public static IHtmlString Button(this HtmlHelper htmlHelper, string buttonText, string permissions, IDictionary <string, string> attributeDic) { var user = SecurityContextHolder.Get(); if (!string.IsNullOrWhiteSpace(permissions)) { string[] permissionArray = permissions.Split(','); var q = user.UrlPermissions.Where(p => permissionArray.Contains(p)).ToList(); if (q == null || q.Count() == 0) { return(MvcHtmlString.Empty); } } var button = new TagBuilder("button"); button.SetInnerText(buttonText); if (attributeDic.ContainsKey("needconfirm") && bool.Parse(attributeDic["needconfirm"])) { if (attributeDic.ContainsKey("onclick")) { attributeDic["onclick"] = "if( confirm('" + string.Format(Resources.Global.Button_ConfirmOperation, buttonText) + "')){" + attributeDic["onclick"] + "}"; } else { attributeDic.Add("onclick", "return confirm('" + string.Format(Resources.Global.Button_ConfirmOperation, buttonText) + "');"); } } button.MergeAttributes(attributeDic); return(new HtmlString(" " + button.ToString())); }
public void Create(Supplier supplier) { genericMgr.Create(supplier); #region 用户 User u = new User(); u.Code = supplier.Code; u.Password = supplier.UserPassword; u.FirstName = supplier.Address; u.Type = com.Sconit.CodeMaster.UserType.Normal; u.Email = supplier.Email; u.TelPhone = supplier.ContactPhone; u.Language = "zh-CN"; u.IsActive = true; genericMgr.Create(u); #endregion #region 加权限 Permission permission = new Permission(); permission.Code = supplier.Code; permission.Description = supplier.Name; permission.PermissionCategory = supplier.GetType().Name; genericMgr.Create(permission); #endregion #region 加用户权限 UserPermission up = new UserPermission(); up.Permission = permission; up.User = SecurityContextHolder.Get(); genericMgr.Create(up); #endregion }
public static string CheckFlowStatement(string flow, com.Sconit.CodeMaster.OrderType?type, bool isCreateHu) { string hql = "select f from FlowMaster as f where f.Code = '" + flow.Trim() + "' and f.IsActive = " + true; if (isCreateHu) { hql += " and Type in (" + (int)com.Sconit.CodeMaster.OrderType.Procurement + "," + (int)com.Sconit.CodeMaster.OrderType.CustomerGoods + "," + (int)com.Sconit.CodeMaster.OrderType.SubContract + "," + (int)com.Sconit.CodeMaster.OrderType.Production + ")"; } else if (type != null) { if (type == com.Sconit.CodeMaster.OrderType.Procurement) { hql += " and Type in (" + (int)com.Sconit.CodeMaster.OrderType.Procurement + "," + (int)com.Sconit.CodeMaster.OrderType.Transfer + "," + (int)com.Sconit.CodeMaster.OrderType.SubContractTransfer + "," + (int)com.Sconit.CodeMaster.OrderType.CustomerGoods + "," + (int)com.Sconit.CodeMaster.OrderType.SubContract + ")"; } else if (type == com.Sconit.CodeMaster.OrderType.Distribution) { hql += " and Type in (" + (int)com.Sconit.CodeMaster.OrderType.Distribution + "," + (int)com.Sconit.CodeMaster.OrderType.Transfer + ")"; } else if (type == com.Sconit.CodeMaster.OrderType.Production) { hql += " and Type = " + (int)com.Sconit.CodeMaster.OrderType.Production; } } User user = SecurityContextHolder.Get(); if (user.Code.Trim().ToLower() != "su") { hql += " and ((f.IsCheckPartyFromAuthority = 0) or exists(select 1 from UserPermissionView up1 where up1.UserId =" + user.Id + " and up1.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + ") and up1.PermissionCode = f.PartyFrom))"; hql += " and ((f.IsCheckPartyToAuthority = 0) or exists(select 1 from UserPermissionView up2 where up2.UserId =" + user.Id + " and up2.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + ") and up2.PermissionCode = f.PartyTo))"; } return(hql); }
