public ApiReturns Post(ViewPersonInfo viewPerson)
{
var loginUser = LoginStatus.GetLoginUser();
// 权限验证,非超级管理员不允许添加超级管理员账户,不允许添加不属于其所属单位的人员信息
if (!LoginStatus.IsSuperAdminLogin() && (viewPerson.UserType == 0 || viewPerson.DepartmentId != loginUser.DepartmentId))
{
return(ApiReturns.Forbidden());
}
viewPerson.AddTime = DateTime.Now;
var person = new PersonInfo
{
AddTime = DateTime.Now,
Name = viewPerson.Name,
DepartmentId = viewPerson.DepartmentId,
Gender = viewPerson.Gender,
HeadPortraitPath = viewPerson.HeadPortraitPath ?? string.Empty,
WorkNo = viewPerson.WorkNo
};
var user = new SystemUser
{
Username = viewPerson.Username,
Password = EncryptHelper.EncryptPassword(viewPerson.Password),
UserType = viewPerson.UserType ?? 0
};
var success = _personBll.AddPeronAndSystemUser(person, user);
return(success ? ApiReturns.Created() : ApiReturns.BadRequest());
}
public ApiReturns GetDirsAndFiles(int id)
{
List <FileDirectory> dirs;
List <ViewDepartFiles> files;
if (id == 0)
{
// 顶级目录,所有人看到的都一样
dirs = _dirBll.QueryList(d => d.IsTopestDir && !d.IsDeleted).ToList();
files = new List <ViewDepartFiles>();
}
else
{
var loginUser = LoginStatus.GetLoginUser();
var departId = loginUser.DepartmentId;
// 子目录,各单位的只能看到自己单位的以及公共的目录
dirs = _dirBll.QueryList(
d => !d.IsDeleted && d.ParentId == id && // 定位到当前目录
(d.DepartmentId == departId || d.IsCommon)) // 查询公共的及单位私有的文件夹
.ToList();
// 子目录,各单位的只能看到自己单位的以及公共的目录
files = _fileBll.QueryList(
f => !f.IsDeleted && f.FileDirectoryId == id &&
(f.IsCommon || f.DepartmentId == departId))
.ToList();
}
return(ApiReturns.Ok(new { dirs, files }));
}
public ApiReturns Post(Department model)
{
model.AddTime = DateTime.Now;
model = _departmentBll.Add(model);
return(ApiReturns.Created(model));
}
public override void OnActionExecuting(HttpActionContext actionContext)
{
base.OnActionExecuting(actionContext);
//_logger.Info("executing LoginFilter");
// 对使用AllowAnonymous特性标记的Action不执行验证
if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any())
{
return;
}
// 从url中获取app_token
var token = string.Empty;
var query = actionContext.Request.RequestUri.Query;
if (!string.IsNullOrEmpty(query))
{
var match = Regex.Match(query, $@"\?.*?{Literals.AppTokenName}=([^&]+)&*");
token = match.Groups[1].Value;
}
if (string.IsNullOrEmpty(token))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden, ApiReturns.Forbidden());
}
CallContext.SetData(Literals.AppTokenName, token);
if (!LoginStatus.HasLogin(token))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK,
ApiReturns.TokenExpired());
}
}
public ApiReturns Put(int id, ViewPersonInfo viewPerson)
{
var loginUser = LoginStatus.GetLoginUser();
// 权限验证,非超级管理员不允许将账户修改为超级管理员账户,不允许添加不属于其所属单位的人员信息
if (!LoginStatus.IsSuperAdminLogin() && (viewPerson.UserType == 0 || viewPerson.DepartmentId != loginUser.DepartmentId))
{
return(ApiReturns.Forbidden());
}
var person = _personBll.QuerySingle(id);
var user = _systemUserBll.QuerySingle(s => s.PersonInfoId == id);
if (person == null || user == null)
{
return(ApiReturns.BadRequest());
}
person.Name = viewPerson.Name;
person.DepartmentId = viewPerson.DepartmentId;
person.Gender = viewPerson.Gender;
person.HeadPortraitPath = viewPerson.HeadPortraitPath;
person.WorkNo = viewPerson.WorkNo;
user.Username = viewPerson.Username;
user.UserType = viewPerson.UserType.Value;
var success = _personBll.ExecuteTranscation(() => _personBll.Update(person), () => _systemUserBll.Update(user));
return(success ? ApiReturns.Created() : ApiReturns.BadRequest());
}
public ApiReturns Rename(int id, string newName)
{
var dir = _dirBll.QuerySingle(id);
if (dir == null)
{
return(ApiReturns.BadRequest());
