/// <summary>
/// 解锁指定用户
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userName">登录名(用户名)</param>
/// <returns>大于0解锁成功</returns>
public int UnLockUser(UserInfo userInfo, string userName)
{
var parameter = ParameterUtil.CreateWithMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName, RDIFrameworkMessage.LogOnService_UnLockUser);
int result = 0;
ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider =>
{
var manager = new PiUserManager(userInfo);
var parameters = new List <KeyValuePair <string, object> > {
new KeyValuePair <string, object>(PiUserTable.FieldUserName, userName),
new KeyValuePair <string, object>(PiUserTable.FieldEnabled, 1),
new KeyValuePair <string, object>(PiUserTable.FieldDeleteMark, 0)
};
var entity = BaseEntity.Create <PiUserEntity>(manager.GetDT(parameters, 0, null));
if ((entity != null) && !string.IsNullOrEmpty(entity.Id))
{
var longOnmanager = new PiUserLogOnManager();
PiUserLogOnEntity lonOnentity = longOnmanager.GetEntity(entity.Id);
lonOnentity.LockStartDate = null;
lonOnentity.LockEndDate = null;
result = longOnmanager.Update(lonOnentity);
}
});
return(result);
}
/// <summary>
/// 用户离职
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="userName">离职人员用户名</param>
/// <param name="dimissionCause">离职原因</param>
/// <param name="dimissionDate">离职日期</param>
/// <param name="dimissionWhither">离职去向</param>
/// <returns>大于0操作成功</returns>
public int UserDimission(UserInfo userInfo, string userName, string dimissionCause, DateTime?dimissionDate, string dimissionWhither = null)
{
var parameter = ParameterUtil.CreateWithMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName, RDIFrameworkMessage.LogOnService_UserDimission);
int result = 0;
ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider =>
{
var manager = new PiUserManager(userInfo);
var parameters = new List <KeyValuePair <string, object> > {
new KeyValuePair <string, object>(PiUserTable.FieldUserName, userName),
new KeyValuePair <string, object>(PiUserTable.FieldEnabled, 1),
new KeyValuePair <string, object>(PiUserTable.FieldDeleteMark, 0)
};
var entity = BaseEntity.Create <PiUserEntity>(manager.GetDT(parameters, 0, null));
if ((entity != null) && !string.IsNullOrEmpty(entity.Id))
{
entity.Enabled = 0;
entity.IsDimission = 1;
entity.DimissionCause = dimissionCause;
entity.DimissionWhither = dimissionWhither;
entity.DimissionDate = dimissionDate ?? DateTime.Now;
result = manager.Update(entity);
//离职的员工就不能登录系统了,应该锁定了
var longOnmanager = new PiUserLogOnManager();
PiUserLogOnEntity lonOnentity = longOnmanager.GetEntity(entity.Id);
lonOnentity.LockStartDate = DateTime.Now;
result += longOnmanager.Update(lonOnentity);
}
});
return(result);
}
/// <summary>
/// 设置密码
/// </summary>
/// <param name="userId">被设置的员工主键</param>
/// <param name="password">新密码</param>
/// <returns>影响行数</returns>
public virtual int SetPassword(string userId, string password)
{
int returnValue = 0;
// 密码强度检查
/*
* if (SystemInfo.EnableCheckPasswordStrength)
* {
* if (password.Length == 0)
* {
* this.ReturnStatusCode = StatusCode.PasswordCanNotBeNull.ToString();
* return returnValue;
* }
* }
*/
// 加密密码
if (SystemInfo.EnableEncryptServerPassword)
{
password = this.EncryptUserPassword(password);
}
PiUserLogOnManager userLonOnManager = new PiUserLogOnManager(this.DBProvider, this.UserInfo);
//先判断是否有记录,没有就增加
PiUserLogOnEntity logOnEntity = userLonOnManager.GetEntity(userId);
if (logOnEntity == null || (logOnEntity != null && string.IsNullOrEmpty(logOnEntity.Id)))
{
PiUserLogOnEntity entity = new PiUserLogOnEntity()
{
Id = userId,
//MultiUserLogin = SystemInfo.CheckOnLine ? 0 : 1,
CheckIPAddress = SystemInfo.EnableCheckIPAddress ? 1 : 0,