public static void AddPartyFromPermissionStatement(ref string whereStatement, string partyFromTableAlias, string partyFromFieldName, com.Sconit.CodeMaster.OrderType orderType, bool isSupplier) { //su特殊处理,不用考虑权限 User user = SecurityContextHolder.Get(); if (user.Code.Trim().ToLower() != "su") { if (whereStatement == string.Empty) { if (orderType == com.Sconit.CodeMaster.OrderType.Procurement) { if (isSupplier) { whereStatement = " where exists (select 1 from UserPermissionView as up where up.UserId =" + user.Id + " and up.PermissionCategoryType = " + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + " and up.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + ")"; } else { whereStatement = " where (" + partyFromTableAlias + ".IsCheckPartyFromAuthority = 0 or ( exists (select 1 from UserPermissionView as up where up.UserId =" + user.Id + "and up.PermissionCategoryType in ( " + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "." + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + " ) and up.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + ")))"; } } else if (orderType == com.Sconit.CodeMaster.OrderType.Distribution) { whereStatement = " where (" + partyFromTableAlias + ".IsCheckPartyFromAuthority = 0 or ( exists (select 1 from UserPermissionView as up where up.UserId =" + user.Id + "and up.PermissionCategory =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and up.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + ")))"; } else if (orderType == com.Sconit.CodeMaster.OrderType.Production) { whereStatement = " where (" + partyFromTableAlias + ".IsCheckPartyFromAuthority = 0 or ( exists (select 1 from UserPermissionView as up where up.UserId =" + user.Id + "and up.PermissionCategory =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and up.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + ")))"; } } else { if (orderType == com.Sconit.CodeMaster.OrderType.Procurement) { if (isSupplier) { whereStatement += " and exists (select 1 from UserPermissionView as up where up.UserId =" + user.Id + " and up.PermissionCategoryType = " + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + " and up.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + ")"; } else { whereStatement += " and (" + partyFromTableAlias + ".IsCheckPartyFromAuthority = 0 or ( exists (select 1 from UserPermissionView as up where up.UserId =" + user.Id + "and up.PermissionCategoryType in ( " + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + " ) and up.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + ")))"; } } else if (orderType == com.Sconit.CodeMaster.OrderType.Distribution) { whereStatement += " and (" + partyFromTableAlias + ".IsCheckPartyFromAuthority = 0 or ( exists (select 1 from UserPermissionView as up where up.UserId =" + user.Id + "and up.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and up.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + ")))"; } else if (orderType == com.Sconit.CodeMaster.OrderType.Production) { whereStatement += " and (" + partyFromTableAlias + ".IsCheckPartyFromAuthority = 0 or ( exists (select 1 from UserPermissionView as up where up.UserId =" + user.Id + "and up.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and up.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + ")))"; } } } }
public void Update(object instance) { IAuditable auditable = instance as IAuditable; if (auditable != null) { DateTime dateTimeNow = DateTime.Now; User user = SecurityContextHolder.Get(); auditable.LastModifyUserId = user.Id; auditable.LastModifyUserName = user.FullName; auditable.LastModifyDate = dateTimeNow; } }
private string GetEncryptDencryptPortalUserName() { string supplierCode = string.Empty; try { com.Sconit.Entity.ACC.User user = SecurityContextHolder.Get(); Supplier supplier = base.genericMgr.FindById <Supplier>(user.Name); EncryptDencryptService.EncryptDencryptService encryptDencryptService = new EncryptDencryptService.EncryptDencryptService(); supplierCode = encryptDencryptService.EncryptDencrypt(supplier.ShortCode, true, "sih_dms"); } catch (Exception ex) { } return(Server.UrlEncode(supplierCode)); }
