摘要: 本人微信公众号:微软动态CRM专家罗勇 ,回复283或者20181118可方便获取本文,同时可以在第一间得到我发布的最新博文信息,follow me!我的网站是 www.luoyong.me 。
在实体角色比较多的情况下手工设置权限麻烦,我这里开发了一个控制台应用程序,读取前面博文 自定义控制台程序导出角色对实体的权限为Excel文件 导出并修改的角色对实体的权限来设置。
using Microsoft.Crm.Sdk.Messages; using Microsoft.Xrm.Sdk; using Microsoft.Xrm.Sdk.Client; using Microsoft.Xrm.Sdk.Query; using System; using System.Collections.Generic; using System.Configuration; using System.Linq; using System.Runtime.InteropServices; using System.ServiceModel.Description; using Excel = Microsoft.Office.Interop.Excel; namespace SetRolePrivileges { class Program { static void Main(string[] args) { IServiceManagement<IOrganizationService> orgServiceMgr = ServiceConfigurationFactory.CreateManagement<IOrganizationService>(new Uri(ConfigurationManager.AppSettings["orgUrl"])); AuthenticationCredentials orgAuCredentials = new AuthenticationCredentials(); orgAuCredentials.ClientCredentials.UserName.UserName = ConfigurationManager.AppSettings["userName"]; orgAuCredentials.ClientCredentials.UserName.Password = ConfigurationManager.AppSettings["passWord"]; string readFrom = ConfigurationManager.AppSettings["ReadFrom"]; Privilege privilege = new Privilege(); PrivilegeDataRow privilegeDataRow = new PrivilegeDataRow(); List<PrivilegeDataRow> lstPrivilegeDataRow = new List<PrivilegeDataRow>(); List<Privilege> lstPrivileges = new List<Privilege>(); Dictionary<Guid, string> roles = new Dictionary<Guid, string>(); string privilegeName = string.Empty; Guid roleId = Guid.Empty; List<RolePrivilege> addRolePrivileges = new List<RolePrivilege>(); List<RolePrivilege> removeRolePrivileges = new List<RolePrivilege>(); using (OrganizationServiceProxy orgSvc = GetProxy<IOrganizationService, OrganizationServiceProxy>(orgServiceMgr, orgAuCredentials)) { WhoAmIRequest whoReq = new WhoAmIRequest(); WhoAmIResponse whoRep = orgSvc.Execute(whoReq) as WhoAmIResponse; var userEntity = orgSvc.Retrieve("systemuser", whoRep.UserId, new ColumnSet("fullname")); Console.WriteLine(string.Format("登录组织{0}成功,欢迎{1},准备提取{2}中的权限设置进行处理,继续操作请输入y!", ConfigurationManager.AppSettings["orgUrl"], userEntity.GetAttributeValue<string>("fullname"), readFrom)); var input = Console.ReadLine().ToString().ToUpper(); if (input == "Y") { Console.WriteLine(string.Format("程序开始处理 - {0}", DateTime.Now.ToString())); lstPrivileges = GetPrivileges(orgSvc); roles = GetRoleList(orgSvc); var excelApp = new Excel.Application(); excelApp.Visible = false; Excel.Workbook rolePrivilegesWB = excelApp.Workbooks.Open(readFrom); try { int worksheetcount = rolePrivilegesWB.Worksheets.Count; Console.WriteLine(string.Format("读取的Workbook中共有{0}个Worksheet.", worksheetcount)); for (var i = 1; i < rolePrivilegesWB.Worksheets.Count; i++) { Excel._Worksheet currentSheet = rolePrivilegesWB.Sheets[i]; Console.WriteLine(string.Format("开始处理角色 - {0} - {1}", currentSheet.Name, DateTime.Now.ToString())); if (roles.Where(t => t.Value == currentSheet.Name).Count() >= 1) { roleId = roles.Where(t => t.Value == currentSheet.Name).FirstOrDefault().Key; Excel.Range xlRange = currentSheet.UsedRange; int rowCount = xlRange.Rows.Count; //行数 int colCount = xlRange.Columns.Count;//列数 for (int j = 2; j <= rowCount; j++) { privilegeDataRow = new PrivilegeDataRow(); //if (xlRange.Cells[j, k] != null && xlRange.Cells[j, k].Value2 != null) //判断单元格字段值是否为空 privilegeDataRow.SchemaName = xlRange.Cells[j, 1].Value2; if(privilegeDataRow.SchemaName == "ActivityPointer") { privilegeDataRow.SchemaName = "Activity"; } if (privilegeDataRow.SchemaName == "SystemUser") { privilegeDataRow.SchemaName = "User"; } privilegeDataRow.DisplayName = xlRange.Cells[j, 2].Value2; privilegeDataRow.CreatePrivilege = xlRange.Cells[j, 3].Value2 == null?string.Empty: Convert.ToString(xlRange.Cells[j, 3].Value2); privilegeDataRow.ReadPrivilege = xlRange.Cells[j, 4].Value2 == null ? string.Empty : Convert.ToString(xlRange.Cells[j, 4].Value2); privilegeDataRow.WritePrivilege = xlRange.Cells[j, 5].Value2 == null ? string.Empty : Convert.ToString(xlRange.Cells[j, 5].Value2); privilegeDataRow.DeletePrivilege = xlRange.Cells[j, 6].Value2 == null ? string.Empty : Convert.ToString(xlRange.Cells[j, 6].Value2); privilegeDataRow.AppendPrivilege = xlRange.Cells[j, 7].Value2 == null ? string.Empty : Convert.ToString(xlRange.Cells[j, 7].Value2); privilegeDataRow.AppendToPrivilege = xlRange.Cells[j, 8].Value2 == null ? string.Empty : Convert.ToString(xlRange.Cells[j, 8].Value2); privilegeDataRow.AssignPrivilege = xlRange.Cells[j, 9].Value2 == null ? string.Empty : Convert.ToString(xlRange.Cells[j, 9].Value2); privilegeDataRow.SharePrivilege = xlRange.Cells[j, 10].Value2 == null ? string.Empty : Convert.ToString(xlRange.Cells[j, 10].Value2); lstPrivilegeDataRow.Add(privilegeDataRow); } foreach (var item in lstPrivilegeDataRow) { #region 处理创建权限 if (!string.IsNullOrEmpty(item.CreatePrivilege)) { privilegeName = string.Format("prvCreate{0}", item.SchemaName); if (item.CreatePrivilege.Trim() == "0" || item.CreatePrivilege.Trim() == "1" || item.CreatePrivilege.Trim() == "2" || item.CreatePrivilege.Trim() == "3" || item.CreatePrivilege.Trim() == "4") { if (lstPrivileges.Where(t => t.Name == privilegeName).Count() >= 1) { privilege = lstPrivileges.Where(t => t.Name == privilegeName).First(); switch (item.CreatePrivilege.Trim()) { case "0"://如果设置为0需要清除此权限 removeRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId }); break; case "1": if (privilege.CanBeBasic) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Basic }); } break; case "2": if (privilege.CanBeLocal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Local }); } break; case "3": if (privilege.CanBeDeep) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Deep }); } break; case "4": if (privilege.CanBeGlobal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Global }); } break; } } else { Console.WriteLine(string.Format("权限 - {0} 找不到!- {1}", privilegeName, DateTime.Now.ToString())); } } } else { Console.WriteLine(string.Format("角色{0}的创建权限设置为空不需要处理!- {1}", currentSheet.Name, DateTime.Now.ToString())); } #endregion #region 处理读权限 if (!string.IsNullOrEmpty(item.ReadPrivilege)) { privilegeName = string.Format("prvRead{0}", item.SchemaName); if (item.ReadPrivilege.Trim() == "0" || item.ReadPrivilege.Trim() == "1" || item.ReadPrivilege.Trim() == "2" || item.ReadPrivilege.Trim() == "3" || item.ReadPrivilege.Trim() == "4") { if (lstPrivileges.Where(t => t.Name == privilegeName).Count() >= 1) { privilege = lstPrivileges.Where(t => t.Name == privilegeName).First(); switch (item.ReadPrivilege.Trim()) { case "0"://如果设置为0需要清除此权限 removeRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId }); break; case "1": if (privilege.CanBeBasic) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Basic }); } break; case "2": if (privilege.CanBeLocal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Local }); } break; case "3": if (privilege.CanBeDeep) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Deep }); } break; case "4": if (privilege.CanBeGlobal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Global }); } break; } } else { Console.WriteLine(string.Format("权限 - {0} 找不到!- {1}", privilegeName, DateTime.Now.ToString())); } } } else { Console.WriteLine(string.Format("角色{0}的读权限设置为空不需要处理!- {1}", currentSheet.Name, DateTime.Now.ToString())); } #endregion #region 处理写权限 if (!string.IsNullOrEmpty(item.WritePrivilege)) { privilegeName = string.Format("prvWrite{0}", item.SchemaName); if (item.WritePrivilege.Trim() == "0" || item.WritePrivilege.Trim() == "1" || item.WritePrivilege.Trim() == "2" || item.WritePrivilege.Trim() == "3" || item.WritePrivilege.Trim() == "4") { if (lstPrivileges.Where(t => t.Name == privilegeName).Count() >= 1) { privilege = lstPrivileges.Where(t => t.Name == privilegeName).First(); switch (item.WritePrivilege.Trim()) { case "0"://如果设置为0需要清除此权限 removeRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId }); break; case "1": if (privilege.CanBeBasic) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Basic }); } break; case "2": if (privilege.CanBeLocal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Local }); } break; case "3": if (privilege.CanBeDeep) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Deep }); } break; case "4": if (privilege.CanBeGlobal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Global }); } break; } } else { Console.WriteLine(string.Format("权限 - {0} 找不到!