/// <summary>
/// 参数检查
/// </summary>
/// <param name="context">当前请求上下文</param>
/// <param name="userInfo">用户信息</param>
/// <param name="checkLocalIp">检查内网</param>
/// <param name="permissionCode">权限菜单的Code</param>
/// <returns></returns>
public static BaseResult ValidateParameter(HttpContext context, ref BaseUserInfo userInfo, bool checkLocalIp = true, string permissionCode = null)
{
var result = new BaseResult();
// 1:是否是有效的系统编号?
if (context.Request["systemCode"] == null)
{
result.Status = false;
result.StatusCode = Status.ParameterError.ToString();
result.StatusMessage = "systemCode " + Status.ParameterError.ToDescription();
return(result);
}
var systemCode = context.Request["systemCode"];
if (!BaseSystemManager.CheckSystemCode(systemCode))
{
result.Status = false;
result.StatusCode = Status.ParameterError.ToString();
result.StatusMessage = "systemCode 不是有效的系统编号";
return(result);
}
var ipAddress = Utils.GetIp();
// 2016-08-22 已经正常登录的用户,也可以调用验证码函数,这样接口程序更灵活一些,更方便被调用
if (context.Request["userInfo"] != null)
{
// 从当前使用的用户确定当前使用者
userInfo = BaseUserInfo.Deserialize(context.Request["userInfo"]);
if (userInfo == null)
{
result.Status = false;
result.StatusCode = Status.Error.ToString();
result.StatusMessage = "userInfo " + Status.Error.ToDescription();
return(result);
}
// 防止伪造、判断用户的有效性
if (!ServiceUtil.VerifySignature(userInfo))
{
// LogUtil.WriteLine("userInfo.Signature:" + userInfo.Signature + " GetSignature(userInfo):" + ServiceUtil.GetSignature(userInfo));
result.Status = false;
result.StatusCode = Status.SignatureError.ToString();
result.StatusMessage = "userInfo " + Status.SignatureError.ToDescription();
return(result);
}
// 这里需要是已经登录的用户,不是已经被踢掉的用户
if (!ValidateOpenId(userInfo.Id, userInfo.OpenId))
{
result.Status = false;
result.StatusCode = Status.ParameterError.ToString();
result.StatusMessage = "OpenId " + Status.ParameterError.ToDescription();
return(result);
}
}
else
{
// 2016-08-09 吉日嘎拉,必须保证是服务器调用的,外部不允许直接调用,方式被短信轰炸,有安全漏洞。
// 检查是否为内部ip地址发送出去的手机短信
// 2016-08-09 宋彪 不仅仅针对短信发送,用户中心接口也要考虑
if (checkLocalIp)
{
if (!IpUtil.IsLocalIp(ipAddress))
{
// 不是内网发出的, 也不是信任的ip列表里的,直接给拒绝发送出去
result.Status = false;
result.StatusCode = Status.ErrorIpAddress.ToString();
result.StatusMessage = ipAddress + " " + Status.ErrorIpAddress.ToDescription();
return(result);
}
}
// 应用唯一标识
string appKey;
if (context.Request["appKey"] == null)
{
result.Status = false;
result.StatusCode = Status.ParameterError.ToString();
result.StatusMessage = "appKey " + Status.ParameterError.ToDescription();
return(result);
}
else
{
appKey = context.Request["appKey"];
}
// 应用的签名密钥
string appSecret;
if (context.Request["appSecret"] == null)
{
result.Status = false;
result.StatusCode = Status.ParameterError.ToString();
result.StatusMessage = "appSecret " + Status.ParameterError.ToDescription();
return(result);
}
else
{
appSecret = context.Request["appSecret"];
}
// 检查服务的有效性,是否调用限制到了?是否有相应的权限
//result = BaseServicesLicenseManager.CheckService(appKey, appSecret, false, 0, 0, systemCode, permissionCode);
//if (!result.Status)
//{
// return result;
//}
// 从接口确定当前调用者
var userEntity = BaseUserManager.GetEntityByCodeByCache(appKey);
if (userEntity != null)
{
userInfo = new BaseUserInfo
{
Id = userEntity.Id.ToString(),
