public ActionResult EditAdmin(administrator administrator)
{
var data = Request["data"];
var adminData = SerializeHelper.SerializeToObject <dynamic>(data);
int id = adminData.id;
administrator = AdministratorService.LoadEntities(n => n.id == id).FirstOrDefault();
if (administrator != null)
{
string pwd = adminData.login_pwd;
administrator.mod_time = DateTime.Now;
administrator.login_pwd = Common.EncryptHelper.Encrypt(pwd);
administrator.sort = adminData.sort;
administrator.name = adminData.name;
administrator.head_protrait = adminData.head_protrait;
administrator.remark = adminData.remark;
if (AdministratorService.EditEntity(administrator))
{
SaveSyslog($"管理员信息修改成功", SysLogType.后台日志, nowManager.name);
return(Json(SysEnum.成功, "修改成功"));
}
return(Json(SysEnum.失败, "修改失败"));
}
return(Json(SysEnum.失败, "获取对象失败"));
}
protected void btnCredit_Click(object sender, EventArgs e)
{
bool flag = false;
GridView1.SelectedIndex = Convert.ToInt32(lblIndexHidden.Text.ToString());
string orderNum = Convert.ToString((int)GridView1.SelectedValue);
administrator order = new administrator();
order.UpdateOrderPaid(orderNum);
flag = order.CreditAdvertiser(orderNum);
if (flag)
{
order.UpdateOrderCredit(orderNum);
FillTable(ddlCompany.SelectedValue.ToString(), txtOrderFilter.Text.ToString());
lblMessage.Text = "Successfully Credited " + order.GetAdvertiserName() + " with " + order.GetUnitQty() + " Units.";
lblMessage.ForeColor = System.Drawing.Color.Green;
}
else
{
lblMessage.Text = "Failed to Credit Account";
lblMessage.ForeColor = System.Drawing.Color.Red;
}
}
//Add a Administrator
public ActionResult AddAdministrator(string ID, string name, string password, string rpassword, DateTime?birth, string sex, int?authorization)
{
if (ID == "" || name == "" || password == "" || rpassword == "" || birth.HasValue == false || sex == "" || authorization == null)
{
Session[CommonConstant.MESSAGE] = "Enter all the infomation";
}
else if (password != rpassword)
{
Session[CommonConstant.MESSAGE] = "Password is not match";
}
else
{
administrator tmp = new administrator();
tmp.administratorid = ID;
tmp.administratorname = name;
tmp.administratorpassword = password;
tmp.administratorbirth = birth;
tmp.administratorsex = sex;
tmp.authorizationid = (int)authorization;
db.administrators.Add(tmp);
db.SaveChanges();
return(RedirectToAction("Administrators", "Admin"));
}
return(RedirectToAction("Administrators", "Admin"));
}
public ActionResult EditAdministrator(string ID, string name, string password, string rpassword, DateTime?birth, int?authorization, string sex)
{
if (ID != "" || password != "")
{
if (name != "" || rpassword != "" || birth.HasValue == true || sex != "")
{
administrator tmp = new administrator();
tmp = db.administrators.Find(ID);
if (name != "")
{
tmp.administratorname = name;
}
if (rpassword != "" && password == rpassword)
{
tmp.administratorpassword = password;
}
if (birth.HasValue == true)
{
tmp.administratorbirth = birth;
}
if (sex != "")
{
tmp.administratorsex = sex;
}
if (authorization != null)
{
tmp.authorizationid = (int)authorization;
}
db.Entry(tmp).State = EntityState.Modified;
db.SaveChanges();
}
return(RedirectToAction("Administrators", "Admin"));
}
return(RedirectToAction("Administrators", "Admin"));
}
protected void btnUnitAmountUpdate_Click(object sender, EventArgs e)
{
administrator unitAmount = new administrator();
unitAmount.UpdateUnitAmount(txtUnitAmount.Text.ToString());
unitAmountLoad();
}
public ActionResult AddAdmin(administrator administrator)
{
var data = Request["data"];
var adminData = SerializeHelper.SerializeToObject <dynamic>(data);
int role_id = adminData.role_id;
var role = RoleService.LoadEntities(n => n.id == role_id).FirstOrDefault();
if (role == null)
{
role = RoleService.LoadEntities(n => n.id == 3).FirstOrDefault(); //默认添加超级管理员
}
string pwd = adminData.login_pwd;