- {1}", privilegeName, DateTime.Now.ToString())); } } } else { Console.WriteLine(string.Format("角色{0}的写权限设置为空不需要处理!- {1}", currentSheet.Name, DateTime.Now.ToString())); } #endregion #region 处理删除权限 if (!string.IsNullOrEmpty(item.DeletePrivilege)) { privilegeName = string.Format("prvDelete{0}", item.SchemaName); if (item.DeletePrivilege.Trim() == "0" || item.DeletePrivilege.Trim() == "1" || item.DeletePrivilege.Trim() == "2" || item.DeletePrivilege.Trim() == "3" || item.DeletePrivilege.Trim() == "4") { if (lstPrivileges.Where(t => t.Name == privilegeName).Count() >= 1) { privilege = lstPrivileges.Where(t => t.Name == privilegeName).First(); switch (item.DeletePrivilege.Trim()) { case "0"://如果设置为0需要清除此权限 removeRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId }); break; case "1": if (privilege.CanBeBasic) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Basic }); } break; case "2": if (privilege.CanBeLocal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Local }); } break; case "3": if (privilege.CanBeDeep) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Deep }); } break; case "4": if (privilege.CanBeGlobal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Global }); } break; } } else { Console.WriteLine(string.Format("权限 - {0} 找不到!- {1}", privilegeName, DateTime.Now.ToString())); } } } else { Console.WriteLine(string.Format("角色{0}的删除权限设置为空不需要处理!- {1}", currentSheet.Name, DateTime.Now.ToString())); } #endregion #region 处理追加权限 if (!string.IsNullOrEmpty(item.AppendPrivilege)) { privilegeName = string.Format("prvAppend{0}", item.SchemaName); if (item.AppendPrivilege.Trim() == "0" || item.AppendPrivilege.Trim() == "1" || item.AppendPrivilege.Trim() == "2" || item.AppendPrivilege.Trim() == "3" || item.AppendPrivilege.Trim() == "4") { if (lstPrivileges.Where(t => t.Name == privilegeName).Count() >= 1) { privilege = lstPrivileges.Where(t => t.Name == privilegeName).First(); switch (item.AppendPrivilege.Trim()) { case "0"://如果设置为0需要清除此权限 removeRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId }); break; case "1": if (privilege.CanBeBasic) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Basic }); } break; case "2": if (privilege.CanBeLocal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Local }); } break; case "3": if (privilege.CanBeDeep) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Deep }); } break; case "4": if (privilege.CanBeGlobal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Global }); } break; } } else { Console.WriteLine(string.Format("权限 - {0} 找不到!- {1}", privilegeName, DateTime.Now.ToString())); } } } else { Console.WriteLine(string.Format("角色{0}的追加权限设置为空不需要处理!- {1}", currentSheet.Name, DateTime.Now.ToString())); } #endregion #region 处理追加到权限 if (!string.IsNullOrEmpty(item.AppendToPrivilege)) { privilegeName = string.Format("prvAppendTo{0}", item.SchemaName); if (item.AppendToPrivilege.Trim() == "0" || item.AppendToPrivilege.Trim() == "1" || item.AppendToPrivilege.Trim() == "2" || item.AppendToPrivilege.Trim() == "3" || item.AppendToPrivilege.Trim() == "4") { if (lstPrivileges.Where(t => t.Name == privilegeName).Count() >= 1) { privilege = lstPrivileges.Where(t => t.Name == privilegeName).First(); switch (item.AppendToPrivilege.Trim()) { case "0"://如果设置为0需要清除此权限 removeRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId }); break; case "1": if (privilege.CanBeBasic) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Basic }); } break; case "2": if (privilege.CanBeLocal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Local }); } break; case "3": if (privilege.CanBeDeep) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Deep }); } break; case "4": if (privilege.CanBeGlobal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Global }); } break; } } else { Console.WriteLine(string.Format("权限 - {0} 找不到!