比较笨的一个方法: var i, j: integer; begin adoquery1.Close; //select * from popedom where user_bm=:user_bm //按用户编码(user_bm) 查询权限表中的记录 adoquery1.Parameters.ParamByName('user_bm').Value := user_bm; //该参数在主窗体创建时由登录窗体记录下 adoquery1.Open; while not adoquery1.Eof do begin mode_id := trim(adoquery1.fieldbyname('mode_id').AsString); //mode_id为模块编码 for i := 0 to MainMenu1.Items.Count - 1 do //历遍菜单 for j := 0 to mainmenu1.items[i].count - 1 do begin if MainMenu1.Items[i].Items[j].Name = mode_id then begin if adoquery1.FieldByName('Examine').AsBoolean = false then //判断该菜单是否为可用( Examine) 为真或假 MainMenu1.Items[i].Items[j].Enabled := false else MainMenu1.Items[i].Items[j].Enabled := true; end; end; adoquery1.Next; end; end;
1、建立数据库 if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[P_GroupPurview]') and OBJECTPROPERTY(id, N'IsUserTable') = 1) drop table [dbo].[P_GroupPurview] GOif exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[P_OpGroup]') and OBJECTPROPERTY(id, N'IsUserTable') = 1) drop table [dbo].[P_OpGroup] GOif exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[P_PurviewBase]') and OBJECTPROPERTY(id, N'IsUserTable') = 1) drop table [dbo].[P_PurviewBase] GOif exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[P_UserPurview]') and OBJECTPROPERTY(id, N'IsUserTable') = 1) drop table [dbo].[P_UserPurview] GOCREATE TABLE [dbo].[P_GroupPurview] ( [ID] [int] IDENTITY (1, 1) NOT NULL , [GroupID] [int] NOT NULL , [PurviewID] [int] NOT NULL ) ON [PRIMARY] GOCREATE TABLE [dbo].[P_OpGroup] ( [GroupID] [int] NOT NULL , [GroupName] [nvarchar] (50) COLLATE Chinese_PRC_CI_AS NULL ) ON [PRIMARY] GOCREATE TABLE [dbo].[P_PurviewBase] ( [PurviewID] [int] NOT NULL , [PurviewName] [nvarchar] (50) COLLATE Chinese_PRC_CI_AS NOT NULL , [ParentID] [int] NOT NULL ) ON [PRIMARY] GOCREATE TABLE [dbo].[P_UserPurview] ( [ID] [int] IDENTITY (1, 1) NOT NULL , [UserID] [int] NOT NULL , [PurviewID] [int] NOT NULL ) ON [PRIMARY] GOALTER TABLE [dbo].[P_GroupPurview] WITH NOCHECK ADD CONSTRAINT [PK_P_GroupPurview] PRIMARY KEY CLUSTERED ( [ID] ) ON [PRIMARY] GOALTER TABLE [dbo].[P_OpGroup] WITH NOCHECK ADD CONSTRAINT [PK_P_OpGroup] PRIMARY KEY CLUSTERED ( [GroupID] ) ON [PRIMARY] GOALTER TABLE [dbo].[P_PurviewBase] WITH NOCHECK ADD CONSTRAINT [PK_P_PurviewBase] PRIMARY KEY CLUSTERED ( [PurviewID] ) ON [PRIMARY] GOALTER TABLE [dbo].[P_UserPurview] WITH NOCHECK ADD CONSTRAINT [PK_P_UserPurview] PRIMARY KEY CLUSTERED ( [ID] ) ON [PRIMARY] GO 注意:在用户表中加入字段'GroupID' /* 创建日期:2006-08-19 创建人:zh 功能:在“MJOperator”中增加字段'GroupID' 字段说明:'GroupID':操作权限组ID */ IF OBJECTPROPERTY ( object_id('MJOperator'),'ISTABLE') = 1 begin if (not exists(select * from syscolumns a, sysobjects b where a.name='GroupID' and a.id=b.id and b.name='MJOperator')) --检查是否存在字段GroupID begin alter TABLE MJOperator ADD GroupID [int] NULL end end go2、定义常量 例如: //---------操作权限定义的常量------------------------------------------------ const