/// <summary>
/// 获取用户权限下的菜单功能
/// </summary>
/// <param name="url"></param>
/// <returns></returns>
public ActionResult ListMenuLimitByUser(string url)
{
if (string.IsNullOrEmpty(url))
{
return(FailResult(1, "请求地址不可为空"));
}
using (EFContext db = new EFContext())
{
if ("alan".Equals(new cuser().usercode))
{
var menu = db.SysMenu.Where(m => url.ToLower().Equals(m.MenuUrl.ToLower())).FirstOrDefault();
if (menu == null)
{
return(FailResult(1, "无法识别的菜单:" + url));
}
var menuLimit = db.SysMenuLimit.Where(m => m.MenuID == menu.MenuID && !"view".Equals(m.MenuLimitCode)).OrderBy(m => m.MenuLimitSort).ToList();
return(SuccessResult(menuLimit));
}
else
{
var menu = db.SysMenu.Where(m => url.ToLower().Equals(m.MenuUrl.ToLower())).FirstOrDefault();
if (menu == null)
{
return(FailResult(1, "无法识别的菜单:" + url));
}
//var menuLimit = db.SysMenuLimit.Where(m => m.MenuID == menu.MenuID && !"view".Equals(m.MenuLimitCode)).OrderBy(m => m.MenuLimitSort).ToList();
string usercode = new cuser().usercode;
var menuLimit = db.Database.SqlQuery <Model.SysMenuLimit>("select distinct MenuLimitCode,MenuLimitName,SysMenuLimit.MenuLimitID,SysMenuLimit.MenuID,MenuLimitSort,MenuLimitModified,MenuLimitCreate from SysMenuLimit inner join SysRoleMenuLimit on SysMenuLimit.MenuLimitID = SysRoleMenuLimit.MenuLimitID left join SysRole on SysRole.RoleID = SysRoleMenuLimit.RoleID left join SysUserRole on SysUserRole.RoleID = SysRole.RoleID left join SysUser on SysUserRole.UserID = SysUser.UserID where UserCode = @usercode and MenuLimitCode <> 'view' and MenuID = @id order by MenuLimitSort", new SqlParameter("@usercode", usercode), new SqlParameter("@id", menu.MenuID)).ToList();
return(SuccessResult(menuLimit));
}
}
}
public ActionResult BuyCheckCommit(int id, int type, string log)
{
string person = new cuser().username;
using (EFContext db = new EFContext())
{
Model.Buy.BuyNewChangeLog cLog = new Model.Buy.BuyNewChangeLog()
{
BuyNewID = id,
LogStatus = type,
Create = DateTime.Now,
LogMsg = log,
Person = person,
ChangeFrom = "网页"
};
db.BuyNewChangeLog.Add(cLog);
var buy = db.BuyNew.Where(m => m.ID == id).FirstOrDefault();
if (type == 1)
{
buy.BuyState = 3;
}
else
{
buy.BuyState = 2;
}
db.SaveChanges();
}
return(SuccessResult("提交成功"));
}
/// <summary>
/// 获取用户权限下的菜单
/// </summary>
/// <returns></returns>
public ActionResult ListMenusByUser()
{
using (EFContext db = new EFContext())
{
db.Configuration.LazyLoadingEnabled = false;//禁用懒加载
List <Model.SysMenuNavbar.navbar> nvbs = new List <Model.SysMenuNavbar.navbar>();
if ("alan".Equals(new cuser().usercode))
{
nvbs = db.Database.SqlQuery <Model.SysMenuNavbar.navbar>("select MenuID as pmid,MenuName as title from SysMenu where MenuFa = 0 order by MenuSort").ToList();
foreach (var item in nvbs)
{
item.children = db.Database.SqlQuery <Model.SysMenuNavbar.children>("select menuid as pmid,menuname as title, MenuUrl as href from SysMenu where MenuFa = {0} order by MenuSort", item.pmid).ToList();
}
return(Json(nvbs, JsonRequestBehavior.AllowGet));
}
else
{
string usercode = new cuser().usercode;
string sqlMenuFa = "select SysMenu.MenuID as pmid,SysMenu.MenuName as title from SysMenu where MenuFa = 0 and MenuID in (select distinct SysMenu.MenuFa from SysMenu left join SysMenuLimit on SysMenu.MenuID = SysMenuLimit.MenuID inner join SysRoleMenuLimit on SysMenuLimit.MenuLimitID = SysRoleMenuLimit.MenuLimitID left join SysRole on SysRole.RoleID = SysRoleMenuLimit.RoleID left join SysUserRole on SysUserRole.RoleID = SysRole.RoleID left join SysUser on SysUserRole.UserID = SysUser.UserID where UserCode = @usercode and MenuLimitCode = 'view') order by MenuSort ";
nvbs = db.Database.SqlQuery <Model.SysMenuNavbar.navbar>(sqlMenuFa, new SqlParameter("@usercode", usercode)).ToList();