- {1}", privilegeName, DateTime.Now.ToString())); } } } else { Console.WriteLine(string.Format("角色{0}的追加到权限设置为空不需要处理!- {1}", currentSheet.Name, DateTime.Now.ToString())); } #endregion #region 处理分派权限 if (!string.IsNullOrEmpty(item.AssignPrivilege)) { privilegeName = string.Format("prvAssign{0}", item.SchemaName); if (item.AssignPrivilege.Trim() == "0" || item.AssignPrivilege.Trim() == "1" || item.AssignPrivilege.Trim() == "2" || item.AssignPrivilege.Trim() == "3" || item.AssignPrivilege.Trim() == "4") { if (lstPrivileges.Where(t => t.Name == privilegeName).Count() >= 1) { privilege = lstPrivileges.Where(t => t.Name == privilegeName).First(); switch (item.AssignPrivilege.Trim()) { case "0"://如果设置为0需要清除此权限 removeRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId }); break; case "1": if (privilege.CanBeBasic) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Basic }); } break; case "2": if (privilege.CanBeLocal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Local }); } break; case "3": if (privilege.CanBeDeep) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Deep }); } break; case "4": if (privilege.CanBeGlobal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Global }); } break; } } else { Console.WriteLine(string.Format("权限 - {0} 找不到!- {1}", privilegeName, DateTime.Now.ToString())); } } } else { Console.WriteLine(string.Format("角色{0}的分派权限设置为空不需要处理!- {1}", currentSheet.Name, DateTime.Now.ToString())); } #endregion #region 处理共享权限 if (!string.IsNullOrEmpty(item.SharePrivilege)) { privilegeName = string.Format("prvShare{0}", item.SchemaName); if (item.SharePrivilege.Trim() == "0" || item.SharePrivilege.Trim() == "1" || item.SharePrivilege.Trim() == "2" || item.SharePrivilege.Trim() == "3" || item.SharePrivilege.Trim() == "4") { if (lstPrivileges.Where(t => t.Name == privilegeName).Count() >= 1) { privilege = lstPrivileges.Where(t => t.Name == privilegeName).First(); switch (item.SharePrivilege.Trim()) { case "0"://如果设置为0需要清除此权限 removeRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId }); break; case "1": if (privilege.CanBeBasic) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Basic }); } break; case "2": if (privilege.CanBeLocal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Local }); } break; case "3": if (privilege.CanBeDeep) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Deep }); } break; case "4": if (privilege.CanBeGlobal) { addRolePrivileges.Add(new RolePrivilege() { PrivilegeId = privilege.PrivilegeId, Depth = PrivilegeDepth.Global }); } break; } } else { Console.WriteLine(string.Format("权限 - {0} 找不到!- {1}", privilegeName, DateTime.Now.ToString())); } } } else { Console.WriteLine(string.Format("角色{0}的共享权限设置为空不需要处理!- {1}", currentSheet.Name, DateTime.Now.ToString())); } #endregion if (removeRolePrivileges.Count >= 1) { removeRolePrivileges.ForEach(x => { RemovePrivilegeRoleRequest removePrivilegesRequest = new RemovePrivilegeRoleRequest { RoleId = roleId, PrivilegeId = x.PrivilegeId }; orgSvc.Execute(removePrivilegesRequest); Console.WriteLine(string.Format("移除角色 - {0} 的 {1} 权限处理完毕 - {2}", currentSheet.Name, x.PrivilegeId, DateTime.Now.ToString())); }); } if (addRolePrivileges.Count >= 1) { AddPrivilegesRoleRequest addPrivilegesRequest = new AddPrivilegesRoleRequest { RoleId = roleId, Privileges = addRolePrivileges.ToArray() }; orgSvc.Execute(addPrivilegesRequest); Console.WriteLine(string.Format("添加角色 - {0} 的 {1} 个权限处理完毕 - {2}", currentSheet.Name, addRolePrivileges.Count, DateTime.Now.ToString())); } removeRolePrivileges.Clear(); addRolePrivileges.Clear(); } lstPrivilegeDataRow.Clear(); Console.WriteLine(string.Format("角色 - {0} 处理完毕 - {1}", currentSheet.Name, DateTime.Now.ToString())); } else { Console.WriteLine(string.Format("角色 - {0} 在根业务部门中找不到,不处理!