХрд░рдирд╛ рдкрдбрд╝рд╛ред рдпрд╣ рдХрдВрдкрдиреА рдХреА рдЖрдВрддрд░рд┐рдХ рд╡реЗрдмрд╕рд╛рдЗрдЯ рд╣реИ рдЬрд╣рд╛рдВ рдХрд░реНрдордЪрд╛рд░реА рдЕрдкрдиреА рдЫреБрдЯреНрдЯрд┐рдпреЛрдВ рдХреА рдпреЛрдЬрдирд╛ рдмрдирд╛ рд╕рдХрддреЗ рд╣реИрдВред рдЯреАрдХреЗ рдЖрд╢реНрдЪрд░реНрдпрдЬрдирдХ рд░реВрдк рд╕реЗ рдЕрдЪреНрдЫреА рддрд░рд╣ рд╕реЗ рд▓рд┐рдЦрд╛ рдЧрдпрд╛ рдерд╛ред рдХрд╛рдо рддреНрд╡рд░рд┐рдд рдЧрддрд┐ рд╕реЗ рдЖрдЧреЗ рдмрдврд╝рд╛ рдФрд░ рдПрдХ рдорд╣реАрдиреЗ рдХреЗ рдХрд╛рдо рдХреЗ рдмрд╛рдж рдПрдХ рдХрд╛рд░реНрдпрд╢реАрд▓ рдкреНрд░реЛрдЯреЛрдЯрд╛рдЗрдк рддреИрдпрд╛рд░ рд╣реЛ рдЧрдпрд╛ред рд╣рд░ рдХреЛрдИ рдЙрд╕ рдХреНрд╖рдг рддрдХ рдкреНрд░рд╕рдиреНрди рдерд╛ рдЬрдм рд╕рд┐рд╕реНрдЯрдо рдХреЗ рд╕рдВрдЪрд╛рд▓рди рдкрд░ "рд╢реЛрдзрди" рд╢реБрд░реВ рдирд╣реАрдВ рд╣реБрдЖ рдерд╛ред рдФрд░ рдЬрдм рд╕реЗ рдиреМрдХрд░рд╢рд╛рд╣ рдЬрдиреНрдо рд╕реЗ рд╣рдорд╛рд░реЗ рдЖрджрдореА рдореЗрдВ рдмреИрдареЗ рд╣реИрдВ, рдмрд╣реБрдд рд╕рдордиреНрд╡рдп рдФрд░ рдЪрд░реНрдЪрд╛ рдереА, рдЬрд┐рд╕рдХрд╛ рдкрд░рд┐рдгрд╛рдо рдХреБрдЫ рдЗрд╕ рддрд░рд╣ рдерд╛: тАЬрд╕рдм рдХреБрдЫ рдареАрдХ рд╣реИред рд▓реЗрдХрд┐рди рдЗрд╕реЗ рдПрдХ рд╕рд╛рдорд╛рдиреНрдп рдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ рджреНрд╡рд╛рд░рд╛ рдирд╣реАрдВ рджреЗрдЦрд╛ рдЬрд╛рдирд╛ рдЪрд╛рд╣рд┐рдПред рдФрд░ рдпрд╣ рдХреЗрд╡рд▓ рд╡реНрдпрд╡рд╕реНрдерд╛рдкрдХ рджреНрд╡рд╛рд░рд╛ рджреЗрдЦрд╛ рдЬрд╛рдирд╛ рдЪрд╛рд╣рд┐рдПред рдФрд░ рдпрд╣ рдХреЗрд╡рд▓ рдПрдХ рд╡рд┐рд╢реЗрд╖ рд░реВрдк рд╕реЗ рдЧреБрдкреНрдд рд╡реНрдпрд╡рд╕реНрдерд╛рдкрдХ рджреНрд╡рд╛рд░рд╛ рджреЗрдЦрд╛ рдЬрд╛рдирд╛ рдЪрд╛рд╣рд┐рдП рдФрд░ рдХреЛрдИ рдирд╣реАрдВ! " рдФрд░ рдпрд╣, рджреБрд░реНрднрд╛рдЧреНрдп рд╕реЗ, рдЧреНрд░рд╛рд╣рдХ рдХреА рддреВрдлрд╛рдиреА рдХрд▓реНрдкрдирд╛ рдХрд╛ рдЕрдВрдд рдирд╣реАрдВ рд╣реИред
рдЖрдк рдорд╛рдирдХ рдЙрдкрдХрд░рдгреЛрдВ рдХрд╛ рдЙрдкрдпреЛрдЧ рдХрд░рдХреЗ рдкреНрд░рдмрдВрдзрди рдФрд░ рднреВрдорд┐рдХрд╛ рдХрд╛ рдЙрдкрдпреЛрдЧ рдХрд░ рд╕рдХрддреЗ рд╣реИрдВ, рд▓реЗрдХрд┐рди рдпрд╣ рдмрд╣реБрдд рд╣реА рдбрд░рд╛рд╡рдирд╛ рд╣реИред рдЗрд╕рд▓рд┐рдП, рдореИрдВ рдПрдХ рдПрдХреНрд╕реЗрд╕ рд╢реЗрдпрд░рд┐рдВрдЧ рдореЙрдбреНрдпреВрд▓ рдмрдирд╛рдиреЗ рдХреЗ рдмрд╛рд░реЗ рдореЗрдВ рд╕реЗрдЯ рдХрд░рддрд╛ рд╣реВрдВ рдЬрд┐рд╕реЗ рдЖрд╕рд╛рдиреА рд╕реЗ рдкреНрд░рдмрдВрдзрд┐рдд рдХрд┐рдпрд╛ рдЬрд╛ рд╕рдХрддрд╛ рд╣реИред

рд╢реБрд░реБрдЖрдд рд╣реЛ рд░рд╣реА рд╣реИ


рдХреЗ рд╕рд╛рде рд╢реБрд░реВ рдХрд░рдиреЗ рдХреЗ рд▓рд┐рдП, рдореЙрдбреНрдпреВрд▓ рдХреЗ рд▓рд┐рдП рдмреБрдирд┐рдпрд╛рджреА рдЖрд╡рд╢реНрдпрдХрддрд╛рдУрдВ рдХреЛ рд╡реНрдпреБрддреНрдкрдиреНрди рдХрд┐рдпрд╛ рдЧрдпрд╛ рдерд╛ред
  1. рдирд┐рдпрдВрддреНрд░рдХ рд╡рд┐рдзрд┐рдпреЛрдВ рддрдХ рдкрд╣реБрдВрдЪ рдЕрдзрд┐рдХрд╛рд░реЛрдВ рдХрд╛ рд╕рд░рд▓ рдкреГрдердХреНрдХрд░рдг (рдЕрдзрд┐рдХреГрдд рд╡рд┐рд╢реЗрд╖рддрд╛ рдХреЗ рд╕рд┐рджреНрдзрд╛рдВрдд рдХреЗ рдЖрдзрд╛рд░ рдкрд░)
  2. рд╕рд╛рдЗрдЯ рддрддреНрд╡реЛрдВ рддрдХ рдкрд╣реБрдВрдЪ рд╕рд╛рдЭрд╛ рдХрд░рдиреЗ рдХреЗ рд▓рд┐рдП рдЖрд╕рд╛рди-рд╕реЗ-рдЙрдкрдпреЛрдЧ рддрдВрддреНрд░
  3. рдХрд┐рд╕реА рднреА рдкрд╣реБрдВрдЪ рднрд┐рдиреНрдирддрд╛ рдХреЗ рд╕рд╛рде рднреВрдорд┐рдХрд╛рдПрдБ рдмрдирд╛рдиреЗ рдХреА рдХреНрд╖рдорддрд╛
  4. рд╡рд┐рднрд┐рдиреНрди рдкрд░рд┐рдпреЛрдЬрдирд╛рдУрдВ рдореЗрдВ рдЙрдкрдпреЛрдЧ рдХрд░рдиреЗ рдХреА рдХреНрд╖рдорддрд╛