int GL_A1 = 1000002; //管理模块 const int GL_A2 = 1000003; //区域管理 const int GL_A3 = 1000004; // 新增区域 const int GL_A4 = 1000005; // 删除区域 const int GL_A5 = 1000006; // 重命名区域3、验证权限操作存储过程 SET QUOTED_IDENTIFIER ON GO SET ANSI_NULLS ON GO/* 功能:验证登录用户是否有对应的操作权限 参数:@UserID:操作员ID,@PurviewID(P_PurviewBase表):操作权限ID 创建:ZCW 时间:2006-9-19 调试: exec clPro_JHPurview 11,1000002 */ if exists(select * from sysobjects where name = 'clPro_JHPurview') drop proc clPro_JHPurview goCREATE proc clPro_JHPurview(@UserID varchar(10),@PurviewID varchar(10)) as begin select 1 from MJOperator a,P_GroupPurview b where a.userid=@UserID and b.PurviewID=@PurviewID and a.GroupID=b.GroupID union select 1 from MJOperator a,P_UserPurview b where a.userid=@UserID and b.PurviewID=@PurviewID and a.UserID=b.UserID end 4、处理函数 bool ValidatePurview(int FUserID,int FPurviewID) { AnsiString Txtsql; Txtsql = "exec clPro_JHPurview '"+ IntToStr(FUserID) +"','"+ IntToStr(FPurviewID) +"'"; if (RunSql(DM->ADOQuerySQL,Txtsql)) { if (!DM->ADOQuerySQL->Eof) { return true; //找到了存在权限记录 } } return false; }5、权限调用示例 //验证当前用户是否存在操作权限 if (!ValidatePurview(WUserPurviewFull->CurrentMJOperator->UserID,CL_A35)) { Application->MessageBoxA("权限不足,如需操作请与系统管理员联系!","提示",MB_OK|MB_ICONWARNING); return; } 以上是BCB代码,稍作改动就可以了!
首先为企业建立一个用户组,TBCXUSERGROUP,对用户按组管理,这样便于划分权限!
其次,再建一个TBCXUSERAUTH,即授权表!表内大概的字段包括诸如:模块名称,所属操作,所属组别,组件是否显示等!
每次登陆可按照该用户所属的组到授权表中进行查询!
大概就是这样!
var i, j: integer;
begin
adoquery1.Close; //select * from popedom where user_bm=:user_bm //按用户编码(user_bm) 查询权限表中的记录
adoquery1.Parameters.ParamByName('user_bm').Value := user_bm; //该参数在主窗体创建时由登录窗体记录下
adoquery1.Open;
while not adoquery1.Eof do
begin
mode_id := trim(adoquery1.fieldbyname('mode_id').AsString); //mode_id为模块编码
for i := 0 to MainMenu1.Items.Count - 1 do //历遍菜单
for j := 0 to mainmenu1.items[i].count - 1 do
begin
if MainMenu1.Items[i].Items[j].Name = mode_id then
begin
if adoquery1.FieldByName('Examine').AsBoolean = false then //判断该菜单是否为可用( Examine) 为真或假
MainMenu1.Items[i].Items[j].Enabled := false
else
MainMenu1.Items[i].Items[j].Enabled := true;
end;
end;
adoquery1.Next;
end;
end;
每个菜单都会有个菜单名称name: N** 把这些菜单的信息都存到表里面.然后再读取
user_bm mode_id mode_name Examine adds modi del
001 N22 入库单 1 1 1 1
if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[P_GroupPurview]') and OBJECTPROPERTY(id, N'IsUserTable') = 1)
drop table [dbo].[P_GroupPurview]
GOif exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[P_OpGroup]') and OBJECTPROPERTY(id, N'IsUserTable') = 1)
drop table [dbo].[P_OpGroup]
GOif exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[P_PurviewBase]') and OBJECTPROPERTY(id, N'IsUserTable') = 1)
drop table [dbo].[P_PurviewBase]
GOif exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[P_UserPurview]') and OBJECTPROPERTY(id, N'IsUserTable') = 1)
drop table [dbo].[P_UserPurview]
GOCREATE TABLE [dbo].[P_GroupPurview] (
[ID] [int] IDENTITY (1, 1) NOT NULL ,
