防止用户删除自己

时间:2014-06-29 12:47:48

标签: delphi

当用户登录时,他们的名字会显示在应用程序主窗体的状态栏中:

  

StatusBar1.Panels [1]。文本:=   。DataModule1.ADQuery4.FieldByName( '用户')AsString;

但是,该用户还可以访问(priviledge)另一种形式,通过该形式可以添加或删除用户。如何阻止此用户删除自己?如何判断添加用户的查询以避免状态栏中显示的用户?或者可能是删除前的消息?

2 个答案:

答案 0 :(得分:4)

您应该使用外观来处理此类规则。

TNotifyUserEvent = procedure(Sender : TObject; const Username : string ) of object;

TFacade = class( TDataModule )
private
  FOnUserLogin : TNotifyUserEvent;
  FOnUserLogout : TNotifyUserEvent;
  FOnUserDeleted : TNotifyUserEvent;
  FUsername : string;
  procedure CheckLoggedIn;
public
  procedure Login( const Username, Password : string );
  procedure Logout;

  procedure DeleteUser( const Username : string );

  property Username : string read FUsername;
  property OnUserLogin : TNotifyUserEvent read FOnUserLogin write FOnUserLogout;
  property OnUserLogout : TNotifyUserEvent read FOnUserLogout write FOnUserLogout;
  property OnUserDeleted : TNotifyUserEvent read FOnUserDeleted write FOnUserDeleted;
end;

var
  Facade : TFacade;

procedure TFacade.DeleteUser( const Username : string );
begin
  // *** Verification Part ***
  // only logged in users are allowed
  CheckLoggedIn; 
  // if you have some user rights, you can check here
  // do not delete yourself
  if CompareText( Username, FUsername ) = 0 then
    raise Exception.Create( 'you cannot delete yourself' );
  // ** Execute Part ***
  DataModule1...
  // raise an exception if not successful      
  // *** Store State Part ***
  // *** Notification Part ***
  if Assigned( FOnUserDeleted ) then
    FOnUserDeleted( Self, Username );
end;

procedure TFacade.CheckLoggedIn;
begin
  if FUsername = '' then
    raise Exception.Create( 'you are not logged in' );
end;    

procedure TFacade.Login( const Username, Password : string );
begin
  // *** Verification Part ***
  if FUsername <> '' then
    Logout;
  // *** Execute Part ***
  if not DataModule1.RealLogin( Username, Passwordd ) then
    raise Exception.Create( 'you cannot login' );
  // *** Store State Part ***
  FUsername := Username;
  // *** Notification Part ***
  if Assigned( FOnUserLogin ) then
    FOnUserLogin( Self, Username );
end;

procedure Logout;
var
  LUsername : string; 
begin
  // *** Verification Part ***
  CheckLoggedIn;
  // *** Execute Part ***
  LUsername := FUsername;
  DataModule1....
  // *** Store State Part ***
  FUsername := '';
  // *** Notification Part ***
  if Assigned( FOnUserLogout ) then
    FOnUserLogout( Self, LUsername );
end;

状态栏可以通过阅读facade属性(内部对事件作出反应)来更新

if Facade.Username = '' then
  StatusBar1.Panels[1].Text := '(not logged in)'
else
  StatusBar1.Panels[1].Text := Facade.Username;

答案 1 :(得分:1)

使用ADQuery4的BeforeDelete事件。

procedure TDataModule1.ADOQuery4BeforeDelete(DataSet: TDataSet);
begin
 if (ADQuery4.FieldByName('USER').AsString=StatusBar1.Panels[1].Text) then abort;
end;

您可以提出异常,而不是中止。另请注意,上面的代码假定字段“USER”在您的数据库中是唯一的。顺便说一下,为避免重复的用户名,您需要在“USER”字段中定义唯一索引。