public AuthorizedUser(User user)
{
this.ID = user.ID;
this.Username = user.Username;
this.Password = user.Password;
this.Is_Enable = user.Is_Enable;
}
public ActionResult Login(User user)
{
User loginedUser;
try
{
loginedUser = userService.Login(user.Username, user.Password);
}
catch (BizException e)
{
ModelState.AddModelError("", e.ToString());
return View();
}
catch (Exception e)
{
ModelState.AddModelError("", "系统错误");
log.Error("登录错误", e);
return View();
}
if (user.RemeberMe)
{
HttpCookie cookie = new HttpCookie(UserAuthorizeAttribute.COOKIE_USER_REMEBER_KEY);
cookie.Expires = DateTime.Now.AddDays(7);
cookie[UserAuthorizeAttribute.COOKIE_USER_IDENTITY_KEY] = EncryptUtility.AESEncrypt(user.ID.ToString(), UserAuthorizeAttribute.COOKIE_SECURITY_ENCRYPT);
Response.Cookies.Add(cookie);
}
AuthorizedUser author = new AuthorizedUser(loginedUser);
author.Rights = userService.GetUserRights(loginedUser.ID);
Session[UserAuthorizeAttribute.AUTHORITY_USER_SESSION_KEY] = author;
return RedirectToAction("Index", "Home");
}
public JsonResult EditUser(User user)
{
return SingleReturn(() =>
{
user.Update_User = CurrentUser.ID;
userService.EditUser(user);
return null;
});
}
public JsonResult AddUser(User user)
{
return SingleReturn(() =>
{
user.Create_User = CurrentUser.ID;
userService.AddUser(user);
return null;
});
}
public void EditUser(User user)
{
userDao.EditUser(user);
}
public void AddUser(User user)
{
userDao.AddUser(user);
}
public void EditUser(User user)
{
string sql;
List<OracleParameter> pars = new List<OracleParameter>();
pars.Add(new OracleParameter("IS_ENABLE", user.Is_Enable));
pars.Add(new OracleParameter("PHONE_NUMBER", string.IsNullOrEmpty(user.Phone_Number) ? DBNull.Value : (object)user.Phone_Number));
pars.Add(new OracleParameter("UPDATE_USER", user.Update_User));
pars.Add(new OracleParameter("ID", user.ID));
if (string.IsNullOrWhiteSpace(user.Password))
{
sql = @"UPDATE SYS_USER SET
IS_ENABLE = :IS_ENABLE , PHONE_NUMBER = :PHONE_NUMBER ,
UPDATE_TIME = SYSDATE , UPDATE_USER = :UPDATE_USER
WHERE ID = :ID";
}
else
{
sql = @"UPDATE SYS_USER SET
IS_ENABLE = :IS_ENABLE , PASSWORD = :PASSWORD , PHONE_NUMBER = :PHONE_NUMBER ,
UPDATE_TIME = SYSDATE ,UPDATE_USER = :UPDATE_USER
WHERE ID = :ID";
pars.Add(new OracleParameter("PASSWORD", user.Password));
}
DbHelperOra.ExecuteCommand(sql, CommandType.Text, pars.ToArray());
}
public void AddUser(User user)
{
string sql = @"
INSERT INTO SYS_USER
(ID, USERNAME, IS_ENABLE, PASSWORD, PHONE_NUMBER, CREATE_TIME, CREATE_USER )
VALUES
(SEQ_MASTER.NEXTVAL, :USERNAME, :IS_ENABLE, :PASSWORD, :PHONE_NUMBER, SYSDATE, :CREATE_USER)";
DbHelperOra.ExecuteCommand(sql, CommandType.Text, new OracleParameter[] {
new OracleParameter("USERNAME",user.Username),
new OracleParameter("IS_ENABLE",user.Is_Enable),
new OracleParameter("PASSWORD",user.Password),
new OracleParameter("PHONE_NUMBER",string.IsNullOrEmpty(user.Phone_Number)?DBNull.Value:(object)user.Phone_Number),
new OracleParameter("CREATE_USER",user.Create_User),
});
}
