public ActionResult CurrentUserEdit(int id, SuncereUser model, string OldPassword)
{
AjaxResult result;
try
{
FluentModel db = Session.GetFluentModel();
SuncereUserRepository repository = new SuncereUserRepository(db);
SuncereUser user = repository.FirstOrDefault(id);
if (!string.IsNullOrEmpty(model.Password))
{
if (OldPassword == AsymmetricEncryption.Default.Decrypt(user.Password))
{
user.Password = AsymmetricEncryption.Default.Encrypt(model.Password);
}
else
{
throw new Exception("旧密码错误。");
}
}
user.EmailAddress = model.EmailAddress;
user.PhoneNumber = model.PhoneNumber;
user.Remark = model.Remark;
user.LastModifierUserId = id;
db.SaveChanges();
result = AjaxResult.GetEditAjaxResult(true);
}
catch (Exception e)
{
result = AjaxResult.GetEditAjaxResult(false);
}
return(Json(result, JsonRequestBehavior.DenyGet));
}
public ActionResult UserEdit([Bind(Include = "Id,UserName,DisplayName,Password,EmailAddress,PhoneNumber,Status,IP,EnableIPBinding,Remark")] SuncereUser user)
{
if (ModelState.IsValid)
{
SuncereUser item = model.SuncereUser.Find(user.Id);
if (item == null)
{
return(HttpNotFound());
}
else
{
item.DisplayName = user.DisplayName;
item.EmailAddress = user.EmailAddress;
item.PhoneNumber = user.PhoneNumber;
item.Status = user.Status;
item.IP = user.IP;
item.EnableIPBinding = user.EnableIPBinding;
item.Remark = user.Remark;
item.LastModificationTime = DateTime.Now;
model.SaveChanges();
return(RedirectToAction("UserList"));
}
}
return(View(user));
}
public ActionResult UserAdd(SuncereUser model)
{
AjaxResult result;
try
{
int[] roleIds = Request.Params["SuncereRoles"].Split(',').Select(o => int.Parse(o)).ToArray();
FluentModel db = Session.GetFluentModel();
SuncereUserRepository repository = new SuncereUserRepository(db);
if (repository.IsExist(model.UserName))
{
throw new Exception("用户名已存在。");
}
model.Password = AsymmetricEncryption.Default.Encrypt(model.Password);
model.Status = true;
model.CreatorUserId = Session.GetCurrentUser().Id;
SuncereRoleRepository roleRepository = new SuncereRoleRepository(db);
foreach (int roleId in roleIds)
{
SuncereRole role = roleRepository.FirstOrDefault(roleId);
role.SuncereUsers.Add(model);
model.SuncereRoles.Add(role);
}
db.Add(model);
db.SaveChanges();
result = AjaxResult.GetAddAjaxResult(true);
}
catch (Exception e)
{
result = AjaxResult.GetAddAjaxResult(false);
}
return(Json(result, JsonRequestBehavior.DenyGet));
}
public bool Validate(string token, string controller, string action)
{
bool result;
try
{
string json = AsymmetricEncryption.Default.DecryptToString(token);
TokenModel tm = JsonConvert.DeserializeObject <TokenModel>(json);
if (tm.Time.AddMinutes(30) < DateTime.Now)
{
result = false;
}
else
{
string password = SHA1Encryption.Default.EncryptPassword(tm.Password);
SuncereUser user = Model.SuncereUser.FirstOrDefault(o => o.Status && o.UserName == tm.UserName && o.Password == password);
if (user == null)
{
result = false;
}
else
{
result = user.SuncereRole.Any(o => o.Status && o.SuncerePermission.Any(p => p.Status && p.Controller == controller && p.Action == action));
}
}
}
catch (Exception e)
{
logger.Error(string.Format("验证出错,token={0}&controller={1}&action={2}", token, controller, action), e);
result = false;
}
return(result);
}
public ActionResult UserEdit(int id)
{
SuncereUser user = model.SuncereUser.Find(id);
if (user == null)
{
return(HttpNotFound());
}
return(View(user));
}
public ActionResult Login2(string cipher, string returnUrl)
{
AjaxResult ar;
try
{
string text = AsymmetricEncryption.Default.Decrypt(cipher);
LoginInfo li = JsonConvert.DeserializeObject <LoginInfo>(text);
if (string.IsNullOrEmpty(li.UserName))
{
throw new Exception("请输入用户名");
}
if (string.IsNullOrEmpty(li.Password))
{
throw new Exception("请输入密码");
}
FluentModel db = Session.GetFluentModel();
SuncereUserRepository userRepository = new SuncereUserRepository(db);