рддрдм рд╡рд┐рднрд┐рдиреНрди рдпреЛрдЬрдирд╛рдУрдВ рдХреЛ рдмрдирд╛рдиреЗ рдФрд░ рд╡рд┐рд╖рдп рдкрд░ рд╕рд╛рдордЧреНрд░реА рдХрд╛ рдПрдХ рдмрдбрд╝рд╛ рдвреЗрд░ рджреЗрдЦрдиреЗ рдкрд░ "рдХрд╛рдо" рдХрд┐рдпрд╛ рдЧрдпрд╛ рдерд╛ред рдирддреАрдЬрддрди, рдореЙрдбреНрдпреВрд▓ рдХреА рдЕрд╡рдзрд╛рд░рдгрд╛ рд╡рд┐рдХрд╕рд┐рдд рдХреА рдЧрдИ рдереАред
рдореЙрдбреНрдпреВрд▓ рдХреЗ рдХрд╛рдо рдХрд░рдиреЗ рдХреЗ рд▓рд┐рдП рдЖрд╡рд╢реНрдпрдХ рдбреЗрдЯрд╛ рдХреЛ MSSQL рдбреЗрдЯрд╛рдмреЗрд╕ рдореЗрдВ рд╕рдВрдЧреНрд░рд╣реАрдд рдХрд┐рдпрд╛ рдЬрд╛рдПрдЧрд╛ (рдФрд░ рдЕрдЧрд░ рд╣рдо c # рдореЗрдВ рд▓рд┐рдЦрддреЗ рд╣реИрдВ рддреЛ рдФрд░ рдХреНрдпрд╛ рдХрд╣рддреЗ рд╣реИрдВ)ред рдореИрдВрдиреЗ рдХреЙрд░реНрдкреЛрд░реЗрдЯ рдиреЗрдЯрд╡рд░реНрдХ рд╕рдВрд░рдЪрдирд╛ рдХреА рдЦрд╝рд╛рд╕рд┐рдпрдд рдФрд░ рдХрд┐рд╕реА рднреА рдкрд░рд┐рдпреЛрдЬрдирд╛ рдореЗрдВ (рд╕рд┐рджреНрдзрд╛рдВрдд рд░реВрдк рдореЗрдВ) рдХрд╛ рдЙрдкрдпреЛрдЧ рдХрд░рдиреЗ рдХреЗ рд╡рд┐рдЪрд╛рд░ рдХреЗ рдХрд╛рд░рдг рдХреЗрдВрджреНрд░реАрдХреГрдд рднрдВрдбрд╛рд░рдг рдирд╣реАрдВ рдХрд┐рдпрд╛ред рдЗрд╕рд▓рд┐рдП, рд╣рдо рдкреНрд░реЛрдЬреЗрдХреНрдЯ рдбреЗрдЯрд╛рдмреЗрд╕ рдореЗрдВ рдореЙрдбреНрдпреВрд▓ рдбреЗрдЯрд╛ рдХреЗ рд╣рдорд╛рд░реЗ рд╕реЗрдЯ рдХреЛ рд▓рд┐рдЦреЗрдВрдЧреЗред
рдЗрд╕рдХреЗ рдЕрд▓рд╛рд╡рд╛, рдЗрд╕ рд╡рд┐рдЪрд╛рд░ рдХреЗ рдЖрдзрд╛рд░ рдкрд░ рдХрд┐ рдореЙрдбреНрдпреВрд▓ рдХреЛ рдХрд┐рд╕реА рднреА рдкрд░рд┐рдпреЛрдЬрдирд╛ рдХреЗ рд╕рд╛рде рдХрд╛рдо рдХрд░рдирд╛ рдЪрд╛рд╣рд┐рдП, рдЙрд╕реЗ рдЙрд╕ рдкрд░рд┐рдпреЛрдЬрдирд╛ рдХреА web.config рдлрд╝рд╛рдЗрд▓ рд╕реЗ рд╕реЗрдЯрд┐рдВрдЧ рдХреЛ рдкрдврд╝рдирд╛ рдЪрд╛рд╣рд┐рдП рдЬрд┐рд╕рдореЗрдВ рдореЙрдбреНрдпреВрд▓ рдЬреБрдбрд╝рд╛ рд╣реБрдЖ рд╣реИред
рдареАрдХ рд╣реИ, рдореЙрдбреНрдпреВрд▓ рдХреЛ рдкрддрд╛ рд╣реИ рдХрд┐ рдЕрдкрдиреЗ рд▓рд┐рдП рдЖрдзрд╛рд░ рдХреИрд╕реЗ рддреИрдпрд╛рд░ рдХрд░реЗрдВ рдФрд░ рдкреНрд░рд╛рд░рдВрднрд┐рдХ рдХреЙрдиреНрдлрд╝рд┐рдЧрд░реЗрд╢рди рдХрд░реЗрдВ рддрд╛рдХрд┐ рдПрдХ рдирдИ рдкрд░рд┐рдпреЛрдЬрдирд╛ рдкрд░ рддреИрдирд╛рддреА рдЙрддрдиреА рд╣реА рд╕рд░рд▓ рд╣реЛ ... рдЕрд╣рдоред рдЦреИрд░, рдЖрдкрдХреЛ рдмрд╛рдд рд╕рдордЭ рдореЗрдВ рдЖ рдЧрдИред
рдФрд░ рдЕрдкрдиреЗ рд╕реНрд╡рд╛рдж рдХреЗ рд▓рд┐рдП, рдЗрд╕реЗ рдбрд┐рдлрд╝реЙрд▓реНрдЯ рд░реВрдк рд╕реЗ рд╕рднреА рдирдП рдмрдирд╛рдП рдЧрдП рдпрд╛ рдЬреЛрдбрд╝реЗ рдЧрдП рддрддреНрд╡реЛрдВ рдФрд░ рдЕрдиреБрднрд╛рдЧреЛрдВ рдХреЛ рддрд╛рд▓рд┐рдХрд╛рдУрдВ рдореЗрдВ рджрд░реНрдЬ рдХрд░реЗрдВ рдФрд░ "рд╕реБрдкрд░ рдПрдбрдорд┐рди" рддрдХ рдкрд╣реБрдВрдЪ рджреЗрдВ, рддрд╛рдХрд┐ рдЖрдкрдХреЗ рджреНрд╡рд╛рд░рд╛ рдХрд╛рдо рдХрд░рдиреЗ рдкрд░ рд╣рд░ рдмрд╛рд░ рд╕реЗрдЯрд┐рдВрдЧ рдореЗрдВ рди рдЬрд╛рдирд╛ рдкрдбрд╝реЗред

рд╢реБрд░реБрдЖрдд рд╣реЛ рд░рд╣реА рд╣реИ

рдкрд╣рд▓реЗ, рдореИрдВ рдкрд░рд┐рдгрд╛рдореА рдореЙрдбреНрдпреВрд▓ рдХреЗ рдмрд╛рд░реЗ рдореЗрдВ рдХреБрдЫ рд╢рдмреНрдж рдХрд╣рдирд╛ рдЪрд╛рд╣рддрд╛ рд╣реВрдВред рдЕрдкрдиреЗ рдХрд╛рдо рдХреЗ рд▓рд┐рдП, рд╡рд╣ рд╕реНрд╡-рд▓рд┐рдЦрд┐рдд рд░реЛрд▓рдкреНрд░реЙрдЗрдбрд░ рдХрд╛ рдЙрдкрдпреЛрдЧ рдХрд░рддрд╛ рд╣реИред рдФрд░ рдЗрд╕рдХреЗ рдЙрдкрдпреЛрдЧ рдХрд╛ рдХрд╛рд░рдг рдлрд┐рд░ рд╕реЗ рдХреЙрд░реНрдкреЛрд░реЗрдЯ рдиреЗрдЯрд╡рд░реНрдХ рдХреА рд╡рд┐рд╢реЗрд╖рддрд╛рдПрдВ рдереАрдВред рдЗрд╕ рдкреНрд░рдХрд╛рд░, рд╕рд░реНрд╡рд░реЛрдВ рдореЗрдВ рд╕реЗ рдПрдХ рдкрд░ рдПрдХ рдирд┐рд░реНрджреЗрд╢рд┐рдХрд╛ рдмрдирд╛рдИ рдЧрдИ рдереА рдЬрд┐рд╕рдореЗрдВ рдХрд░реНрдордЪрд╛рд░рд┐рдпреЛрдВ рдХреЗ рд╕рднреА рдбреЗрдЯрд╛ рдФрд░ рдбреЛрдореЗрди рд▓реЙрдЧрд┐рди рдкрд░ рдмрд╛рдзреНрдпрдХрд╛рд░реА рд╕реНрдерд┐рдд рд╣реИрдВред рдкреВрдЫреЛ рдХреНрдпреЛрдВ рдирд╣реАрдВред рдпрд╣ рдЪреАрдЬреЛрдВ рдХреА рдПрдХ рд╕реНрдерд╛рдкрд┐рдд рд╕реНрдерд┐рддрд┐ рд╣реИред
рдЗрд╕рд▓рд┐рдП, рдирд┐рд░реНрджреЗрд╢рд┐рдХрд╛ рдореЗрдВ рдЖрдВрддрд░рд┐рдХ рдЖрд╡рд╢реНрдпрдХрддрд╛рдУрдВ рдХреЗ рд▓рд┐рдП рдХрд░реНрдордЪрд╛рд░рд┐рдпреЛрдВ рдХреЗ рд▓рд┐рдП рд╕рдореВрд╣ рд╣реИрдВред рдЗрд╕рд▓рд┐рдП, рдПрдХ рд░реЛрд▓ рдкреНрд░рджрд╛рддрд╛ рд▓рд┐рдЦрд╛ рдЧрдпрд╛ рдерд╛, рдЬрд┐рд╕рдиреЗ рди рдХреЗрд╡рд▓ рдЕрдкрдиреЗ рдореБрдЦреНрдп рдХрд╛рд░реНрдпреЛрдВ рдХрд╛ рдкреНрд░рджрд░реНрд╢рди рдХрд┐рдпрд╛, рдмрд▓реНрдХрд┐ рд╕рд░реНрд╡рд░ рдкрд░ рдирд┐рд░реНрджреЗрд╢рд┐рдХрд╛ рдореЗрдВ рд╕рдореВрд╣реЛрдВ рдкрд░ рдХрд╛рдо рдХрд┐рдпрд╛ред рдореИрдВ рдЗрд╕реЗ рдирд╣реАрдВ рд▓рд╛рдКрдВрдЧрд╛, рдХреНрдпреЛрдВрдХрд┐ рдпрд╣ рд╡рд┐рд╢реЗрд╖ рд░реБрдЪрд┐ рдХрд╛ рдирд╣реАрдВ рд╣реИ рдФрд░ рдЖрдкрдХреЛ рдкреНрд░рджрд╛рддрд╛ рд▓рд┐рдЦрдиреЗ рдореЗрдВ рдХреБрдЫ рдирдпрд╛ рдирд╣реАрдВ рдорд┐рд▓реЗрдЧрд╛ред (рдХреЛрдб рд╕реНрдирд┐рдкреЗрдЯ рдореЗрдВ AuthLib рдирд╛рдо рд╕реНрдерд╛рди рдХреА рдЕрдкреАрд▓ рд╣реЛрдЧреА, рдЬрд┐рд╕рдореЗрдВ рд░реЛрд▓ рдкреНрд░рджрд╛рддрд╛ рд╣реЛрддрд╛ рд╣реИ)ред

рдЬрдм рддрдХ рдХреЛрдб рдирд╣реАрдВ рдЬрд╛рддрд╛, рдореИрдВ рдХреЛрдб рдореЗрдВ рдЯрд┐рдкреНрдкрдгреА рдФрд░ рдЕрдиреНрдп рдХрдЪрд░рд╛ рдХреЗ рд▓рд┐рдП рдорд╛рдлреА рдЪрд╛рд╣рддрд╛ рд╣реВрдВред рджрд┐рдпрд╛ рдЧрдпрд╛ рдХреЛрдб рдкреБрд░рд╛рдирд╛ рд╣реИ (рд╡рд░реНрддрдорд╛рди рдкрд░рд┐рдпреЛрдЬрдирд╛рдУрдВ рдХреА рд╡рд╛рд╕реНрддрд╡рд┐рдХрддрд╛рдУрдВ рдореЗрдВ) рдФрд░ рдХреЗрд╡рд▓ рд╡рд┐рдЪрд╛рд░ рдкреНрд░рджрд░реНрд╢рд┐рдд рдХрд░рдиреЗ рдХреЗ рд▓рд┐рдП рджрд┐рдпрд╛ рдЧрдпрд╛ рд╣реИред

рдкрд╣рд▓рд╛ рдХрджрдо рдПрдХ рд╡рд░реНрдЧ рдмрдирд╛рдирд╛ рд╣реИ рдЬреЛ рдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ рдХрд╛ рд╡рд░реНрдгрди рдХрд░рддрд╛ рд╣реИред рднрд╡рд┐рд╖реНрдп рдореЗрдВ рдХрд╛рдо рдХрд░рдирд╛ рдЖрд╕рд╛рди рд╣реЛ рдЬрд╛рдПрдЧрд╛ред

