/// <summary>
/// 分页查询
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="recordCount">记录数</param>
/// <param name="pageNo">当前页</param>
/// <param name="pageSize">每页显示</param>
/// <param name="condition">条件</param>
/// <param name="dbParameters">参数</param>
/// <param name="order">排序</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, int pageNo, int pageSize, string condition, List <KeyValuePair <string, object> > dbParameters, string order = null)
{
var result = new DataTable(BaseUserEntity.CurrentTableName);
var myRecordCount = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
if (SecretUtil.IsSqlSafe(condition))
{
var userManager = new BaseUserManager(dbHelper, userInfo)
{
ShowUserLogonInfo = false
};
result = userManager.GetDataTableByPage(out myRecordCount, pageNo, pageSize, condition, dbHelper.MakeParameters(dbParameters), order);
result.TableName = BaseUserEntity.CurrentTableName;
}
else
{
// 记录注入日志
LogUtil.WriteLog("userInfo:" + userInfo.Serialize() + " " + condition, "SqlSafe");
}
});
recordCount = myRecordCount;
return(result);
}
public static BaseResult GetUserByOrganize(BaseUserInfo userInfo, string companyId, string departmentId)
{
BaseResult result = new BaseResult();
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/MessageService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
// 2015-11-25 吉日嘎拉,这个要看看,有没有必要设置缓存?
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("function", "GetUserByOrganize");
postValues.Add("companyId", companyId);
postValues.Add("departmentId", departmentId);
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer();
result = javaScriptSerializer.Deserialize <BaseResult>(response);
}
return(result);
}
/// <summary>
/// 获取用户的角色列表
/// </summary>
/// <param name="userInfo">用户信息</param>
/// <param name="systemCode">系统编号</param>
/// <param name="userId">用户主键</param>
/// <returns>角色列表</returns>
public static List <BaseRoleEntity> GetUserRoleList(BaseUserInfo userInfo, string systemCode, string userId)
{
List <BaseRoleEntity> result = new List <BaseRoleEntity>();
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/UserService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", systemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
postValues.Add("function", "GetUserRoleList");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("userId", userId);
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
result = JsonConvert.DeserializeObject <List <BaseRoleEntity> >(response);
}
return(result);
}
public static BaseDepartmentEntity GetObjectByName(BaseUserInfo userInfo, string companyId, string fullName)
{
BaseDepartmentEntity result = null;
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/DepartmentService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", BaseSystemInfo.SystemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
postValues.Add("function", "GetObjectByName");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("encrypted", true.ToString());
postValues.Add("companyId", SecretUtil.Encrypt(companyId));
postValues.Add("fullName", SecretUtil.Encrypt(fullName));
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
result = JsonConvert.DeserializeObject <BaseDepartmentEntity>(response);
}
return(result);
}
/// <summary>
/// 验证 OpenId 是否正确
/// </summary>
/// <param name="userInfo">用户信息</param>
/// <param name="systemCode">系统编号</param>
/// <param name="userId">用户主键</param>
/// <param name="openId">OpenId</param>
/// <returns>在角色里</returns>
public static bool ValidateOpenId(BaseUserInfo userInfo, string systemCode, string userId, string openId)
{
bool result = false;
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/LogOnService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", systemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
postValues.Add("function", "ValidateOpenId");
if (userInfo != null)
{
postValues.Add("userInfo", userInfo.Serialize());
}
postValues.Add("userId", userId);
postValues.Add("openId", openId);
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
result = response.Equals(true.ToString());
}
return(result);
}
/// <summary>
/// 获取 OpenId
/// </summary>
/// <param name="userInfo">用户信息</param>
/// <param name="cachingSystemCode">系统编号</param>
/// <returns>OpenId</returns>
public static string GetUserOpenId(BaseUserInfo userInfo, string cachingSystemCode = null)
{
string result = string.Empty;
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/LogOnService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("cachingSystemCode", cachingSystemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
postValues.Add("function", "GetUserOpenId");
if (userInfo != null)
{
postValues.Add("userInfo", userInfo.Serialize());
}