SuncereUser user = userRepository.FirstOrDefault(li.UserName, true);
if (user == null)
{
throw new Exception("用户名不存在或已停用,请核对后重新登录");
}
if (AsymmetricEncryption.Default.Decrypt(user.Password) != li.Password)
{
throw new Exception("密码错误,请核对后重新登录");
}
user.LastLoginTime = DateTime.Now;
user.LastLoginHostAddress = Request.UserHostAddress;
db.SaveChanges();
Session.SetCurrentUser(user);
List <SuncerePermission> userPermissions = new List <SuncerePermission>();
foreach (SuncereRole role in user.SuncereRoles.Where(o => o.Status))
{
foreach (SuncerePermission permission in role.SuncerePermissions.Where(o => o.Status))
{
if (!userPermissions.Contains(permission))
{
userPermissions.Add(permission);
}
}
}
Session.SetUserPermissions(userPermissions);
ar = AjaxResult.GetLoginAjaxResult(true);
}
catch (Exception e)
{
ar = new AjaxResult(false, e.Message);
}
return(Json(ar, JsonRequestBehavior.DenyGet));
}
public ActionResult UserRoleList(int userId)
{
SuncereUser user = model.SuncereUser.Find(userId);
if (user == null)
{
return(HttpNotFound());
}
ViewBag.UserId = userId;
return(View(user.SuncereRole.ToList()));
}
// This method must be thread-safe since it is called by the thread-safe OnCacheAuthorization() method.
protected virtual bool AuthorizeCore(HttpContextBase httpContext)
{
bool result;
if (httpContext == null)
{
throw new ArgumentNullException("httpContext");
}
SuncereUser user = SessionHelper.GetCurrentUser();
if (user == null)
{
result = false;
}
else if (string.IsNullOrEmpty(Controller) && string.IsNullOrEmpty(Action))
{
result = true;
}
else
{
List <SuncerePermission> userPermissions = SessionHelper.GetUserPermissions();
if (userPermissions == null)
{
result = false;
}
else
{
result = userPermissions.Any(o => o.Controller == Controller && o.Action == Action);
}
string localPath = httpContext.Request.Url.LocalPath;
//SuncereUserActionLog log = new SuncereUserActionLog()
//{
// Controller = localPath.Substr(localPath.IndexOf("/") + 1, localPath.LastIndexOf("/")),
// Action = localPath.Substring(localPath.LastIndexOf("/") + 1),
// Url = httpContext.Request.Url.PathAndQuery,
// Referrer = httpContext.Request.UrlReferrer.PathAndQuery,
// UserName = user.UserName,
// IPAddress = httpContext.Request.UserHostAddress,
// CreationTime = DateTime.Now
//};
//if (log.Url.Length > 256)
//{
// log.Url = log.Url.Remove(256);
//}
//using (SuncereContext db = new SuncereContext())
//{
// CreationAuditedRepository<SuncereUserActionLog> repository = new CreationAuditedRepository<SuncereUserActionLog>(db);
// repository.Add(log);
// db.SaveChanges();
//}
}
return(result);
}
public ActionResult UserResetConfirmed(int id)
{
SuncereUser user = model.SuncereUser.Find(id);
if (user == null)
{
return(HttpNotFound());
}
user.Password = SHA1Encryption.Default.EncryptPassword("123456");
model.SaveChanges();
return(RedirectToAction("UserList"));
}
public ActionResult UserDeleteConfirmed(int id)
{
SuncereUser user = model.SuncereUser.Find(id);
if (user == null)
{
return(HttpNotFound());
}
model.SuncereUser.Remove(user);
model.SaveChanges();
return(RedirectToAction("UserList"));
}
public ActionResult Login(TokenModel tm)
{
if (ModelState.IsValid)
{
if (tm.Time.AddMinutes(30) < DateTime.Now)
{
ModelState.AddModelError("", "登录超时。");
}
else
{
SuncereUser user = model.SuncereUser.FirstOrDefault(o => o.Status && o.UserName == tm.UserName);
if (user == null)
{
ModelState.AddModelError("", "账号不存在或者用户已关闭。");
}
else
{
if (SHA1Encryption.Default.EncryptPassword(tm.Password) == user.Password)
{
user.LastLoginIP = Request.UserHostAddress;
user.LastLoginTime = DateTime.Now;
List <SuncerePermission> userPermissions = new List <SuncerePermission>();
foreach (SuncereRole role in user.SuncereRole)
{
if (role.Status)
{
foreach (SuncerePermission permission in role.SuncerePermission)
{
if (permission.Status)
{
if (!userPermissions.Contains(permission))
{