рд╡рд░реНрдЧ 'рдХрд░реНрдордЪрд╛рд░реА'
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Data.SqlClient; namespace Ekzo.BaseClasses { public class Employee : IEquatable<Employee> { /// <summary> ///     /// </summary> public int Id { get; set; } /// <summary> ///   /// </summary> public string Name { get; set; } /// <summary> ///   /// </summary> /// <param name="id">  </param> public Employee(int id) { InitClass(id); } /// <summary> ///   /// </summary> /// <param name="employeeName"> </param> public Employee(string employeeName) { using (SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Ekzo.Web.Configuration.StringName].ConnectionString)) { using (SqlCommand cmd = new SqlCommand("SELECT employee_id FROM employee WHERE employee_name LIKE @employeeName+'%' AND date_fired IS NULL", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@employeeName", string.Join("%", employeeName.Split(char.Parse(" ")))); SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { this.Id = reader.GetInt32(0); } reader.Close(); } catch (Exception ex) { if (Ekzo.Web.Configuration.s_log != null) Ekzo.Web.Configuration.s_log.Error("[  ] [   ]", ex); } } } if (this.Id != 0) InitClass(this.Id); } /// <summary> ///   /// </summary> public Employee() { } /// <summary> ///    /// </summary> /// <param name="id">   </param> private void InitClass(int id) { this.Id = id; using (SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Ekzo.Web.Configuration.StringName].ConnectionString)) { using (SqlCommand cmd = new SqlCommand("SELECT employee_name FROM employee WHERE employee_id=@employeeID AND date_fired IS NULL", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@employeeID", this.Id); SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { this.Name = reader.GetString(0); } reader.Close(); } catch (Exception ex) { if (Ekzo.Web.Configuration.s_log != null) Ekzo.Web.Configuration.s_log.Error("[  ] [   ]", ex); } } } } public bool Equals(Employee x, Employee y) { if (x.Name == y.Name && x.Id == y.Id) return true; else return false; } public override int GetHashCode() { int hasEmployeeName = this.Name == null ? 0 : this.Name.GetHashCode(); int hasID = this.Id == 0 ? 0 : this.Id.GetHashCode(); return hasEmployeeName ^ hasID; } public bool Equals(Employee other) { if (this.Name == other.Name && this.Id == other.Id) return true; else return false; } bool IEquatable<Employee>.Equals(Employee other) { if (this.Name == other.Name && this.Id == other.Id) return true; else return false; } } }



рдЕрдм рд╣рдо рдЙрди рдХрдХреНрд╖рд╛рдУрдВ рдХреЛ рддреИрдпрд╛рд░ рдХрд░реЗрдВрдЧреЗ рдЬреЛ рд╕рд┐рд╕реНрдЯрдо рдХреЗ рддрддреНрд╡реЛрдВ (рд╡рд░реНрдЧреЛрдВ, рд▓рд┐рдВрдХ, рдирд┐рдпрдВрддреНрд░рдг, рдЖрджрд┐) рдХрд╛ рд╡рд░реНрдгрди рдХрд░рддреЗ рд╣реИрдВред

рдХрдХреНрд╖рд╛ 'рдПрдХреНрд╢рди'
 using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Web; namespace Ekzo.Web.Security.Utilization.Authorization { /// <summary> ///   .        ,    . /// </summary> public class Action { /// <summary> ///    /// </summary> public int id { get; private set; } /// <summary> /// ,     /// </summary> private int[] _ActionGroups; /// <summary> /// ,     /// </summary> public ActionGroup[] ActionGroups { get { List<ActionGroup> Groups = new List<ActionGroup>(); if (_ActionGroups != null) { for (int i = 0; i < _ActionGroups.Count(); i++) Groups.Add(new ActionGroup(_ActionGroups[i])); return Groups.ToArray(); } return null; } } /// <summary> ///       /// </summary> public string ActionName { get; set; } /// <summary> ///     /// </summary> public bool Active { get; private set; } #region ClassBuilder public Action() { } public Action(string ActionName) { InitClass(ActionName); } public Action(int id) { InitClass(null, id); } private void InitClass(string name, int id = 0, int actionGroup = 0) { if (id != 0) this.id = id; if (!string.IsNullOrEmpty(name)) this.ActionName = name; //this._ActionGroups = actionGroup; using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT * FROM Authorization_Actions WHERE id=@id OR Name=@actionName", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", id); cmd.Parameters.AddWithValue("@actionName", string.IsNullOrEmpty(name) ? "" : name); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { this.id = reader.GetInt32(0); this.ActionName = reader.GetString(1); this.Active = reader.GetBoolean(2); } reader.Close(); List<int> actionGroups = new List<int>(); cmd.CommandText = "SELECT GroupID FROM Authorization_ActionToGroup WHERE ActionID=@id"; cmd.Parameters.Clear(); cmd.Parameters.AddWithValue("@id", this.id); reader = cmd.ExecuteReader(); while (reader.Read()) actionGroups.Add(reader.GetInt32(0)); this._ActionGroups = actionGroups.ToArray(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [  ] ", ex); } } } } #endregion /// <summary> ///   /// </summary> public void Save() { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand(@" IF((SELECT COUNT(*) FROM Authorization_Actions WHERE id=@id OR Name=@name)=0) BEGIN INSERT INTO Authorization_Actions(Name) VALUES(@name) INSERT INTO Authorization_ActionToGroup(ActionID,GroupID) VALUES((SELECT TOP(1) id FROM Authorization_Actions WHERE Name=@name),0) END ELSE UPDATE Authorization_Actions SET Name=@name, Active=@active SELECT * FROM Authorization_Actions WHERE Name=@name", conn)) { try { conn.Open(); if (!string.IsNullOrEmpty(this.ActionName) && this.id == 0) cmd.CommandText = cmd.CommandText.Replace("WHERE id=@id OR Name=@name", "WHERE Name=@name"); cmd.Parameters.AddWithValue("@id", this.id); cmd.Parameters.AddWithValue("@name", this.ActionName); cmd.Parameters.AddWithValue("@active", this.Active); //cmd.Parameters.AddWithValue("@groupID", this._ActionGroup); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); List<int> actionGroups = new List<int>(); while (reader.Read()) { this.id = reader.GetInt32(0); this.ActionName = reader.GetString(1); this.Active = reader.GetBoolean(2); } reader.Close(); cmd.CommandText = "SELECT GroupID FROM Authorization_ActionToGroup WHERE ActionID=@id"; cmd.Parameters.Clear(); cmd.Parameters.AddWithValue("@id", this.id); reader = cmd.ExecuteReader(); while (reader.Read()) actionGroups.Add(reader.GetInt32(0)); this._ActionGroups = actionGroups.ToArray(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } } /// <summary> ///   /// </summary> public void Delete() { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("DELETE FROM Authorization_Actions WHERE id=@id", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", this.id); cmd.ExecuteNonQuery(); cmd.CommandText = "DELETE FROM Autorization_ActionToGroup WHERE ActionID=@id"; cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } } /// <summary> ///     /// </summary> /// <returns></returns> public bool IsExist() { return IsExist(this.ActionName); } /// <summary> ///    /// </summary> /// <param name="ActionName"> </param> /// <returns></returns> public static bool IsExist(string ActionName) { bool result = false; using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT COUNT(*) FROM Authorization_Actions WHERE Name=@name", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@name", ActionName); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) result = reader.GetInt32(0) == 0 ? false : true; } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [    ] ", ex); } } } return result; } /// <summary> ///      /// </summary> /// <returns></returns> public static List<Action> GetAllActions() { List<Action> result = new List<Action>(); using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT id FROM Authorization_Actions ORDER BY Name ", conn)) { try { conn.Open(); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) result.Add(new Action(reader.GetInt32(0))); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [  ] ", ex); } } } return result; } /// <summary> ///     /// </summary> /// <param name="groupID"></param> public void AddToGroup(int groupID) { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand(@" IF((SELECT COUNT(*) FROM Authorization_ActionToGroup WHERE ActionID=@action AND GroupID=@group)=0) INSERT INTO Authorization_ActionToGroup(ActionID,GroupID) VALUES(@action,@group)", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@action", groupID); cmd.Parameters.AddWithValue("@group", this.id); cmd.ExecuteNonQuery(); new Action(this.id); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } } } }



рдХреНрд▓рд╛рд╕ 'рдПрдХреНрд╢рди рдЧреНрд░реБрдкреНрд╕'
 using System; using System.Collections.Generic; using System.Linq; using System.Text; namespace Ekzo.Web.Security.Utilization.Authorization { /// <summary> ///     /// </summary> public class ActionGroup { /// <summary> ///     /// </summary> public int id { get; private set; } /// <summary> ///  ,      /// </summary> public SystemRole[] Roles { get; private set; } /// <summary> ///   /// </summary> public string Name { get; private set; } /// <summary> ///   .    ,   . /// </summary> public bool Active { get; set; } /// <summary> ///  . /// </summary> public Action[] GroupActions { get; private set; } #region ClassBuilder public ActionGroup(int id) { InitClass(null, id); } public ActionGroup(string name) { InitClass(name); } private void InitClass(string name, int id = 0) { if (id != 0) this.id = id; if (!string.IsNullOrEmpty(name)) this.Name = name; using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT * FROM Authorization_ActionGroups WHERE id=@id OR Name=@groupName", conn)) { try { conn.Open(); if (!string.IsNullOrEmpty(name) && id == 0) cmd.CommandText = "SELECT * FROM Authorization_ActionGroups WHERE Name=@groupName"; cmd.Parameters.AddWithValue("@id", this.id); cmd.Parameters.AddWithValue("@groupName", this.Name == null ? "" : this.Name); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { this.id = reader.GetInt32(0); if (string.IsNullOrEmpty(this.Name)) this.Name = reader.GetString(1); this.Active = reader.GetBoolean(2); } reader.Close(); cmd.CommandText = "SELECT * FROM Authorization_RoleToActionGroup WHERE ActionGroup=@groupID"; cmd.Parameters.Clear(); cmd.Parameters.AddWithValue("@groupID", this.id); reader = cmd.ExecuteReader(); List<SystemRole> rolesList = new List<SystemRole>(); while (reader.Read()) rolesList.Add(new SystemRole(this.id, reader.GetString(2))); this.Roles = rolesList.ToArray(); reader.Close(); cmd.Parameters.Clear(); cmd.Parameters.AddWithValue("@id", this.id); List<Action> actionsList = new List<Action>(); cmd.CommandText = "SELECT ActionID FROM Authorization_ActionToGroup WHERE GroupID=@id"; reader = cmd.ExecuteReader(); while (reader.Read()) { actionsList.Add(new Action(reader.GetInt32(0))); } this.GroupActions = actionsList.Distinct().ToArray(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [  ] ", ex); } } } } #endregion /// <summary> ///   /// </summary> public void Save() { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand(@" IF((SELECT COUNT(*) FROM Authorization_ActionGroups WHERE Name=@name)=0) INSERT INTO Authorization_ActionGroups(Name) VALUES(@name) ELSE UPDATE Authorization_ActionGroups SET Name=@name, Active=@active WHERE id=@id SELECT * FROM Authorization_ActionGroups WHERE Name=@name", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", this.id); cmd.Parameters.AddWithValue("@name", this.Name); cmd.Parameters.AddWithValue("@active", this.Active); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { this.id = reader.GetInt32(0); this.Name = reader.GetString(1); this.Active = reader.GetBoolean(2); } reader.Close(); cmd.CommandText = "SELECT * FROM Authorization_RoleToActionGroup WHERE ActionGroup=@id"; reader = cmd.ExecuteReader(); List<SystemRole> rolesList = new List<SystemRole>(); while (reader.Read()) rolesList.Add(new SystemRole(reader.GetString(2))); this.Roles = rolesList.ToArray(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [  ] ", ex); } } } } /// <summary> ///  . /// </summary> /// <remarks>        .</remarks> public void Delete() { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("DELETE FROM Authorization_ActionGroups WHERE id=@id", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", this.id); cmd.ExecuteNonQuery(); cmd.CommandText = "DELETE FROM Authorization_RoleToActionGroup WHERE ActionGroup=@id"; cmd.ExecuteNonQuery(); cmd.CommandText = "DELETE FROM Authorization_ActionToGroup WHERE GroupID=@id"; cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [  ] ", ex); } } } } /// <summary> ///     /// </summary> /// <param name="actionID"> </param> public void DeleteAction(int actionID) { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("DELETE FROM Authorization_ActionToGroup WHERE ActionID=@action AND GroupID=@group", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@action", actionID); cmd.Parameters.AddWithValue("@group", this.id); cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } } /// <summary> ///     /// </summary> /// <param name="roleID"> </param> public void DeleteRole(int roleID) { string roleName = ""; using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Ekzo.Web.Configuration.StringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT group_name FROM groups WHERE group_id=@id", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", roleID); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) roleName = reader.GetString(0); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("DELETE FROM Authorization_RoleToActionGroup WHERE ActionGroup=@group AND Role=@roleName", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@roleName", roleName); cmd.Parameters.AddWithValue("@group", this.id); cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [    ] ", ex); } } } } /// <summary> ///     /// </summary> /// <returns></returns> public static List<ActionGroup> GetAllgroups() { List<ActionGroup> result = new List<ActionGroup>(); using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT id FROM Authorization_ActionGroups", conn)) { try { conn.Open(); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) result.Add(new ActionGroup(reader.GetInt32(0))); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } return result; } } }