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
BaseResult baseResult = new BaseResult();
if (!string.IsNullOrEmpty(response))
{
baseResult = JsonConvert.DeserializeObject <BaseResult>(response);
result = baseResult.StatusCode;
}
return(result);
}
/// <summary>
/// 查询用户列表
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="recordCount">记录条数</param>
/// <param name="pageNo">第几页</param>
/// <param name="pageSize">每页显示条数</param>
/// <param name="permissionCode">操作权限</param>
/// <param name="conditions">条件</param>
/// <param name="sort">排序</param>
/// <returns>数据表</returns>
public DataTable SearchUserByPage(BaseUserInfo userInfo, out int recordCount, int pageNo, int pageSize, string permissionCode, string conditions, string sort = null)
{
var departmentId = string.Empty;
var myrecordCount = 0;
var dt = new DataTable(BaseUserEntity.CurrentTableName);
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
if (SecretUtil.IsSqlSafe(conditions))
{
var userManager = new BaseUserManager(dbHelper, userInfo)
{
ShowUserLogonInfo = true
};
dt = userManager.SearchLogByPage(out myrecordCount, pageNo, pageSize, permissionCode, conditions, sort);
dt.TableName = BaseUserEntity.CurrentTableName;
}
else
{
// 记录注入日志
LogUtil.WriteLog("userInfo:" + userInfo.Serialize() + " " + conditions, "SqlSafe");
}
});
recordCount = myrecordCount;
return(dt);
}
// 只判断角色权限
public static bool CheckPermissionByRole(BaseUserInfo userInfo, string systemCode, string roleId, string permissionCode)
{
bool result = false;
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/PermissionService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", systemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
postValues.Add("function", "CheckPermissionByRole");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("roleId", roleId);
postValues.Add("permissionCode", permissionCode);
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer();
result = javaScriptSerializer.Deserialize <bool>(response);
}
return(result);
}
// 用户的最终权限获取
public static List <BaseModuleEntity> GetPermissionList(BaseUserInfo userInfo, string systemCode, string userId)
{
List <BaseModuleEntity> result = null;
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/PermissionService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", systemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
postValues.Add("function", "GetPermissionList");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("userId", userId);
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer();
result = javaScriptSerializer.Deserialize <List <BaseModuleEntity> >(response);
}
return(result);
}
/// <summary>
/// 调用消息广播接口
/// </summary>
/// <returns></returns>
public static BaseResult Broadcast(BaseUserInfo userInfo, string systemCode, bool allcompany, string[] roleIds
, string[] areaIds, string[] companyIds, bool subCompany
, string[] departmentIds,
bool subDepartment, string[] userIds, string message, bool onlineOnly, MessageFunction functionCode = MessageFunction.Remind, DateTime?expireAt = null)
{
BaseResult result = null;
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/MessageService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", systemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
postValues.Add("function", "Broadcast");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("allcompany", allcompany.ToString());
if (roleIds != null)
{
postValues.Add("roleIds", string.Join(",", roleIds));
}
if (areaIds != null)
{
postValues.Add("areaIds", string.Join(",", areaIds));
}
if (companyIds != null)
{
postValues.Add("companyIds", string.Join(",", companyIds));
}
postValues.Add("subCompany", subCompany.ToString());
if (departmentIds != null)
{
postValues.Add("departmentIds", string.Join(",", departmentIds));
}
postValues.Add("subDepartment", subDepartment.ToString());
if (userIds != null)
{
postValues.Add("userIds", string.Join(",", userIds));
}
postValues.Add("message", HttpUtility.HtmlEncode(message));
postValues.Add("onlineOnly", onlineOnly.ToString());
// 2016-04-06 吉日嘎拉 提高弹出消息的位置
postValues.Add("functionCode", functionCode.ToString());
if (expireAt.HasValue)
{
postValues.Add("expireAt", expireAt.Value.ToString(BaseSystemInfo.DateTimeFormat));
}
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer();
result = javaScriptSerializer.Deserialize <BaseResult>(response);
}
return(result);
}
public static int RemoveUserFromRole(BaseUserInfo userInfo, string systemCode, string roleId, string[] userIds)
{
BaseResult baseResult = new BaseResult();
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/RoleService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", systemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
// 2015-11-25 吉日嘎拉,这个要看看,有没有必要设置缓存?