administrator = new administrator();
administrator.add_time = DateTime.Now;
administrator.head_protrait = adminData.head_protrait;
administrator.login_account = adminData.login_account;
administrator.login_pwd = Common.EncryptHelper.Encrypt(pwd);
administrator.mod_time = DateTime.Now;
administrator.sort = adminData.sort;
administrator.name = adminData.name;
administrator.role.Add(role);
if (AdministratorService.AddEntity(administrator).id > 0)
{
SaveSyslog($"管理员{administrator.name}信息添加成功", SysLogType.后台日志, nowManager.name);
return(Json(SysEnum.成功, "添加成功"));
}
return(Json(SysEnum.失败, "添加管理员失败"));
}
protected void LoadLabels()
{
administrator admin = new administrator();
DataTable adminTbl = admin.GetAdminByEmail(User.Identity.Name);
lblAdminIdBind.Text = string.Format("ZM{0:000000}", Convert.ToInt32(adminTbl.Rows[0]["ID"].ToString()));
lblAdminIdBind.Visible = true;
lblEmailBind.Text = adminTbl.Rows[0]["Email"].ToString();
lblEmailBind.Visible = true;
lblFNameBind.Text = adminTbl.Rows[0]["FirstName"].ToString();
lblFNameBind.Visible = true;
lblLNameBind.Text = adminTbl.Rows[0]["LastName"].ToString();
lblLNameBind.Visible = true;
lblContactNumBind.Text = adminTbl.Rows[0]["ContactNumber"].ToString();
lblContactNumBind.Visible = true;
lblPassportIDBind.Text = adminTbl.Rows[0]["PassportID"].ToString();
lblPassportIDBind.Visible = true;
lblAddressBind.Text = adminTbl.Rows[0]["PhysicalAddress"].ToString();
lblAddressBind.Visible = true;
txtFName.Visible = false;
txtLName.Visible = false;
txtContactNum.Visible = false;
txtPassportID.Visible = false;
txtPhysicalAddress.Visible = false;
btnCancel.Enabled = false;
btnUpdate.Enabled = false;
btnEdit.Enabled = true;
}
protected void btnDelete_Click(object sender, EventArgs e)
{
string adminID = Convert.ToString(((int)GridView1.SelectedValue));
administrator admin = new administrator();
if (admin.GetAdminCount() > 1)
{
bool flag = admin.DeleteAdmin(adminID);
if (flag)
{
lblMessage.Text = "Successfully Deleted Administrator.";
lblMessage.ForeColor = System.Drawing.Color.Green;
}
else
{
lblMessage.Text = "Delete Administrator Failed.";
lblMessage.ForeColor = System.Drawing.Color.Red;
}
GridView1.DataBind();
GridView1.SelectedIndex = -1;
}
else
{
lblMessage.Text = "Delete Administrator Failed. There must be at least 1 admninistrator.";
lblMessage.ForeColor = System.Drawing.Color.Red;
GridView1.SelectedIndex = -1;
}
}
public ActionResult Create([Bind(Include = "id,password,gender,first_Name,last_Name,email,phone_number,role")] user user)
{
if (ModelState.IsValid)
{
user.last_LoginTime = DateTime.Now;
//deploy role
if (user.role == "Doctor")
{
doctor doctor = new doctor();
doctor.id = user.id;
db.doctors.Add(doctor);
}
else if (user.role == "Administrator")
{
administrator administrator = new administrator();
administrator.id = user.id;
db.administrators.Add(administrator);
}
else if (user.role == "Stomalogist")
{
stomatologist stomatologist = new stomatologist();
stomatologist.id = user.id;
db.stomatologists.Add(stomatologist);
}
else
{
ModelState.AddModelError("", "Please enter correct role");
return(View());
}
db.users.Add(user);
db.SaveChanges();
return(RedirectToAction("Index"));
}
List <SelectListItem> roleList = new List <SelectListItem>()
{
new SelectListItem()
{
Text = "Administrator",
Value = "Administrator",
},
new SelectListItem
{
Text = "Doctor",
Value = "Doctor",
},
new SelectListItem
{
Text = "Stomalogist",
Value = "Stomalogist",
}
};
ViewBag.roleSelectList = new SelectList(roleList, "Value", "Text");
return(RedirectToAction("Index", "Administrators"));
}
protected void btnUpdate_Click(object sender, EventArgs e)
{
administrator admin = new administrator();