public static void AddLocationPermissionStatement(ref string whereStatement, string locationTableAlias, string locationFieldName) { //su特殊处理,不用考虑权限 User user = SecurityContextHolder.Get(); if (user.Code.Trim().ToLower() != "su") { if (whereStatement == string.Empty) { whereStatement = " where exists (select 1 from UserPermissionView as up,Location as ln where up.UserId =" + user.Id + "and up.PermissionCategoryType = " + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and up.PermissionCode = ln.Region and ln.Code = " + locationTableAlias + "." + locationFieldName + ")"; } else { whereStatement += " and exists (select 1 from UserPermissionView as up,Location as ln where up.UserId =" + user.Id + "and up.PermissionCategoryType = " + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and up.PermissionCode = ln.Region and ln.Code = " + locationTableAlias + "." + locationFieldName + ")"; } } }
public ActionResult OrderDetailList(GridCommand command, string orderNo) { ViewBag.OrderNo = orderNo; ViewBag.PageSize = base.ProcessPageSize(command.PageSize); com.Sconit.Entity.ACC.User user = SecurityContextHolder.Get(); IList <OrderMaster> orderMasterList = null; if (user.Code.Trim().ToLower() != "su") { orderMasterList = base.genericMgr.FindAll <OrderMaster>("from OrderMaster as o where o.OrderNo=? and exists (select 1 from UserPermissionView as up where up.UserId =" + user.Id + " and up.PermissionCategoryType = " + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + " and up.PermissionCode = o.PartyFrom)", orderNo); if (orderMasterList.Count <= 0) { SaveErrorMessage("订单号不存在或您没有权限,请重新输入!"); } } return(PartialView()); }
private SearchStatementModel PrepareSearchStatement(GridCommand command, HuSearchModel searchModel) { string whereStatement = string.Empty; com.Sconit.Entity.ACC.User user = SecurityContextHolder.Get(); IList <object> param = new List <object>(); HqlStatementHelper.AddLikeStatement("HuId", searchModel.HuId, HqlStatementHelper.LikeMatchMode.Start, "h", ref whereStatement, param); HqlStatementHelper.AddEqStatement("Item", searchModel.Item, "h", ref whereStatement, param); HqlStatementHelper.AddLikeStatement("LotNo", searchModel.lotNo, HqlStatementHelper.LikeMatchMode.Start, "h", ref whereStatement, param); HqlStatementHelper.AddEqStatement("ManufactureParty", searchModel.ManufactureParty, "h", ref whereStatement, param); HqlStatementHelper.AddEqStatement("CreateUserId", user.Id, "h", ref whereStatement, param); if (searchModel.StartDate != null & searchModel.EndDate != null) { HqlStatementHelper.AddBetweenStatement("CreateDate", searchModel.StartDate, searchModel.EndDate, "h", ref whereStatement, param); } else if (searchModel.StartDate != null & searchModel.EndDate == null) { HqlStatementHelper.AddGeStatement("CreateDate", searchModel.StartDate, "h", ref whereStatement, param); } else if (searchModel.StartDate == null & searchModel.EndDate != null) { HqlStatementHelper.AddLeStatement("CreateDate", searchModel.EndDate, "h", ref whereStatement, param); } string sortingStatement = HqlStatementHelper.GetSortingStatement(command.SortDescriptors); if (command.SortDescriptors.Count == 0) { sortingStatement = " order by CreateDate desc"; } SearchStatementModel searchStatementModel = new SearchStatementModel(); searchStatementModel.SelectCountStatement = selectCountStatement; searchStatementModel.SelectStatement = selectStatement; searchStatementModel.WhereStatement = whereStatement; searchStatementModel.SortingStatement = sortingStatement; searchStatementModel.Parameters = param.ToArray <object>(); return(searchStatementModel); }