UserId = userEntity.Id,
Code = userEntity.Code,
UserName = userEntity.UserName,
NickName = userEntity.NickName,
RealName = userEntity.RealName,
CompanyId = userEntity.CompanyId.ToString(),
CompanyCode = userEntity.CompanyCode,
CompanyName = userEntity.CompanyName,
IpAddress = ipAddress
};
}
}
result.Status = true;
return(result);
}
/// <summary>
/// 获取最近联系人
/// </summary>
/// <param name="userInfo">用户</param>
/// <returns>用户列表</returns>
public DataTable GetRecentContacts(BaseUserInfo userInfo)
{
DataTable result = null;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessMessageDb(userInfo, parameter, (dbHelper) =>
{
/*
* var manager = new BaseMessageRecentManager(dbHelper, userInfo);
* string sqlQuery = string.Empty;
* if (dbHelper.CurrentDbType == CurrentDbType.Oracle)
* {
* sqlQuery = "SELECT " + BaseMessageRecentEntity.FieldTargetId + " AS " + BaseUserEntity.FieldId
+ "," + BaseMessageRecentEntity.FieldRealName
+ "," + BaseMessageRecentEntity.FieldCompanyName
+ "," + BaseMessageRecentEntity.FieldDepartmentName
+ " FROM " + BaseMessageRecentEntity.TableName
+ " WHERE " + BaseMessageRecentEntity.FieldUserId + "= '" + userInfo.Id + "'"
+ " AND ROWNUM < = 50 "
+ " ORDER BY " + BaseMessageRecentEntity.FieldModifiedOn + " DESC ";
+ }
+ else
+ {
+ sqlQuery = "SELECT TOP 50 " + BaseMessageRecentEntity.FieldTargetId + " AS " + BaseUserEntity.FieldId
+ "," + BaseMessageRecentEntity.FieldRealName
+ "," + BaseMessageRecentEntity.FieldCompanyName
+ "," + BaseMessageRecentEntity.FieldDepartmentName
+ " FROM " + BaseMessageRecentEntity.TableName
+ " WHERE " + BaseMessageRecentEntity.FieldUserId + "= '" + userInfo.Id + "'"
+ " ORDER BY " + BaseMessageRecentEntity.FieldModifiedOn + " DESC ";
+ }
*/
// 2015-09-27 吉日嘎拉 最新联系人方式,从缓存服务器里读取
result = new DataTable(BaseUserEntity.TableName);
result.Columns.Add(BaseUserEntity.FieldId.ToUpper());
result.Columns.Add(BaseUserEntity.FieldRealName.ToUpper());
result.Columns.Add(BaseUserEntity.FieldCompanyName.ToUpper());
result.Columns.Add(BaseUserEntity.FieldDepartmentName.ToUpper());
result.Columns.Add(BaseUserEntity.FieldSortCode.ToUpper());
# if Redis
// 2015-11-20 吉日嘎拉 为了让程序能编译通过
using (var redisClient = PooledRedisHelper.GetMessageClient())
{
List <string> list = redisClient.GetAllItemsFromSortedSetDesc(("r" + userInfo.Id));
for (int i = 0; i < list.Count && i < 100; i++)
{
BaseUserEntity userEntity = BaseUserManager.GetObjectByCache(list[i]);
if (userEntity != null)
{
DataRow dr = result.NewRow();
dr[BaseUserEntity.FieldId] = userEntity.Id;
dr[BaseUserEntity.FieldRealName] = userEntity.RealName;
dr[BaseUserEntity.FieldCompanyName] = userEntity.CompanyName;
dr[BaseUserEntity.FieldDepartmentName] = userEntity.DepartmentName;
dr[BaseUserEntity.FieldSortCode] = i;
result.Rows.Add(dr);
}
}
}
#endif
result.AcceptChanges();
});
/// <summary>
/// 获取权限审核
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="startDate">开始日期</param>
/// <param name="endDate">结束日期</param>
/// <param name="companyId">公司主键</param>
/// <param name="userId">用户主键</param>
/// <param name="result">权限主键</param>
/// <param name="recordCount">记录数</param>
/// <param name="pageIndex">当前页</param>
/// <param name="pageSize">每页显示条数</param>
/// <returns>数据表</returns>