UserPassword = password,
OpenId = BusinessLogic.NewGuid()
};
string value = userLonOnManager.Add(entity);
this.ReturnStatusCode = !string.IsNullOrEmpty(value) ? StatusCode.SetPasswordOK.ToString() : StatusCode.ErrorDeleted.ToString();
returnValue = !string.IsNullOrEmpty(value) ? 1 : 0;
}
else
{
// 设置密码字段
string[] targetFields =
{
PiUserLogOnTable.FieldUserPassword,
PiUserLogOnTable.FieldChangePasswordDate,
PiUserLogOnTable.FieldOpenId
};
Object[] targetValues = { password, null, BusinessLogic.NewGuid() };
returnValue = new PiUserLogOnManager(this.DBProvider, this.UserInfo).SetProperty(userId, targetFields, targetValues);
this.ReturnStatusCode = returnValue == 1 ? StatusCode.SetPasswordOK.ToString(): StatusCode.ErrorDeleted.ToString();
}
return(returnValue);
}
/// <summary>
/// 获取实体
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="id">主键</param>
/// <returns>实体</returns>
public PiUserLogOnEntity GetEntity(UserInfo userInfo, string id)
{
PiUserLogOnEntity entity = null;
var parameter = ParameterUtil.CreateWithLog(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider =>
{
var manager = new PiUserLogOnManager(dbProvider, userInfo);
entity = manager.GetEntity(id);
});
return(entity);
}
/// <summary>
/// 更新实体
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="entity">实体</param>
/// <returns>影响行数</returns>
public int Update(UserInfo userInfo, PiUserLogOnEntity entity)
{
int returnValue = 0;
var parameter = ParameterUtil.CreateWithLog(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider =>
{
var manager = new PiUserLogOnManager(dbProvider, userInfo);
returnValue = manager.Update(entity);
});
return(returnValue);
}
/// <summary>
/// 更新实体
/// </summary>
/// <param name="entity">实体</param>
public int UpdateEntity(PiUserLogOnEntity entity)
{
SQLBuilder sqlBuilder = new SQLBuilder(DBProvider);
sqlBuilder.BeginUpdate(this.CurrentTableName);
this.SetEntity(sqlBuilder, entity);
if (UserInfo != null)
{
sqlBuilder.SetValue(PiUserLogOnTable.FieldModifiedUserId, UserInfo.Id);
sqlBuilder.SetValue(PiUserLogOnTable.FieldModifiedBy, UserInfo.RealName);
}
sqlBuilder.SetDBNow(PiUserLogOnTable.FieldModifiedOn);
sqlBuilder.SetWhere(PiUserLogOnTable.FieldId, entity.Id);
return(sqlBuilder.EndUpdate());
}
/// <summary>
/// 用户添加之后执行的方法
/// </summary>
/// <param name="entity">用户实体</param>
/// <param name="statusCode">状态码</param>
public void AfterAdd(PiUserEntity entity, out string statusCode)
{
var userLogOnEntity = new PiUserLogOnEntity
{
Id = entity.Id,
MultiUserLogin = SystemInfo.CheckOnLine ? 0 : 1,
CheckIPAddress = SystemInfo.EnableCheckIPAddress ? 1 : 0
};
if (SystemInfo.EnableEncryptServerPassword)
{
userLogOnEntity.UserPassword = this.EncryptUserPassword(entity.UserPassword);
}
new PiUserLogOnManager(this.DBProvider, this.UserInfo).Add(userLogOnEntity);
// 运行成功
statusCode = StatusCode.OKAdd.ToString();
}
/// <summary>
/// 设置实体
/// </summary>
/// <param name="entity">实体</param>
private void SetEntity(SQLBuilder sqlBuilder, PiUserLogOnEntity entity)
{
sqlBuilder.SetValue(PiUserLogOnTable.FieldUserFrom, entity.UserFrom);
sqlBuilder.SetValue(PiUserLogOnTable.FieldUserPassword, entity.UserPassword);
sqlBuilder.SetValue(PiUserLogOnTable.FieldOpenId, entity.OpenId);
sqlBuilder.SetValue(PiUserLogOnTable.FieldAllowStartTime, entity.AllowStartTime);
sqlBuilder.SetValue(PiUserLogOnTable.FieldAllowEndTime, entity.AllowEndTime);
sqlBuilder.SetValue(PiUserLogOnTable.FieldLockStartDate, entity.LockStartDate);
sqlBuilder.SetValue(PiUserLogOnTable.FieldLockEndDate, entity.LockEndDate);
sqlBuilder.SetValue(PiUserLogOnTable.FieldFirstVisit, entity.FirstVisit);
