/// <summary> /// Checks the user is access to feature whose link like the "path" /// </summary> /// <param name="userId">User id</param> /// <param name="controlerName">The controller name</param> /// <param name="actionName">The action name</param> /// <param name="isModeUri">Is mode uri</param> /// <returns>true if the user is accessed</returns> public async Task <bool> IsAccessedToTheFeature(int userId, string controlerName, string actionName, bool isModeUri) { var dyParam = new OracleDynamicParameters(); dyParam.Add("p_userId", OracleDbType.Int64, ParameterDirection.Input, userId); dyParam.Add("p_controllerName", OracleDbType.Varchar2, ParameterDirection.Input, controlerName); dyParam.Add("p_actionName", OracleDbType.Varchar2, ParameterDirection.Input, actionName); dyParam.Add("p_isModeUri", OracleDbType.Int64, ParameterDirection.Input, isModeUri); dyParam.Add("o_isAccess", OracleDbType.Int64, ParameterDirection.Output); await this.DbConnection.ExecuteAsync(QueryResource.Feature_IsAccessedFeature, dyParam, commandType : CommandType.StoredProcedure); return(int.Parse(dyParam.GetByName("o_isAccess").Value.ToString()) == 1); }
public async Task <bool> ChangePassword(string username, int idNguoiDung, string matKhauCu, string matKhauMoi) { using (var dbConnection = new OracleConnection(WebConfig.ConnectionString)) { var dyParam = new OracleDynamicParameters(); dyParam.Add("p_username", OracleDbType.Varchar2, ParameterDirection.Input, username); dyParam.Add("p_id_nhanvien", OracleDbType.Int64, ParameterDirection.Input, idNguoiDung); dyParam.Add("p_current_password", OracleDbType.Varchar2, ParameterDirection.Input, Common.MD5Hash(matKhauCu)); dyParam.Add("p_new_password", OracleDbType.Varchar2, ParameterDirection.Input, Common.MD5Hash(matKhauMoi)); dyParam.Add("rs", OracleDbType.Int16, ParameterDirection.Output); var query = QueryResource.Account_ChangePassword; await SqlMapper.QueryAsync <Account>(dbConnection, query, param : dyParam, commandType : CommandType.StoredProcedure); var rs = int.Parse(dyParam.GetByName("rs").Value.ToString()); return(rs == 1 ? true : false); } }
public async Task <TEntity> AddAsync(TEntity entity, IDbTransaction transaction = null) { try { var dyParam = new OracleDynamicParameters(); var properties = typeof(TEntity).GetProperties(); var pars = new List <string>(); var returns = new List <string>(); foreach (var p in properties) { if (Attribute.IsDefined(p, typeof(ComputedAttribute))) { continue; } if (Attribute.IsDefined(p, typeof(ExplicitKeyAttribute)) || Attribute.IsDefined(p, typeof(ReturningAttribute))) { returns.Add(p.Name); var oracleType = this.GenerateOracleType(p); if (oracleType == OracleDbType.Varchar2) { dyParam.Add(p.Name, oracleType, ParameterDirection.Output, size: 20); } else { dyParam.Add(p.Name, oracleType, ParameterDirection.Output); } continue; } var val = GetPropValue(entity, p.Name); if (val != null) { pars.Add(p.Name); dyParam.Add(p.Name, this.GenerateOracleType(p), ParameterDirection.Input, val); } } var sql = @"insert into {0}({1})values({2}){3}"; sql = string.Format(sql, this.GetTableName(), string.Join(',', pars), string.Join(',', pars.Select(x => ":" + x)), returns.Count == 0 ? "" : " returning " + string.Join(", ", returns) + " into " + string.Join(", ", returns.Select(x => ":" + x))); if (transaction == null) { await this.DbConnection.ExecuteAsync(sql, param : dyParam, commandType : CommandType.Text); } else { await transaction.Connection.ExecuteAsync(sql, param : dyParam, transaction : transaction, commandType : CommandType.Text); } foreach (var i in returns) { var oracleParam = dyParam.GetByName(i); if (oracleParam.DbType == DbType.Int64 || oracleParam.DbType == DbType.Int32 || oracleParam.DbType == DbType.Int16) { typeof(TEntity).GetProperty(i).SetValue(entity, int.Parse(oracleParam.Value.ToString())); } else { typeof(TEntity).GetProperty(i).SetValue(entity, oracleParam.Value.ToString()); } } return(entity); } catch (Exception ex) { throw ex; } }