string updateString = "UPDATE jobsdb_Administrator SET FirstName='" + txtFName.Text.ToString() + "', LastName ='" + txtLName.Text.ToString() + "', ContactNumber='" + txtContactNum.Text.ToString() + "', PassportID='" + txtPassportID.Text.ToString() + "', PhysicalAddress='" + txtPhysicalAddress.Text.ToString() + "' WHERE ID='" + admin.GetAdminIDByEmail(User.Identity.Name) + "'";
bool flag = admin.UpdateAdmin(updateString);
LoadLabels();
}
static internal XElement supervisorToXml(administrator admin)
{
return(new XElement("supervisor",
new XAttribute("technicianID", admin.id),
new XAttribute("name", admin.NAME),
new XAttribute("email", admin.email),
admin.NAME));
}
protected void btnDeactivate_Click(object sender, EventArgs e)
{
GridView1.SelectedIndex = Convert.ToInt32(lblIndexHidden.Text.ToString());
string OrderNum = Convert.ToString((int)GridView1.SelectedValue);
administrator order = new administrator();
order.UpdateOrderDeActivate(OrderNum);
FillTable(ddlCompany.SelectedValue.ToString(), txtOrderFilter.Text.ToString());
lblIndexHidden.Text = "-1";
}
private void homepage_Load(object sender, EventArgs e)
{
//窗口变量赋值
organization = new organization();
personal = new personal();
feedback = new feedback();
administrator = new administrator();
help = new help();
changepassword = new changepassword();
}
protected void Page_Load(object sender, EventArgs e)
{
FillTable("", "");
LoadBtn();
GridView1.PageSize = Convert.ToInt32(ddlRecordsPerPage.SelectedValue);
administrator order = new administrator();
DataTable orderTbl = order.GetOrders();
lblOrderCount.Text = orderTbl.Rows.Count.ToString();
orderNumTbl = database.getTable("SELECT OrderNum FROM jobsdb_UnitOrder");
}
//Constructer
public AdministratorView(administrator administrator)
{
HOTELEntities db = new HOTELEntities();
id = administrator.administratorid.Replace(" ", "");
name = administrator.administratorname;
birth = administrator.administratorbirth.ToString().Replace("12:00:00 AM", string.Empty);
sex = administrator.administratorsex;
authorizationID = administrator.authorizationid;
password = administrator.administratorpassword;
authorizationName = db.authorizations.Find(administrator.authorizationid).authorizationname;
}
protected void btnDownloadCV_Click(object sender, EventArgs e)
{
string jobseekerID = Convert.ToString((int)GridView1.SelectedValue);
administrator admin = new administrator();
Byte[] data = admin.GetCVByJobseekerID(jobseekerID);
Response.Clear();
Response.Buffer = true;
Response.ContentType = "application/vnd.ms-word";
Response.AddHeader("content-disposition", "attachment;filename=ZamJobsCV_" + admin.GetJobseekerName(jobseekerID) + ".doc");
Response.Charset = "";
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.BinaryWrite(data);
Response.End();
}
protected void remove_function_Command(object sender, CommandEventArgs e)
{
string[] commandKeys = new string[2];
commandKeys = e.CommandArgument.ToString().Split(';');
try
{
administrator admin = new administrator();
admin.updateFunctionAccess(commandKeys[0], commandKeys[1], 0);
Response.Redirect(Request.RawUrl);
}
catch (Exception ex)
{
msg.Text = "There was a problem, error: " + ex.Message;
}
}
public ActionResult Login([Bind(Include = "name,password")] administrator adm)
{
if (ModelState.IsValid)
{
var admin = db.administrator.FirstOrDefault(o => o.name == adm.name && o.password == adm.password);
if (admin == null)
{
ViewBag.NextUrl = "~/Administrators/Login";
ViewBag.Message = "登录失败:系统中无此管理员。";
return(View("~/Views/Shared/Message.cshtml"));
}
Session["admin"] = admin.name;
return(RedirectToAction("Details", "Administrators"));
}
ViewBag.NextUrl = "~/Administrators/Login";
ViewBag.Message = "登录失败:账号信息有误。";
return(View("~/Views/Shared/Message.cshtml"));
}
protected void btnActivate_Click(object sender, EventArgs e)
{
string adminID = Convert.ToString(((int)GridView1.SelectedValue));
administrator admin = new administrator();
bool flag = admin.ActivateAdmin(adminID);
if (flag)
{