рдХрдХреНрд╖рд╛ 'рдирд┐рдпрдВрддреНрд░рдг'
 using System; using System.Collections.Generic; using System.Linq; using System.Text; namespace Ekzo.Web.Security.Utilization.Authorization { /// <summary> ///   ,     /// </summary> public class PageControl { /// <summary> ///       /// </summary> public int id { get; private set; } /// <summary> ///     /// </summary> public string Name { get; set; } /// <summary> /// ,     /// </summary> public List<PageControlsGroup> Groups { get; set; } #region ClassBuilder public PageControl(int id) { InitClass(id, null); } public PageControl(string name) { InitClass(0, name); } private void InitClass(int id, string Name) { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { //      ,     using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand(@"IF((SELECT COUNT(*) FROM Authorization_Controls WHERE Name=@name OR id=@id)=0) INSERT INTO Authorization_Controls(Name) VALUES (@name)", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@name", Name == null ? "" : Name); cmd.Parameters.AddWithValue("@id", id); cmd.ExecuteNonQuery(); cmd.CommandText = "SELECT id,Name FROM Authorization_Controls WHERE Name=@name OR id=@id"; System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { this.id = reader.GetInt32(0); this.Name = reader.GetString(1); } reader.Close(); //        ,  //  -1 cmd.CommandText = "IF((SELECT COUNT(*) FROM Authorization_ControlToGroup WHERE ControlID=@id AND GroupID=-1)=0) INSERT INTO Authorization_ControlToGroup(ControlID,GroupID) VALUES(@id,-1)"; cmd.Parameters.Clear(); cmd.Parameters.AddWithValue("@id", this.id); cmd.Parameters.AddWithValue("@name", this.Name); cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } this.Groups = new List<PageControlsGroup>(); List<int> groupsIDs = new List<int>(); using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT GroupID FROM Authorization_ControlToGroup WHERE ControlID=@id", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", this.id); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) groupsIDs.Add(reader.GetInt32(0)); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } for (int i = 0; i < groupsIDs.Count; i++) this.Groups.Add(new PageControlsGroup(groupsIDs[i])); } #endregion /// <summary> ///     /// </summary> /// <param name="groupID"></param> public void AddToGroup(int groupID) { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand(@"IF((SELECT COUNT(*) FROM Authorization_ControlToGroup WHERE ControlID=@id AND GroupID=@group)=0) INSERT INTO Authorization_ControlToGroup(ControlID,GroupID) VALUES(@id,@group)", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", this.id); cmd.Parameters.AddWithValue("@group", groupID); cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [    ] ", ex); } } } } /// <summary> ///   /// </summary> public void Save() { string commandText = this.id == 0 ? "INSERT INTO Authorization_Controls (Name) VALUES(@name)" : "UPDATE Authorization_Controls SET Name=@name WHERE id=@id"; using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand(commandText, conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@name", this.Name); cmd.Parameters.AddWithValue("@id", this.id); cmd.ExecuteNonQuery(); cmd.CommandText = "IF((SELECT COUNT(*) FROM Authorization_ControlToGroup WHERE ControlID=(SELECT TOP(1) id FROM Authorization_Controls WHERE Name=@name) AND GroupID=-1)=0) INSERT INTO Authorization_ControlToGroup(ControlID,GroupID) VALUES(SELECT TOP(1) id FROM Authorization_Controls WHERE Name=@name,-1)"; cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [  ] ", ex); } } } } /// <summary> ///   /// </summary> public void Delete() { if (this.id == 0) return; using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("DELETE FROM Authorization_Controls WHERE id=@id", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", this.id); cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [  ] ", ex); } } } } /// <summary> ///     /// </summary> /// <returns></returns> public static PageControl[] GetAllControls() { List<PageControl> result = new List<PageControl>(); List<int> controlsIDs = new List<int>(); using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT id FROM Authorization_Controls ORDER BY Name", conn)) { try { conn.Open(); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) controlsIDs.Add(reader.GetInt32(0)); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } for (int i = 0; i < controlsIDs.Count; i++) result.Add(new PageControl(controlsIDs[i])); return result.ToArray(); } } }



рдХрдХреНрд╖рд╛ 'рдирд┐рдпрдВрддреНрд░рдг рд╕рдореВрд╣'
 using System; using System.Collections.Generic; using System.Linq; using System.Text; namespace Ekzo.Web.Security.Utilization.Authorization { /// <summary> ///     /// </summary> public class PageControlsGroup : IEquatable<PageControlsGroup>, IEqualityComparer<PageControlsGroup> { /// <summary> ///       /// </summary> public int id { get; private set; } /// <summary> ///   /// </summary> public string Name { get; set; } /// <summary> ///  ,   /// </summary> public List<ControlsGroupRole> Roles { get; set; } #region ClassBuilder public PageControlsGroup(int id) { InitClass(id, ""); } public PageControlsGroup(string Name) { this.Name = Name; InitClass(0, Name); } public PageControlsGroup(int id, string Name) { this.id = id; this.Name = Name; this.Roles = new PageControlsGroup(id).Roles; } private void InitClass(int id, string name) { //this.Controls = new List<PageControl>(); this.Roles = new List<ControlsGroupRole>(); List<int> pageControls = new List<int>(); using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT * FROM Authorization_ControlsGroup WHERE id=@id OR Name=@name", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", id); cmd.Parameters.AddWithValue("@name", name); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { this.id = reader.GetInt32(0); this.Name = reader.GetString(1); } reader.Close(); cmd.CommandText = @"SELECT Authorization_Controls.id AS ControlID FROM Authorization_ControlToGroup INNER JOIN Authorization_ControlsGroup ON Authorization_ControlToGroup.GroupID = Authorization_ControlsGroup.id INNER JOIN Authorization_Controls ON Authorization_ControlToGroup.ControlID = Authorization_Controls.id WHERE Authorization_ControlsGroup.id=@id OR Authorization_ControlsGroup.Name=@name"; reader = cmd.ExecuteReader(); while (reader.Read()) pageControls.Add(reader.GetInt32(0)); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [    ] ", ex); } } } //for(int i=0;i<pageControls.Count;i++) // this.Controls.Add(new PageControl(pageControls[i])); List<int> groupRoles = new List<int>(); using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT RoleID FROM Authorization_RoleToControlGroup WHERE GroupID=@id", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", this.id); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) groupRoles.Add(reader.GetInt32(0)); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [     ] ", ex); } } } for (int i = 0; i < groupRoles.Count; i++) this.Roles.Add(new ControlsGroupRole(groupRoles[i], this.id)); } #endregion /// <summary> ///     /// </summary> /// <returns></returns> public static PageControlsGroup[] GetAllGroups() { List<PageControlsGroup> result = new List<PageControlsGroup>(); using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT * FROM Authorization_ControlsGroup", conn)) { try { conn.Open(); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) result.Add(new PageControlsGroup(reader.GetInt32(0), reader.GetString(1))); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [    ] ", ex); } } } return result.ToArray(); } /// <summary> ///   /// </summary> public void Save() { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("IF((SELECT COUNT(*) FROM Authorization_ControlsGroup WHERE Name=@name)=0) INSERT INTO Authorization_ControlsGroup(Name) VALUES(@name)", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@name", this.Name); cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } PageControlsGroup newGroup = new PageControlsGroup(this.Name); this.id = newGroup.id; this.Roles = newGroup.Roles; newGroup = null; } /// <summary> ///   /// </summary> public void Delete() { if (this.id != 0) using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("DELETE FROM Authorization_ControlsGroup WHERE id=@id", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", this.id); cmd.ExecuteNonQuery(); cmd.CommandText = "DELETE FROM Authorization_RoleToControlGroup WHERE GroupID=@id"; cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } } /// <summary> ///     /// </summary> /// <param name="controlID"> </param> public void DeleteControl(int controlID) { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("DELETE FROM Authorization_ControlToGroup WHERE ControlID=@control AND GroupID=@id", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@control", controlID); cmd.Parameters.AddWithValue("@id", this.id); cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [  ] ", ex); } } } } /// <summary> ///   /// </summary> /// <param name="roleID"> </param> public void DeleteRole(int roleID) { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("DELETE FROM Authorization_RoleToControlGroup WHERE RoleID=@role AND GroupID=@id", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", this.id); cmd.Parameters.AddWithValue("@role", roleID); cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } } #region InterfaceImplementation bool IEquatable<PageControlsGroup>.Equals(PageControlsGroup other) { return this.id == other.id & this.Name == other.Name; } public bool Equals(PageControlsGroup x, PageControlsGroup y) { return x.id == y.id & x.Name == y.Name; } public int GetHashCode(PageControlsGroup obj) { return this.id.GetHashCode() + this.Name.GetHashCode() + this.Roles.GetHashCode(); } #endregion } }



рдХреНрд▓рд╛рд╕ 'рд▓рд┐рдВрдХрд┐рдВрдЧ рдЧреНрд░реБрдк рдСрдл рдХрдВрдЯреНрд░реЛрд▓ рдПрдВрдб рд░реЛрд▓реНрд╕'
 using System; using System.Collections.Generic; using System.Linq; using System.Text; namespace Ekzo.Web.Security.Utilization.Authorization { /// <summary> ///        /// </summary> public class ControlsGroupRole { /// <summary> ///     ConsUser /// </summary> public int id { get; private set; } /// <summary> ///   /// </summary> public string Role { get { string result = null; using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Ekzo.Web.Configuration.StringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT group_name FROM groups WHERE group_id=@id", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", this.RoleID); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) result = reader.GetString(0); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [    ] ", ex); } } } return result; } } /// <summary> ///   /// </summary> public int RoleID { get; set; } /// <summary> ///   /// </summary> public int GroupID { get; set; } public ControlsGroupRole(int id, int groupID) { this.id = id; this.GroupID = groupID; InitClass(id, groupID); } private void InitClass(int id, int groupID) { this.RoleID = id; this.GroupID = groupID; using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT * FROM Authorization_RoleToControlGroup WHERE RoleID=@role AND GroupID=@group", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@role", id); cmd.Parameters.AddWithValue("@group", groupID); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) this.id = reader.GetInt32(0); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [     ] ", ex); } } } } /// <summary> ///      /// </summary> public void Save() { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand(@"IF((SELECT COUNT(*) FROM Authorization_RoleToControlGroup WHERE RoleID=@id AND GroupID=@group)=0) INSERT INTO Authorization_RoleToControlGroup(RoleID,GroupID) VALUES(@id,@group)", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", this.id); cmd.Parameters.AddWithValue("@group", this.GroupID); cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [    ] ", ex); } } } } } }



