权限管理MiniUI

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;

using System.Web.SessionState;  //注意使用session时引入命名空间

using System.Text;
using System.Data;
using System.Data.SqlClient;
using System.Collections;

using PluSoft.Utils; // Json对象

namespace RightSystem.Server
{
    /// <summary>
    /// MiniUI_ajaxHandler 的摘要说明
    /// </summary>
    public class MiniUI_ajaxHandler : IHttpHandler, IRequiresSessionState  //注意使用session时要继承IRequiresSessionState接口
    {

        public void ProcessRequest(HttpContext context)
        {

            string type=context.Request.QueryString["type"].Trim();
            switch (type)
            {
                case "checkUserName":
                    CheckUserName(context);
                    break;
                case "login":
                    Login(context);
                    break;
                case "loadRight":
                    LoadRight(context);
                    break;
                case "loadRoles":
                    LoadRoles(context);
                    break;
                case "saveRoleGrid":
                    SaveRoleGrid(context);
                    break;
                case "loadAllRight":
                    LoadAllRight(context);
                    break;
                case "getRightByRole":
                    GetRightByRole(context);
                    break;
                case "saveRight":
                    SaveRight(context);
                    break;
                default:
                    break;
            }
            
        }

        //保存权限
        public void SaveRight(HttpContext context)
        {
            string roleId = context.Request["roleId"];
            string rightIDStr = context.Request["rightIDStr"];

            string SqlStr = "delete Relationship_2 where roleID=" + roleId + ";";
            string[] rightIdArray = rightIDStr.Split(',');
            foreach (string rightID in rightIdArray)
            {
                SqlStr += "insert Relationship_2(roleID,rightID) values(" + roleId + "," + rightID + ");";
            }

            if (DBHelper.ExecuteTransactions("saveRight", SqlStr))
                context.Response.Write("yes");
            else
                context.Response.Write("no");
        }

        //获取指定角色所拥有的权限Id
        public void GetRightByRole(HttpContext context)
        {
            //获取角色id
            string roleId=context.Request["roleId"];
          DataTable dt=  DBHelper.GetTables("select * from Relationship_2 where roleID="+roleId);
          string rightIDStr = "";
          foreach (DataRow  rows in dt.Rows)
          {
              rightIDStr += ","+rows["rightID"].ToString();
          }
          context.Response.Write(rightIDStr + ",");
        }

        //加载所有的权限树
        public void LoadAllRight(HttpContext context)
        {
            DataTable dt = DBHelper.GetTables("select * from RightInfo");

            string jsonStr = JSON.Encode(dt);
            //[{id:"",text:"", pid:""},{},{}]

            context.Response.Write(jsonStr);
        }

         //保存角色
        private void SaveRoleGrid(HttpContext context)
        {
            string jsonStr = context.Request["data"];

            //将Json字符串转换为对象进行操作

            //jsonStr:[]   序列化为----> ArrayList
            //jsonStr:{}   序列化为----> Hashtable
            ArrayList list = JSON.Decode(jsonStr) as ArrayList;
            string sqlStr = "";
            foreach (object obj in list)
            {
                Hashtable tb = obj as Hashtable;
                 
                switch (tb["_state"].ToString())
                {
                    case "removed":
                        sqlStr += "delete from RoleInfo where roleId=" + tb["roleId"].ToString() + ";";
                        break;
                    case "added":
                        sqlStr += "insert RoleInfo(roleName,roleDesc) values ('" + tb["roleName"].ToString() + "','" + tb["roleDesc"].ToString() + "');";
                        break;
                    case "modified":
                        sqlStr += "update RoleInfo set roleName='" + tb["roleName"].ToString() + "',roleDesc='" + tb["roleDesc"].ToString() + "' where roleId=" + tb["roleId"].ToString() + ";";
                        break;
                }

            }

            //事务提交Sql
            if (DBHelper.ExecuteTransactions("saveRole", sqlStr))
                context.Response.Write("yes");
            else
                context.Response.Write("no");
        
        }
         //加载所有角色
        private void LoadRoles(HttpContext context)
        {
            int pageIndex = int.Parse(context.Request["pageIndex"]) + 1;
            int pageSize = int.Parse(context.Request["pageSize"]);
            string sortField = context.Request["sortField"] == "" ? "roleid" : context.Request["sortField"];//排序字段
            string sortOrder = context.Request["sortOrder"] == "" ? "asc" : context.Request["sortOrder"];//排序方向
            string key = context.Request["key"];  //获取搜索的关键字
            string whereStr = "";
            if (!string.IsNullOrEmpty(key))
                whereStr = "  where roleName like '%" + key + "%'";

            int startRowIndex = (pageIndex - 1) * pageSize + 1;
            int endRowIndex = pageSize * pageIndex;
            DataTable dt = DBHelper.GetTables("select * from (select ROW_NUMBER() over(order by " + sortField + " " 
                + sortOrder + " ) as rowIndex, * from RoleInfo " + whereStr + ") as newTab where rowIndex between " + startRowIndex + " and " + endRowIndex);
            string jsonStr = JSON.Encode(dt);

            int total = Convert.ToInt32(DBHelper.ExecuteScalar("select count(*) from RoleInfo"));

            context.Response.Write("{total:" + total + ",data:" + jsonStr + "}");
        }

        //加载用户权限
        private void LoadRight(HttpContext context)
        {
            //判断是否保存了用户名
            if (context.Session["loginName"] == null)
                context.Response.Redirect("../login.htm");
            //获取登录名
            string loginName = context.Session["loginName"].ToString();
            DataTable dt = DBHelper.GetTables("select * from View_login where LoginName='" + loginName + "'");
            StringBuilder sb = new StringBuilder();

            foreach (DataRow row in dt.Rows)
            {
                //.Append("\",icon:\"").Append("icon-add")
                sb.Append(",{id:\"").Append(row["RightID"]).Append("\",text:\"").Append(row["RightName"]).Append("\",pid:\"").Append(row["ParentID"]).Append("\",url:\"").Append(row["URL"]).Append("\"}");
            }

            string jasonStr = sb.ToString();
            if (jasonStr != "")
                jasonStr = jasonStr.Substring(1);

            jasonStr = "[" + jasonStr + "]";


            context.Response.Write(jasonStr);
        }

        //检查用户名
        private void CheckUserName(HttpContext context)
        {
            string uid = context.Request["uid"];
            int rows = (int)DBHelper.ExecuteScalar("select count(*) from UserInfo where loginName='" + uid + "'");
            if (rows <= 0)
                context.Response.Write("no");
            else
                context.Response.Write("yes");  
        }

        //登录信息
        private void Login(HttpContext context)
        {
            string uid=context.Request.Form["uid"];
            string pwd=context.Request.Form["pwd"];
           
         int count=(int) DBHelper.ExecuteScalar("select count(*) from UserInfo where loginName='"+uid+"'and loginPwd='"+pwd+"'");
         if (count > 0)
         {
             //使用session保存用户名
             context.Session["loginName"] = uid;

             context.Response.Write("yes");
         }
         else {
             context.Response.Write("no");
         }
        }

        public bool IsReusable
        {
            get
            {
                return false;
            }
        }
    }
}

编程技巧