sqlBuilder.SetValue(PiUserLogOnTable.FieldPreviousVisit, entity.PreviousVisit);
sqlBuilder.SetValue(PiUserLogOnTable.FieldLastVisit, entity.LastVisit);
sqlBuilder.SetValue(PiUserLogOnTable.FieldChangePasswordDate, entity.ChangePasswordDate);
sqlBuilder.SetValue(PiUserLogOnTable.FieldMultiUserLogin, entity.MultiUserLogin);
sqlBuilder.SetValue(PiUserLogOnTable.FieldLogOnCount, entity.LogOnCount);
sqlBuilder.SetValue(PiUserLogOnTable.FieldPasswordErrorCount, entity.PasswordErrorCount);
sqlBuilder.SetValue(PiUserLogOnTable.FieldUserOnLine, entity.UserOnLine);
sqlBuilder.SetValue(PiUserLogOnTable.FieldCheckIPAddress, entity.CheckIPAddress);
sqlBuilder.SetValue(PiUserLogOnTable.FieldIPAddress, entity.IPAddress);
sqlBuilder.SetValue(PiUserLogOnTable.FieldMACAddress, entity.MACAddress);
sqlBuilder.SetValue(PiUserLogOnTable.FieldQuestion, entity.Question);
sqlBuilder.SetValue(PiUserLogOnTable.FieldAnswerQuestion, entity.AnswerQuestion);
}
/// <summary>
/// 更新访问当前访问状态
/// </summary>
/// <param name="userId">用户主键</param>
/// <param name="createOpenId">是否每次都产生新的OpenId</param>
/// <returns>OpenId</returns>
public string UpdateVisitDate(string userId, bool createOpenId = false)
{
PiUserLogOnEntity userLogOnEntity = this.GetEntity(userId);
return(UpdateVisitDate(userLogOnEntity, createOpenId));
}
/// <summary>
/// 更新访问当前访问状态
/// </summary>
/// <param name="userLogOnEntity">实体</param>
/// <param name="createOpenId">是否每次都产生新的OpenId</param>
/// <returns>OpenId</returns>
public string UpdateVisitDate(PiUserLogOnEntity userLogOnEntity, bool createOpenId = false)
{
string result = string.Empty;
string sqlQuery = string.Empty;
// 是否更新访问日期信息
if (SystemInfo.UpdateVisit)
{
// 第一次登录时间
if (userLogOnEntity.FirstVisit == null)
{
sqlQuery = " UPDATE " + PiUserLogOnTable.TableName
+ " SET " + PiUserLogOnTable.FieldUserOnLine + " = 1," + PiUserLogOnTable.FieldFirstVisit + " = " + DBProvider.GetDBNow();
switch (DBProvider.CurrentDbType)
{
case CurrentDbType.Access:
sqlQuery = sqlQuery + " WHERE (" + PiUserLogOnTable.FieldId + " = '" + userLogOnEntity.Id + "') AND " + PiUserLogOnTable.FieldFirstVisit + " IS NULL";
break;
default:
sqlQuery = sqlQuery + " WHERE (" + PiUserLogOnTable.FieldId + " = '" + userLogOnEntity.Id + "') AND " + PiUserLogOnTable.FieldFirstVisit + " IS NULL";
break;
}
DBProvider.ExecuteNonQuery(sqlQuery);
}
else
{
// 最后一次登录时间
sqlQuery = " UPDATE " + PiUserLogOnTable.TableName
+ " SET " + PiUserLogOnTable.FieldPreviousVisit + " = " + PiUserLogOnTable.FieldLastVisit + " , "
+ PiUserLogOnTable.FieldUserOnLine + " = 1 , "
+ PiUserLogOnTable.FieldLastVisit + " = " + DBProvider.GetDBNow() + " , "
+ PiUserLogOnTable.FieldLogOnCount + " = " + PiUserLogOnTable.FieldLogOnCount + " + 1 ";
if (createOpenId)
{
result = BusinessLogic.NewGuid();
sqlQuery += " , " + PiUserLogOnTable.FieldOpenId + " = '" + result + "'";
}
switch (DBProvider.CurrentDbType)
{
case CurrentDbType.Access:
sqlQuery += " WHERE (" + PiUserLogOnTable.FieldId + " = '" + userLogOnEntity.Id + "')";
break;
default:
sqlQuery += " WHERE (" + PiUserLogOnTable.FieldId + " = '" + userLogOnEntity.Id + "')";
break;
}
DBProvider.ExecuteNonQuery(sqlQuery);
}
}
else
{
// 实现单点登录功能,每次都更换Guid
if (createOpenId)
{
result = BusinessLogic.NewGuid();
sqlQuery = " UPDATE " + PiUserLogOnTable.TableName
+ " SET " + PiUserLogOnTable.FieldPasswordErrorCount + " = 0 "
+ " , " + PiUserLogOnTable.FieldOpenId + " = '" + result + "'"
+ " WHERE (" + PiUserLogOnTable.FieldId + " = '" + userLogOnEntity.Id + "')";
DBProvider.ExecuteNonQuery(sqlQuery);
}
}
return(result);
}
public UserInfo ConvertToUserInfo(UserInfo userInfo, PiUserEntity userEntity, PiUserLogOnEntity userLogOnEntity = null)
{