postValues.Add("function", "RemoveUserFromRole");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("encrypted", false.ToString());
postValues.Add("roleId", roleId);
postValues.Add("userId", string.Join(",", userIds));
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer();
baseResult = javaScriptSerializer.Deserialize <BaseResult>(response);
}
return(baseResult.RecordCount);
}
public static List <BaseAreaEntity> GetProvinceList(BaseUserInfo userInfo)
{
List <BaseAreaEntity> result = null;
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/AreaService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", BaseSystemInfo.SystemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
// 2015-11-25 吉日嘎拉,这里还是从缓存里获取就可以了,提高登录的效率。
postValues.Add("function", "GetProvinceList");
postValues.Add("userInfo", userInfo.Serialize());
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
result = JsonConvert.DeserializeObject <List <BaseAreaEntity> >(response);
}
return(result);
}
/// <summary>
/// 获取分页数据(防注入功能的)
/// </summary>
/// <param name="recordCount">记录条数</param>
/// <param name="tableName">数据来源表名</param>
/// <param name="selectField">选择字段</param>
/// <param name="pageIndex">当前页</param>
/// <param name="pageSize">每页显示多少条</param>
/// <param name="conditions">查询条件</param>
/// <param name="dbParameters">查询参数</param>
/// <param name="orderBy">排序字段</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, string tableName, string selectField, int pageIndex, int pageSize, string conditions, List <KeyValuePair <string, object> > dbParameters, string orderBy)
{
DataTable result = null;
// 判断是否已经登录的用户?
var userManager = new BaseUserManager(userInfo);
recordCount = 0;
// 判断是否已经登录的用户?
if (userManager.UserIsLogOn(userInfo))
{
if (SecretUtil.IsSqlSafe(conditions))
{
recordCount = DbLogic.GetCount(DbHelper, tableName, conditions, DbHelper.MakeParameters(dbParameters));
result = DbLogic.GetDataTableByPage(DbHelper, tableName, selectField, pageIndex, pageSize, conditions, DbHelper.MakeParameters(dbParameters), orderBy);
}
else
{
if (System.Web.HttpContext.Current != null)
{
// 记录注入日志
DotNet.Utilities.FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + conditions, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
}
}
return(result);
}
public static string GetParameter(BaseUserInfo userInfo, string tableName, string categoryCode, string parameterId, string parameterCode)
{
string result = string.Empty;
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/ParameterService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", BaseSystemInfo.SystemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
// 2015-11-25 吉日嘎拉,这里还是从缓存里获取就可以了,提高登录的效率。
postValues.Add("function", "GetParameter");
// postValues.Add("function", "GetParameterByCache");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("tableName", tableName);
postValues.Add("categoryCode", categoryCode);
postValues.Add("parameterId", parameterId);
postValues.Add("parameterCode", parameterCode);
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
result = Encoding.UTF8.GetString(responseArray);
return(result);
}
/// <summary>
/// 获取分页数据(防注入功能的)
/// </summary>
/// <param name="userInfo">用户信息</param>
/// <param name="recordCount">记录条数</param>
/// <param name="tableName">数据来源表名</param>
/// <param name="selectField">选择字段</param>
/// <param name="pageNo">当前页</param>
/// <param name="pageSize">每页显示多少条</param>
/// <param name="conditions">查询条件</param>
/// <param name="dbParameters">查询参数</param>
/// <param name="orderBy">排序字段</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, string tableName, string selectField, int pageNo, int pageSize, string conditions, List <KeyValuePair <string, object> > dbParameters, string orderBy)
{
DataTable result = null;
var myRecordCount = 0;
var dt = new DataTable(BaseModuleEntity.CurrentTableName);
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
// 判断是否已经登录的用户?
var userManager = new BaseUserManager(userInfo);
// 判断是否已经登录的用户?
