public string GetFunByUserID(string userID)
{
var sql =
$@"select distinct b.NAME,b.ID,b.PID,ARGS from PRIVS_ROLE_FUNCPRIVS a
left join PRIVS_FUNCPRIVS b on a.PRIVSID = b.id where a.roleID in
( select ifnull(RoleID,'-1') from PRIVS_USER_ROLE where UserID='{userID}') and ID is not null order by b.INDEXOFORDER";
var context = DBHelperPool.Instance.GetDbHelper();
if (context == null)
{
return(JsonHelper.SerializeObject(new ResultModel(false, "数据库连接错误!")));
}
var dt = context.getDataTableResult(sql);
if (dt == null || dt.Rows.Count == 0)
{
return(JsonHelper.SerializeObject(new ResultModel(false, "用户不存在!")));
}
var entList = dt.ToEntList <FuncTree>();
var el = entList.Where(e => string.IsNullOrEmpty(e.PID)).ToList();
foreach (var item in el)
{
GetFunC(entList, item);
}
return(JsonHelper.SerializeObject(ToolResult.Success(el)));
}
public virtual string SelectByWhere(string cols, string where,
string orderBy, int pageSize, int pageIndex, bool bReturnSum)
{
var sqlTemplate = "select {0} from {1} where 1=1 {2} {3} limit {4},{5}";
var whereStr = string.IsNullOrEmpty(where) ? "" : where; //需要加入遗产地的默认条件
var orderByStr = string.IsNullOrEmpty(orderBy) ? "" : " order by " + orderBy;
pageIndex = pageIndex <= 0 ? 1 : pageIndex;
var limit = (pageIndex - 1) * pageSize;
var sql = string.Format(sqlTemplate, string.IsNullOrEmpty(cols) ? "*" :
cols, TableName, whereStr, orderByStr, limit, pageSize);
var context = DBHelperPool.Instance.GetDbHelper();
if (context == null)
{
return(JsonHelper.SerializeObject(ToolResult.Failure("数据连接异常!")));
}
DataTable datatable = context.getDataTableResult(sql);
if (!bReturnSum)
{
return(JsonHelper.SerializeObject(ToolResult.Success(datatable)));
}
var sqlSum = $"select count(*) from {GetModelName(TableName)} where 1=1 {whereStr} {orderByStr}";
int count = 0;
int.TryParse(context.executeScalar(sqlSum).ToString(), out count);
return(JsonHelper.SerializeObject(ToolResult.Success(new { data = datatable, sum = count })));
}
private string CommonLogion(string userName, string pwd, string code = "")
{
if (!string.IsNullOrEmpty(code) && code != SessionHelper.GetCheckCode())
{
return(JsonHelper.SerializeObject(new ResultModel(false, "短信验证码错误!")));
}
var context = DBHelperPool.Instance.GetDbHelper();
if (context == null)
{
return(JsonHelper.SerializeObject(new ResultModel(false, "数据库连接错误!")));
}
var sql = @"
select a.*,c.Name as POSITIONNAME,b.ROLENAME as LEADERName,d.NAME as DEPARTMENTName from PRIVS_USER a
left join PRIVS_DEPARTMENT d on a.DEPARTMENTID=d.id
left join PRIVS_LEADER b on a.ID=b.USERID
left join PRIVS_POSITION c on a.POSITIONID=c.ID where a.Name='{1}' and Password='******'"; //a.NAMEPassword='******'
//防注入代码记得放开
var dt = context.getDataTableResult(string.Format(sql, DESHelper.EncodePassword(pwd), userName)); // DESHelper.EncodePassword(userName),
if (dt == null || dt.Rows.Count == 0)
{
var dtUser = context.getDataTableResult(
$"select * from PRIVS_USER where NAME='{userName}'");
var strMsgUser = dtUser != null && dtUser.Rows.Count > 0 ? "密码错误!" : "用户名错误!";
return(JsonHelper.SerializeObject(new ResultModel(false, strMsgUser)));
}
return(JsonHelper.SerializeObject(ToolResult.Success(dt)));
}
public virtual string GetDetailByMainID(string mainId)
{
string sql = $"select * from {TableName} where id='{mainId}'";
var context = DBHelperPool.Instance.GetDbHelper();
if (context == null)
{
return(JsonHelper.SerializeObject(ToolResult.Failure("数据连接异常!")));
}
var datatable = context.getDataTableResult(sql);
return(JsonHelper.SerializeObject(ToolResult.Success(datatable)));
}
public virtual string GetDetailByMainID(string mainId, string cols, string keyField = "id")
{
string sql =
$"select {(string.IsNullOrEmpty(cols) ? "*" : cols)} from {TableName} where {keyField}='{mainId}'";
var context = DBHelperPool.Instance.GetDbHelper();
if (context == null)
{
return(JsonHelper.SerializeObject(ToolResult.Failure("数据连接异常!")));
}
var datatable = context.getDataTableResult(sql);
return(JsonHelper.SerializeObject(ToolResult.Success(datatable)));
}
public string GetUserPZ(string userID)
{
try
{
var o = SessionHelper.GetUser();
if (o.ID != userID)
{
return(JsonHelper.SerializeObject(new ResultModel(false, "用户没有登录!")));
}
return(JsonHelper.SerializeObject(ToolResult.Success(o)));
}
catch (Exception ex)
{
return(JsonHelper.SerializeObject(new ResultModel(false, ex.Message)));
}
}
public string GetFunByRole(string roleID)
{
var sql =
$@"
select b.NAME,b.ID,b.PID,a.ARGS from PRIVS_ROLE_FUNCPRIVS a
left join PRIVS_FUNC b on a.PRIVSID = b.id where a.roleID='{roleID}'";
var context = DBHelperPool.Instance.GetDbHelper();
if (context == null)
{
return(JsonHelper.SerializeObject(new ResultModel(false, "数据库连接错误!")));
}
var dt = context.getDataTableResult(sql);
var entList = dt.ToEntList <FuncTree>();
var el = entList.Where(e => e.PID == null).ToList();
foreach (var item in el)
{
GetFunC(entList, item);
}
return(JsonHelper.SerializeObject(ToolResult.Success(el)));
}