实践Oracle优化技术在医疗信息化中的深入应用,探索医院信息系统性能优化设计之道。公众号:医信系统性能优化。
基于深度优先的递归判断域用户是否是某个组的成员
引用System.DirectoryServices
并导入名称空间
using
System.DirectoryServices;
功能:判断域用户(登录名)是否是某个域安全组的成员,域用户可能属于多个组,并且所属的组可能又属于多个组,所以需要递归调用.
![](/Images/OutliningIndicators/None.gif)
private
DirectoryEntry entry
=
new
DirectoryEntry(
"
LDAP://domain
"
,
@"
domain\username
"
,
"
password
"
);
private
bool
UserisGroupMember(
string
UserLogin,
string
RoleName)
![](/Images/OutliningIndicators/ExpandedBlockStart.gif)
{
DirectorySearcher mySearcher
=
new
DirectorySearcher(entry);
mySearcher.Filter
=
string
.Format (
"
(&(objectClass=user)(sAMAccountName={0}))
"
,UserLogin );
mySearcher.PropertiesToLoad.Add (
"
memberof
"
);
SearchResult mysr
=
mySearcher.FindOne();
![](/Images/OutliningIndicators/InBlock.gif)
if
(mysr.Properties .Count
>
1
)
//
返回两个属性,一个是内置的adspath,另一个是PropertiesToLoad加载的
{
string
[] memberof
=
new
string
[mysr.Properties[
"
memberof
"
].Count ];
int
i
=
0
;
foreach
( Object myColl
in
mysr.Properties[
"
memberof
"
])
![](/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
{
memberof[i]
=
myColl.ToString ().Substring (
3
,myColl.ToString ().IndexOf(
"
,
"
)
-
3
);
if
(memberof[i]
==
RoleName)
return
true
;
i
++
;
}//其实这一层循环是广度优先算法,因为考虑到一个人直接属于某个安全组的可能性要大一些,这样做效率更高.如果把下面这个循环放到上面的if的esle中,就是完全的深度优先了.
foreach
(
string
GroupName
in
memberof)
if
(MemberisGroupMember(GroupName,RoleName))
return
true
;
}
return
false
;
}
private
bool
MemberisGroupMember(
string
GroupName,
string
RoleName)
![](/Images/OutliningIndicators/ExpandedBlockStart.gif)
{
DirectorySearcher mySearcher
=
new
DirectorySearcher(entry);
mySearcher.Filter
=
string
.Format (
"
(&(objectClass=group)(CN={0}))
"
,GroupName );
mySearcher.PropertiesToLoad.Add (
"
memberof
"
);
SearchResult mysr
=
mySearcher.FindOne();
string
memberof;
![](/Images/OutliningIndicators/InBlock.gif)
if
(mysr.Properties.Count
>
1
)
//
返回两个属性,一个是内置的adspath,另一个是PropertiesToLoad加载的
{
foreach
( Object myColl
in
mysr.Properties[
"
memberof
"
])
![](/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
{
memberof
=
myColl.ToString ().Substring (
3
,myColl.ToString ().IndexOf(
"
,
"
)
-
3
);
if
(memberof
==
RoleName)
return
true
;
else
if
(MemberisGroupMember(memberof,RoleName))
return
true
;
}
}
return
false
;
}