[GroupID] [int] NOT NULL ,
[PurviewID] [int] NOT NULL
) ON [PRIMARY]
GOCREATE TABLE [dbo].[P_OpGroup] (
[GroupID] [int] NOT NULL ,
[GroupName] [nvarchar] (50) COLLATE Chinese_PRC_CI_AS NULL
) ON [PRIMARY]
GOCREATE TABLE [dbo].[P_PurviewBase] (
[PurviewID] [int] NOT NULL ,
[PurviewName] [nvarchar] (50) COLLATE Chinese_PRC_CI_AS NOT NULL ,
[ParentID] [int] NOT NULL
) ON [PRIMARY]
GOCREATE TABLE [dbo].[P_UserPurview] (
[ID] [int] IDENTITY (1, 1) NOT NULL ,
[UserID] [int] NOT NULL ,
[PurviewID] [int] NOT NULL
) ON [PRIMARY]
GOALTER TABLE [dbo].[P_GroupPurview] WITH NOCHECK ADD
CONSTRAINT [PK_P_GroupPurview] PRIMARY KEY CLUSTERED
(
[ID]
) ON [PRIMARY]
GOALTER TABLE [dbo].[P_OpGroup] WITH NOCHECK ADD
CONSTRAINT [PK_P_OpGroup] PRIMARY KEY CLUSTERED
(
[GroupID]
) ON [PRIMARY]
GOALTER TABLE [dbo].[P_PurviewBase] WITH NOCHECK ADD
CONSTRAINT [PK_P_PurviewBase] PRIMARY KEY CLUSTERED
(
[PurviewID]
) ON [PRIMARY]
GOALTER TABLE [dbo].[P_UserPurview] WITH NOCHECK ADD
CONSTRAINT [PK_P_UserPurview] PRIMARY KEY CLUSTERED
(
[ID]
) ON [PRIMARY]
GO
注意:在用户表中加入字段'GroupID'
/*
创建日期:2006-08-19
创建人:zh
功能:在“MJOperator”中增加字段'GroupID'
字段说明:'GroupID':操作权限组ID
*/
IF OBJECTPROPERTY ( object_id('MJOperator'),'ISTABLE') = 1
begin
if (not exists(select * from syscolumns a, sysobjects b where a.name='GroupID'
and a.id=b.id and b.name='MJOperator')) --检查是否存在字段GroupID
begin
alter TABLE MJOperator
ADD GroupID [int] NULL
end
end
go2、定义常量
例如:
//---------操作权限定义的常量------------------------------------------------
const int GL_A1 = 1000002; //管理模块
const int GL_A2 = 1000003; //区域管理
const int GL_A3 = 1000004; // 新增区域
const int GL_A4 = 1000005; // 删除区域
const int GL_A5 = 1000006; // 重命名区域3、验证权限操作存储过程
SET QUOTED_IDENTIFIER ON
GO
SET ANSI_NULLS ON
GO/*
功能:验证登录用户是否有对应的操作权限
参数:@UserID:操作员ID,@PurviewID(P_PurviewBase表):操作权限ID
创建:ZCW
时间:2006-9-19
调试: exec clPro_JHPurview 11,1000002
*/
if exists(select * from sysobjects where name = 'clPro_JHPurview')
drop proc clPro_JHPurview
goCREATE proc clPro_JHPurview(@UserID varchar(10),@PurviewID varchar(10))
as
begin
select 1 from MJOperator a,P_GroupPurview b where a.userid=@UserID and b.PurviewID=@PurviewID and a.GroupID=b.GroupID
union select 1 from MJOperator a,P_UserPurview b where a.userid=@UserID and b.PurviewID=@PurviewID and a.UserID=b.UserID
end
4、处理函数
bool ValidatePurview(int FUserID,int FPurviewID)
{
AnsiString Txtsql;
Txtsql = "exec clPro_JHPurview '"+ IntToStr(FUserID) +"','"+ IntToStr(FPurviewID) +"'";
if (RunSql(DM->ADOQuerySQL,Txtsql))
{
if (!DM->ADOQuerySQL->Eof)
{
return true; //找到了存在权限记录
}
}
return false;
}5、权限调用示例
//验证当前用户是否存在操作权限
if (!ValidatePurview(WUserPurviewFull->CurrentMJOperator->UserID,CL_A35))
{
Application->MessageBoxA("权限不足,如需操作请与系统管理员联系!","提示",MB_OK|MB_ICONWARNING);
return;
}
以上是BCB代码,稍作改动就可以了!
我做的是个销售的软件。。登陆的时候根据用户名从 用户管理权限的表里读取用户的权限。。
比如是超级用户(AD)那就不用设置了。。如果仅仅是销售人员。。那么相应的设置下控件的Enabled属性。。
运行的时候直接用ACTION更新服务器上的数据就行啦,也没有必要每个模块都手工增加啊