/// <summary>
/// 构造函数
/// </summary>
public URLoginService()
{
currentClientIP = DACommonHelper.GetClientIP();
internalRequest = GetInternalRequest();
}
/// <summary>
/// 获取指定用户在指定系统所有拥有的权限信息(专门用于第三方系统调用)
/// </summary>
/// <param name="sysId"></param>
/// <param name="account"></param>
/// <param name="sign"></param>
/// <returns></returns>
public string GetUserRightsJson(int sysId, string account, string sign)
{
try
{
//验证请求参数
if (sysId <= 0 || string.IsNullOrEmpty(account) || string.IsNullOrEmpty(sign))
{
return("{\"State\":1,\"Message\":\"请求参数无效。\"}");
}
//限定配置过的IP才能请求
string clientIp = DACommonHelper.GetClientIP();
//if (clientIp != "127.0.0.1"
// && !clientIp.StartsWith("10.")
// && !clientIp.StartsWith("192.168.")
// && !Regex.IsMatch(clientIp, @"^172\.(1([6-9]{1})|2([0-9]{1})|3([0-1]{1}))(\.[0-9]+){2}$")
// && !GetUserRightsJson_ClientIP.Contains(clientIp))
//{
// return "{\"State\":2,\"Message\":\"当前请求IP无效。\"}";
//}
//指定的系统必须存在
SystemInfo system = DABasicInfoHelper.GetSystem(sysId, CacheTimeOption.Short);
if (system == null)
{
return("{\"State\":101,\"Message\":\"当前系统不存在。\"}");
}
if (system.Status == StatusOptions.Invalid)
{
return("{\"State\":102,\"Message\":\"当前系统已被禁用。\"}");
}
//请求有做MD5校验
string md5 = CryptoHelper.MD5_Encrypt(string.Format("{0}{1}{2}", sysId, system.Md5Key, account));
if (md5.ToLower() != sign.ToLower())
{
return("{\"State\":3,\"Message\":\"无效的请求。\"}");
}
//验证用户有效性
User user = DABasicInfoHelper.GetUser(account);
if (user == null)
{
return("{\"State\":103,\"Message\":\"用户不存在。\"}");
}
if (user.Status == StatusOptions.Invalid)
{
return("{\"State\":104,\"Message\":\"用户已被禁用。\"}");
}
if (user.AccountType != UserTypeOptions.SuperAdmin &&
(DateTime.Now > user.EndTime || DateTime.Now < user.BeginTime))
{
return("{\"State\":105,\"Message\":\"用户权限已过期。\"}");
}
List <UserSystem> userSystems = DARightsHelper.GetUserSystems(user.ID);
UserSystem userSystem = userSystems.FirstOrDefault(a => a.SystemID == sysId);
if (userSystem == null)
{
return("{\"State\":106,\"Message\":\"用户没有当前系统的访问权限。\"}");
}
//提取用户权限
List <Right> allRights = DABasicInfoHelper.GetRights(sysId, -1, CacheTimeOption.Short);
List <RightItem> myRights = DARightsHelper.GetUserRights(sysId, user.ID, user.AccountType);
var rights = from a in allRights
join b in myRights on a.ID equals b.RightID
where a.Status == StatusOptions.Valid
select a;
if (rights.Count() == 0)
{
return("{\"State\":107,\"Message\":\"用户没有当前系统的操作权限。\"}");
}
//生成正常返回JSON
StringBuilder result = new StringBuilder("{\"State\":0,\"Message\":\"OK\",");
result.AppendFormat("\"System\":{{\"ID\":{0},\"Name\":\"{1}\",\"Url\":\"{2}\"}},", system.ID, system.Name, system.Url);
result.AppendFormat("\"User\":{{\"ID\":{0},\"Account\":\"{1}\",\"TrueName\":\"{2}\",\"UserType\":{3},\"Email\":\"{4}\",\"Department\":\"{5}\",\"LastLoginTime\":\"{6}\"}},"
, user.ID, user.Account, user.TrueName, userSystem.Admin ? (int)user.AccountType : 0, user.Email, user.Department, userSystem.LastLoginTime.ToString("yyyy-MM-dd HH:mm:ss"));
result.Append("\"Rights\":[");
foreach (var right in rights)
{
result.AppendFormat("{{\"ID\":{0},\"PID\":{1},\"Name\":\"{2}\",\"Level\":{3},\"Type\":{4},\"SortIndex\":{5},\"URL\":\"{6}\"}},"
, right.ID, right.ParentID, right.Name, right.RightLevel, (int)right.RightType, right.SortIndex, right.PageUrl);
}
//更新最后一次访问时间
DABasicInfoHelper.UpdateSystemLastLoginTime(sysId, user.ID);
//记录日志
DABasicInfoHelper.AddAdminLog(
new AdminLog
{
Account = user.Account,
TrueName = user.TrueName,
AccountType = user.AccountType,
AddTime = DateTime.Now,
IP = clientIp,
PageUrl = "GetUserRightsJson",
SystemID = sysId,
Memo = string.Format("{0}系统获取用户{1}权限", system.Name, user.Account)
});
return(result.ToString(0, result.Length - 1) + "]}");
}
catch (Exception ex)
{
LogHelper.WriteException("GetUserRightsJson异常", ex);
return("{\"State\":4,\"Message\":\"系统异常。\"}");
}
}