public static void AddFlowPermissionStatement(ref string whereStatement, string flowTableAlias, string flowFieldName) { //su特殊处理,不用考虑权限 User user = SecurityContextHolder.Get(); if (user.Code.Trim().ToLower() != "su") { if (whereStatement == string.Empty) { whereStatement = " where exists (select 1 from UserPermissionView as up1,FlowMaster as fm1 where (fm1.IsCheckPartyFromAuthority = 0) or (up1.UserId =" + user.Id + " and up1.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + ") and up1.PermissionCode = fm1.PartyFrom and fm1.Code = " + flowTableAlias + "." + flowFieldName + "))"; whereStatement += " and exists (select 1 from UserPermissionView as up2,FlowMaster as fm2 where (fm2.IsCheckPartyToAuthority = 0) or (up2.UserId =" + user.Id + " and up2.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + ") and up2.PermissionCode = fm2.PartyTo and fm2.Code = " + flowTableAlias + "." + flowFieldName + "))"; } else { whereStatement += " and exists (select 1 from UserPermissionView as up1,FlowMaster as fm1 where (fm1.IsCheckPartyFromAuthority = 0) or (up1.UserId =" + user.Id + " and up1.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + ") and up1.PermissionCode = fm1.PartyFrom and fm1.Code = " + flowTableAlias + "." + flowFieldName + "))"; whereStatement += " and exists (select 1 from UserPermissionView as up2,FlowMaster as fm2 where (fm2.IsCheckPartyToAuthority = 0) or (up2.UserId =" + user.Id + " and up2.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + ") and up2.PermissionCode = fm2.PartyTo and fm2.Code = " + flowTableAlias + "." + flowFieldName + "))"; } } }
public static string CheckOrderStatement(string orderNo, com.Sconit.CodeMaster.OrderType?type, bool isCreateHu) { string hql = "select o from OrderMaster as o where o.OrderNo = '" + orderNo.Trim() + "'"; if (type != null) { hql += " and o.Type = " + (int)type; } else if (isCreateHu) { hql += " and o.Type in (" + (int)com.Sconit.CodeMaster.OrderType.Procurement + "," + (int)com.Sconit.CodeMaster.OrderType.CustomerGoods + "," + (int)com.Sconit.CodeMaster.OrderType.SubContract + "," + (int)com.Sconit.CodeMaster.OrderType.Production + ")"; } User user = SecurityContextHolder.Get(); if (user.Code.Trim().ToLower() != "su") { hql += " and (exists(select 1 from UserPermissionView up1 where up1.UserId =" + user.Id + " and up1.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + ") and up1.PermissionCode = o.PartyFrom))"; hql += " and (exists(select 1 from UserPermissionView up2 where up2.UserId =" + user.Id + " and up2.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + ") and up2.PermissionCode = o.PartyTo))"; } return(hql); }
public void ExportShortCodeXLS(ItemSearchModel searchModel) { var user = SecurityContextHolder.Get(); string hql = " select i from Item as i where 1=1 "; IList <object> param = new List <object>(); if (!string.IsNullOrWhiteSpace(searchModel.Code)) { hql += " and i.Code=? "; param.Add(searchModel.Code); } if (!string.IsNullOrWhiteSpace(searchModel.Flow)) { // hql += @" and exists( select 1 from FlowDetail as f where f.Item=i.Code and f.Flow=? and exists // (select 1 from UserPermissionView as p where p.UserId =" + user.Id + " and p.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + // ") and exists ( select 1 from FlowMaster as fm where fm.Flow=? and p.PermissionCode = fm.PartyFrom or p.PermissionCode = fm.PartyTo )) ) "; hql += @" and exists( select 1 from FlowDetail as f where f.Item=i.Code and f.Flow=? and exists ( select 1 from FlowMaster as fm where fm.Code=f.Flow and fm.Code=? and exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + " and (((fm.PartyFrom=p.PermissionCode or fm.PartyTo=p.PermissionCode ) and p.PermissionCategoryType in (3,4)) or (fm.PartyTo=p.PermissionCode and p.PermissionCategoryType=2 )))))"; param.Add(searchModel.Flow); param.Add(searchModel.Flow); } else { //hql += " and exists( select f from FlowDetail as f where f.Item=i.Code and exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + ") and (p.PermissionCode = f.PartyFrom or p.PermissionCode = f.PartyTo )) ) "; hql += @" and exists( select 1 from FlowDetail as f where f.Item=i.Code and exists ( select 1 from FlowMaster as fm where fm.Code=f.Flow and exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + " and (((fm.PartyFrom=p.PermissionCode or fm.PartyTo=p.PermissionCode ) and p.PermissionCategoryType in (3,4)) or (fm.PartyTo=p.PermissionCode and p.PermissionCategoryType=2 )))))"; } if (!string.IsNullOrWhiteSpace(searchModel.ReferenceCode)) { hql += " and i.ReferenceCode like ? "; param.Add(searchModel.ReferenceCode + "%"); } IList <Item> exportList = this.genericMgr.FindAll <Item>(hql, param.ToArray()); ExportToXLS <Item>("ExportShorCode", "XLS", exportList); }
private SearchStatementModel PrepareShortSearchStatement(GridCommand command, ItemSearchModel searchModel) { var user = SecurityContextHolder.Get(); string whereStatement = " where 1=1 "; //whereStatement += @" and exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + ") and (p.PermissionCode = f.PartyFrom or p.PermissionCode = f.PartyTo ))"; IList <object> param = new List <object>(); if (!string.IsNullOrWhiteSpace(searchModel.Flow)) { whereStatement += @" and exists( select 1 from FlowDetail as f where f.Item=i.Code and f.Flow=? and exists ( select 1 from FlowMaster as fm where fm.Code=f.Flow and fm.Code=? and exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + " and (((fm.PartyFrom=p.PermissionCode or fm.PartyTo=p.PermissionCode ) and p.PermissionCategoryType in (3,4)) or (fm.PartyTo=p.PermissionCode and p.PermissionCategoryType=2 )))))"; param.Add(searchModel.Flow); param.Add(searchModel.Flow); } else { whereStatement += @" and exists( select 1 from FlowDetail as f where f.Item=i.Code and exists ( select 1 from FlowMaster as fm where fm.Code=f.Flow and exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + " and (((fm.PartyFrom=p.PermissionCode or fm.PartyTo=p.PermissionCode ) and p.PermissionCategoryType in (3,4)) or (fm.PartyTo=p.PermissionCode and p.PermissionCategoryType=2 )))))"; } HqlStatementHelper.AddLikeStatement("ReferenceCode", searchModel.ReferenceCode, HqlStatementHelper.LikeMatchMode.Start, "i", ref whereStatement, param); HqlStatementHelper.AddEqStatement("Code", searchModel.Code, "i", ref whereStatement, param); HqlStatementHelper.AddEqStatement("IsActive", true, "i", ref whereStatement, param); string sortingStatement = HqlStatementHelper.GetSortingStatement(command.SortDescriptors); SearchStatementModel searchStatementModel = new SearchStatementModel(); searchStatementModel.SelectCountStatement = selectCountStatement; searchStatementModel.SelectStatement = selectStatement; searchStatementModel.WhereStatement = whereStatement; searchStatementModel.SortingStatement = sortingStatement; searchStatementModel.Parameters = param.ToArray <object>(); return(searchStatementModel); }
public JsonResult CreateHuFX80(string ItemCode, string HuUom, decimal HuUnitCount, string LotNo, decimal HuQty, string ManufactureParty, bool isExport, string supplierLotNo) { var user = SecurityContextHolder.Get(); Item item = genericMgr.FindById <Item>(ItemCode); item.HuUom = HuUom; item.HuUnitCount = HuUnitCount; // item.supplierLotNo = supplierLotNo; item.HuQty = HuQty; item.ManufactureParty = user.Code; item.LotNo = LotNo; item.supplierLotNo = supplierLotNo; IList <Hu> huList = huMgr.CreateHu(item); string huTemplate = this.systemMgr.GetEntityPreferenceValue(Entity.SYS.EntityPreference.CodeEnum.DefaultBarCodeTemplate); foreach (var hu in huList) { hu.ManufacturePartyDescription = base.genericMgr.FindById <Party>(hu.ManufactureParty).Name; } if (isExport) { IList <PrintHu> printHuList = Mapper.Map <IList <Hu>, IList <PrintHu> >(huList); IList <object> data = new List <object>(); data.Add(printHuList); data.Add(CurrentUser.FullName); reportGen.WriteToClient(huTemplate, data, huTemplate); return(Json(null)); } else { string printUrl = PrintHuList(huList, huTemplate); object obj = new { SuccessMessage = string.Format("条码打印成功,共打印了{0}张条码", huList.Count), PrintUrl = printUrl }; return(Json(obj)); } }
