在aspx页面中检查用户拥有访问此页权限之后,即可检查到用户是否拥有相关的操作权限,如“添加”,“编辑”,“更新”,“删除”等操作权限。
存储过程:
代码
SET
ANSI_NULLS
ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE PROCEDURE [ dbo ] . [ usp_CheckOperationAction ]
(
@UsersId int ,
@PagesId int ,
@OperationValue int
)
AS
DECLARE @UsersRoleCount INT , @UsersModuleCount INT , @Result BIT
-- 检索用户所拥有的角色
SELECT @UsersRoleCount = ( SELECT COUNT ( * ) FROM [ UsersRole ] UR
INNER JOIN [ RolePages ] RP ON (UR. [ RoleId ] = RP. [ RoleId ] )
WHERE UR. [ IsEnable ] = 1 AND RP. [ IsEnable ] = 1 AND UR. [ UsersId ] = @UsersId AND RP. [ PagesId ] = @PagesId )
-- 检索用户是否拥有操作权限。
SELECT @UsersModuleCount = ( SELECT COUNT ( * ) FROM [ UsersModule ] UM
INNER JOIN [ ModulePages ] MP ON (UM. [ ModuleId ] = MP. [ ModuleId ] )
WHERE (UM. [ Purview ] & @OperationValue = @OperationValue ) AND MP. [ IsEnable ] = 1 AND UM. [ UsersId ] = @UsersId AND MP. [ PagesId ] = @PagesId )
IF (( @UsersRoleCount > 0 ) OR ( @UsersModuleCount > 0 ))
-- 操作允许
SET @Result = 1
ELSE
-- 操作拒绝
SET @Result = 0
RETURN @Result
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE PROCEDURE [ dbo ] . [ usp_CheckOperationAction ]
(
@UsersId int ,
@PagesId int ,
@OperationValue int
)
AS
DECLARE @UsersRoleCount INT , @UsersModuleCount INT , @Result BIT
-- 检索用户所拥有的角色
SELECT @UsersRoleCount = ( SELECT COUNT ( * ) FROM [ UsersRole ] UR
INNER JOIN [ RolePages ] RP ON (UR. [ RoleId ] = RP. [ RoleId ] )
WHERE UR. [ IsEnable ] = 1 AND RP. [ IsEnable ] = 1 AND UR. [ UsersId ] = @UsersId AND RP. [ PagesId ] = @PagesId )
-- 检索用户是否拥有操作权限。
SELECT @UsersModuleCount = ( SELECT COUNT ( * ) FROM [ UsersModule ] UM
INNER JOIN [ ModulePages ] MP ON (UM. [ ModuleId ] = MP. [ ModuleId ] )
WHERE (UM. [ Purview ] & @OperationValue = @OperationValue ) AND MP. [ IsEnable ] = 1 AND UM. [ UsersId ] = @UsersId AND MP. [ PagesId ] = @PagesId )
IF (( @UsersRoleCount > 0 ) OR ( @UsersModuleCount > 0 ))
-- 操作允许
SET @Result = 1
ELSE
-- 操作拒绝
SET @Result = 0
RETURN @Result