if (userManager.UserIsLogon(userInfo))
{
if (SecretUtil.IsSqlSafe(conditions))
{
myRecordCount = dbHelper.GetCount(tableName, conditions, dbHelper.MakeParameters(dbParameters));
result = DbUtil.GetDataTableByPage(dbHelper, tableName, selectField, pageNo, pageSize, conditions, dbHelper.MakeParameters(dbParameters), orderBy);
}
else
{
// 记录注入日志
LogUtil.WriteLog("userInfo:" + userInfo.Serialize() + " " + conditions, "SqlSafe");
}
}
});
recordCount = myRecordCount;
return(result);
}
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, string tableName, string selectField, int pageIndex, int pageSize, string conditions, IDbDataParameter[] dbParameters, string orderBy)
{
DataTable result = null;
recordCount = 0;
string connectionString = string.Empty;
connectionString = ConfigurationHelper.AppSettings("OpenMasDbConnection", BaseSystemInfo.EncryptDbConnection);
if (!string.IsNullOrEmpty(connectionString))
{
if (SecretUtil.IsSqlSafe(conditions))
{
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(CurrentDbType.SqlServer, connectionString))
{
recordCount = DbLogic.GetCount(dbHelper, tableName, conditions, dbParameters);
result = DbLogic.GetDataTableByPage(dbHelper, tableName, selectField, pageIndex, pageSize, conditions, dbParameters, orderBy);
}
}
else
{
if (System.Web.HttpContext.Current != null)
{
// 记录注入日志
FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + conditions, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
}
}
return(result);
}
public static List <BaseRoleEntity> GetList(BaseUserInfo userInfo, string systemCode)
{
List <BaseRoleEntity> result = new List <BaseRoleEntity>();
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/RoleService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", systemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
// 2015-11-25 吉日嘎拉,这个要看看,有没有必要设置缓存?
postValues.Add("function", "GetList");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("encrypted", false.ToString());
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer();
result = javaScriptSerializer.Deserialize <List <BaseRoleEntity> >(response);
}
return(result);
}
public static BaseRoleEntity GetObject(BaseUserInfo userInfo, string systemCode, string id)
{
BaseRoleEntity result = null;
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/RoleService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", systemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
postValues.Add("function", "GetObject");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("encrypted", true.ToString());
postValues.Add("id", SecretUtil.Encrypt(id));
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer();
result = javaScriptSerializer.Deserialize <BaseRoleEntity>(response);
}
return(result);
}
public static BaseItemDetailsEntity GetObject(BaseUserInfo userInfo, string tableName, string id)
{
BaseItemDetailsEntity result = null;
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/ItemDetailsService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", BaseSystemInfo.SystemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
// 2015-11-25 吉日嘎拉,这里还是从缓存里获取就可以了,提高登录的效率。
postValues.Add("function", "GetObject");
postValues.Add("tableName", tableName);
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("encrypted", true.ToString());
postValues.Add("id", SecretUtil.Encrypt(id));
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
result = JsonConvert.DeserializeObject<BaseItemDetailsEntity>(response);
}
return result;
}
public static int GrantRolePermissions(BaseUserInfo userInfo, string systemCode, string[] roleIds, string[] permissionIds)
{
int result = 0;
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/PermissionService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", systemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
// 2015-11-25 吉日嘎拉,这个要看看,有没有必要设置缓存?