рдХреНрд▓рд╛рд╕ 'рд╕рд┐рд╕реНрдЯрдо рд░реЛрд▓'
 using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Web; namespace Ekzo.Web.Security.Utilization.Authorization { /// <summary> ///     ConsUser /// </summary> public class SystemRole { /// <summary> ///       /// </summary> public int id { get; private set; } /// <summary> ///     ConsUser /// </summary> public int baseID { get; private set; } /// <summary> ///   /// </summary> public string Role { get; private set; } public int ActionGroup { get; private set; } public SystemRole() { } public SystemRole(string role) { InitClass(role); } public SystemRole(int actionGorup, string role) { InitClass(role, actionGorup); } public SystemRole(int baseID, int actionGroup = 0) { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Ekzo.Web.Configuration.StringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT group_name FROM groups WHERE group_id=@id", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", baseID); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) this.Role = reader.GetString(0); this.baseID = baseID; this.ActionGroup = actionGroup; } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } } private void InitClass(string role, int actionGroup = -1) { this.ActionGroup = actionGroup; this.Role = role; using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT * FROM Authorization_RoleToActionGroup WHERE ActionGroup=@groupID AND Role=@role", conn)) { try { if (actionGroup == -1) cmd.CommandText = "SELECT * FROM Authorization_RoleToActionGroup WHERE Role=@role"; conn.Open(); cmd.Parameters.AddWithValue("@groupID", actionGroup); cmd.Parameters.AddWithValue("@role", role); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { this.id = reader.GetInt32(0); this.Role = reader.GetString(2); this.ActionGroup = reader.GetInt32(1); } } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [ ] ", ex); } } } using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Ekzo.Web.Configuration.StringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT group_id FROM groups WHERE group_name=@name", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@name", this.Role); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) this.baseID = reader.GetInt32(0); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [ .    ] ", ex); } } } } /// <summary> ///    /// </summary> /// <param name="Name"> </param> /// <returns></returns> public static SystemRole CreateRole(string Name) { SystemRole role = new SystemRole(); role.Role = Name; using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Ekzo.Web.Configuration.StringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("INSERT INTO groups(group_id,group_name) SELECT MIN(group_id)-1,@name FROM groups WHERE group_id>-1000", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@name", Name); cmd.ExecuteNonQuery(); cmd.CommandText = "SELECT group_id FROM groups WHERE group_name=@name"; System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) role.baseID = reader.GetInt32(0); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("INSERT INTO Authorization_RoleToActionGroup(ActionGroup,Role) VALUES(@group,@name)", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@name", role.Role); cmd.Parameters.AddWithValue("@group", -1); cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [    ] ", ex); } } } role.ActionGroup = -1; return role; } /// <summary> ///     /// </summary> /// <param name="employeeID"> </param> /// <returns></returns> public static string[] GetEmployeeRoles(int employeeID) { List<string> roles = new List<string>(); using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.StringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT group_name FROM employee2group INNER JOIN groups ON intranet_employee2group.group_id = groups.group_id WHERE employee_id=@employeeID ORDER BY group_name", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@employeeID", employeeID); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) roles.Add(reader.GetString(0)); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [    ] ", ex); } } } List<string> roleToDelete = new List<string>(); foreach (string role in roles) if (!HttpContext.Current.User.IsInRole(role)) roleToDelete.Add(role); for (int i = 0; i < roleToDelete.Count; i++) roles.Remove(roleToDelete[i]); return roles.ToArray(); } /// <summary> ///   /// </summary> public void Save() { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand(@" IF((SELECT COUNT(*) FROM Authorization_RoleToActionGroup WHERE id=@id OR Role=@name AND ActionGroup=@groupID)=0) INSERT INTO Authorization_RoleToActionGroup(ActionGroup,Role) VALUES(@groupID, @name) ELSE UPDATE Authorization_RoleToActionGroup SET ActionGroup=@groupID, Role=@name WHERE id=@id", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", this.id); cmd.Parameters.AddWithValue("@name", this.Role); cmd.Parameters.AddWithValue("@groupID", this.ActionGroup); cmd.ExecuteNonQuery(); cmd.CommandText = "SELECT * FROM Authorization_RoleToActionGroup WHERE Role=@name AND ActionGroup=@groupID"; System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { this.id = reader.GetInt32(0); this.ActionGroup = reader.GetInt32(1); this.Role = reader.GetString(2); } } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [    ] ", ex); } } } } /// <summary> ///   /// </summary> /// <remarks>       ,    ConsUser</remarks> public void Delete() { using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("DELETE FROM Authorization_RoleToActionGroup WHERE id=@id", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@id", this.id); cmd.ExecuteNonQuery(); cmd.CommandText = "DELETE FROM Authorization_RoleToActionGroup WHERE ActionGroup=@id"; cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [    ] ", ex); } } } using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Ekzo.Web.Configuration.StringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("DELETE FROM employee2group WHERE group_id=@groupID", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@groupID", this.baseID); cmd.ExecuteNonQuery(); cmd.Parameters.AddWithValue("@name", this.Role); cmd.CommandText = "DELETE FROM groups WHERE group_name=@name"; cmd.ExecuteNonQuery(); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [      ] ", ex); } } } } #region StaticFields /// <summary> ///       /// </summary> /// <returns></returns> public static List<string> GetAllRoles() { List<string> result = new List<string>(); using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT DISTINCT Role FROM Authorization_RoleToActionGroup ORDER BY Role", conn)) { try { conn.Open(); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) result.Add(reader.GetString(0)); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [     ] ", ex); } } } return result; } /// <summary> ///      /// </summary> /// <returns></returns> public static List<string> GetAllIntranetRoles() { List<string> result = new List<string>(); using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Ekzo.Web.Configuration.StringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT DISTINCT group_name FROM groups ORDER BY group_name", conn)) { try { conn.Open(); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) result.Add(reader.GetString(0)); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [    ] ", ex); } } } return result; } /// <summary> ///      /// </summary> /// <param name="role"> </param> /// <returns></returns> public static List<BaseClasses.Employee> EmployeesInRole(string role) { List<BaseClasses.Employee> result = new List<BaseClasses.Employee>(); using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Ekzo.Web.Configuration.StringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT intranet_employee2group.employee_id FROM groups INNER JOIN intranet_employee2group on groups.group_id=intranet_employee2group.group_id WHERE group_name=@groupName", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@groupName", role); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) result.Add(new BaseClasses.Employee(reader.GetInt32(0))); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [  ,  ] ", ex); } } } return result; } /// <summary> ///      /// </summary> /// <param name="GroupName"> </param> /// <returns></returns> public static SystemRole[] GetGroupRoles(string GroupName) { ActionGroup group = new ActionGroup(GroupName); return GetGroupRoles(group.id); } /// <summary> ///      /// </summary> /// <param name="groupID">      </param> /// <returns></returns> public static SystemRole[] GetGroupRoles(int groupID) { List<SystemRole> rolesList = new List<SystemRole>(); using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.ConnectionStringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT * FROM Authorization_RoleToActionGroup WHERE ActionGroup=@groupID", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@groupID", groupID); System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) rolesList.Add(new SystemRole(reader.GetInt32(1), reader.GetString(2))); } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } return rolesList.ToArray(); } public static int? IntranetRoleID(string roleName) { int? result = null; using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[Configuration.StringName].ConnectionString)) { using (System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("SELECT group_id FROM groups WHERE group_name=@name", conn)) { try { conn.Open(); cmd.Parameters.AddWithValue("@name", roleName); using (System.Data.SqlClient.SqlDataReader reader = cmd.ExecuteReader()) while (reader.Read()) result = reader.GetInt32(0); } catch (Exception ex) { Configuration.s_log.Error("[  ] [  ]", ex); } } } return result; } #endregion } }



рдЕрдм рдЖрдЗрдП рдкреНрд░рд╛рдзрд┐рдХрд░рдг рд╡рд┐рд╢реЗрд╖рддрд╛ (рдСрдерд░рд╛рдЗрдЬ рдПрдЯреНрд░рд┐рдмреНрдпреВрдЯ) рд╕реЗ рд╡рд┐рд░рд╛рд╕рдд рдореЗрдВ рдорд┐рд▓реА рд╡рд┐рд╢реЗрд╖рддрд╛ рдХреЗ рдХрд╛рд░реНрдпрд╛рдиреНрд╡рдпрди рдкрд░ рдЖрдЧреЗ рдмрдврд╝рддреЗ рд╣реИрдВ, рдЬреЛ рдХрд┐ рдирд┐рдпрдВрддреНрд░рдХреЛрдВ рдХреЗ рддрд░реАрдХреЛрдВ рдкрд░ рд▓рд╛рдЧреВ рд╣реЛрдЧреА рдФрд░ рдпрд╣ рдирд┐рд░реНрдзрд╛рд░рд┐рдд рдХрд░реЗрдЧреА рдХрд┐ рдХреНрдпрд╛ рд╡рд░реНрддрдорд╛рди рдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ рдХреЛ рд╕рд╛рдЗрдЯ рдХреЗ рдкреГрд╖реНрда рддрдХ рдкрд╣реБрдВрдЪрдиреЗ рдХрд╛ рдЕрдзрд┐рдХрд╛рд░ рд╣реИ ( рдпрд╣рд╛рдВ рд╢рдмреНрджрд╛рдВрдХрди рдереЛрдбрд╝рд╛ рдЧрд▓рдд рд╣реИ, рд▓реЗрдХрд┐рди рд╕рд░рд▓рддрд╛ рдХреЗ рд▓рд┐рдП рдЗрд╕реЗ рд╕рдордЭрдиреЗ рджреЗрдВ )ред

рдкреНрд░рд╛рдзрд┐рдХрд░рдг рдХреА рд╡рд┐рд╢реЗрд╖рддрд╛
 using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Mvc; namespace Ekzo.Web.Security.Utilization { /// <summary> ///         /// </summary> [AttributeUsage(AttributeTargets.All, AllowMultiple = false, Inherited = false)] public class ActionAuthorization : AuthorizeAttribute { /// <summary> ///    /// </summary> public string ActionName { get; set; } /// <summary> ///        /// </summary> /// <param name="httpContext"></param> /// <returns>  ,  .      .</returns> protected override bool AuthorizeCore(HttpContextBase httpContext) { bool result = false; var isAuthorized = base.AuthorizeCore(httpContext); if (!isAuthorized) return false; Authorization.Action currentAction = new Authorization.Action(this.ActionName); //     , . if (!currentAction.IsExist()) currentAction.Save(); //  ,  . if (!currentAction.Active) return true; string[] currentUserRoles = AuthLib.Helpers.RoleProviderHelper.GetUserGroups(httpContext.User.Identity.Name); foreach (string role in currentUserRoles) { if (currentAction.ActionGroups != null && currentAction.ActionGroups.Where(o => o.Roles.Select(n => n.Role).Contains(role)).Count() != 0) { result = true; break; } } return result; } } }