lblMessage.Text = "Successfully Activated Administrator.";
lblMessage.ForeColor = System.Drawing.Color.Green;
}
else
{
lblMessage.Text = "Activate Administrator Failed.";
lblMessage.ForeColor = System.Drawing.Color.Red;
}
GridView1.DataBind();
GridView1.SelectedIndex = -1;
}
protected void btnCategoryUpdate_Click(object sender, EventArgs e)
{
administrator admin = new administrator();
dataAccess database = new dataAccess();
Format format = new Format();
bool flag = false;
bool exists = false;
DataTable jobCatTbl = admin.GetJobCategoryTable();
for (int i = 0; i < jobCatTbl.Rows.Count; i++)
{
if (jobCatTbl.Rows[i]["Category"].ToString().ToLower() == txtNewCategory.Text.ToString().ToLower())
{
exists = true;
}
}
if (exists == false)
{
flag = database.insertData("INSERT INTO jobsdb_JobCategory (Category) VALUES ('" + format.capitalizeStart(txtNewCategory.Text.ToString()) + "')");
}
if (flag)
{
lblCategoryMessage.Text = txtNewCategory.Text.ToString() + " successfully inserted";
lblCategoryMessage.ForeColor = System.Drawing.Color.Green;
ddlCategory.DataBind();
}
else
{
if (exists)
{
lblCategoryMessage.Text = txtNewCategory.Text + " already exists";
lblCategoryMessage.ForeColor = System.Drawing.Color.Red;
}
else
{
lblCategoryMessage.Text = "Unable to insert request";
lblCategoryMessage.ForeColor = System.Drawing.Color.Red;
}
}
txtNewCategory.Text = "";
}
protected void GridView1_RowUpdating(object sender, GridViewUpdateEventArgs e)
{
administratorBLL AdminBLL = new administratorBLL();
administrator Admin = new administrator();
Admin.id = Convert.ToInt32(GridView1.DataKeys[e.RowIndex].Value);
Admin.userName = Tools.safeUserInput(((TextBox)(GridView1.Rows[e.RowIndex].Cells[0].Controls[0])).Text.ToString().Trim());
Admin.passWord = Tools.encrypt(((TextBox)(GridView1.Rows[e.RowIndex].Cells[1].Controls[0])).Text.ToString().Trim());
Admin.type = Tools.safeUserInput(((TextBox)(GridView1.Rows[e.RowIndex].Cells[2].Controls[0])).Text.ToString().Trim());
if (AdminBLL.Update(Admin))
{
MessageBox.Show(this, "更新成功!");
GridView1.EditIndex = -1;
dataBind();
}
else
{
MessageBox.Show(this, "更新失败!");
GridView1.EditIndex = -1;
}
}
protected void btnEdit_Click(object sender, EventArgs e)
{
btnDelete.Enabled = true;
btnEdit.Enabled = false;
btnCancel.Enabled = true;
administrator admin = new administrator();
string adminID = Convert.ToString(((int)GridView1.SelectedValue));
DataTable adminTbl = admin.GetAdminByID(adminID);
if (Convert.ToBoolean(adminTbl.Rows[0]["Active"].ToString()) == true)
{
btnDeactivate.Enabled = true;
btnActivate.Enabled = false;
}
else if (Convert.ToBoolean(adminTbl.Rows[0]["Active"].ToString()) == false)
{
btnDeactivate.Enabled = false;
btnActivate.Enabled = true;
}
}
//Del a admin account
public ActionResult DelAdministrator(string ID)
{
if (ID != "")
{
administrator tmp = new administrator();
foreach (administrator a in db.administrators)
{
if (a.administratorid.Replace(" ", "") == ID)
{
tmp = a;
break;
}
}
if (tmp.administratorid.ToString().Replace(" ", "") != "")
{
db.administrators.Remove(tmp);
db.SaveChanges();
}
}
return(RedirectToAction("Administrators", "Admin"));
}
//delete user button action
protected void delete_Click(object sender, EventArgs e)
{
administrator admin = new administrator();
int user_id = int.Parse(userDropList.SelectedValue);
try
{
if (user_id == 1)
{
msg.Text = "Administrator account cannot be deleted!";
}
else
{
admin.deleteUser(user_id);
Response.Redirect(Request.RawUrl);
}
}
catch (Exception ex)
{
msg.Text = "User could not be deleted, error: " + ex.Message;
}
}
protected void save_btn_Click(object sender, EventArgs e)
{
administrator admin = new administrator();
string position_title = title.Text;
int position_rate = int.Parse(pay_rate.Text);
int position_quota = int.Parse(quota.Text);
//to add values if no editing is taking place.