public DataTable PermissionMonitor(BaseUserInfo userInfo, DateTime startDate, DateTime endDate, string companyId, string userId, string permissionId, out int recordCount, int pageIndex = 0, int pageSize = 20)
{
DataTable result = null;
recordCount = 0;
int myRecordCount = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
string whereClause = string.Empty;
List <KeyValuePair <string, object> > dbParameters = new List <KeyValuePair <string, object> >();
if (startDate != null)
{
if (!string.IsNullOrEmpty(whereClause))
{
whereClause += " AND ";
}
whereClause += BasePermissionEntity.FieldCreateOn + " >= " + DotNet.Utilities.DbHelper.GetParameter(BaseSystemInfo.ServerDbType, "startDate");
dbParameters.Add(new KeyValuePair <string, object>("startDate", startDate));
}
if (endDate != null)
{
if (!string.IsNullOrEmpty(whereClause))
{
whereClause += " AND ";
}
whereClause += BasePermissionEntity.FieldCreateOn + " <= " + DotNet.Utilities.DbHelper.GetParameter(BaseSystemInfo.ServerDbType, "endDate");
dbParameters.Add(new KeyValuePair <string, object>("endDate", endDate));
}
string tableName = BasePermissionEntity.TableName;
if (userInfo != null)
{
tableName = userInfo.SystemCode + "Permission";
}
myRecordCount = DbLogic.GetCount(dbHelper, tableName, whereClause, dbHelper.MakeParameters(dbParameters));
result = DbLogic.GetDataTableByPage(dbHelper, tableName, "*", pageIndex, pageSize, whereClause, dbHelper.MakeParameters(dbParameters), BasePermissionEntity.FieldCreateOn + " DESC");
if (!result.Columns.Contains("ResourceCategoryName"))
{
result.Columns.Add("ResourceCategoryName".ToUpper());
}
if (!result.Columns.Contains("PermissionName"))
{
result.Columns.Add("PermissionName".ToUpper());
}
if (!result.Columns.Contains("PermissionCode"))
{
result.Columns.Add("PermissionCode".ToUpper());
}
if (!result.Columns.Contains("ResourceName"))
{
result.Columns.Add("ResourceName".ToUpper());
}
if (!result.Columns.Contains("CompanyName"))
{
result.Columns.Add("CompanyName".ToUpper());
}
foreach (DataRow dr in result.Rows)
{
string id = dr["PermissionId"].ToString();
BaseModuleEntity moduleEntity = BaseModuleManager.GetObjectByCache(userInfo, id);
if (moduleEntity != null)
{
dr["PermissionName"] = moduleEntity.FullName;
dr["PermissionCode"] = moduleEntity.Code;
}
if (dr["ResourceCategory"].ToString().Equals(BaseUserEntity.TableName))
{
id = dr["ResourceId"].ToString();
BaseUserEntity userEntity = BaseUserManager.GetObjectByCache(id);
if (userEntity != null)
{
dr["ResourceName"] = userEntity.RealName;
dr["CompanyName"] = userEntity.CompanyName;
dr["ResourceCategoryName"] = "用户";
}
}
else if (dr["ResourceCategory"].ToString().Equals(BaseOrganizeEntity.TableName))
{
id = dr["ResourceId"].ToString();
BaseOrganizeEntity organizeEntity = BaseOrganizeManager.GetObjectByCache(id);
if (organizeEntity != null)
{
dr["ResourceName"] = organizeEntity.FullName;
dr["ResourceCategoryName"] = "网点";
}
}
else if (dr["ResourceCategory"].ToString().Equals(BaseRoleEntity.TableName))
{
id = dr["ResourceId"].ToString();
BaseRoleEntity roleEntity = BaseRoleManager.GetObjectByCache(userInfo, id);
if (roleEntity != null)
{
dr["ResourceName"] = roleEntity.RealName;
dr["ResourceCategoryName"] = "角色";
}
}
}
});
recordCount = myRecordCount;