postValues.Add("function", "GrantRolePermissions");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("encrypted", false.ToString());
postValues.Add("roleId", string.Join(",", roleIds));
postValues.Add("permissionId", string.Join(",", permissionIds));
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer();
result = javaScriptSerializer.Deserialize <int>(response);
}
return(result);
}
/// <summary>
/// 分页查询
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="recordCount">记录数</param>
/// <param name="pageIndex">当前页</param>
/// <param name="pageSize">每页显示</param>
/// <param name="whereClause">条件</param>
/// <param name="dbParameters">参数</param>
/// <param name="order">排序</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, int pageIndex, int pageSize, string whereClause, List <KeyValuePair <string, object> > dbParameters, string order = null)
{
var result = new DataTable(BaseMessageEntity.TableName);
int myRecordCount = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessMessageDb(userInfo, parameter, (dbHelper) =>
{
if (SecretUtil.IsSqlSafe(whereClause))
{
var messageManager = new BaseMessageManager(dbHelper, userInfo);
result = messageManager.GetDataTableByPage(out myRecordCount, pageIndex, pageSize, whereClause, dbHelper.MakeParameters(dbParameters), order);
result.TableName = BaseMessageEntity.TableName;
// FileUtil.WriteMessage("userInfo1:" + userInfo.Serialize() + " " + whereClause, "D:/Web/DotNet.CommonV4.2/DotNet.WCFService/Log/" + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
// FileUtil.WriteMessage("userInfo2:" + userInfo.Serialize() + " " + whereClause, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
else
{
if (System.Web.HttpContext.Current != null)
{
// 记录注入日志
FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + whereClause, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
}
});
recordCount = myRecordCount;
return(result);
}
/// <summary>
/// 获取评论回复记录
/// </summary>
/// <param name="userInfo">登录用户实体</param>
/// <param name="id">评论Id</param>
/// <param name="categoryCode">评论类型,是网点评论,还是用户评论</param>
/// <returns></returns>
public static JsonResult <List <BaseCommentEntity> > GetReplyList(BaseUserInfo userInfo, string id, string categoryCode = null)
{
var webClient = new WebClient();
var postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", BaseSystemInfo.SystemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
postValues.Add("function", "GetReplyList");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("encrypted", true.ToString());
postValues.Add("id", id);
if (categoryCode != null)
{
postValues.Add("categoryCode", categoryCode);
}
byte[] responseArray = webClient.UploadValues(Url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
return(JsonConvert.DeserializeObject <JsonResult <List <BaseCommentEntity> > >(response));
}
return(null);
}
/// <summary>
/// 查询用户列表
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="recordCount">记录条数</param>
/// <param name="pageIndex">第几页</param>
/// <param name="pageSize">每页显示条数</param>
/// <param name="permissionCode">操作权限</param>
/// <param name="conditions">条件</param>
/// <param name="sort">排序</param>
/// <returns>数据表</returns>
public DataTable SearchUserByPage(BaseUserInfo userInfo, out int recordCount, int pageIndex, int pageSize, string permissionCode, string conditions, string sort = null)
{
string departmentId = string.Empty;
int myrecordCount = 0;
var dt = new DataTable(BaseUserEntity.TableName);
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
if (SecretUtil.IsSqlSafe(conditions))
{
var userManager = new BaseUserManager(dbHelper, userInfo);
userManager.ShowUserLogOnInfo = true;
dt = userManager.SearchLogByPage(out myrecordCount, pageIndex, pageSize, permissionCode, conditions, sort);
dt.TableName = BaseUserEntity.TableName;
}
else
{
if (System.Web.HttpContext.Current != null)
{
// 记录注入日志
FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + conditions, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
}
});
recordCount = myrecordCount;
return(dt);
}