- {1}", currentSheet.Name, DateTime.Now.ToString())); } } } finally { GC.Collect(); GC.WaitForPendingFinalizers(); excelApp.Quit(); Marshal.ReleaseComObject(excelApp); } } } Console.Write("程序执行完毕!"); Console.ReadKey(); } /// <summary> /// 获取现有权限信息 /// </summary> /// <param name="orgSvc"></param> /// <returns></returns> private static List<Privilege> GetPrivileges(OrganizationServiceProxy orgSvc) { List<Privilege> returnVal = new List<Privilege>(); Privilege privilege = new Privilege(); string fetchXml = string.Format(@"<fetch version='1.0' mapping='logical' distinct='false' no-lock='true'> <entity name='privilege'> <attribute name='privilegeid'/> <attribute name='name'/> <attribute name='canbebasic'/> <attribute name='canbedeep'/> <attribute name='canbeglobal'/> <attribute name='canbelocal'/> </entity> </fetch>"); foreach (var item in orgSvc.RetrieveMultiple(new FetchExpression(fetchXml)).Entities) { privilege = new Privilege(); privilege.PrivilegeId = item.GetAttributeValue<Guid>("privilegeid"); privilege.Name = item.GetAttributeValue<string>("name"); privilege.CanBeBasic = item.GetAttributeValue<bool>("canbebasic"); privilege.CanBeLocal = item.GetAttributeValue<bool>("canbelocal"); privilege.CanBeDeep = item.GetAttributeValue<bool>("canbedeep"); privilege.CanBeGlobal = item.GetAttributeValue<bool>("canbeglobal"); privilege.AccessRight = item.GetAttributeValue<int>("accessright"); returnVal.Add(privilege); } Console.WriteLine(string.Format("获取现有权限信息成功,共获取到 {0} 个权限 - {1}",returnVal.Count,DateTime.Now.ToString())); return returnVal; } /// <summary> /// 获取根业务部门的GUID /// </summary> /// <param name="orgSvc">组织服务</param> /// <returns></returns> private static Guid GetRootBUId(OrganizationServiceProxy orgSvc) { Guid returnVal = Guid.Empty; string fetchXml = @"<fetch version='1.0' mapping='logical' distinct='false' count='1' no-lock='true'> <entity name='businessunit'> <attribute name='businessunitid' /> <filter type='and'> <condition attribute='parentbusinessunitid' operator='null' /> </filter> </entity> </fetch>"; var buEntities = orgSvc.RetrieveMultiple(new FetchExpression(fetchXml)); if (buEntities.Entities.Count >= 1) { returnVal = buEntities.Entities[0].GetAttributeValue<Guid>("businessunitid"); } return returnVal; } /// <summary> /// 获得角色列表 /// </summary> /// <param name="orgSvc"></param> /// <returns></returns> private static Dictionary<Guid, string> GetRoleList(OrganizationServiceProxy orgSvc) { Dictionary<Guid, string> returnVal = new Dictionary<Guid, string>(); var rootBuId = GetRootBUId(orgSvc); string fetchXml = string.Format(@"<fetch version='1.0' no-lock='true' mapping='logical' distinct='false'> <entity name='role'> <attribute name='name' /> <attribute name='roleid' /> <filter type='and'> <condition attribute='businessunitid' operator='eq' value='{0}' /> </filter> </entity> </fetch>", rootBuId); foreach (var item in orgSvc.RetrieveMultiple(new FetchExpression(fetchXml)).Entities) { var roleName = item.GetAttributeValue<string>("name"); returnVal.Add(item.GetAttributeValue<Guid>("roleid"), roleName); } return returnVal; } private static TProxy GetProxy<TService, TProxy>( IServiceManagement<TService> serviceManagement, AuthenticationCredentials authCredentials) where TService : class where TProxy : ServiceProxy<TService> { Type classType = typeof(TProxy); if (serviceManagement.AuthenticationType != AuthenticationProviderType.ActiveDirectory) { AuthenticationCredentials tokenCredentials = serviceManagement.Authenticate(authCredentials); return (TProxy)classType .GetConstructor(new Type[] { typeof(IServiceManagement<TService>), typeof(SecurityTokenResponse) }) .Invoke(new object[] { serviceManagement, tokenCredentials.SecurityTokenResponse }); } return (TProxy)classType .GetConstructor(new Type[] { typeof(IServiceManagement<TService>), typeof(ClientCredentials) }) .Invoke(new object[] { serviceManagement, authCredentials.ClientCredentials }); } } class Privilege { public Guid PrivilegeId; public string Name; public bool CanBeBasic; public bool CanBeDeep; public bool CanBeGlobal; public bool CanBeLocal; public int AccessRight; } class PrivilegeDataRow { public string SchemaName; public string DisplayName; public string CreatePrivilege; public string ReadPrivilege; public string WritePrivilege; public string DeletePrivilege; public string AppendPrivilege; public string AppendToPrivilege; public string AssignPrivilege; public string SharePrivilege; } }