userInfo.Id = userEntity.Id;
userInfo.Code = userEntity.Code;
userInfo.UserName = userEntity.UserName;
userInfo.RealName = userEntity.RealName;
userInfo.CompanyId = userEntity.CompanyId;
userInfo.CompanyName = userEntity.CompanyName;
userInfo.DepartmentId = userEntity.DepartmentId;
userInfo.DepartmentName = userEntity.DepartmentName;
userInfo.WorkgroupId = userEntity.WorkgroupId;
userInfo.WorkgroupName = userEntity.WorkgroupName;
if (userLogOnEntity != null)
{
userInfo.OpenId = userLogOnEntity.OpenId;
}
if (userEntity.SecurityLevel == null)
{
userEntity.SecurityLevel = 0;
}
else
{
userInfo.SecurityLevel = (int)userEntity.SecurityLevel;
}
if (!string.IsNullOrEmpty(userEntity.RoleId))
{
// 获取角色名称
var roleManager = new PiRoleManager(DBProvider, UserInfo);
PiRoleEntity roleEntity = roleManager.GetEntity(userEntity.RoleId);
if (!string.IsNullOrEmpty(roleEntity.Id))
{
userInfo.RoleName = roleEntity.RealName;
userInfo.RoleId = roleEntity.Id;
}
}
return(userInfo);
}
public UserInfo ConvertToUserInfo(PiUserEntity userEntity, PiUserLogOnEntity userLogOnEntity = null)
{
var userInfo = new UserInfo();
return(ConvertToUserInfo(userInfo, userEntity, userLogOnEntity));
}
/// <summary>
/// 添加实体
/// </summary>
/// <param name="entity">实体</param>
public string AddEntity(PiUserLogOnEntity entity)
{
string sequence = string.Empty;
this.Identity = false;
if (entity.Id != null)
{
sequence = entity.Id.ToString();
}
SQLBuilder sqlBuilder = new SQLBuilder(DBProvider, this.Identity, this.ReturnId);
sqlBuilder.BeginInsert(this.CurrentTableName, PiUserLogOnTable.FieldId);
if (!this.Identity)
{
if (string.IsNullOrEmpty(entity.Id))
{
sequence = BusinessLogic.NewGuid();
entity.Id = sequence;
}
sqlBuilder.SetValue(PiUserLogOnTable.FieldId, entity.Id);
}
else
{
if (!this.ReturnId && (DBProvider.CurrentDbType == CurrentDbType.Oracle || DBProvider.CurrentDbType == CurrentDbType.DB2))
{
if (DBProvider.CurrentDbType == CurrentDbType.Oracle)
{
sqlBuilder.SetFormula(PiUserLogOnTable.FieldId, "SEQ_" + this.CurrentTableName.ToUpper() + ".NEXTVAL ");
}
if (DBProvider.CurrentDbType == CurrentDbType.DB2)
{
sqlBuilder.SetFormula(PiUserLogOnTable.FieldId, "NEXT VALUE FOR SEQ_" + this.CurrentTableName.ToUpper());
}
}
else
{
if (this.Identity && (DBProvider.CurrentDbType == CurrentDbType.Oracle || DBProvider.CurrentDbType == CurrentDbType.DB2))
{
if (string.IsNullOrEmpty(entity.Id))
{
if (string.IsNullOrEmpty(sequence))
{
CiSequenceManager sequenceManager = new CiSequenceManager(DBProvider, this.Identity);
sequence = sequenceManager.GetSequence(this.CurrentTableName);
}
entity.Id = sequence;
}
sqlBuilder.SetValue(PiUserLogOnTable.FieldId, entity.Id);
}
}
}
this.SetEntity(sqlBuilder, entity);
if (UserInfo != null)
{
sqlBuilder.SetValue(PiUserLogOnTable.FieldCreateUserId, UserInfo.Id);
sqlBuilder.SetValue(PiUserLogOnTable.FieldCreateBy, UserInfo.RealName);
}
sqlBuilder.SetDBNow(PiUserLogOnTable.FieldCreateOn);
if (UserInfo != null)
{
sqlBuilder.SetValue(PiUserLogOnTable.FieldModifiedUserId, UserInfo.Id);
sqlBuilder.SetValue(PiUserLogOnTable.FieldModifiedBy, UserInfo.RealName);
}
sqlBuilder.SetDBNow(PiUserLogOnTable.FieldModifiedOn);
if (this.Identity && (DBProvider.CurrentDbType == CurrentDbType.SqlServer || DBProvider.CurrentDbType == CurrentDbType.Access))
{
sequence = sqlBuilder.EndInsert().ToString();
}
else
{
sqlBuilder.EndInsert();
}
return(sequence);
}
/// <summary>
/// 添加
/// </summary>
/// <param name="entity">实体</param>
/// <returns>主键</returns>
public string Add(PiUserLogOnEntity entity)
{
return(this.AddEntity(entity));
}
/// <summary>
/// 添加
/// </summary>
/// <param name="entity">实体</param>
/// <param name="identity">自增量方式</param>