}
if (string.IsNullOrEmpty(newName) || dir.DirName == newName)
{
return(ApiReturns.BadRequest());
}
dir.DirName = newName;
dir.LastModifyTime = DateTime.Now;
// 检查是否重名
if (DirNameExists(dir))
{
return(ApiReturns.Exists());
}
// 更新
var success = UpdateDir(dir, Operation.Update);
if (success)
{
return(ApiReturns.Created());
}
return(ApiReturns.BadRequest());
}
public ApiReturns Put(int id, Department department)
{
var model = _repos.QuerySingle(d => d.Id == id);
if (model == null)
{
return(ApiReturns.NotFound());
}
// 验证是否重名
if (_repos.Exists(d => d.Name == department.Name && d.Id != id))
{
return(ApiReturns.Exists());
}
model.Name = department.Name;
var success = _repos.Update(model);
if (success)
{
return(ApiReturns.Created(model));
}
return(ApiReturns.BadRequest());
}
public ApiReturns Get(GetPageParams param)
{
var page = param.page;
var size = param.size;
var name = param.conditions.Value <string>("name");
Expression <Func <Department, bool> > predicate;
if (string.IsNullOrEmpty(name))
{
predicate = d => d.IsDeleted == false;
}
else
{
predicate = d => d.IsDeleted == false && d.Name.Contains(name);
}
var totalCount = _departmentBll.GetTotalCount(predicate);
var list = _departmentBll.QueryList(predicate)
.OrderByDescending(d => d.AddTime)
.Skip((page - 1) * size)
.Take(size);
return(ApiReturns.Ok(new { total = totalCount, list }));
}
public ApiReturns Put(int id, Banner banner)
{
if (banner == null)
{
return(ApiReturns.BadRequest());
}
var model = _repos.QuerySingle(b => b.Id == id);
if (model == null)
{
return(ApiReturns.NotFound());
}
model.IsEffective = banner.IsEffective;
model.ImgUrl = banner.ImgUrl;
model.Link = banner.Link;
var success = _repos.Update(model);
if (success)
{
return(ApiReturns.Created(model));
}
return(ApiReturns.BadRequest());
}
public ApiReturns Put(int id, string newName)
{
if (string.IsNullOrEmpty(newName))
{
return(ApiReturns.BadRequest());
}
var file = _departFilesBll.QuerySingle(id);
if (file == null)
{
return(ApiReturns.BadRequest());
}
if (file.IsCommon && !LoginStatus.IsSuperAdminLogin())
{
return(ApiReturns.Forbidden());
}
file.FileName = newName;
var success = UpdateFile(file, Operation.Update);
if (success)
{
return(ApiReturns.Created());
}
return(ApiReturns.Failed());
}
public ApiReturns Put(int id, Job job)
{
var model = _repos.QuerySingle(j => j.Id == id && !j.IsDeleted);
if (model == null)
{
return(ApiReturns.NotFound());
}
model.DepartmentId = job.DepartmentId;
model.AsumePosts = job.AsumePosts;
model.HiringNumber = job.HiringNumber;
model.JobTypeId = job.JobTypeId;
model.Preference = job.Preference;
model.Requirements = job.Requirements;
model.Responsibilities = job.Responsibilities;
model.WorkingPlace = job.WorkingPlace;
var success = _repos.Update(model);
if (success)
{
return(ApiReturns.Created(model));
}
return(ApiReturns.BadRequest());
}
public ApiReturns GetUpdated()
{
var s = HttpContext.Current.Request["ids"];
var ids = JsonConvert.DeserializeObject <int[]>(s);
var list = _dirBll.QueryList(d => ids.Contains(d.Id));
return(ApiReturns.Ok(list));
}
public override void OnException(HttpActionExecutedContext actionExecutedContext)
{
base.OnException(actionExecutedContext);
var logger = log4net.LogManager.GetLogger(nameof(ExceptionFilter));
logger.Error(actionExecutedContext.Exception?.Message, actionExecutedContext.Exception);
actionExecutedContext.Request.CreateResponse(HttpStatusCode.BadRequest, ApiReturns.BadRequest());
}
public ApiReturns Post(Banner banner)
{
var success = _repos.Add(banner);
if (success)
{
return(ApiReturns.Created(banner));
}
return(ApiReturns.BadRequest());
}