рдХрд╛рд░реНрдпрд╛рдиреНрд╡рдпрди рдореЗрдВ рдХреБрдЫ рднреА рдЬрдЯрд┐рд▓ рдирд╣реАрдВ рд╣реИред рд╣рдо AuthorizeCore рдлрд╝рдВрдХреНрд╢рди рдХреЛ рдлрд┐рд░ рд╕реЗ рдкрд░рд┐рднрд╛рд╖рд┐рдд рдХрд░рддреЗ рд╣реИрдВ, рдЬреЛ рдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ рдХреА рдкрд╣реБрдБрдЪ рдХрд╛ рдЕрдзрд┐рдХрд╛рд░ рд╣реИ рдпрд╛ рдпрджрд┐ рд╡реНрдпрд╡рд╕реНрдерд╛рдкрдХ рдиреЗ рд╕реЗрдЯрд┐рдВрдЧреНрд╕ рдореЗрдВ рдкреНрд░рд╛рдзрд┐рдХрд░рдг рдХреЛ рдЕрдХреНрд╖рдо рдХрд░ рджрд┐рдпрд╛ рд╣реИ рддреЛ рдпрд╣ рд╕рд╣реА рд╣реЛрдЧрд╛ред рдпрджрд┐ рдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ рдХреЗ рдкрд╛рд╕ рдПрдХреНрд╕реЗрд╕ рдЕрдзрд┐рдХрд╛рд░ рдирд╣реАрдВ рд╣реИ, рддреЛ рд╡рд╣ 401 рддреНрд░реБрдЯрд┐ рдкреГрд╖реНрда рдкрд░ рдЭреВрдареЗ рдФрд░ рдкреБрдирд░реНрдирд┐рд░реНрджреЗрд╢рд┐рдд рдХрд░рддрд╛ рд╣реИред
рдЗрд╕ рдмрд┐рдВрджреБ рдкрд░ рдзреНрдпрд╛рди рдЖрдХрд░реНрд╖рд┐рдд рдХрд░рдирд╛ рдЪрд╛рд╣рддрд╛ рд╣реВрдВ ред

 if (!currentAction.IsExist()) currentAction.Save();

рдпрд╣ рдЬрд╛рдБрдЪ рдХреА рдЬрд╛ рд░рд╣реА рд╡рд┐рдзрд┐ рдХреЗ рд▓рд┐рдП рдПрдХ рдирд┐рдпрдо рдХреЗ рдЕрд╕реНрддрд┐рддреНрд╡ рдХреА рдЬрд╛рдБрдЪ рдХрд░рддрд╛ рд╣реИред рдЕрдЧрд░ рдХреЛрдИ рдирд┐рдпрдо рдирд╣реАрдВ рд╣реИ, рддреЛ рдЗрд╕реЗ рдмрдирд╛рдПрдВред рдпрд╣ рдирдП рддрд░реАрдХреЛрдВ рдХреЗ рд▓рд┐рдП рдирд┐рдпрдореЛрдВ рдХреЛ рдирд╣реАрдВ рдЬреЛрдбрд╝рдиреЗ рдХреЗ рд▓рд┐рдП рдХрд┐рдпрд╛ рдЧрдпрд╛ рдерд╛, рд▓реЗрдХрд┐рди рдЙрдиреНрд╣реЗрдВ рд╕реНрд╡рдЪрд╛рд▓рд┐рдд рд░реВрдк рд╕реЗ рдЬреЛрдбрд╝рдиреЗ рдХреЗ рд▓рд┐рдП (рдЖрдЧреЗ рджреЗрдЦрдХрд░ рдореИрдВ рдХрд╣реВрдВрдЧрд╛ рдХрд┐ рд╡реНрдпрд╡рд╕реНрдерд╛рдкрдХреЛрдВ рдХреЗ рд▓рд┐рдП рдПрдХ рдЕрдзрд┐рдХреГрдд рдирд┐рдпрдо рдмрдирд╛рдиреЗ рдХрд╛ рдХрд╛рдо рдЕрдВрджрд░ рдХрд┐рдпрд╛ рдЬрд╛ рд░рд╣рд╛ рд╣реИ, рддрд╛рдХрд┐ рд╣рд░ рдХрд┐рд╕реА рдХреЗ рдкрд╛рд╕ рдЬреЛ рдЙрдЪрд┐рдд рдЕрдзрд┐рдХрд╛рд░ рд╣реЛ рдЙрд╕реЗ рдПрдХреНрд╕реЗрд╕ рдорд┐рд▓ рдЬрд╛рдП)ред

рдпрд╣ рдорд╛рдирдХ рдкреНрд░рдХрд╛рд░реЛрдВ рдХреЗ рд▓рд┐рдП рдПрдХреНрд╕рдЯреЗрдВрд╢рди рд▓рд┐рдЦрдиреЗ рдХреЗ рд▓рд┐рдП рдмрдирд╛ рд░рд╣рддрд╛ рд╣реИ, рдЬреЛ рд╕рдмрд╕реЗ рдЕрдзрд┐рдХ рдмрд╛рд░ рд╡рд┐рдЪрд╛рд░реЛрдВ рдореЗрдВ рдЙрдкрдпреЛрдЧ рдХрд┐рдпрд╛ рдЬрд╛рддрд╛ рд╣реИ (рдФрд░ рди рдХреЗрд╡рд▓)ред

рд╡рд┐рд╕реНрддрд╛рд░
 using System; using System.Linq; using System.Web; using System.Web.Mvc; namespace Ekzo.Web.Security { /// <summary> ///      /// </summary> public class ControlAccesSecurity { /// <summary> ///       /// </summary> /// <param name="controlName"> ,  </param> /// <returns>     -  true,  false</returns> public static bool HasControlAccess(string controlName) { BaseClasses.Employee employee = new BaseClasses.Employee(AuthLib.Helpers.RoleProviderHelper.GetUserId(HttpContext.Current)); Utilization.Authorization.PageControl currentControl = new Utilization.Authorization.PageControl(controlName); foreach (Utilization.Authorization.PageControlsGroup group in currentControl.Groups) if (group.Roles.Where(o => Utilization.Authorization.SystemRole.GetEmployeeRoles(employee.Id).Contains(o.Role)).Count() != 0) return true; return false; } } } namespace Ekzo.Web.Security.SecurityExtensions { /// <summary> ///    ,     /// </summary> public static class StringExtensions { /// <summary> ///       /// </summary> /// <param name="controlName"> ,  </param> /// <returns>     -  ,   </returns> public static MvcHtmlString HasControlAccess(this MvcHtmlString s, string controlName) { BaseClasses.Employee employee = new BaseClasses.Employee(AuthLib.Helpers.RoleProviderHelper.GetUserId(HttpContext.Current)); Utilization.Authorization.PageControl currentControl = new Utilization.Authorization.PageControl(controlName); foreach (Utilization.Authorization.PageControlsGroup group in currentControl.Groups) if (group.Roles.Where(o => Utilization.Authorization.SystemRole.GetEmployeeRoles(employee.Id).Contains(o.Role)).Count() != 0) return s; return MvcHtmlString.Create(""); } /// <summary> ///       /// </summary> /// <param name="controlName"> ,  </param> /// <returns>     -  ,   </returns> public static IHtmlString HasControlAccess(this IHtmlString s, string controlName) { BaseClasses.Employee employee = new BaseClasses.Employee(AuthLib.Helpers.RoleProviderHelper.GetUserId(HttpContext.Current)); Utilization.Authorization.PageControl currentControl = new Utilization.Authorization.PageControl(controlName); foreach (Utilization.Authorization.PageControlsGroup group in currentControl.Groups) if (group.Roles.Where(o => Utilization.Authorization.SystemRole.GetEmployeeRoles(employee.Id).Contains(o.Role)).Count() != 0) return s; return MvcHtmlString.Create(string.Empty); } /// <summary> ///       /// </summary> /// <param name="controlName"> ,  </param> /// <returns>     -  ,   </returns> public static string HasControlAccess(this string s, string controlName) { BaseClasses.Employee employee = new BaseClasses.Employee(AuthLib.Helpers.RoleProviderHelper.GetUserId(HttpContext.Current)); Utilization.Authorization.PageControl currentControl = new Utilization.Authorization.PageControl(controlName); foreach (Utilization.Authorization.PageControlsGroup group in currentControl.Groups) if (group.Roles.Where(o => Utilization.Authorization.SystemRole.GetEmployeeRoles(employee.Id).Contains(o.Role)).Count() != 0) return s; return String.Empty; } } /// <summary> ///   TagBuilder'a     /// </summary> public static class TagBuilderExtensions { /// <summary> ///       /// </summary> /// <param name="controlName"> ,  </param> /// <returns>     -  ,   </returns> public static TagBuilder HasControlAccess(this TagBuilder s, string controlName) { BaseClasses.Employee employee = new BaseClasses.Employee(AuthLib.Helpers.RoleProviderHelper.GetUserId(HttpContext.Current)); Utilization.Authorization.PageControl currentControl = new Utilization.Authorization.PageControl(controlName); foreach (Utilization.Authorization.PageControlsGroup group in currentControl.Groups) if (group.Roles.Where(o => Utilization.Authorization.SystemRole.GetEmployeeRoles(employee.Id).Contains(o.Role)).Count() != 0) return s; return new TagBuilder("b"); } } }



рдЕрдзрд┐рдХрд╛рд░ рдкреНрд░рдгрд╛рд▓реА рдХреЗ рдкреГрдердХреНрдХрд░рдг рдХреЗ рдХрд╛рд░реНрдп рдХреЗ рд▓рд┐рдП рдпрд╣ рд╕рдм рдЖрд╡рд╢реНрдпрдХ рд╣реИред

рдирд┐рдпрдВрддреНрд░рдХ рдореЗрдВ рдЖрд╡реЗрджрди рдЙрджрд╛рд╣рд░рдг
 [ActionAuthorization(ActionName = "  ")] public ActionResult RequestsInWork() { ViewBag.Title = "  "; return View(); }



рдирд┐рдпрдВрддреНрд░рдг рдЖрд╡реЗрджрди рдЙрджрд╛рд╣рд░рдг
 ... @Html.MainMenu().HasControlAccess(" ") ...



