/// <summary> /// 账号添加 /// 注:前端传入分社与专线编号都用 BranchId /// 通过 登录人Type 判断添加的用户类型 /// </summary> /// <param name="user"></param> /// <param name="operateUserId"></param> public void AccountAdd(UserViewModel user, int operateUserId) { #region 验证 if (user == null) throw new DataValidationException(string.Format(BusinessResourceMessage.ItemCanNotNull, "传入参数")); if (!user.Name.ValidateLen(20)) throw new DataValidationException("真实姓名长度在1-20个汉字"); if (!user.Login.ValidateLen(20)) throw new DataValidationException("登录账号不能超过20个字符"); if (!CommonValidator.isMobile(user.Phone)) throw new DataValidationException("请输入正确的手机号码"); if (user.Type <= 0 || !user.BranchId.HasValue) throw new DataValidationException("请选择机构"); #endregion if (_userRepository.GetModel().Any(p => p.Login.Equals(user.Login) && (p.Status == UserStatus.Normal || p.Status == UserStatus.Freeze))) throw new BusinessException("用户名已存在,请重新输入"); if (_userRepository.GetModel().Any(p => p.Phone.Equals(user.Phone) && (p.Status == UserStatus.Normal || p.Status == UserStatus.Freeze))) throw new BusinessException("用户手机号已存在,请重新输入"); var operateUser = RedisHelp.GetLoginUserCacheNotNull(operateUserId); var model = new User(); model.Login = user.Login; model.PassWord = CommonMD5.getInstance().Get2MD5(BusinessConst._PASSWORD); model.Name = user.Name; model.IsSpecialManager = user.IsSpecialManager; //当操作员为总公司时添加账号则为分社 //操作员为总公司时 分社所属机构为操作员ID switch (operateUser.Type) { case UserType.Company: if (user.Type != UserType.Branch) throw new DataOperationPermissions("无此操作权限,总公司只能添加分社账号"); model.Type = UserType.Branch; model.BranchId = user.BranchId; break; case UserType.Branch: if (user.Type != UserType.SpecialLine) throw new DataOperationPermissions("无此操作权限,分社只能添加专线账号"); model.Type = UserType.SpecialLine; model.SpecialId = user.BranchId; break; case UserType.SpecialLine: //当登录人为专线操作员时 if (!operateUser.IsSpecialManager) throw new DataOperationPermissions("无此操作权限,专线操作员不能操作账号管控所有权限"); //登录人 与添加专线不一致时 if (operateUser.SpecialId != user.BranchId) throw new DataOperationPermissions("无此操作权限,专线管理员只能操作自己所属专线"); //当添加用户为管理员时 if (user.IsSpecialManager) throw new DataOperationPermissions("无此操作权限,专线管理员只能添加专线操作员账号"); model.Type = UserType.SpecialLine; model.SpecialId = user.BranchId; break; default: model.Type = user.Type; switch (user.Type) { case UserType.Branch: model.BranchId = user.BranchId; break; case UserType.SpecialLine: model.SpecialId = user.BranchId; break; default: throw new BusinessException("数据异常,不存在此数据"); } break; } model.Status = UserStatus.Normal; model.Phone = user.Phone; model.CreaterId = operateUserId; model.CreateTime = DateTime.Now; model.UpdaterId = operateUserId; model.UpdateTime = DateTime.Now; #region 设置默认权限 var value = (int)model.Type; var listMenu = _menuRepository.GetModelTracking().Where(p => ((p.UserMenu & value) == value)).ToList(); model.Menus = listMenu; #endregion BuidDataAuthorityVerify(operateUserId, model); _userRepository.Insert(model); }
/// <summary> /// 专线创建 /// </summary> /// <param name="model">model</param> public void CreateSpecial(SpecialCreateViewModel model) { #region valid if (string.IsNullOrWhiteSpace(model.Name)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "专线名称")); else if (!model.Name.ValidateLen(50)) throw new DataValidationException("专线名称长度在1-50个字符"); if (string.IsNullOrWhiteSpace(model.ChargeName)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "负责人姓名")); else if (!model.ChargeName.ValidateLen(20)) throw new DataValidationException("负责人姓名长度在1-20个字符"); if (string.IsNullOrWhiteSpace(model.ChargePhone)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "负责人手机")); else if (!model.ChargePhone.ValidateLen(11)) throw new DataValidationException("负责人手机长度在1-11个字符"); if (string.IsNullOrWhiteSpace(model.ChargePaperType)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "负责人证件名称")); else if (!model.ChargePaperType.ValidateLen(20)) throw new DataValidationException("负责人证件名称长度在1-20个字符"); if (string.IsNullOrWhiteSpace(model.ChargePaperNumber)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "负责人证件号")); else if (!model.ChargePaperNumber.ValidateLen(30)) throw new DataValidationException("负责人证件号长度在1-30个字符"); if (string.IsNullOrWhiteSpace(model.ChargeBankNumber)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "负责人银行卡号")); else if (!model.ChargeBankNumber.ValidateLen(20)) throw new DataValidationException("负责人银行卡号长度在1-20个字符"); if (string.IsNullOrWhiteSpace(model.ChargeBank)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "开户银行")); else if (!model.ChargeBank.ValidateLen(30)) throw new DataValidationException("开户银行长度在1-30个字符"); if (string.IsNullOrWhiteSpace(model.CompanyNumber)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "悠程公司卡号")); else if (!model.CompanyNumber.ValidateLen(20)) throw new DataValidationException("悠程公司卡号长度在1-20个字符"); if (string.IsNullOrWhiteSpace(model.CompanyBank)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "悠程公司卡开户银行")); else if (!model.CompanyBank.ValidateLen(30)) throw new DataValidationException("悠程公司卡开户银行长度在1-30个字符"); if (string.IsNullOrWhiteSpace(model.ContractName)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "合同名称")); else if (!model.ContractName.ValidateLen(50)) throw new DataValidationException("合同名称长度在1-50个字符"); if (model.ContractEndDate == null) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "合同到期时间")); if (model.ContractEndDate < DateTime.Now) throw new DataValidationException("合同到期时间不能小于当前时间"); if (model.ContractAttachmentList == null || model.ContractAttachmentList.Count() <= 0) throw new DataValidationException("请上传附件"); model.ContractAttachmentList.ForEach((e) => { if (string.IsNullOrWhiteSpace(e.Item2)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "合同存放地址")); if (string.IsNullOrWhiteSpace(e.Item1)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "合同文件名称")); if (!e.Item2.ValidateLen(500)) throw new DataValidationException("合同存放地址长度在1-500个字符"); }); if (string.IsNullOrWhiteSpace(model.AccountAdministrator)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "专线管理员")); else if (!model.AccountAdministrator.ValidateLen(20)) throw new DataValidationException("专线管理员长度在1-20个字符"); if (string.IsNullOrWhiteSpace(model.AccountRelName)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "真实姓名")); else if (!model.AccountRelName.ValidateLen(20)) throw new DataValidationException("真实姓名长度在1-20个字符"); if (string.IsNullOrWhiteSpace(model.AccountPhone)) throw new DataValidationException(string.Format(BusinessResourceMessage.PleaseInput, "手机号码")); else if (!model.AccountPhone.ValidateLen(11)) throw new DataValidationException("手机号码长度在1-11个字符"); #endregion var branch = this._baranchRepository.Find(c => c.ID == model.BranchId); if (branch.Type != Framework.Enums.BranchType.Branch) { throw new DataOperationPermissions("非分社不能使用该功能"); } if (_userRepository.GetModel().Any(p => p.Login.Equals(model.AccountAdministrator) && (p.Status == UserStatus.Normal || p.Status == UserStatus.Freeze))) throw new BusinessException("专线管理员已存在,请重新输入"); if (_specialMainRepository.GetModel().Any(p => p.BranchId == model.BranchId && p.Status != SpecialStatus.AccountCancellation && p.Name == model.Name)) throw new BusinessException("同一机构专线名称不能重复"); var userPhone = this._userRepository.GetModel(c => c.Status != UserStatus.AccountCancellation && c.Phone == model.AccountPhone).Count(); if (userPhone > 0) throw new BusinessException("专线管理员手机号码已被使用"); string specialCode = CommonMethod.GetInstance.GenerateCode(SPECIALCODEHEADER); string contractCode = CommonMethod.GetInstance.GenerateCode(CONTRACTCODEHEADER); //重复处理 while (_specialMainRepository.GetModel().Any(p => p.Code == specialCode)) specialCode = CommonMethod.GetInstance.GenerateCode(SPECIALCODEHEADER); while (_contractRepository.GetModel().Any(p => p.Code == contractCode)) contractCode = CommonMethod.GetInstance.GenerateCode(CONTRACTCODEHEADER); TransactionScopeNoMsdtc.UsingTransactionNoMsdtc(this._db, () => { #region //专线基本信息 Special tmp = new Special(); tmp.Name = model.Name; tmp.BranchId = model.BranchId; tmp.Code = specialCode; tmp.Status = model.Status; tmp.ChargeName = model.ChargeName; tmp.ChargePhone = model.ChargePhone; tmp.ChargePaperType = model.ChargePaperType; tmp.ChargePaperNumber = model.ChargePaperNumber; tmp.ChargeBank = model.ChargeBank; tmp.ChargeBankNumber = model.ChargeBankNumber; tmp.CompanyBank = model.CompanyBank; tmp.CompanyNumber = model.CompanyNumber; tmp.EndDate = model.ContractEndDate; tmp.CreaterId = model.Creater; tmp.CreaterName = model.CreaterName; tmp.CreateTime = model.CreateTime; tmp.UpdaterId = model.Creater; tmp.UpdaterName = model.CreaterName; tmp.UpdateTime = model.CreateTime; //专线资金信息 tmp.SpecialCapital = new SpecialCapital(); this._specialMainRepository.Insert(tmp); //合同信息 Contract contract = new Contract(); contract.SpecialId = tmp.ID; contract.BranchId = model.BranchId; contract.Name = model.ContractName; contract.Code = contractCode; contract.Type = ContractType.SpecialLine; contract.Status = ContractStatus.Normal; contract.StartDate = model.ContractStartDate; contract.EndDate = model.ContractEndDate; contract.CreaterId = model.Creater; contract.CreateTime = model.CreateTime; contract.UpdaterId = model.Creater; contract.UpdateTime = model.CreateTime; //附件信息 contract.Attachments = new List<Attachment>(); model.ContractAttachmentList.ForEach((e) => { string suffix = e.Item1.Substring(e.Item1.LastIndexOf('.'), e.Item1.Length - e.Item1.LastIndexOf('.')); contract.Attachments.Add(new Attachment() { Address = e.Item2, CreateTime = model.CreateTime, Name = e.Item1, Suffix = suffix, Type = AttachmentType.ContractAttachment }); }); this._contractRepository.Insert(contract); //管理员账号信息 User user = new User(); user.Login = model.AccountAdministrator; user.PassWord = CommonMD5.getInstance().Get2MD5(BusinessConst._PASSWORD); user.Name = model.AccountRelName; user.Phone = model.AccountPhone; user.IsSpecialManager = true; user.Type = UserType.SpecialLine; user.SpecialId = tmp.ID; user.Status = UserStatus.Normal; user.CreaterId = model.Creater; user.CreateTime = model.CreateTime; user.UpdaterId = model.Creater; user.UpdateTime = model.CreateTime; #region 设置默认权限 int value = (int)UserType.SpecialLine; var listMenu = _menuRepository.GetModelTracking().Where(p => ((p.UserMenu & value) == value)).ToList(); user.Menus = listMenu; #endregion this._userRepository.Insert(user); #endregion }); }
/// <summary> /// 数据权限验证 在数据保存前验证 /// 总公司 只能操作分社 /// 分社 只能操作他下属专线 /// 专线管理员 只能操作自己所属专线 /// 专线操作员 没有操作账号管控权限 /// 超级管理员 能操作所有数据 /// </summary> /// <param name="operateUserId">登录人</param> /// <param name="user">操作数据</param> private void BuidDataAuthorityVerify(int operateUserId, User user) { var loginUser = RedisHelp.GetLoginUserCacheNotNull(operateUserId); if (loginUser.Type == UserType.Company) { if (user.Type != UserType.Branch) throw new DataOperationPermissions("无此操作权限,总公司只能操作分社"); } if (loginUser.Type == UserType.Branch) { //分社保能操作专线 并且 还是下属专线 if (user.Type != UserType.SpecialLine) throw new DataOperationPermissions("无此操作权限,分社只能操作他下属专线"); if (!_specialRepository.GetModel().Any(p => p.BranchId == loginUser.BranchId && p.ID == user.SpecialId)) throw new DataOperationPermissions("无此操作权限,分社只能操作他下属专线"); } if (loginUser.Type == UserType.SpecialLine) { if (!loginUser.IsSpecialManager) throw new DataOperationPermissions("无此操作权限,专线操作员不能操作账号管控所有权限"); if (user.Type != UserType.SpecialLine) throw new DataOperationPermissions("无此操作权限,专线管理员只能操作专线数据"); if (user.SpecialId != loginUser.SpecialId) throw new DataOperationPermissions("无此操作权限,专线管理员只能操作自己所属专线数据"); } }