/// <param name="returnId">返回主键</param>
/// <returns>主键</returns>
public string Add(PiUserLogOnEntity entity, bool identity, bool returnId)
{
this.Identity = identity;
this.ReturnId = returnId;
return(this.AddEntity(entity));
}
/// <summary>
/// 更新
/// </summary>
/// <param name="entity">实体</param>
public int Update(PiUserLogOnEntity entity)
{
return(this.UpdateEntity(entity));
}
/// <summary>
/// 进行密码验证
/// </summary>
/// <param name="userName">用户名</param>
/// <param name="password">密码</param>
/// <returns>是否通过验证</returns>
public bool ValidateUser(string userName, string password)
{
// 先按用户名登录
var dt = this.GetDT(new KeyValuePair <string, object>(PiUserTable.FieldUserName, userName)
, new KeyValuePair <string, object>(PiUserTable.FieldDeleteMark, 0)
, new KeyValuePair <string, object>(PiUserTable.FieldEnabled, 1));
if (dt.Rows.Count == 0)
{
// 若没数据再按工号登录
dt = this.GetDT(new KeyValuePair <string, object>(PiUserTable.FieldCode, userName)
, new KeyValuePair <string, object>(PiUserTable.FieldDeleteMark, 0)
, new KeyValuePair <string, object>(PiUserTable.FieldEnabled, 1));
if (dt.Rows.Count == 0)
{
// 若没数据再按邮件登录
dt = this.GetDT(new KeyValuePair <string, object>(PiUserTable.FieldEmail, userName)
, new KeyValuePair <string, object>(PiUserTable.FieldDeleteMark, 0)
, new KeyValuePair <string, object>(PiUserTable.FieldEnabled, 1));
}
if (dt.Rows.Count == 0)
{
// 若没数据再按手机号码登录
dt = this.GetDT(new KeyValuePair <string, object>(PiUserTable.FieldMobile, userName)
, new KeyValuePair <string, object>(PiUserTable.FieldDeleteMark, 0)
, new KeyValuePair <string, object>(PiUserTable.FieldEnabled, 1));
}
if (dt.Rows.Count == 0)
{
// 若没数据再按手机号码登录
dt = this.GetDT(new KeyValuePair <string, object>(PiUserTable.FieldTelephone, userName)
, new KeyValuePair <string, object>(PiUserTable.FieldDeleteMark, 0)
, new KeyValuePair <string, object>(PiUserTable.FieldEnabled, 1));
}
}
PiUserEntity userEntity = null;
PiUserLogOnEntity userLogOnEntity = null;
var parameters = new List <KeyValuePair <string, object> >();
if (dt.Rows.Count > 1)
{
return(false);
}
else if (dt.Rows.Count == 1)
{
// 05. 判断密码,是否允许登录,是否离职是否正确
userEntity = BaseEntity.Create <PiUserEntity>(dt.Rows[0]);//new PiUserEntity(dt.Rows[0]);
if (!string.IsNullOrEmpty(userEntity.AuditStatus) &&
userEntity.AuditStatus.EndsWith(AuditStatus.WaitForAudit.ToString()) &&
userLogOnEntity.PasswordErrorCount == 0)
{
return(false);
}
PiUserLogOnManager userLogOnManager = new PiUserLogOnManager(this.DBProvider, this.UserInfo);
userLogOnEntity = userLogOnManager.GetEntity(userEntity.Id);
// 06. 允许登录时间是否有限制
if (userLogOnEntity.AllowEndTime != null)
{
userLogOnEntity.AllowEndTime = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, userLogOnEntity.AllowEndTime.Value.Hour, userLogOnEntity.AllowEndTime.Value.Minute, userLogOnEntity.AllowEndTime.Value.Second);
}
if (userLogOnEntity.AllowStartTime != null)
{
userLogOnEntity.AllowStartTime = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, userLogOnEntity.AllowStartTime.Value.Hour, userLogOnEntity.AllowStartTime.Value.Minute, userLogOnEntity.AllowStartTime.Value.Second);
if (DateTime.Now < userLogOnEntity.AllowStartTime)
{
return(false);
}
}
if (userLogOnEntity.AllowEndTime != null)
{
if (DateTime.Now > userLogOnEntity.AllowEndTime)
{
return(false);
}
}
// 07. 锁定日期是否有限制
if (userLogOnEntity.LockStartDate != null)
{
if (DateTime.Now > userLogOnEntity.LockStartDate)
{
if (userLogOnEntity.LockEndDate == null || DateTime.Now < userLogOnEntity.LockEndDate)
{
return(false);
}
}
}
if (userLogOnEntity.LockEndDate != null)
{
if (DateTime.Now < userLogOnEntity.LockEndDate)
{
return(false);
}
}
// 03. 系统是否采用了密码加密策略?