public static DataTable GetDataTableByPage(BaseUserInfo userInfo, string tableName, string selectField, out int recordCount, int pageIndex = 1, int pageSize = 100, string whereClause = null, List <KeyValuePair <string, object> > dbParameters = null, string order = null)
{
DataTable result = new DataTable(BaseOrganizeEntity.TableName);
recordCount = 0;
string url = BaseSystemInfo.UserCenterHost + "/WebAPIV42/API/DbHelper/GetDataTableByPage";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("userInfo", userInfo.Serialize());
// postValues.Add("recordCount", recordCount.ToString());
postValues.Add("tableName", tableName);
postValues.Add("selectField", selectField);
postValues.Add("pageIndex", pageIndex.ToString());
postValues.Add("pageSize", pageSize.ToString());
if (!string.IsNullOrEmpty(whereClause))
{
postValues.Add("conditions", whereClause);
}
if (dbParameters != null)
{
string dbParametersSerializer = JsonConvert.SerializeObject(dbParameters);
postValues.Add("dbParameters", dbParametersSerializer);
}
if (!string.IsNullOrEmpty(order))
{
postValues.Add("orderBy", order);
}
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string responseBody = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(responseBody) && !responseBody.Equals("null"))
{
JsonResult jsonResult = new JsonResult();
jsonResult = (JsonResult)JsonConvert.DeserializeObject(responseBody, typeof(JsonResult));
if (jsonResult != null)
{
result = jsonResult.Data;
recordCount = jsonResult.RecordCount;
}
}
return(result);
}
public static void AddLog(BaseUserInfo userInfo, BaseLogEntity entity)
{
// 2016-02-17 吉日嘎拉 是否允许记录日志的判断
if (!BaseSystemInfo.RecordLogOnLog)
{
return;
}
// string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/LogService.ashx";
string url = "http://139.196.91.4/UserCenterV42/LogService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", BaseSystemInfo.SystemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
// 2015-11-25 吉日嘎拉,这里还是从缓存里获取就可以了,提高登录的效率。
postValues.Add("function", "AddLog");
if (userInfo != null)
{
postValues.Add("userInfo", userInfo.Serialize());
}
postValues.Add("service", entity.Service);
postValues.Add("startTime", entity.StartTime.ToString(BaseSystemInfo.DateTimeFormat));
postValues.Add("TaskId", entity.TaskId);
postValues.Add("ClientIP", entity.ClientIP);
postValues.Add("ElapsedTicks", entity.ElapsedTicks.ToString());
postValues.Add("UserId", entity.UserId);
postValues.Add("CompanyId", entity.CompanyId);
postValues.Add("UserRealName", entity.UserRealName);
postValues.Add("WebUrl", entity.WebUrl);
// 向服务器发送POST数据、异步提交日志服务器
Uri address = new Uri(url);
webClient.UploadValuesAsync(address, postValues);
/*
* BaseResult result = null;
* byte[] responseArray = webClient.UploadValues(url, postValues);
* string response = Encoding.UTF8.GetString(responseArray);
* if (!string.IsNullOrEmpty(response))
* {
* result = JsonConvert.DeserializeObject<BaseResult>(response);
* }
*/
}
public static void SetParameter(BaseUserInfo userInfo, string tableName, string categoryCode, string parameterId, string parameterCode, string parameterContent)
{
string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/ParameterService.ashx";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", BaseSystemInfo.SystemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
postValues.Add("function", "SetParameter");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("tableName", tableName);
postValues.Add("categoryCode", categoryCode);
postValues.Add("parameterId", parameterId);
postValues.Add("parameterCode", parameterCode);
postValues.Add("parameterContent", parameterContent);
// 向服务器发送POST数据
webClient.UploadValues(url, postValues);
}
public static DataTable GetRoleUserDataTable(BaseUserInfo userInfo, string systemCode, string roleId, string companyId, string userId, string searchValue, out int recordCount, int pageIndex, int pageSize, string orderBy)
{
DataTable result = new DataTable(BaseUserEntity.TableName);
recordCount = 0;
string url = BaseSystemInfo.UserCenterHost + "/WebAPIV42/API/Role/GetRoleUserDataTable";
WebClient webClient = new WebClient();
NameValueCollection postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", systemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
// 2015-11-25 吉日嘎拉,这个要看看,有没有必要设置缓存?
