Esempio n. 1
0
        /// <summary>
        /// 添加工作人员
        /// </summary>
        /// <param name="id">归属单位ID(注意和工作单位的区别)</param>
        /// <returns></returns>
        public ActionResult AddAdmin(int id)
        {
            AdminViewData viewData = new AdminViewData();
            var org = (from o in CQGJ.Org
                       where o.OrgID == id
                       select o).First();
            viewData.Org = org;
            ViewData["ErrorInfo"] = null;
            if (Request.HttpMethod == "POST")
            {
                //添加学员信息
                string username = GetString("Username");
                if (username != "" && GetString("Password") != "")
                {
                    var admins = from a in CQGJ.Admin
                                 where a.Username == username
                                 select a;
                    if (admins.Count() <= 0)
                    {
                        Admin admin = new Admin();
                        admin.Username = GetString("Username");
                        admin.Password = Core.Security.MD5Encrypt(GetString("Password"));
                        admin.Gender = GetString("Gender");
                        admin.Nation = GetString("Nation");
                        admin.Politics = GetString("Politics");
                        admin.IDCard = GetString("IDCard");
                        admin.Birthday = GetDate("Birthday");
                        if (admin.Birthday < new DateTime(1900, 1, 1))
                        { admin.Birthday = DateTime.Today; }
                        admin.Telephone = GetString("Telephone");
                        admin.Cellphone = GetString("Cellphone");
                        admin.WorkingOrgName = GetString("WorkingOrgName");
                        admin.Position = GetString("Position");
                        admin.OrgID = org.OrgID;
                        CQGJ.AddToAdmin(admin);
                        CQGJ.SaveChanges();
                        return RedirectToAction("adminlist/" + org.OrgID + "/1");
                    }
                    else
                    {
                        ViewData["ErrorInfo"] = "用户名已存在!";
                    }
                }
                else
                {
                    ViewData["ErrorInfo"] = "用户名和密码不能为空!";
                }
            }
            viewData.Nation = Nation("汉族");
            viewData.GenderList = GenderList("男");

            return View(viewData);
        }
Esempio n. 2
0
        /// <summary>
        /// 用户登录验证
        /// 市委组织部:0230345345678980
        /// 区县组织部:023100
        /// 市级部门:023200
        /// </summary>
        public ActionResult Login()
        {
            if (Request.RequestType == "POST")
            {
                int loginType = GetInt("LoginType");
                string rightnames = "";
                User user = new User();
                Admin admin = new Admin();
                Org org = new Org();
                string username = GetString("username");
                string password = Security.MD5Encrypt(GetString("password"));

                //学员登录流程
                //直接在本系统进行登录验证
                if (loginType == 0)
                {
                    var users = from u in CQGJ.User
                                where u.Username == username && u.Password == password
                                select u;
                    if (users.Count() <= 0)
                    {
                        ViewData["ErrorMessage"] = "用户名或密码有误!";
                        return View();
                    }
                    else
                    {
                        user = users.First();
                    }
                    rightnames = "普通用户";
                    //HttpContext.Session["OrgID"] = ToOrgID(orgCode);
                    //HttpContext.Session["OrgCode"] = orgCode;
                    //HttpContext.Session["PassportUserID"] = user.UserID;
                    //HttpContext.Session["Username"] = user.Username;
                    //HttpContext.Session["OrgType"] = cqgj.GetOrgType(orgCode);
                    Session["User"] = user;
                    Session["UserID"] = user.UserID;