if (cancel_btn.Visible == false)
{
try
{
admin.addNewPosition(position_title, position_rate, position_quota);
emptyForm();
msg.Text = "Position has been added.";
emptyForm();
}
catch (Exception ex)
{
msg.Text = "Position could not be added, error: " + ex.Message;
}
}
else //to save the edited values.
{
try
{
int positionID = int.Parse(position_list.SelectedValue);
admin.editPosition(positionID, position_title, position_rate, position_quota);
msg.Text = "Position has been edited.";
clearPageAfterEdit();
}
catch (Exception ex)
{
msg.Text = "Position could not be modified, error: " + ex.Message;
}
}
}
//update user details button action
protected void save_Click(object sender, EventArgs e)
{
administrator admin = new administrator();
int user_id = int.Parse(Session["selectedUser"].ToString());
try
{
object[] updated_info = new object[6];
updated_info[0] = userPositionDropList.SelectedValue;
updated_info[1] = int.Parse(warningLettterCount.Text);
updated_info[2] = userPassword.Text;
updated_info[3] = achievements.Text;
if (string.IsNullOrWhiteSpace(resignDate.Text))
{
updated_info[4] = null;
}
else
{
if (validateDateFromat(resignDate.Text) == true)
{
updated_info[4] = resignDate.Text;
}
else
{
msg.Text = "Resgin date is not valid, please use the following format: yyyy-MM-dd";
return;
}
}
admin.editUser(user_id, updated_info);
Response.Redirect(Request.RawUrl);
}
catch (Exception ex)
{
msg.Text = "User details cannot be updated, error: " + ex.Message;
}
}
protected void delete_Click(object sender, EventArgs e)
{
administrator admin = new administrator();
int user_id = int.Parse(userDropList.SelectedValue);
try
{
if (user_id == 1)
{
msg.Text = "Administrator account cannot be deleted!";
}
else
{
admin.deleteUser(user_id);
System.Web.UI.ScriptManager.RegisterClientScriptBlock(this, this.GetType(), "AlertBox", "alert('You have just deleted user " + usernameText.Text + "');", true);
Response.Redirect(Request.RawUrl);
}
}
catch (Exception ex)
{
msg.Text = "User could not be deleted, error: " + ex.Message;
}
}
protected void btnEdit_Click(object sender, EventArgs e)
{
GridView1.SelectedIndex = Convert.ToInt32(lblIndexHidden.Text.ToString());
string OrderNum = Convert.ToString((int)GridView1.SelectedValue);
administrator order = new administrator();
//DataTable selectedOrderTbl = database.getTable(SqlDataSourceOrders.SelectCommand);
//string OrderNum = selectedOrderTbl.Rows[GridView1.SelectedIndex]["OrderNum"].ToString();
DataTable orderTbl = order.GetOrdersByOrderNum(OrderNum);
btnCancel.Enabled = true;
if (orderTbl.Rows[0]["Paid"].ToString() == "N")
{
btnCredit.Enabled = true;
}
else if (orderTbl.Rows[0]["Paid"].ToString() == "Y" && orderTbl.Rows[0]["Credited"].ToString() == "N")
{
btnCredit.Enabled = true;
}
else if (orderTbl.Rows[0]["Paid"].ToString() == "Y" && orderTbl.Rows[0]["Credited"].ToString() == "Y")
{
btnCredit.Enabled = false;
}
if (orderTbl.Rows[0]["Active"].ToString() == "Y")
{
btnDeactivate.Enabled = true;
}
else
{
btnActivate.Enabled = true;
}
FillEditTable(ddlCompany.SelectedValue.ToString(), txtOrderFilter.Text.ToString());
}
protected void save_Click(object sender, EventArgs e)
{
administrator admin = new administrator();
int user_id = int.Parse(Session["selectedUser"].ToString());
try
{
object[] updated_info = new object[3];
updated_info[0] = userRoleDropList.SelectedValue;
updated_info[1] = userPassword.Text;
updated_info[2] = achievements.Text;
admin.editUser(user_id, updated_info);
System.Web.UI.ScriptManager.RegisterClientScriptBlock(this, this.GetType(), "AlertBox", "alert('You have saved User info');", true);
Response.Redirect(Request.RawUrl);
}
catch (Exception ex)
{