public ActionResult _AjaxOrderDetailList(GridCommand command, OrderMasterSearchModel searchModel) { com.Sconit.Entity.ACC.User user = SecurityContextHolder.Get(); IList <OrderMaster> orderMasterList = null; if (user.Code.Trim().ToLower() != "su") { orderMasterList = base.genericMgr.FindAll <OrderMaster>("from OrderMaster as o where o.OrderNo=? and exists (select 1 from UserPermissionView as up where up.UserId =" + user.Id + " and up.PermissionCategoryType = " + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + " and up.PermissionCode = o.PartyFrom)", searchModel.OrderNo); if (orderMasterList.Count <= 0) { return(PartialView(new GridModel(new List <OrderDetail>()))); } } SearchStatementModel searchStatementModel = PrepareOrderDetailSearchStatement(command, searchModel); GridModel <OrderDetail> List = GetAjaxPageData <OrderDetail>(searchStatementModel, command); try { foreach (OrderDetail orderDetail in List.Data) { orderDetail.LotNo = LotNoHelper.GenerateLotNo(); } OrderMaster order = base.genericMgr.FindById <OrderMaster>(searchModel.OrderNo); foreach (OrderDetail orderDetail in List.Data) { orderDetail.ManufactureParty = order.PartyFrom; orderDetail.HuQty = orderDetail.OrderedQty; } return(View(List)); } catch (Exception) { return(PartialView(new GridModel(new List <IpLocationDetail>()))); } }
//参数OrderType指菜单类别:供货、发货、生产 //参数orderType指订单类型:采购/生产/移库/销售 public static void AddPartyFromAndPartyToPermissionStatement(ref string whereStatement, string orderTypeTableAlias, string orderTypeFieldName, string partyFromTableAlias, string partyFromFieldName, string partyToTableAlias, string partyToFieldName, com.Sconit.CodeMaster.OrderType orderType, bool isSupplier) { //su特殊处理,不用考虑权限 User user = SecurityContextHolder.Get(); if (user.Code.Trim().ToLower() != "su") { if (whereStatement == string.Empty) { if (orderType == com.Sconit.CodeMaster.OrderType.Procurement) { if (isSupplier) { whereStatement = " where " + orderTypeTableAlias + "." + orderTypeFieldName + " in (" + (int)com.Sconit.CodeMaster.OrderType.CustomerGoods + "," + (int)com.Sconit.CodeMaster.OrderType.Procurement + "," + (int)com.Sconit.CodeMaster.OrderType.SubContract + "," + (int)com.Sconit.CodeMaster.OrderType.ScheduleLine + ")" + " and exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + ") and p.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + ")"; } else { whereStatement = " where ((" + orderTypeTableAlias + "." + orderTypeFieldName + " in (" + (int)com.Sconit.CodeMaster.OrderType.CustomerGoods + "," + (int)com.Sconit.CodeMaster.OrderType.Procurement + "," + (int)com.Sconit.CodeMaster.OrderType.SubContract + "," + (int)com.Sconit.CodeMaster.OrderType.ScheduleLine + ") and ( exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + ") and p.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + "))" + " and (exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyToTableAlias + "." + partyToFieldName + ")))" + " or (" + orderTypeTableAlias + "." + orderTypeFieldName + " in (" + (int)com.Sconit.CodeMaster.OrderType.Transfer + "," + (int)com.Sconit.CodeMaster.OrderType.SubContractTransfer + ") and ( exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyToTableAlias + "." + partyToFieldName + "))))"; } } else if (orderType == com.Sconit.CodeMaster.OrderType.Distribution) { whereStatement = " where ((" + orderTypeTableAlias + "." + orderTypeFieldName + " = " + (int)com.Sconit.CodeMaster.OrderType.Distribution + " and ( exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + ") and p.PermissionCode = " + partyToTableAlias + "." + partyToFieldName + ")) and (exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + ")))" + " or (" + orderTypeTableAlias + "." + orderTypeFieldName + " in (" + (int)com.Sconit.CodeMaster.OrderType.Transfer + "," + (int)com.Sconit.CodeMaster.OrderType.SubContractTransfer + ") and ( exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + "))))"; } else if (orderType == com.Sconit.CodeMaster.OrderType.Production) { whereStatement = " where (( exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + "))" + " or (( exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyToTableAlias + "." + partyToFieldName + ")))"; } else if (orderType == com.Sconit.CodeMaster.OrderType.Transfer) { whereStatement = " where (( exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + "))" + " or (exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyToTableAlias + "." + partyToFieldName + ")))"; } } else { if (orderType == com.Sconit.CodeMaster.OrderType.Procurement) { if (isSupplier) { whereStatement += " and " + orderTypeTableAlias + "." + orderTypeFieldName + " in (" + (int)com.Sconit.CodeMaster.OrderType.CustomerGoods + "," + (int)com.Sconit.CodeMaster.OrderType.Procurement + "," + (int)com.Sconit.CodeMaster.OrderType.SubContract + "," + (int)com.Sconit.CodeMaster.OrderType.ScheduleLine + ")" + " and exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + ") and p.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + ")"; } else { whereStatement += " and ((" + orderTypeTableAlias + "." + orderTypeFieldName + " in (" + (int)com.Sconit.CodeMaster.OrderType.CustomerGoods + "," + (int)com.Sconit.CodeMaster.OrderType.Procurement + "," + (int)com.Sconit.CodeMaster.OrderType.SubContract + "," + (int)com.Sconit.CodeMaster.OrderType.ScheduleLine + ") and ( exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Supplier + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + ") and p.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + "))" + " and (exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyToTableAlias + "." + partyToFieldName + ")))" + " or (" + orderTypeTableAlias + "." + orderTypeFieldName + " in (" + (int)com.Sconit.CodeMaster.OrderType.Transfer + "," + (int)com.Sconit.CodeMaster.OrderType.SubContractTransfer + ") and ( exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyToTableAlias + "." + partyToFieldName + "))))"; } } else if (orderType == com.Sconit.CodeMaster.OrderType.Distribution) { whereStatement += " and ((" + orderTypeTableAlias + "." + orderTypeFieldName + " = " + (int)com.Sconit.CodeMaster.OrderType.Distribution + " and ( exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType in (" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + "," + (int)com.Sconit.CodeMaster.PermissionCategoryType.Customer + ") and p.PermissionCode = " + partyToTableAlias + "." + partyToFieldName + ")) and (exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + ")))" + " or (" + orderTypeTableAlias + "." + orderTypeFieldName + " in (" + (int)com.Sconit.CodeMaster.OrderType.Transfer + "," + (int)com.Sconit.CodeMaster.OrderType.SubContractTransfer + ") and ( exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + "))))"; } else if (orderType == com.Sconit.CodeMaster.OrderType.Production) { whereStatement += " and (( exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + "))" + " or (exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyToTableAlias + "." + partyToFieldName + ")))"; } else if (orderType == com.Sconit.CodeMaster.OrderType.Transfer) { whereStatement += " and (( exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyFromTableAlias + "." + partyFromFieldName + "))" + " or (exists (select 1 from UserPermissionView as p where p.UserId =" + user.Id + "and p.PermissionCategoryType =" + (int)com.Sconit.CodeMaster.PermissionCategoryType.Region + " and p.PermissionCode = " + partyToTableAlias + "." + partyToFieldName + ")))"; } } } }