                    // Create a new ticket used for authentication
                    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                        1,                                      // Ticket version
                        user.Username,                          // Username associated with ticket
                        DateTime.Now,                           // Date/time issued
                        DateTime.Now.AddMinutes(30),            // Date/time to expire
                        true,                                   // "true" for a persistent user cookie
                        rightnames,                             // User-data, in this case the roles
                        FormsAuthentication.FormsCookiePath);   // Path cookie valid for
                    string hash = FormsAuthentication.Encrypt(ticket);
                    HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);
                    if (ticket.IsPersistent) cookie.Expires = ticket.Expiration;
                    Response.Cookies.Add(cookie);

                    return RedirectToAction("index", "user");
                }
                //工作人员登录验证流程
                //先到办公系统验证,当无法与办公系统联系时,直接在本系统进行验证
                //admin测试用户名为admin,密码为testtest
                else if (loginType == 1)
                {
                    string roleName = "";

                    if (Settings.SSO_Enabled == true)
                    {
                        UserCenterService uc = new UserCenterService();
                        LoginInfo loginInfo = XmlHandler.ParseLogin(
                            uc.PublicLogin(Settings.SSO_Username, Settings.SSO_Password,
                           username, GetString("password"), Settings.SSO_AppID));
                        if (loginInfo.Result != 0)
                        {
                            ViewData["ErrorMessage"] = "用户名或密码有误";
                            return View();
                        }
                        admin.Username = loginInfo.User.yhm;
                        string orgcode = loginInfo.UnitList[0].jgbm;
                        org = (from o in CQGJ.Org
                               where o.OrgCode == orgcode
                               select o).First();
                        List<Role> roles = new List<Role>();
                        foreach (string i in loginInfo.Role)
                        {
                            int t = Convert.ToInt32(i);
                            Role temp = (from r in CQGJ.Role
                                        where r.RoleID == t
                                        select r).FirstOrDefault();
                            roles.Add(temp);
                        }
                        //要改成支持多个角色
                        if (roles.Count() > 0)
                        {
                            roleName = roles.First().RoleName;
                        }
                        else
                        {
                            ViewData["ErrorMessage"] = "该用户未被授权访问,如有疑问,请联系管理员!";
                            return View();
                        }
                    }
                    else
                    {
                        var admins = from a in CQGJ.Admin
                                     where a.Username == username && a.Password == password
                                     select a;

                        if (admins.Count() <= 0)
                        {
                            ViewData["ErrorMessage"] = "用户名或密码有误";
                            return View();
                        }
                        else
                        { admin = admins.First(); }

                        org = (from o in CQGJ.Org
                               where o.OrgID == admin.OrgID
                               select o).First();

                        var roles = from r in CQGJ.Role
                                    from ur in CQGJ.UsersInRoles
                                    where ur.AdminID == admin.AdminID && ur.RoleID == r.RoleID
                                    select r;
                        //要改成支持多个角色
                        roleName = roles.First().RoleName;
                    }

                    string[] rightList = { };
                    var rights = from r in CQGJ.Role
                                 from rr in CQGJ.RightsofRoles
                                 from ri in CQGJ.Right
                                 where r.RoleName == roleName && rr.RoleID == r.RoleID && rr.RightID == ri.RightID
                                 select ri;
                    foreach (var r in rights)
                    { rightnames += r.RightName + ","; }
                    rightnames += "管理员";
                    if (roleName == "超级管理员")
                    { rightnames = roleName; }
                    Session["RightList"] = rightnames;
                    Session["OrgType"] = org.OrgType;
                    Session["Org"] = org;
                    Session["Admin"] = admin;

                    // Create a new ticket used for authentication
                    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                        1,                                      // Ticket version
                        admin.Username,                         // Username associated with ticket
                        DateTime.Now,                           // Date/time issued
                        DateTime.Now.AddMinutes(30),            // Date/time to expire
                        true,                                   // "true" for a persistent user cookie
                        rightnames,                             // User-data, in this case the roles
                        FormsAuthentication.FormsCookiePath);   // Path cookie valid for
                    // Encrypt the cookie using the machine key for secure transport
                    string hash = FormsAuthentication.Encrypt(ticket);
                    HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);
                    if (ticket.IsPersistent) cookie.Expires = ticket.Expiration;
                    Response.Cookies.Add(cookie);

                    return RedirectToAction("index", "admin");
                }
            }
            return View();
        }