msg.Text = "User details cannot be updated, error: " + ex.Message;
}
}
protected void Unnamed2_Click(object sender, EventArgs e)
{
string userNameStr=Tools.safeUserInput(TextBox1.Text.ToString().Trim());
string passWordStr = Tools.safeUserInput(TextBox2.Text.ToString().Trim());
if(userNameStr.Length<1){
MessageBox.Show(this,"用户名不能为空!");
return;
}
if(passWordStr.Length<1){
MessageBox.Show(this,"密码不能为空!");
return;
}
administratorBLL AdminBLL = new administratorBLL();
if (AdminBLL.Exists(userNameStr)) {
MessageBox.Show(this, "用户名已存在!");
return;
}
administrator Admin = new administrator();
Admin.userName = userNameStr;
Admin.passWord = Tools.encrypt(passWordStr);
Admin.type = DropDownList1.SelectedItem.Value;
try
{
AdminBLL.Add(Admin);
}
catch {
MessageBox.Show(this, "添加失败!");
}
MessageBox.Show(this, "添加成功!");
dataBind();
}
public DataTable buildAndPerformSelectDeleteQuery(string queryType, string tableName, string queryValue)
{
if (queryType == "select")
{
if (tableName == "administrator")
{
IEnumerable <CinemaContext.administrator> selectData =
from administrator in dc.administrators
select administrator;
dt = LINQResultToDataTable(selectData);
}
if (tableName == "cashier")
{
IEnumerable <CinemaContext.cashier> selectData =
from cashier in dc.cashiers
select cashier;
dt = LINQResultToDataTable(selectData);
}
if (tableName == "customer")
{
IEnumerable <CinemaContext.customer> selectData =
from customer in dc.customers
select customer;
dt = LINQResultToDataTable(selectData);
}
if (tableName == "film")
{
IEnumerable <CinemaContext.film> selectData =
from film in dc.films
select film;
dt = LINQResultToDataTable(selectData);
}
}
if (queryType == "delete")
{
int idValue;
var splitRes = queryValue.Split('=');
idValue = Convert.ToInt32(splitRes[1]);
if (tableName == "administrator")
{
administrator admin = (from r in dc.administrators
where r.adminid == idValue select r).SingleOrDefault();
dc.administrators.DeleteOnSubmit(admin);
dc.SubmitChanges();
IEnumerable <CinemaContext.administrator> selectData =
from administrator in dc.administrators
select administrator;
dt = LINQResultToDataTable(selectData);
}
if (tableName == "cashier")
{
cashier cash = (from r in dc.cashiers
where r.cashierid == idValue
select r).SingleOrDefault();
dc.cashiers.DeleteOnSubmit(cash);
dc.SubmitChanges();
IEnumerable <CinemaContext.cashier> selectData =
from cashier in dc.cashiers
select cashier;
dt = LINQResultToDataTable(selectData);
}
if (tableName == "customer")
{
customer cust = (from r in dc.customers
where r.customerid == idValue
select r).SingleOrDefault();
dc.customers.DeleteOnSubmit(cust);
dc.SubmitChanges();
IEnumerable <CinemaContext.customer> selectData =
from customer in dc.customers
select customer;
dt = LINQResultToDataTable(selectData);
}
if (tableName == "film")
{
string filmTitle;
var splitResult = queryValue.Split('=');
filmTitle = splitRes[1];
film fil = (from r in dc.films
where r.title == filmTitle
select r).SingleOrDefault();
dc.films.DeleteOnSubmit(fil);
dc.SubmitChanges();
IEnumerable <CinemaContext.film> selectData =
from film in dc.films
select film;
dt = LINQResultToDataTable(selectData);
}
}
return(dt);
}
/// <summary>
/// 在调用操作方法前调用。
/// </summary>
/// <param name="filterContext">有关当前请求和操作的信息。</param>
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
WebController controller = filterContext.Controller as WebController;
string tokenStr = WebHelper.GetStringParam("token");
if (string.IsNullOrEmpty(tokenStr))
{
filterContext.Result = new ExtJsonResult()
{
Data = new { code = (int)SysEnum.参数错误, msg = "token不能为空,请重新登录" },
ContentEncoding = controller.Request.ContentEncoding,
ContentType = "application/json",
