我有两个arraylists。一个是principleList,它包含表示角色的整数值(Admin,Project Manager等)。第二个是codeList,它包含我想要获得权限的各种代码(例如AddUserProfile)。我有一个存储过程“AllowedToPerformFunction”,它返回allowed = 0或1,具体取决于角色是否可以执行代码。
由于我有多个ID和多个代码,因此我遇到了逻辑问题。对于每个id,我需要使用每个代码调用存储过程并存储它。 我正在尝试将权限存储在哈希表中,用于各种角色,例如Admin,Project Manager。因此,例如对于Admin,我需要存储:
Admin(id = 1) code =“AddUser”,allowed = 1 代码= “AddProject”,允许= 0
哈希表格式(键,值)=(1,AddUser-1),(1,AddProject-0)
这是我的代码无效:
protected void Page_Load(object sender, EventArgs e)
{
getPermissions();
}
void getPermissions()
{
using (SqlConnection conn = new SqlConnection("GoalFishConnectionString")){conn.Open();
ArrayList idList = getPrincipleIds();
ArrayList codeList = getCodes();
ArrayList allowList = new ArrayList();
for (int i = 0; i < idList.Count; i++)
{
MessageBox.Show(idList[i].ToString());
for (int j = 0; j < codeList.Count; j++)
{
MessageBox.Show(codeList[j].ToString());
SqlCommand command2 = new SqlCommand("AllowedToPerformFunction", conn);
command2.CommandType = CommandType.StoredProcedure;
command2.Parameters.Clear();
command2.Parameters.Add("@principalID", SqlDbType.Int).Value = idList[i];
command2.Parameters.Add("@contextID", SqlDbType.Int).Value = idList[i];
command2.Parameters.Add("@roleCode", SqlDbType.VarChar).Value = codeList[j];
command2.Parameters.Add("@allowed", SqlDbType.Int);
command2.Parameters["@allowed"].Direction = ParameterDirection.Output;
command2.ExecuteNonQuery();
int allowed = (int)command2.Parameters["@allowed"].Value;
allowList.Add(command2.Parameters["@allowed"].Value);
}
}}}
ArrayList getPrincipleIds()
{
ArrayList principleList = new ArrayList();
using (SqlConnection conn = new SqlConnection("GoalFishConnectionString")){
conn.Open();
SqlCommand cmd = new SqlCommand("GetPrinciples", conn);
cmd.CommandType = CommandType.StoredProcedure;
SqlDataReader rdr = cmd.ExecuteReader();
while (rdr.Read())
{
principleList.Add(rdr["unit_id"]);
}
rdr.Close();
}
return principleList;
}
ArrayList getCodes()
{
ArrayList codesList = new ArrayList();
using (SqlConnection conn = new SqlConnection("GoalFishConnectionString")){
conn.Open();
SqlCommand command = new SqlCommand("GetCodes", conn);
command.CommandType = CommandType.StoredProcedure;
SqlDataReader reader = command.ExecuteReader();
while (reader.Read())
{
codesList.Add(reader["Code"]);
//MessageBox.Show(reader["Code"].ToString());
}
reader.Close();
}
}
return codesList;
}
非常感谢任何建议或帮助。
答案 0 :(得分:0)
为什么不创建这样的类并将其存储在会话中?这样您只需担心一个用户的权限(除非用户可以同时成为管理员和项目经理)
public class LoginUser
{
public loginUser
{
this.Permission = LoadAllPermissions()
}
public string Role { get; set; }
public Dictionary<integer, string> Permission { get; set; }
}