return(result);
}
/// <summary>
/// 更新用户
/// </summary>
/// <param name="userInfo">用户信息</param>
/// <param name="entity">用户实体</param>
/// <param name="userContactEntity">用户联系方式实体</param>
/// <param name="statusCode">状态码</param>
/// <param name="statusMessage">状态信息</param>
/// <returns>影响行数</returns>
public int UpdateUser(BaseUserInfo userInfo, BaseUserEntity entity, BaseUserContactEntity userContactEntity, out string statusCode, out string statusMessage)
{
int result = 0;
string returnCode = string.Empty;
string returnMessage = string.Empty;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var userManager = new BaseUserManager(dbHelper, userInfo);
// 调用方法,并且返回运行结果,判断重复
// result = userManager.Update(entity, out StatusCode);
// 不判断重复直接更新
if (entity != null)
{
// 2015-12-09 吉日嘎拉 确认更新日志功能
result = userManager.Update(entity);
// 若是超级管理员,就是名字编号重复了,也应该能修改数据比较好,否则有些事情无法办理下去了,由于历史原因导致数据重复的什么的,也需要能修改才可以。
if (userInfo.IsAdministrator)
{
if (userManager.StatusCode == Status.ErrorUserExist.ToString() ||
userManager.StatusCode == Status.ErrorCodeExist.ToString())
{
result = userManager.UpdateObject(entity);
}
}
}
if (userContactEntity != null)
{
var userContactManager = new BaseUserContactManager(dbHelper, userInfo);
userContactManager.SetObject(userContactEntity);
}
if (result == 1)
{
userManager.StatusCode = Status.OKUpdate.ToString();
returnCode = userManager.StatusCode;
}
userManager.StatusMessage = userManager.GetStateMessage(returnCode);
// 更新员工信息
if (entity != null)
{
if (entity.IsStaff != null && entity.IsStaff > 0)
{
//BaseStaffManager staffManager = new BaseStaffManager(dbHelper, result);
//string staffId = staffManager.GetIdByUserId(entity.Id);
//if (!string.IsNullOrEmpty(staffId))
//{
// BaseStaffEntity staffEntity = staffManager.GetObject(staffId);
// staffEntity.Code = entity.Code;
// staffEntity.Birthday = entity.Birthday;
// staffEntity.Gender = entity.Gender;
// staffEntity.UserName = entity.UserName;
// staffEntity.RealName = entity.RealName;
// staffEntity.QQ = entity.QQ;
// staffEntity.Mobile = entity.Mobile;
// staffEntity.Telephone = entity.Telephone;
// staffEntity.Email = entity.Email;
// staffEntity.CompanyId = entity.CompanyId;
// staffEntity.SubCompanyId = entity.SubCompanyId;
// staffEntity.DepartmentId = entity.DepartmentId;
// staffEntity.WorkgroupId = entity.WorkgroupId;
// staffManager.Update(staffEntity);
//}
}
}
returnCode = userManager.StatusCode;
returnMessage = userManager.StatusMessage;
});
statusCode = returnCode;
statusMessage = returnMessage;
return(result);
}
/// <summary>
/// 发送文件
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="fileName">文件名</param>
/// <param name="file">文件内容</param>
/// <param name="toUserId">发送给谁主键</param>
/// <returns>文件主键</returns>
public string Send(BaseUserInfo userInfo, string fileName, byte[] file, string toUserId)
{
string result = string.Empty;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
BaseFolderEntity folderEntity = new BaseFolderEntity();
var folderManager = new BaseFolderManager(dbHelper, userInfo);
// 检查相应的系统必备文件夹
folderManager.FolderCheck();
BaseUserEntity userEntity = new BaseUserManager(dbHelper, userInfo).GetObject(toUserId);
if (!string.IsNullOrEmpty(userEntity.Id))
{
// 04:判断发送者的空间是否存在?