postValues.Add("function", "GetRoleUserList");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("roleId", roleId);
postValues.Add("companyId", companyId);
postValues.Add("userId", userId);
postValues.Add("searchValue", searchValue);
postValues.Add("pageIndex", pageIndex.ToString());
postValues.Add("pageSize", pageSize.ToString());
postValues.Add("orderBy", orderBy);
postValues.Add("encrypted", false.ToString());
// 向服务器发送POST数据
byte[] responseArray = webClient.UploadValues(url, postValues);
string responseBody = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(responseBody) && !responseBody.Equals("null"))
{
JsonResult jsonResult = new JsonResult();
jsonResult = (JsonResult)JsonConvert.DeserializeObject(responseBody, typeof(JsonResult));
if (jsonResult != null)
{
result = jsonResult.Data;
recordCount = jsonResult.RecordCount;
}
}
return(result);
}
/// <summary>
/// 新增评论
/// </summary>
/// <param name="userInfo">登录用户信息</param>
/// <param name="commentEntity">评论实体</param>
/// <returns></returns>
public static BaseResult Add(BaseUserInfo userInfo, BaseCommentEntity commentEntity)
{
var webClient = new WebClient();
var postValues = new NameValueCollection();
postValues.Add("system", BaseSystemInfo.SoftFullName);
postValues.Add("systemCode", BaseSystemInfo.SystemCode);
postValues.Add("securityKey", BaseSystemInfo.SecurityKey);
postValues.Add("function", "Add");
postValues.Add("userInfo", userInfo.Serialize());
postValues.Add("encrypted", true.ToString());
postValues.Add("commentEntity", JsonConvert.SerializeObject(commentEntity));
byte[] responseArray = webClient.UploadValues(Url, postValues);
string response = Encoding.UTF8.GetString(responseArray);
if (!string.IsNullOrEmpty(response))
{
return(JsonConvert.DeserializeObject <BaseResult>(response));
}
return(null);
}
/// <summary>
/// 获取分页数据(防注入功能的)
/// </summary>
/// <param name="userInfo">用户信息</param>
/// <param name="recordCount">记录条数</param>
/// <param name="tableName">数据来源表名</param>
/// <param name="selectField">选择字段</param>
/// <param name="pageNo">当前页</param>
/// <param name="pageSize">每页显示多少条</param>
/// <param name="conditions">查询条件</param>
/// <param name="dbParameters">查询参数</param>
/// <param name="orderBy">排序字段</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, string tableName, string selectField, int pageNo, int pageSize, string conditions, List <KeyValuePair <string, object> > dbParameters, string orderBy)
{
DataTable result = null;
// 判断是否已经登录的用户?
var userManager = new BaseUserManager(userInfo);
recordCount = 0;
// 判断是否已经登录的用户?
if (userManager.UserIsLogon(userInfo))
{
if (SecretUtil.IsSqlSafe(conditions))
{
recordCount = DbHelper.GetCount(tableName, conditions, DbHelper.MakeParameters(dbParameters));
result = DbUtil.GetDataTableByPage(DbHelper, tableName, selectField, pageNo, pageSize, conditions, DbHelper.MakeParameters(dbParameters), orderBy);
}
else
{
// 记录注入日志
LogUtil.WriteLog("userInfo:" + userInfo.Serialize() + " " + conditions, "SqlSafe");
}
}
return(result);
}
/// <summary>
/// 获取分页数据(防注入功能的)
/// </summary>
/// <param name="recordCount">记录条数</param>
/// <param name="tableName">数据来源表名</param>
/// <param name="selectField">选择字段</param>
/// <param name="pageIndex">当前页</param>
/// <param name="pageSize">每页显示多少条</param>
/// <param name="conditions">查询条件</param>
/// <param name="dbParameters">查询参数</param>
/// <param name="orderBy">排序字段</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, string tableName, string selectField, int pageIndex, int pageSize, string conditions, List <KeyValuePair <string, object> > dbParameters, string orderBy)
{
DataTable result = null;
int myRecordCount = 0;
var dt = new DataTable(BaseModuleEntity.TableName);
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
// 判断是否已经登录的用户?
var userManager = new BaseUserManager(userInfo);
// 判断是否已经登录的用户?
if (userManager.UserIsLogOn(userInfo))
{
if (SecretUtil.IsSqlSafe(conditions))
{
myRecordCount = DbLogic.GetCount(dbHelper, tableName, conditions, dbHelper.MakeParameters(dbParameters));
result = DbLogic.GetDataTableByPage(dbHelper, tableName, selectField, pageIndex, pageSize, conditions, dbHelper.MakeParameters(dbParameters), orderBy);
}
else
{
if (System.Web.HttpContext.Current != null)
{
// 记录注入日志
FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + conditions, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
}
}
});
recordCount = myRecordCount;
return(result);
}