foreach (var item in nvbs)
{
string sqlMenu = " select distinct SysMenu.MenuID as pmid,SysMenu.MenuName as title, SysMenu.MenuUrl as href,MenuSort from SysMenu left join SysMenuLimit on SysMenu.MenuID = SysMenuLimit.MenuID inner join SysRoleMenuLimit on SysMenuLimit.MenuLimitID = SysRoleMenuLimit.MenuLimitID left join SysRole on SysRole.RoleID = SysRoleMenuLimit.RoleID left join SysUserRole on SysUserRole.RoleID = SysRole.RoleID left join SysUser on SysUserRole.UserID = SysUser.UserID where SysMenu.MenuFa = @id and MenuLimitCode = 'view' and UserCode = @usercode order by MenuSort";
item.children = db.Database.SqlQuery <Model.SysMenuNavbar.children>(sqlMenu, new SqlParameter("@id", item.pmid), new SqlParameter("@usercode", usercode)).ToList();
}
return(Json(nvbs, JsonRequestBehavior.AllowGet));
}
}
}
public ActionResult PageBuyNew()
{
using (EFContext db = new EFContext())
{
var username = new cuser().username;
db.Configuration.LazyLoadingEnabled = false;//禁用懒加载
var re = db.BuyNew.Where(m => m.BuyState < 4 && m.BuyAuthor.Equals(username)).SearchPage(Request.Form, out PageCount).ToList();
return(PageResult(re, PageCount));
}
}
public ActionResult GetPersons()
{
using (EFContext db = new EFContext())
{
db.Configuration.LazyLoadingEnabled = false;//禁用懒加载
string userCode = new cuser().usercode;
var persons = db.SysUser.Where(m => !m.UserCode.Equals("admin") && !m.UserCode.Equals("alan") && !m.UserCode.Equals(userCode)).ToList();
return(SuccessResult(persons));
}
}
public ActionResult ChangThisPwd(string npwd, string oldpwd)
{
string usercode = new cuser().usercode;
using (EFContext db = new Repositories.EFContext())
{
var user = db.SysUser.Where(m => m.UserCode == usercode).FirstOrDefault();
if (user.UserPwd != Cryptography.MD5Encrypt64(oldpwd))
{
return(FailResult(1, "原始密码输入错误"));
}
user.UserPwd = Cryptography.MD5Encrypt64(npwd);
db.SaveChanges();
}
return(SuccessResult("密码修改成功,请重新登陆"));
}
public void insert(cuser u)
{
var ins = new user
{
id = u.id,
fname = u.fname,
lname = u.lname,
email = u.email,
pass = u.pass,
phone = u.phone
};
DataClassesDataContext context = new DataClassesDataContext();
context.users.InsertOnSubmit(ins);
context.SubmitChanges();
}
public ActionResult DoLogin(UserViewModel u)
{
if (ModelState.IsValid)
{
using (Comessa5Context repository = factory.GetContext())
{
cuser dbUser = repository.cuser.Where(user => string.Equals(user.login, u.Name)).FirstOrDefault();
if (dbUser == null || !string.Equals(u.Password.CalculateMD5Hash(), dbUser.password, StringComparison.InvariantCultureIgnoreCase))
{
ModelState.AddModelError("CredentialError", "Invalid Name or Password");
return(View("Login"));
}
Session["UserName"] = u.Name;
Session["UserID"] = dbUser.id;
Session["UserIDForOrders"] = -1;
Session["IsAdmin"] = dbUser.isServer;
FormsAuthentication.SetAuthCookie(u.Name, u.RememberMe);
}
return(RedirectToAction("Index", "Home"));
}
return(View("Login"));
}
public async Task <ActionResult> SaveOrder(int itemID, int userID, decimal quantity, string comments)
{
//ToDo: check if it's possible to do that using 1 operation instead of 2 using EF
//...or parse the whole citem as argument here
using (Comessa5Context repository = factory.GetContext())
{
citem item = repository.citem.Where(citem => citem.id == itemID).FirstOrDefault();
cuser server = repository.cuser.Where(cuser => cuser.isServer && !cuser.isMasterServer).FirstOrDefault();
repository.corder.Add(new corder
{
itemId = itemID,
quantity = quantity,
comment = comments,
userId = userID,
itemName = item.name,
price = item.price,
date = DateTime.Now,
status = (int)OrderStatus.Ordered,
sellerId = server == null ? -1 : server.id
});
await repository.SaveChangesAsync();
}
return(Json(true));
}