// 05:判断已收文件夹是否存在?
if (!folderManager.Exists(userEntity.Id))
{
folderEntity.FolderName = userEntity.RealName + AppMessage.FileService_File;
folderEntity.ParentId = "UserSpace";
folderEntity.Id = userEntity.Id;
folderEntity.Enabled = 1;
folderEntity.DeletionStateCode = 0;
folderManager.AddObject(folderEntity);
}
// 06:判断来自谁的文件夹是否存在?
// 07:判断发给谁的文件夹是否存在?
if (!folderManager.Exists(toUserId + "_Receive"))
{
folderEntity.FolderName = AppMessage.FileService_ReceiveFile;
folderEntity.ParentId = toUserId;
folderEntity.Id = toUserId + "_Receive";
folderEntity.Enabled = 1;
folderEntity.DeletionStateCode = 0;
folderManager.AddObject(folderEntity);
}
if (!folderManager.Exists(userInfo.Id + "_Send_" + toUserId))
{
folderEntity.FolderName = userEntity.RealName + "(" + userEntity.UserName + ")";
folderEntity.ParentId = userInfo.Id + "_Send";
folderEntity.Id = userInfo.Id + "_Send_" + toUserId;
folderEntity.Enabled = 1;
folderEntity.DeletionStateCode = 0;
folderManager.AddObject(folderEntity);
}
if (!folderManager.Exists(toUserId + "_Receive_" + userInfo.Id))
{
folderEntity.FolderName = userInfo.RealName + "(" + userInfo.UserName + ")";
folderEntity.ParentId = toUserId + "_Receive";
folderEntity.Id = toUserId + "_Receive_" + userInfo.Id;
folderEntity.Enabled = 1;
folderEntity.DeletionStateCode = 0;
folderManager.AddObject(folderEntity);
}
// 08:已发送文件夹多一个文件。
// 09:已接收文件夹多一个文件。
BaseFileEntity fileEntity = new BaseFileEntity();
fileEntity.FileName = fileName;
fileEntity.Contents = file;
fileEntity.Enabled = 1;
fileEntity.ReadCount = 0;
fileEntity.FolderId = userInfo.Id + "_Send_" + toUserId;
// 把修改人显示出来
fileEntity.ModifiedBy = userInfo.RealName;
fileEntity.ModifiedUserId = userInfo.Id;
fileEntity.ModifiedOn = DateTime.Now;
var fileManager = new BaseFileManager(dbHelper, userInfo);
fileManager.AddObject(fileEntity);
fileEntity.FolderId = toUserId + "_Receive_" + userInfo.Id;
result = fileManager.AddObject(fileEntity);
// string webHostUrl = BaseSystemInfo.WebHost;
// if (string.IsNullOrEmpty(webHostUrl))
// {
// webHostUrl = "WebHostUrl";
// }
// 10:应该还发一个短信提醒一下才对。
BaseMessageEntity messageEntity = new BaseMessageEntity();
//messageEntity.Id = Guid.NewGuid().ToString("N");
messageEntity.CategoryCode = MessageCategory.Send.ToString();
messageEntity.FunctionCode = MessageFunction.Message.ToString();
messageEntity.ObjectId = result;
messageEntity.ReceiverId = toUserId;
// target=\"_blank\"
messageEntity.Contents = AppMessage.FileService_SendFileFrom + " <a href={WebHostUrl}Download.aspx?Id=" + result + ">" + fileName + "</a>" + AppMessage.FileService_CheckReceiveFile;
messageEntity.IsNew = (int)MessageStateCode.New;
messageEntity.ReadCount = 0;
messageEntity.DeletionStateCode = 0;
var messageManager = new BaseMessageManager(dbHelper, userInfo);
messageManager.Identity = true;
result = messageManager.Add(messageEntity);
}
});
return(result);
}
/// <summary>
/// 获取权限审核
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="startDate">开始日期</param>
/// <param name="endDate">结束日期</param>
/// <param name="companyId">公司主键</param>
/// <param name="userId">用户主键</param>
/// <param name="permissionId">权限主键</param>
/// <param name="recordCount">记录数</param>