public ApiReturns Post(JobType jobType)
{
var success = _repos.Add(jobType);
if (success)
{
return(ApiReturns.Created(jobType));
}
return(ApiReturns.BadRequest());
}
public ApiReturns Put(int id, Department model)
{
if (string.IsNullOrEmpty(model?.Name))
{
return(ApiReturns.BadRequest());
}
var depart = _departmentBll.QuerySingle(id);
depart.Name = model.Name;
var success = _departmentBll.Update(depart);
return(success ? ApiReturns.Created(depart) : ApiReturns.BadRequest());
}
public ApiReturns Post(Product product, List <ProductImage> images)
{
var success = _proRepos.ExecuteTransaction(() =>
{
var s = _proRepos.Add(product);
if (s)
{
images.ForEach(i => i.ProductId = product.Id);
return(_imgRepos.AddRange(images));
}
return(false);
});
return(success ? ApiReturns.BadRequest() : ApiReturns.Created(new { product, images }));
}
public ApiReturns Post(Department department)
{
if (_repos.Exists(d => d.Name == department.Name))
{
return(ApiReturns.Exists());
}
var success = _repos.Add(department);
if (success)
{
return(ApiReturns.Created(department));
}
return(ApiReturns.BadRequest());
}
public ApiReturns GetPage(GetPageParams param)
{
if (!ModelState.IsValid)
{
return(ApiReturns.BadRequest());
}
var name = param.conditions.Value <string>("name");
var departId = param.conditions.Value <int>("departId");
var userType = param.conditions.Value <int>("userType");
var list = _viewPersonBll.QueryList(p => p.IsDeleted == false);
#region 条件过滤
// 条件查询
if (LoginStatus.IsSuperAdminLogin())
{
if (departId > 0)
{
list = list.Where(p => p.DepartmentId == departId);
}
if (userType >= 0)
{
list = list.Where(p => p.UserType == userType);
}
}
else
{
// 一般管理员登录,仅查询其所属单位的人员信息
var user = LoginStatus.GetLoginUser();
list = list.Where(p => p.DepartmentId == user.DepartmentId);
}
if (!string.IsNullOrEmpty(name))
{
list = list.Where(p => p.Name.Contains(name) || p.WorkNo.Contains(name));
}
#endregion
// 分页
list = list.OrderByDescending(p => p.Id)
.Skip((param.page - 1) * param.size)
.Take(param.size);
var total = list.Count();
return(ApiReturns.Ok(new { total, list }));
}
//[HttpPost]
public JsonResult Index(string account, string password)
{
var encryptPwd = EncryptHelper.EncryptPassword(password);
var sysUser = _sysUserBll.QuerySingle(account, encryptPwd);
if (sysUser != null)
{
// 登录成功,返回用户信息
var user = _personInfoBll.QuerySingle(sysUser.PersonInfoId);
var token = LoginStatus.GenerateLoginToken(sysUser.Id, sysUser.Password);
var res = ApiReturns.Ok(new { User = user, Token = token });
return(Json(res));
}
return(Json(ApiReturns.Unauthorized()));
}
public ApiReturns Delete(int id)
{
var person = _personBll.QuerySingle(id);
var user = _systemUserBll.QuerySingle(s => s.PersonInfoId == id);
var loginUser = LoginStatus.GetLoginUser();
// 权限验证,非超级管理员不允许删除非本单位的账户
if (!LoginStatus.IsSuperAdminLogin() && person.DepartmentId != loginUser.DepartmentId)
{
return(ApiReturns.Forbidden());
}
person.IsDeleted = true;
user.IsDeleted = true;
var success = _personBll.ExecuteTranscation(() => _personBll.Update(person) && _systemUserBll.Update(user));
return(success ? ApiReturns.NoContent() : ApiReturns.BadRequest());
}
public ApiReturns Delete(int id)
{
var model = _repos.QuerySingle(j => j.Id == id && !j.IsDeleted);
if (model == null)
{
return(ApiReturns.NotFound());
}
model.IsDeleted = true;
var success = _repos.Update(model);
if (success)
{
return(ApiReturns.NoContent());
}
return(ApiReturns.BadRequest());
}
public override void OnActionExecuting(HttpActionContext actionContext)
{
base.OnActionExecuting(actionContext);
if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any())
{
return;