if (SystemInfo.EnableEncryptServerPassword)
{
password = this.EncryptUserPassword(password);
}
// 11. 密码是否正确(null 与空看成是相等的)
if (!(string.IsNullOrEmpty(userLogOnEntity.UserPassword) && string.IsNullOrEmpty(password)))
{
bool userPasswordOK = true;
// 用户密码是空的
if (string.IsNullOrEmpty(userLogOnEntity.UserPassword))
{
// 但是输入了不为空的密码
if (!string.IsNullOrEmpty(password))
{
userPasswordOK = false;
}
}
else
{
// 用户的密码不为空,但是用户是输入了密码
userPasswordOK = !string.IsNullOrEmpty(password) && userLogOnEntity.UserPassword.Equals(password);
}
// 用户的密码不相等
if (!userPasswordOK)
{
// 这里更新用户连续输入错误密码次数
return(false);
}
}
}
return(true);
}
/// <summary>
/// 进行登录操作
/// </summary>
/// <param name="userName">用户名</param>
/// <param name="password">密码</param>
/// <param name="openId">单点登录标识</param>
/// <param name="createNewOpenId"></param>
/// <param name="ipAddress">IP地址</param>
/// <param name="macAddress">MAC地址</param>
/// <param name="checkUserPassword">是否要检查用户密码</param>
/// <returns>用户信息</returns>
public UserInfo LogOn(string userName, string password, string openId = null, bool createNewOpenId = false, string ipAddress = null, string macAddress = null, bool checkUserPassword = true)
{
UserInfo userInfo = null;
string realName = string.Empty;
if (UserInfo != null)
{
realName = UserInfo.RealName;
if (string.IsNullOrEmpty(ipAddress))
{
ipAddress = UserInfo.IPAddress;
}
if (string.IsNullOrEmpty(macAddress))
{
macAddress = UserInfo.MACAddress;
}
}
PiUserLogOnManager userLogOnManager = new PiUserLogOnManager(this.DBProvider, this.UserInfo);
// 01: 系统是否采用了在线用户的限制
if (SystemInfo.OnLineLimit > 0 && userLogOnManager.CheckOnLineLimit())
{
this.ReturnStatusCode = StatusCode.ErrorOnLineLimit.ToString();
// LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager,"LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress,RDIFrameworkMessage.MSG0089 + SystemInfo.OnLineLimit.ToString());
return(userInfo);
}
// 02. 默认为用户没有找到状态,查找用户
// 这是为了达到安全要求,不能提示用户未找到,那容易让别人猜测到帐户
this.ReturnStatusCode = SystemInfo.EnableCheckPasswordStrength ? StatusCode.ErrorLogOn.ToString() : StatusCode.UserNotFound.ToString();
// 03. 查询数据库中的用户数据?只查询未被删除的
string[] names = { PiUserTable.FieldDeleteMark, PiUserTable.FieldUserName };
Object[] values = { 0, userName };
DataTable dataTable = this.GetDT(names, values);
if (dataTable.Rows.Count == 0)
{
//TODO:若没数据再工号、邮件、手机号等方式登录
}
PiUserEntity userEntity = null;
PiUserLogOnEntity userLogOnEntity = null;
if (dataTable.Rows.Count > 1)
{
this.ReturnStatusCode = StatusCode.UserDuplicate.ToString();
}
else if (dataTable.Rows.Count == 1)
{
// 05. 判断密码,是否允许登录,是否离职是否正确
userEntity = BaseEntity.Create <PiUserEntity>(dataTable.Rows[0]);
if (!string.IsNullOrEmpty(userEntity.AuditStatus) && userEntity.AuditStatus.EndsWith(AuditStatus.WaitForAudit.ToString()))
{
this.ReturnStatusCode = AuditStatus.WaitForAudit.ToString();
//LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress, RDIFrameworkMessage.MSG0078);
return(userInfo);
}
// 用户无效、已离职的
if (userEntity.IsDimission == 1 || userEntity.Enabled == 0)
{
this.ReturnStatusCode = StatusCode.LogOnDeny.ToString();
return(userInfo);
}
// 用户是否有效的
if (userEntity.Enabled == -1)
{
this.ReturnStatusCode = StatusCode.UserNotActive.ToString();
//LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress, RDIFrameworkMessage.MSG0080);
return(userInfo);
}
userLogOnEntity = userLogOnManager.GetEntity(userEntity.Id);
if (string.IsNullOrEmpty(userEntity.UserName) || !userEntity.UserName.Equals("Administrator"))
{
// 06. 允许登录时间是否有限制
if (userLogOnEntity.AllowEndTime != null)
{
userLogOnEntity.AllowEndTime = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, userLogOnEntity.AllowEndTime.Value.Hour, userLogOnEntity.AllowEndTime.Value.Minute, userLogOnEntity.AllowEndTime.Value.Second);
}
if (userLogOnEntity.AllowStartTime != null)
{
userLogOnEntity.AllowStartTime = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, userLogOnEntity.AllowStartTime.Value.Hour, userLogOnEntity.AllowStartTime.Value.Minute, userLogOnEntity.AllowStartTime.Value.Second);