рд╕реНрдкрд╖реНрдЯреАрдХрд░рдг

рдпрд╣рд╛рдВ рдореИрдВ рдкрд╣рд▓реЗ рд╡рд░реНрдгрд┐рдд рд╕рднреА рдХреБрд░реВрдкрддрд╛ рдХреЗ рдЕрд░реНрде рдХреЛ рдкреНрд░рдХрдЯ рдХрд░рдиреЗ рдХрд╛ рдкреНрд░рдпрд╛рд╕ рдХрд░реВрдВрдЧрд╛ред
рд╕рдмрд╕реЗ рдкрд╣рд▓реЗ, рдмрдирд╛рдИ рдЧрдИ рд╕рдВрд░рдЪрдирд╛ рдЖрдкрдХреЛ рди рдХреЗрд╡рд▓ рдирд┐рдпрдВрддреНрд░рдХреЛрдВ рдХреЗ рддрд░реАрдХреЛрдВ рдХреЛ рдирд┐рдпрдВрддреНрд░рд┐рдд рдХрд░рдиреЗ рдХреА рдЕрдиреБрдорддрд┐ рджреЗрддреА рд╣реИ, рдмрд▓реНрдХрд┐ рд╕рд╛рдЗрдЯреЛрдВ рдХреЗ рдкреГрд╖реНрдареЛрдВ рдкрд░ "рдХрд┐рд╕реА рднреА" рдЕрдиреНрдп рддрддреНрд╡реЛрдВ рдХреЛ рднреА рдирд┐рдпрдВрддреНрд░рд┐рдд рдХрд░рддреА рд╣реИред
рджреВрд╕рд░реЗ, рдореЙрдбреНрдпреВрд▓ рдмреБрдирд┐рдпрд╛рджреА рдврд╛рдВрдЪрд╛ рддреИрдпрд╛рд░ рдХрд┐рдпрд╛ рдЧрдпрд╛ рд╣реИ рдЬреЛ рдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛-рднреВрдорд┐рдХрд╛- "рд╡рд╕реНрддреБрдУрдВ рдХрд╛ рд╕рдореВрд╣" - "рд╕рдВрд░рдХреНрд╖рд┐рдд рд╡рд╕реНрддреБ" рдмрдВрдбрд▓реЛрдВ рдХреЛ рдХрд┐рд╕реА рднреА рдХреЙрдиреНрдлрд╝рд┐рдЧрд░реЗрд╢рди рдореЗрдВ рдХреЙрдиреНрдлрд╝рд┐рдЧрд░ рдХрд░рдиреЗ рдХреА рдЕрдиреБрдорддрд┐ рджреЗрддрд╛ рд╣реИред рдпрд╛рдиреА рдХреЛрдИ рднреА рдпреВрдЬрд░ рдХрд┐рд╕реА рднреА рднреВрдорд┐рдХрд╛ рдореЗрдВ рд╣реЛ рд╕рдХрддрд╛ рд╣реИред рдмрджрд▓реЗ рдореЗрдВ, рднреВрдорд┐рдХрд╛ рдХреЛ рд╕рдВрд░рдХреНрд╖рд┐рдд рд╡рд╕реНрддреБрдУрдВ рдХреЗ рдХрд┐рд╕реА рднреА рд╕рдореВрд╣ рд╕реЗ рдЬреЛрдбрд╝рд╛ рдЬрд╛ рд╕рдХрддрд╛ рд╣реИред рдХрд┐рд╕реА рд╡рд╕реНрддреБ рдХреЛ рдХрд┐рд╕реА рднреА рднреВрдорд┐рдХрд╛ рдореЗрдВ рд╕рдорд╛рд╣рд┐рдд рдХрд┐рдпрд╛ рдЬрд╛ рд╕рдХрддрд╛ рд╣реИред
рдЗрд╕ рддрд░рд╣ рдХреЗ рдПрдХ рдЕрд▓рдВрдХреГрдд рдЧреБрдЪреНрдЫрд╛ рдЖрдкрдХреЛ рд╕рдВрд░рдХреНрд╖рд┐рдд рд╡рд╕реНрддреБрдУрдВ рдФрд░ рднреВрдорд┐рдХрд╛рдУрдВ рдХреЗ рдХрд┐рд╕реА рднреА рд╕рдВрдпреЛрдЬрди рдХреЛ рдмрдирд╛рдиреЗ рдХреА рдЕрдиреБрдорддрд┐ рджреЗрддрд╛ рд╣реИ рдЬрд┐рд╕рдореЗрдВ рд╡реЗ рдЙрдкрд▓рдмреНрдз рд╣реИрдВред рдЗрд╕рд▓рд┐рдП, рдЬрдм рдПрдХ рдирдИ рднреВрдорд┐рдХрд╛ рджрд┐рдЦрд╛рдИ рджреЗрддреА рд╣реИ, рддреЛ рд╣рдо рджреЛрдиреЛрдВ рд╕рд┐рд╕реНрдЯрдо рдореЗрдВ рдкрд╣рд▓реЗ рд╕реЗ рд╣реА рд╕реМрдВрдкреА рдЧрдИ рдЕрдзрд┐рдХрд╛рд░реЛрдВ рдХреЛ рдЬрд╛рд░реА рдХрд░ рд╕рдХрддреЗ рд╣реИрдВ, рдФрд░ рдЕрдзрд┐рдХрд╛рд░реЛрдВ рдХрд╛ рдПрдХ рдЕрдиреВрдард╛ рд╕реЗрдЯ рдЬрд╛рд░реА рдХрд░ рд╕рдХрддреЗ рд╣реИрдВред рдпрджрд┐ рдЧреНрд░рд╛рд╣рдХ рдЖрддрд╛ рд╣реИ рдФрд░ рдХрд╣рддрд╛ рд╣реИ, "рдореБрдЭреЗ рдПрдХ рдирдИ рднреВрдорд┐рдХрд╛ рдЪрд╛рд╣рд┐рдП, рдЬреЛ рдЗрд╕ рддрд░рд╣ рдХреЗ рдФрд░ рдЗрд╕ рддрд░рд╣ рдХреЗ рд▓рд┐рдП рдЙрдкрд▓рдмреНрдз рд╣реЛрдЧреА", рдпрд╣ рд╕рдм рд╕рд░рд▓ рдХрд╛рд░реНрдпреЛрдВ рдХреЛ рдХрд░рдиреЗ рдХреЗ рд▓рд┐рдП рдиреАрдЪреЗ рдЖрддрд╛ рд╣реИ рдЬрд┐рдиреНрд╣реЗрдВ рдкреНрд░реЛрдЬреЗрдХреНрдЯ рдХреЛрдб рдореЗрдВ рдмрджрд▓рд╛рд╡ рдХреА рдЖрд╡рд╢реНрдпрдХрддрд╛ рдирд╣реАрдВ рд╣реЛрддреА рд╣реИред
рдореЙрдбреНрдпреВрд▓ рдореЗрдВ рдирд┐рд░реНрдорд┐рдд рдПрдХреНрд╕рдЯреЗрдВрд╢рди рдЖрдЙрдЯрдкреБрдЯ рдбреЗрдЯрд╛ рдХреЗ рд▓рдЪреАрд▓реЗ рдирд┐рдпрдВрддреНрд░рдг рдХреА рднреА рдЕрдиреБрдорддрд┐ рджреЗрддрд╛ рд╣реИ, рдЙрджрд╛рд╣рд░рдг рдХреЗ рд▓рд┐рдП, HtmlHelper рдХреЗ рдЕрдкрдиреЗ рддрд░реАрдХреЛрдВ рдореЗрдВред

рд╡реНрдпрд╡рд╣рд╛рд░ рдореЗрдВ, рдЕрдзрд┐рдХрд╛рд░реЛрдВ рдХреЛ рд╕рд╛рдЭрд╛ рдХрд░рдиреЗ рдХрд╛ рдпрд╣ рддрд░реАрдХрд╛ AJAX рдЕрдиреБрд░реЛрдзреЛрдВ рдХреЗ рд╕рд╛рде рдЕрдЪреНрдЫреА рддрд░рд╣ рд╕реЗ рдХрд╛рдо рдХрд░рддрд╛ рд╣реИред

рдереЛрдбрд╝рд╛ рд╕рд╛ рдЕрдЪреНрдЫрд╛рдИ

рдЕрдзрд┐рдХ рд╕реБрд╡рд┐рдзрд╛рдЬрдирдХ рдкреНрд░рдмрдВрдзрди рдХреЗ рд▓рд┐рдП, рд╣рдо рдПрдХ рд╡рд░реНрдЧ рд╡рд┐рдиреНрдпрд╛рд╕рдХрд░реНрддрд╛ рд▓рд┐рдЦрддреЗ рд╣реИрдВ