/// <param name="pageNo">当前页</param>
/// <param name="pageSize">每页显示条数</param>
/// <returns>数据表</returns>
public DataTable PermissionMonitor(BaseUserInfo userInfo, DateTime startDate, DateTime endDate, string companyId, string userId, string permissionId, out int recordCount, int pageNo = 1, int pageSize = 20)
{
DataTable result = null;
recordCount = 0;
var myRecordCount = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
var condition = string.Empty;
var dbParameters = new List <KeyValuePair <string, object> >();
if (!string.IsNullOrEmpty(condition))
{
condition += " AND ";
}
condition += BasePermissionEntity.FieldCreateTime + " >= " + DbUtil.GetParameter(BaseSystemInfo.UserCenterDbType, "startDate");
dbParameters.Add(new KeyValuePair <string, object>("startDate", startDate));
if (!string.IsNullOrEmpty(condition))
{
condition += " AND ";
}
condition += BasePermissionEntity.FieldCreateTime + " <= " + DbUtil.GetParameter(BaseSystemInfo.UserCenterDbType, "endDate");
dbParameters.Add(new KeyValuePair <string, object>("endDate", endDate));
var tableName = BasePermissionEntity.CurrentTableName;
if (userInfo != null)
{
tableName = userInfo.SystemCode + "Permission";
}
myRecordCount = dbHelper.GetCount(tableName, condition, dbHelper.MakeParameters(dbParameters));
result = DbUtil.GetDataTableByPage(dbHelper, tableName, "*", pageNo, pageSize, condition, dbHelper.MakeParameters(dbParameters), BasePermissionEntity.FieldCreateTime + " DESC");
if (!result.Columns.Contains("ResourceCategoryName"))
{
result.Columns.Add("ResourceCategoryName".ToUpper());
}
if (!result.Columns.Contains("PermissionName"))
{
result.Columns.Add("PermissionName".ToUpper());
}
if (!result.Columns.Contains("PermissionCode"))
{
result.Columns.Add("PermissionCode".ToUpper());
}
if (!result.Columns.Contains("ResourceName"))
{
result.Columns.Add("ResourceName".ToUpper());
}
if (!result.Columns.Contains("CompanyName"))
{
result.Columns.Add("CompanyName".ToUpper());
}
foreach (DataRow dr in result.Rows)
{
var id = dr["PermissionId"].ToString();
var moduleEntity = new BaseModuleManager().GetEntityByCache(userInfo, id);
if (moduleEntity != null)
{
dr["PermissionName"] = moduleEntity.Name;
dr["PermissionCode"] = moduleEntity.Code;
}
if (dr["ResourceCategory"].ToString().Equals(BaseUserEntity.CurrentTableName))
{
id = dr["ResourceId"].ToString();
var userEntity = BaseUserManager.GetEntityByCache(id);
if (userEntity != null)
{
dr["ResourceName"] = userEntity.RealName;
dr["CompanyName"] = userEntity.CompanyName;
dr["ResourceCategoryName"] = "用户";
}
}
else if (dr["ResourceCategory"].ToString().Equals(BaseOrganizationEntity.CurrentTableName))
{
id = dr["ResourceId"].ToString();
var organizationEntity = BaseOrganizationManager.GetEntityByCache(id);
if (organizationEntity != null)
{
dr["ResourceName"] = organizationEntity.Name;
dr["ResourceCategoryName"] = "网点";
}
}
else if (dr["ResourceCategory"].ToString().Equals(BaseRoleEntity.CurrentTableName))
{
id = dr["ResourceId"].ToString();
var roleEntity = BaseRoleManager.GetEntityByCache(userInfo, id);
if (roleEntity != null)
{
dr["ResourceName"] = roleEntity.Name;
dr["ResourceCategoryName"] = "角色";
}
}
}
});
recordCount = myRecordCount;
return(result);
}
