/// <summary>
/// 取得當前使用者資料
/// </summary>
/// <returns></returns>
public static DetailResponse GetCurrentUser()
{
var user = ((ManagerIdentity)AuthenticatorProvider.GetUser().Identity).CurrentUser;
return(new DetailResponse
{
Ok = user != null,
Code = "1",
Data = user == null
? null
: new
{
UserId = user.IdentityKey,
user.LastName,
user.FirstName,
user.Name,
user.ProfessionId,
user.DepartmentId,
user.HospitalDistrictId,
user.ProfessionName,
user.DepartmentName,
user.HospitalDistrictName
}
});
}
public ActionResult AjaxChangePassword(string old, string pwd)
{
JsonNetResult result = new JsonNetResult();
var r = new DetailResponse();
try
{
old = Md5.Encrypt(old);
string Password = AzDG.Encrypt(pwd);
string EncryptPassword = Md5.Encrypt(pwd);
Tw.Com.Kooco.Admin.Entitys.User userDetail = ((ManagerIdentity)AuthenticatorProvider.GetUser().Identity).CurrentUser;
if (string.IsNullOrEmpty(userDetail.EncryptPassword) || !userDetail.EncryptPassword.Equals(old))
{
r.Code = "-1";
r.Data = "舊密碼驗證錯誤";
}
else if (pwd.Length < 8)
{
r.Code = "-1";
r.Data = "新密碼長度必須大於或等於8個字元";
}
else
{
int n = DataAccessProvider.User.ChangePassword(userDetail.Account, Password, EncryptPassword);
if (n == 1)
{
userDetail.Password = Password;
userDetail.EncryptPassword = EncryptPassword;
r.Ok = true;
}
else
{
r.Code = "-2";
r.Data = "修改密碼失敗";
}
}
}
catch (Exception ex)
{
Log.Error(ex.Message, ex);
r.Code = "-11";
}
result.Data = r;
return(result);
}
/// <summary>
/// 將登入者擁有的功能排列成階層樹後放到快取內,若快取已產生則直接使用快取內的功能階層樹
/// </summary>
/// <param name="t"></param>
/// <returns></returns>
public static IEnumerable <Entitys.Function> GenTree(DataTable t)
{
var user = ((ManagerIdentity)AuthenticatorProvider.GetUser().Identity).CurrentUser;
// =
// CacheProvider.Get<IEnumerable<Entitys.Function>>($"functionTree{user.Account}");
//if (functilonTree != null) return functilonTree;
var functionItems = t.Rows.Cast <DataRow>()
.ToDictionary(
row => row["Code"].ToString(),
row => new Entitys.Function
{
FunctionId = Convert.ToInt32(row["FunctionId"]),
Code = row["Code"].ToString(),
Parent = row["Parent"].ToString(),
Name = row["Name"].ToString(),
Icon = row["Icon"].ToString(),
Parameters = row["Parameters"].ToString(),
Target = row["Target"].ToString(),
Son = new Dictionary <string, Entitys.Function>()
});
var removeItem = new List <string>();
foreach (var item in functionItems)
{
if (!functionItems.ContainsKey(item.Value.Parent) ||
functionItems[item.Value.Parent].Son.ContainsKey(item.Value.Code))
{
continue;
}
functionItems[item.Value.Parent].Son[item.Value.Code] = functionItems[item.Value.Code];
removeItem.Add(item.Value.Code);
}
foreach (var key in removeItem)
{
functionItems.Remove(key);
}
IEnumerable <Function> functilonTree = functionItems.Values.ToList();
//CacheProvider.Insert($"functionTree{user.Account}", functilonTree);
return(functilonTree);
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
filterContext.HttpContext.User = AuthenticatorProvider.GetUser();
var aa = typeof(AllowAnonymousAttribute);
var ad = filterContext.ActionDescriptor;
var skipAuthorization = ad.GetCustomAttributes(aa, true).Any() || ad.ControllerDescriptor.IsDefined(aa, true);
AuthAttribute Auth = null;
if (ad.GetCustomAttributes(typeof(AuthAttribute), true).Any())
{
var list = ad.GetCustomAttributes(typeof(AuthAttribute), true);
Auth = (AuthAttribute)list[0];
}
string clientIp = filterContext.HttpContext.Request.UserHostAddress;
if (Auth != null && Auth.AllowIpList != null && Auth.AllowIpList.Contains(clientIp))
{
return;
}
if (!skipAuthorization)
{
base.OnAuthorization(filterContext);
if (AuthenticatorProvider.GetUser() == null)
{
return;
}
User user = ((ManagerIdentity)AuthenticatorProvider.GetUser().Identity).CurrentUser;
var TokensForArea = filterContext.RouteData.DataTokens["area"];
string area = (TokensForArea == null) ? null : TokensForArea.ToString();
var controller = ad.ControllerDescriptor.ControllerName;
var action = ad.ActionName;
string path = (area == null) ? string.Format("/{0}/{1}", controller, action) : string.Format("/{0}/{1}/{2}", area, controller, action);
//log.DebugFormat("{0} {1} {2}", Section.Get.Web.MasterAdmin, user.Account, Section.Get.Web.MasterAdmin.Contains(user.Account));
if (Section.Get.Web.MasterAdmin.Contains(user.Account) && Section.Get.Web.MasterAdminIp.Contains(clientIp))
{
return;
}
if (!user.AuthPath.Contains(path) && (Auth != null && !Auth.IsDefault))
{
object obj;
if (Auth != null)
{
obj = new { area = "", controller = "User", action = "AccessDenied", rt = (int)Auth.Type };
}
else
{
obj = new { area = "", controller = "User", action = "AccessDenied", rt = (int)ResponseType.HTML };
}
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(obj));
return;
}
}
}