}
if (actionContext.Request.Method.Method.ToUpper() == "GET")
{
return;
}
// 从url中获取app_token
var token = string.Empty;
var query = actionContext.Request.RequestUri.Query;
if (!string.IsNullOrEmpty(query))
{
var match = Regex.Match(query, $@"\?.*?{Literals.AppTokenName}=([^&]+)&*");
token = match.Groups[1].Value;
}
if (string.IsNullOrEmpty(token))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden, ApiReturns.Forbidden());
}
var repos = new Repository <SystemUser>();
var leagal = LoginHelper.IsTokenLeagal(token, userId => repos.QuerySingle(u => u.Id == userId)?.Password);
if (leagal)
{
CallContext.SetData(Literals.AppTokenName, token);
return;
}
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK,
ApiReturns.TokenExpired());
}
public ApiReturns Delete(int id)
{
var dir = _dirBll.QuerySingle(id);
// 顶级目录删除权限控制
if (dir.ParentId == 0 && !LoginStatus.IsSuperAdminLogin())
{
return(ApiReturns.Forbidden());
}
dir.IsDeleted = true;
var success = UpdateDir(dir, Operation.Delete);
if (success)
{
return(ApiReturns.NoContent());
}
return(ApiReturns.Failed());
}
public ApiReturns Delete(int id)
{
var file = _departFilesBll.QuerySingle(id);
if (file == null)
{
return(ApiReturns.NotFound());
}
if (file.IsCommon && !LoginStatus.IsSuperAdminLogin())
{
return(ApiReturns.Forbidden());
}
file.IsDeleted = true;
var success = UpdateFile(file, Operation.Delete);
if (success)
{
return(ApiReturns.NoContent());
}
return(ApiReturns.Failed());
}
public ApiReturns Post()
{
var r = HttpContext.Current.Request;
var username = r["username"];
var password = r["password"];
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
return(ApiReturns.Unauthorized());
}
var e = password.GetMd5();
var user = _repos.QuerySingle(u => u.Username == username && u.Password == e);
if (user != null)
{
var token = LoginHelper.GenerateToken(user.Id, user.Password);
user.Password = ""; // 防止密码流向客户端
return(ApiReturns.Ok(new { User = user, Token = token }));
}
return(ApiReturns.Unauthorized());
}
public ApiReturns Post(dynamic param)
{
var r = HttpContext.Current.Request;
string account;
string password;
try
{
account = param.account;
password = param.password;
}
catch (Exception)
{
account = r["account"];
password = r["password"];
}
if (string.IsNullOrEmpty(account) || string.IsNullOrEmpty(password))
{
return(ApiReturns.BadRequest());
}
var encryptPwd = EncryptHelper.EncryptPassword(password);
var sysUser = _sysUserBll.QuerySingle(account, encryptPwd);
if (sysUser != null)
{
// 登录成功,返回用户信息
var user = _viewSystemUserBll.QuerySingle(sysUser.Id);
var token = LoginStatus.GenerateLoginToken(sysUser.Id, sysUser.Password);
return(ApiReturns.Ok(new { User = user, Token = token }));
}
return(ApiReturns.Unauthorized());
}
public ApiReturns Post(FileDirectory model)
{
// 只有超级管理员才能添加顶级目录
if (model.ParentId == 0 && !LoginStatus.IsSuperAdminLogin())
{
return(ApiReturns.Forbidden());
}
if (DirNameExists(model))
{
return(ApiReturns.Exists());
}
model.CreateTime = DateTime.Now;
model.LastModifyTime = DateTime.Now;
model.CreatorId = LoginStatus.GetLoginUser().Id;
// 插入数据库
var success = _dirBll.ExecuteTranscation(() =>
{
var s = _dirBll.Add(model).Id > 0;
if (s)
{
var d = new DbUpdateLog(nameof(FileDirectory), model.Id, (int)Operation.Insert);
return(_logBll.Add(d).Id > 0);
}
return(false);
});
if (success)
{
return(ApiReturns.Created(model));
}
return(ApiReturns.BadRequest());
}
public ApiReturns Get()
{
var data = _repos.QueryAll();
return(ApiReturns.Ok(data));
}
public ApiReturns Delete(int id)
{
var success = _departmentBll.Delete(id);
return(success ? ApiReturns.NoContent() : ApiReturns.BadRequest());
}