if (DateTime.Now < userLogOnEntity.AllowStartTime)
{
this.ReturnStatusCode = StatusCode.UserLocked.ToString();
//LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress, RDIFrameworkMessage.MSG0081 + userLogOnEntity.AllowStartTime.Value.ToString("HH:mm"));
return(userInfo);
}
}
if (userLogOnEntity.AllowEndTime != null)
{
if (DateTime.Now > userLogOnEntity.AllowEndTime)
{
this.ReturnStatusCode = StatusCode.UserLocked.ToString();
//LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress, RDIFrameworkMessage.MSG0082 + userLogOnEntity.AllowEndTime.Value.ToString("HH:mm"));
return(userInfo);
}
}
// 07. 锁定日期是否有限制
if (userLogOnEntity.LockStartDate != null && DateTime.Now > userLogOnEntity.LockStartDate)
{
if (userLogOnEntity.LockEndDate == null || DateTime.Now < userLogOnEntity.LockEndDate)
{
this.ReturnStatusCode = StatusCode.UserLocked.ToString();
//LogManager.Instance.Add(DBProvider, userName, realName, "LogOn",RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn,userName, ipAddress,RDIFrameworkMessage.MSG0083 + userLogOnEntity.LockStartDate.Value.ToString("yyyy-MM-dd"));
return(userInfo);
}
}
if (userLogOnEntity.LockEndDate != null && DateTime.Now < userLogOnEntity.LockEndDate)
{
this.ReturnStatusCode = StatusCode.UserLocked.ToString();
//LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager,"LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress,RDIFrameworkMessage.MSG0084 + userEntity.LockEndDate.Value.ToString("yyyy-MM-dd"));
return(userInfo);
}
}
// 08. 是否检查用户IP地址,是否进行访问限制?管理员不检查IP. && !this.IsAdministrator(userEntity.Id.ToString()
if (SystemInfo.EnableCheckIPAddress && userLogOnEntity.CheckIPAddress == 1 && (!(userEntity.UserName.Equals("Administrator") || userEntity.Code.Equals("Administrator"))))
{
var parameterManager = new CiParameterManager(this.DBProvider);
var nameArr = new string[2];
var valueArr = new string[2];
nameArr[0] = CiParameterTable.FieldParameterId;
nameArr[1] = CiParameterTable.FieldCategoryKey;
valueArr[0] = userEntity.Id.ToString();
// 没有设置IP地址时不检查
valueArr[1] = "IPAddress";
if (!string.IsNullOrEmpty(ipAddress))
{
if (parameterManager.Exists(nameArr, valueArr))
{
if (!this.CheckIPAddress(ipAddress, userEntity.Id.ToString()))
{
var parameters = new List <KeyValuePair <string, object> >
{
new KeyValuePair <string, object>(PiUserLogOnTable.FieldIPAddress, ipAddress)
};
//this.SetProperty(userEntity.Id, PiUserLogOnTable.FieldIPAddress, ipAddress);
this.ReturnStatusCode = StatusCode.ErrorIPAddress.ToString();
//LogManager.Instance.Add(DBProvider, userName, realName, "LogOn",RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn,ipAddress, ipAddress, RDIFrameworkMessage.MSG0085);
return(userInfo);
}
}
}
// 没有设置MAC地址时不检查
valueArr[1] = "MacAddress";
if (!string.IsNullOrEmpty(macAddress))
{
if (parameterManager.Exists(nameArr, valueArr))
{
if (!this.CheckMacAddress(macAddress, userEntity.Id.ToString()))
{
this.ReturnStatusCode = StatusCode.ErrorMacAddress.ToString();
//this.SetProperty(userEntity.Id, PiUserLogOnTable.FieldMACAddress, macAddress);
//LogManager.Instance.Add(DBProvider, userName, realName, "LogOn",RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn,macAddress, ipAddress, RDIFrameworkMessage.MSG0086);
return(userInfo);
}
}
}
}
// 10. 只允许登录一次,需要检查是否自己重新登录了,或者自己扮演自己了
if ((UserInfo != null) && (!UserInfo.Id.Equals(userEntity.Id.ToString())))
{
if (SystemInfo.CheckOnLine && userLogOnEntity.MultiUserLogin == 0 && userLogOnEntity.UserOnLine > 0)
{
// 自己是否登录了2次,在没下线的情况下
bool isSelf = false;
if (!string.IsNullOrEmpty(openId))
{
if (!string.IsNullOrEmpty(userLogOnEntity.OpenId))
{
if (userLogOnEntity.OpenId.Equals(openId))
{
isSelf = true;
}
}
}
if (!isSelf)
{
this.ReturnStatusCode = StatusCode.ErrorOnLine.ToString();
//LogManager.Instance.Add(DBProvider, userName, realName, "LogOn",RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn,userName, ipAddress, RDIFrameworkMessage.MSG0087);
return(userInfo);
}
}
}
// 04. 系统是否采用了密码加密策略?