рд╡рд┐рдиреНрдпрд╛рд╕рдХ
 using System; using System.Collections.Generic; using System.Data.SqlClient; using log4net; namespace Ekzo.Web { public static class Configuration { /// <summary> ///        web.config,      . ///  DataSource /// </summary> public static string ConnectionStringName = "DataSource"; /// <summary> ///        web.config,    ///  /// </summary> public static string StringName = "ConsUser"; /// <summary> ///   /// </summary> public static string ProjectName = "Project Name"; /// <summary> ///   log4net /// </summary> public static ILog s_log = null; /// <summary> ///     /// </summary> private static string[] tables = { "Authorization_ActionGroups", "Authorization_Actions", "Authorization_ActionToGroup", "Authorization_Controls", "Authorization_ControlsGroup", "Authorization_ControlToGroup", "Authorization_RoleToActionGroup", "Authorization_RoleToControlGroup"}; /// <summary> ///        /// </summary> /// <returns>        ,   </returns> public static bool BaseHasTables() { List<string> dbTables = new List<string>(); using (SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[ConnectionStringName].ConnectionString)) { using (SqlCommand cmd = new SqlCommand("select TABLE_NAME from information_schema.tables WHERE TABLE_NAME LIKE 'Authorization_%'", conn)) { try { conn.Open(); using (SqlDataReader reader = cmd.ExecuteReader()) { while (reader.Read()) dbTables.Add(reader.GetString(0)); } foreach (string securityTable in tables) if (dbTables.Contains(securityTable)) dbTables.Remove(securityTable); } catch (Exception ex) { Configuration.s_log.Error("[  ] [  ] ", ex); } } } if (dbTables.Count == 0) return false; else return true; } /// <summary> ///       /// </summary> /// <param name="superAdminGroup">   ,      </param> [System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Security", "CA2100:Review SQL queries for security vulnerabilities")] public static void CreateSecurityTables(string superAdminGroup = null) { List<string> dbTables = new List<string>(); using (SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[ConnectionStringName].ConnectionString)) { using (SqlCommand cmd = new SqlCommand("SELECT TABLE_NAME FROM information_schema.tables WHERE TABLE_NAME LIKE 'Authorization_%'", conn)) { try { conn.Open(); using (SqlDataReader reader = cmd.ExecuteReader()) { while (reader.Read()) dbTables.Add(reader.GetString(0)); } foreach (string securityTable in tables) if (dbTables.Contains(securityTable)) dbTables.Remove(securityTable); cmd.Parameters.AddWithValue("@database", conn.Database); if (dbTables.Count == 0) foreach (string table in tables) dbTables.Add(table); if (dbTables.Count != 0) foreach (string table in dbTables) { switch (table) { case "Authorization_ControlsGroup": cmd.CommandText = "USE " + conn.Database + @" SET ANSI_NULLS ON SET QUOTED_IDENTIFIER ON SET ANSI_PADDING ON CREATE TABLE [dbo].[Authorization_ControlsGroup]( [id] [int] IDENTITY(1,1) NOT NULL, [Name] [varchar](500) NOT NULL, CONSTRAINT [PK_Authorization_ControlsGroup] PRIMARY KEY CLUSTERED ([id] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] ) ON [PRIMARY] SET ANSI_PADDING OFF SET IDENTITY_INSERT [dbo].[Authorization_ControlsGroup] ON INSERT INTO [dbo].[Authorization_ControlsGroup](id,Name) VALUES(-1,' ') SET IDENTITY_INSERT [dbo].[Authorization_ControlsGroup] OFF"; break; case "Authorization_Actions": cmd.CommandText = "USE " + conn.Database + @" SET ANSI_NULLS ON SET QUOTED_IDENTIFIER ON SET ANSI_PADDING ON CREATE TABLE [dbo].[Authorization_Actions]( [id] [int] IDENTITY(1,1) NOT NULL, [Name] [varchar](500) NOT NULL, [Active] [bit] NOT NULL, CONSTRAINT [PK_Authorization_Actions] PRIMARY KEY CLUSTERED ([id] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] ) ON [PRIMARY] SET ANSI_PADDING OFF ALTER TABLE [dbo].[Authorization_Actions] ADD CONSTRAINT [DF_Authorization_Actions_Active] DEFAULT ((1)) FOR [Active]"; break; case "Authorization_ActionToGroup": cmd.CommandText = "USE " + conn.Database + @" SET ANSI_NULLS ON SET QUOTED_IDENTIFIER ON CREATE TABLE [dbo].[Authorization_ActionToGroup]( [id] [int] IDENTITY(1,1) NOT NULL, [ActionID] [int] NOT NULL, [GroupID] [int] NOT NULL, CONSTRAINT [PK_Authorization_ActionToGroup] PRIMARY KEY CLUSTERED ([id] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] ) ON [PRIMARY]"; break; case "Authorization_Controls": cmd.CommandText = "USE " + conn.Database + @" SET ANSI_NULLS ON SET QUOTED_IDENTIFIER ON SET ANSI_PADDING ON CREATE TABLE [dbo].[Authorization_Controls]( [id] [int] IDENTITY(1,1) NOT NULL, [Name] [varchar](500) NOT NULL, CONSTRAINT [PK_Authorize_Controls] PRIMARY KEY CLUSTERED ([id] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] ) ON [PRIMARY] SET ANSI_PADDING OFF"; break; case "Authorization_ControlToGroup": cmd.CommandText = "USE " + conn.Database + @" SET ANSI_NULLS ON SET QUOTED_IDENTIFIER ON CREATE TABLE [dbo].[Authorization_ControlToGroup]( [id] [int] IDENTITY(1,1) NOT NULL, [ControlID] [int] NOT NULL, [GroupID] [int] NOT NULL, CONSTRAINT [PK_Authorization_ControlToGroup] PRIMARY KEY CLUSTERED ( [id] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] ) ON [PRIMARY]"; break; case "Authorization_RoleToActionGroup": cmd.CommandText = "USE " + conn.Database + @" SET ANSI_NULLS ON SET QUOTED_IDENTIFIER ON SET ANSI_PADDING ON CREATE TABLE [dbo].[Authorization_RoleToActionGroup]( [id] [int] IDENTITY(1,1) NOT NULL, [ActionGroup] [int] NOT NULL, [Role] [varchar](500) NOT NULL, CONSTRAINT [PK_Authorization_RoleToActionGroup] PRIMARY KEY CLUSTERED ([id] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] ) ON [PRIMARY] SET ANSI_PADDING OFF ALTER TABLE [dbo].[Authorization_RoleToActionGroup] ADD CONSTRAINT [DF_Authorization_RoleToActionGroup_ActionGroup] DEFAULT ((-1)) FOR [ActionGroup]"; break; case "Authorization_RoleToControlGroup": cmd.CommandText = "USE " + conn.Database + @" SET ANSI_NULLS ON SET QUOTED_IDENTIFIER ON CREATE TABLE [dbo].[Authorization_RoleToControlGroup]( [id] [int] IDENTITY(1,1) NOT NULL, [RoleID] [int] NOT NULL, [GroupID] [int] NOT NULL, CONSTRAINT [PK_Authorization_RoleToControlGroup] PRIMARY KEY CLUSTERED ([id] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] ) ON [PRIMARY]"; break; case "Authorization_ActionGroups": cmd.CommandText = "USE " + conn.Database + @" SET ANSI_NULLS ON SET QUOTED_IDENTIFIER ON SET ANSI_PADDING ON CREATE TABLE [dbo].[Authorization_ActionGroups]( [id] [int] IDENTITY(1,1) NOT NULL, [Name] [varchar](500) NOT NULL, [active] [bit] NOT NULL, CONSTRAINT [PK_Authorization_ActionGroups] PRIMARY KEY CLUSTERED ( [id] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] ) ON [PRIMARY] SET ANSI_PADDING OFF ALTER TABLE [dbo].[Authorization_ActionGroups] ADD CONSTRAINT [DF_Authorization_ActionGroups_active] DEFAULT ((1)) FOR [active] SET IDENTITY_INSERT [dbo].[Authorization_ActionGroups] ON INSERT INTO [dbo].[Authorization_ActionGroups](id,Name) VALUES(0,' ') SET IDENTITY_INSERT [dbo].[Authorization_ActionGroups] OFF"; break; } cmd.ExecuteNonQuery(); } if (!string.IsNullOrEmpty(superAdminGroup) && Web.Security.Utilization.Authorization.SystemRole.IntranetRoleID(superAdminGroup) != null) { cmd.CommandText = @"INSERT INTO Authorization_RoleToActionGroup(ActionGroup,Role) VALUES(0,@group) INSERT INTO Authorization_RoleToControlGroup(RoleID,GroupID) VALUES(@role,-1)"; cmd.Parameters.Clear(); cmd.Parameters.AddWithValue("@group", superAdminGroup); cmd.Parameters.AddWithValue("@role", Web.Security.Utilization.Authorization.SystemRole.IntranetRoleID(superAdminGroup)); cmd.ExecuteNonQuery(); } } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [  ] ", ex); } } } } public static void RecreateTables(string superAdminGroup = null) { string command = "DROP TABLE {0}"; using (SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[ConnectionStringName].ConnectionString)) { using (SqlCommand cmd = new SqlCommand("", conn)) { try { conn.Open(); foreach (string table in tables) { cmd.CommandText = string.Format(command, table); cmd.ExecuteNonQuery(); } } catch (Exception ex) { if (Configuration.s_log != null) Configuration.s_log.Error("[  ] [   ] ", ex); } } } CreateSecurityTables(superAdminGroup); } } }



рдЗрд╕ рд╡рд░реНрдЧ рдореЗрдВ рд╕рднреА рд╕реЗрдЯрд┐рдВрдЧреНрд╕ рд╢рд╛рдорд┐рд▓ рд╣реИрдВ рдФрд░, рдмреЛрдирд╕ рдХреЗ рд░реВрдк рдореЗрдВ, рдореЙрдбреНрдпреВрд▓ рддрд╛рд▓рд┐рдХрд╛рдУрдВ рдХреЗ рдкреНрд░рдмрдВрдзрди рдХреЗ рд▓рд┐рдП рдЖрд╡рд╢реНрдпрдХ рдлрд╝рдВрдХреНрд╢рдиред рдЧрд┐рдЯрд╣рдм

рдкрд░рд┐рдпреЛрдЬрдирд╛

рдПрдХ рдирд┐рд╖реНрдХрд░реНрд╖ рдХреЗ рдмрдЬрд╛рдп

рдореЗрд░реЗ рджреНрд╡рд╛рд░рд╛ рд╡рд░реНрдгрд┐рдд рдХрд░реНрдордЪрд╛рд░реА рд╡рд░реНрдЧ рдЕрдЪреНрдЫреА рддрд░рд╣ рд╕реЗ рдЫреЛрдбрд╝рд╛ рдЬрд╛ рд╕рдХрддрд╛ рд╣реИ, рд▓реЗрдХрд┐рди рдореЗрд░реА рдкрд░рд┐рдпреЛрдЬрдирд╛рдУрдВ рдореЗрдВ рдореИрдВ рдЕрдХреНрд╕рд░ рдЗрд╕рдХрд╛ рдЙрдкрдпреЛрдЧ рдХрд░рддрд╛ рд╣реВрдВ, рдЗрд╕рд▓рд┐рдП рдореИрдВрдиреЗ рдЗрд╕реЗ рдореЙрдбреНрдпреВрд▓ рд╕реЗ рдирд╣реАрдВ рд╣рдЯрд╛рдпрд╛ред
рднреВрдорд┐рдХрд╛ рдкреНрд░рдмрдВрдзрди рдХреЗ рд▓рд┐рдП рдПрдХ рдЗрдВрдЯрд░рдлрд╝реЗрд╕ рдмрдирд╛рдпрд╛ рдЧрдпрд╛ рдерд╛ рдЬреЛ рдЖрдкрдХреЛ рднреВрдорд┐рдХрд╛рдУрдВ рдФрд░ рдмрд╛рдЗрдВрдбрд┐рдВрдЧ рдХреЛ рдЬрд▓реНрджреА / рдЖрд╕рд╛рдиреА рд╕реЗ рдмрдирд╛рдиреЗ / рд╣рдЯрд╛рдиреЗ / рдмрджрд▓рдиреЗ / рдмрджрд▓рдиреЗ рдХреА рдЕрдиреБрдорддрд┐ рджреЗрддрд╛ рд╣реИред рд▓реЗрдХрд┐рди рдпрд╣ рдореЙрдбреНрдпреВрд▓ рдХреЗ рдирдП рд╕рдВрд╕реНрдХрд░рдг рдкрд░ рдХрд╛рдо рдХрд░рддрд╛ рд╣реИ, рдЗрд╕рд▓рд┐рдП рдореИрдВ рдЗрд╕реЗ рдЕрдкрд▓реЛрдб рдирд╣реАрдВ рдХрд░рддрд╛ред
рдПрдХ рдмрд╛рд░ рдлрд┐рд░, рдХреГрдкрдпрд╛ рдЯрдорд╛рдЯрд░ рдордд рдлреЗрдВрдХреЗрдВред рдЙрдкрд░реЛрдХреНрдд рд╕рднреА рдХреЛрдб рдФрд░ GitHub рдкрд░ рд╕реНрдерд┐рдд рдкрд░рд┐рдпреЛрдЬрдирд╛ рдХрд╛ рдкрд╣рд▓рд╛ рд╕рдВрд╕реНрдХрд░рдг рд╣реИ рдФрд░ рдЗрд╕рдореЗрдВ рдмрдбрд╝реА рдорд╛рддреНрд░рд╛ рдореЗрдВ рдЧреЛрд╡рдиреЛрдХреЛрдб рд╢рд╛рдорд┐рд▓ рд╣реИрдВред

Source: https://habr.com/ru/post/In191218/

More articles:


All Articles