JSONPCallBack = controller.CallBack,
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
return;
}
int userid;
string userip;
try
{
string[] arr = Common.EncryptHelper.Decrypt(tokenStr).Split('|');
userid = int.Parse(arr[0]);
userip = arr[1];
}
catch (Exception)
{
filterContext.Result = new ExtJsonResult()
{
Data = new { code = (int)SysEnum.参数错误, msg = "token错误,请重新登录" },
ContentEncoding = controller.Request.ContentEncoding,
ContentType = "application/json",
JSONPCallBack = controller.CallBack,
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
return;
}
if (!userip.Equals(filterContext.HttpContext.Request.UserHostAddress))
{
filterContext.Result = new ExtJsonResult()
{
Data = new { code = (int)SysEnum.IP不匹配, msg = "IP地址发生变化,请重新登录" },
ContentEncoding = controller.Request.ContentEncoding,
ContentType = "application/json",
JSONPCallBack = controller.CallBack,
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
return;
}
var strUser = CacheHelper.GetCache(userid.ToString()) as administrator;
if (strUser == null)
{
filterContext.Result = new ExtJsonResult()
{
Data = new { code = (int)SysEnum.登录超时, msg = "登录超时,请重新登录 01" },
ContentEncoding = controller.Request.ContentEncoding,
ContentType = "application/json",
JSONPCallBack = controller.CallBack,
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
return;
}
administrator admin = strUser;
if (admin == null)
{
filterContext.Result = new ExtJsonResult()
{
Data = new { code = (int)SysEnum.登录超时, msg = "登录超时,请重新登录 02" },
ContentEncoding = controller.Request.ContentEncoding,
ContentType = "application/json",
JSONPCallBack = controller.CallBack,
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
return;
}
//滑动窗口机制
CacheHelper.SetCache(userid.ToString(), admin, DateTime.Now.AddMinutes(20));
//校验权限
//把当前请求对应的权限拿到
if (admin.login_account == "admin")
{
return;
}
//拿到当前的url和访问方式
string url = filterContext.HttpContext.Request.Url.AbsolutePath.ToLower();
string httpMethod = filterContext.HttpContext.Request.HttpMethod.ToLower();
////通过Spring.Net容器创建对象
IApplicationContext ctx = ContextRegistry.GetContext();
IactionService actionService = ctx.GetObject("actionService") as IactionService;
IadministratorService administratorService = ctx.GetObject("administratorService") as IadministratorService;
if (!url.Contains("home"))
{
//拿到当前请求对应的权限数据
var actionInfo = actionService.LoadEntities(a => a.url.ToLower() == url && httpMethod == a.http_method.ToLower()).FirstOrDefault();
if (actionInfo == null)
{
filterContext.Result = new ExtJsonResult()
{
Data = new { code = (int)SysEnum.权限不足, msg = "权限不足" },
ContentEncoding = controller.Request.ContentEncoding,
ContentType = "application/json",
JSONPCallBack = controller.CallBack,
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
return;
}
//拿到当前管理员的所有权限id
//1,获取角色信息
var roleList = admin.role.ToList();
// 2.获取所有角色对应的权限信息
var adminactionidList = CacheHelper.GetCache($"adminactionidList{admin.id}") as List <int>;
//将管理员权限缓存起来,当修改权限的时候,记得更新
if (adminactionidList == null || adminactionidList.Count == 0)
{
var actionidList = new List <int>();
foreach (var item in roleList)
{
var acid = item.action.ToList().Select(n => n.id).ToList();
actionidList.AddRange(acid);
}
actionidList.Distinct();
if (actionidList.Count > 0)
{
CacheHelper.AddCache($"adminactionidList{admin.id}", actionidList, DateTime.Now.AddHours(2));
}
}
if (!adminactionidList.Contains(actionInfo.id))
{
filterContext.Result = new ExtJsonResult()
{
Data = new { code = (int)SysEnum.权限不足, msg = "权限不足" },
ContentEncoding = controller.Request.ContentEncoding,
ContentType = "application/json",
JSONPCallBack = controller.CallBack,
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
return;
}
}
}