if (checkUserPassword && SystemInfo.EnableEncryptServerPassword)
{
password = this.EncryptUserPassword(password);
}
// 11. 密码是否正确(null 与空看成是相等的)
if (!(string.IsNullOrEmpty(userLogOnEntity.UserPassword) && string.IsNullOrEmpty(password)))
{
bool userPasswordOK = true;
// 用户密码是空的
if (string.IsNullOrEmpty(userLogOnEntity.UserPassword))
{
// 但是输入了不为空的密码
if (!string.IsNullOrEmpty(password))
{
userPasswordOK = false;
}
}
else
{
// 用户的密码不为空,但是用户是输入了密码、 再判断用户的密码与输入的是否相同
userPasswordOK = !string.IsNullOrEmpty(password) && userLogOnEntity.UserPassword.Equals(password);
}
// 用户的密码不相等
if (!userPasswordOK)
{
userLogOnEntity.PasswordErrorCount = userLogOnEntity.PasswordErrorCount + 1;
if (SystemInfo.PasswordErrorLockLimit > 0 &&
userLogOnEntity.PasswordErrorCount >= SystemInfo.PasswordErrorLockLimit)
{
if (SystemInfo.PasswordErrorLockCycle == 0) //密码错误锁定周期若为0,直接设帐号无效,需要管理员审核
{
string[] names1 = { PiUserTable.FieldEnabled, PiUserTable.FieldAuditStatus };
object[] values1 = { "0", AuditStatus.WaitForAudit.ToString() };
this.SetProperty(userEntity.Id, names1, values1);
}
else
{
//进行帐号锁定
userLogOnEntity.LockStartDate = DateTime.Now;
userLogOnEntity.LockEndDate = DateTime.Now.AddMinutes(SystemInfo.PasswordErrorLockCycle);
string[] names2 = { PiUserLogOnTable.FieldLockStartDate, PiUserLogOnTable.FieldLockEndDate };
object[] values2 = { userLogOnEntity.LockStartDate, userLogOnEntity.LockEndDate };
userLogOnManager.SetProperty(userEntity.Id, names2, values2);
}
}
else
{
userLogOnManager.SetProperty(userEntity.Id, PiUserLogOnTable.FieldPasswordErrorCount, userLogOnEntity.PasswordErrorCount);
}
//密码错误后处理:
// 11.1:记录日志
//LogManager.Instance.Add(DBProvider, userEntity.Id.ToString(), userEntity.RealName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userEntity.RealName, ipAddress, RDIFrameworkMessage.MSG0088);
// TODO: 11.2:看当天(24小时内)输入错误密码多少次了?
// TODO: 11.3:若输错密码数量已经超过了系统限制,则用户被锁定系统设定的小时数。
// TODO: 11.4:同时处理返回值,由于输入错误密码次数过多导致被锁定,登录时应读取这个状态比较,时间过期后应处理下状态。
// 密码强度检查,若是要有安全要求比较高的,返回的提醒消息要进行特殊处理,不能返回非常明确的提示信息。
this.ReturnStatusCode = SystemInfo.EnableCheckPasswordStrength ? StatusCode.ErrorLogOn.ToString() : StatusCode.PasswordError.ToString();
return(userInfo);
}
}
// 12. 更新IP地址,更新MAC地址
userLogOnEntity.PasswordErrorCount = 0;
if (!string.IsNullOrEmpty(ipAddress))
{
userLogOnEntity.IPAddress = ipAddress;
}
if (!string.IsNullOrEmpty(macAddress))
{
userLogOnEntity.MACAddress = macAddress;
}
userLogOnManager.SetProperty(userEntity.Id, new string[] { PiUserLogOnTable.FieldPasswordErrorCount, PiUserLogOnTable.FieldIPAddress, PiUserLogOnTable.FieldMACAddress }, new object[] { 0, ipAddress, macAddress });
// 可以正常登录了
this.ReturnStatusCode = StatusCode.OK.ToString();
// 13. 登录、重新登录、扮演时的在线状态进行更新
//userLogOnManager.ChangeOnLine(userEntity.Id);
userInfo = this.ConvertToUserInfo(userEntity, userLogOnEntity);
userInfo.IPAddress = ipAddress;
userInfo.MACAddress = macAddress;
userInfo.Password = password;
// 这里是判断用户是否为系统管理员的
userInfo.IsAdministrator = IsAdministrator(userEntity);
// 数据找到了,就可以退出循环了
/*
* // 获得员工的信息
* if (userEntity.IsStaff == 1)
* {
* PiStaffManager staffManager = new PiStaffManager(DBProvider, UserInfo);
* //这里需要按 员工的用户ID来进行查找对应的员工-用户关系
* PiStaffEntity staffEntity = new PiStaffEntity(staffManager.GetDT(PiStaffTable.FieldUserId, userEntity.Id));
* if (!string.IsNullOrEmpty(staffEntity.Id))
* {
* userInfo = staffManager.ConvertToUserInfo(staffEntity, userInfo);
* }
*
* }*/
}
// 14. 记录系统访问日志
if (this.ReturnStatusCode == StatusCode.OK.ToString())
{
//LogManager.Instance.Add(DBProvider, userEntity.Id.ToString(), userEntity.RealName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userEntity.RealName, ipAddress, RDIFrameworkMessage.UserManager_LogOnSuccess);
if (string.IsNullOrEmpty(userInfo.OpenId))
{
createNewOpenId = true;
}
if (createNewOpenId)
{
userInfo.OpenId = userLogOnManager.UpdateVisitDate(userEntity.Id.ToString(), createNewOpenId);
}
else
{
userLogOnManager.UpdateVisitDate(userEntity.Id.ToString());
}
}
else
{
//LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress, RDIFrameworkMessage.MSG0090);
}
return(userInfo);
}