userPermissions.Add(permission);
}
}
}
}
}
model.SaveChanges();
SessionHelper.SetCurrentUser(user);
SessionHelper.SetUserPermissions(userPermissions);
string returnUrl = SessionHelper.GetReturnUrl();
return(RedirectToLocal(returnUrl));
}
else
{
ModelState.AddModelError("Password", "密码错误。");
}
}
}
}
return(View(tm));
}
public ActionResult Login(string userName, string password, string returnUrl)
{
try
{
if (string.IsNullOrEmpty(userName))
{
throw new Exception("请输入用户名");
}
if (string.IsNullOrEmpty(password))
{
throw new Exception("请输入密码");
}
FluentModel db = Session.GetFluentModel();
SuncereUserRepository userRepository = new SuncereUserRepository(db);
SuncereUser user = userRepository.FirstOrDefault(userName, true);
if (user == null)
{
throw new Exception("用户名不存在或已停用,请核对后重新登录");
}
if (AsymmetricEncryption.Default.Decrypt(user.Password) != password)
{
throw new Exception("密码错误,请核对后重新登录");
}
user.LastLoginTime = DateTime.Now;
user.LastLoginHostAddress = Request.UserHostAddress;
db.SaveChanges();
Session.SetCurrentUser(user);
List <SuncerePermission> userPermissions = new List <SuncerePermission>();
foreach (SuncereRole role in user.SuncereRoles.Where(o => o.Status))
{
foreach (SuncerePermission permission in role.SuncerePermissions.Where(o => o.Status))
{
if (!userPermissions.Contains(permission))
{
userPermissions.Add(permission);
}
}
}
Session.SetUserPermissions(userPermissions);
return(Redirect(returnUrl));
}
catch (Exception e)
{
ViewData["message"] = e.Message;
return(View());
}
}
public ActionResult UserRoleAdd(int userId)
{
SuncereUser user = model.SuncereUser.Find(userId);
if (user == null)
{
return(HttpNotFound());
}
ViewBag.UserId = userId;
List <SuncereRole> roleList = model.SuncereRole.ToList();
SelectList selectList = new SelectList(roleList, "Id", "Name");
ViewBag.RoleSelectList = selectList;
return(View());
}
public ActionResult UserRoleDelete(int userId, int roleId)
{
SuncereUser user = model.SuncereUser.Find(userId);
if (user == null)
{
return(HttpNotFound());
}
SuncereRole role = model.SuncereRole.Find(roleId);
if (role == null)
{
return(HttpNotFound());
}
ViewBag.UserId = userId;
return(View(role));
}
public ActionResult UserRoleDeleteConfirmed(int userId, int roleId)
{
SuncereUser user = model.SuncereUser.Find(userId);
if (user == null)
{
return(HttpNotFound());
}
SuncereRole role = model.SuncereRole.Find(roleId);
if (role == null)
{
return(HttpNotFound());
}
user.SuncereRole.Remove(role);
model.SaveChanges();
return(RedirectToAction("UserRoleList", new { userId = userId }));
}
public ActionResult Login(string returnUrl)
{
if (string.IsNullOrWhiteSpace(returnUrl))
{
returnUrl = Request.ApplicationPath;
}
SuncereUser user = Session.GetCurrentUser();
if (user == null)
{
ViewData["returnUrl"] = returnUrl;
return(View());
}
else
{
return(Redirect(returnUrl));
}
}
public ActionResult Login2(string returnUrl)
{
if (string.IsNullOrWhiteSpace(returnUrl))
{
returnUrl = Request.ApplicationPath;
}
SuncereUser user = Session.GetCurrentUser();
if (user == null)
{
ViewData["returnUrl"] = returnUrl;
ViewData["PublicKey"] = RSACSharpJavaConvertHelper.RSAPublicKeyCSharpToJava(AsymmetricEncryption.Default.ExportParameters(false));
return(View());
}
else
{
return(Redirect(returnUrl));
}
}
public ActionResult UserEnable(int id, bool status)
{
AjaxResult result;
try
{
FluentModel db = Session.GetFluentModel();
SuncereUserRepository repository = new SuncereUserRepository(db);
SuncereUser role = repository.FirstOrDefault(id);
role.Status = status;
role.LastModifierUserId = Session.GetCurrentUser().Id;
db.SaveChanges();
result = AjaxResult.GetEditAjaxResult(true);
}
catch (Exception e)
{
result = AjaxResult.GetEditAjaxResult(false);
}
return(Json(result, JsonRequestBehavior.DenyGet));
}
public ActionResult UserAdd([Bind(Include = "UserName,DisplayName,Password,EmailAddress,PhoneNumber,IP,EnableIPBinding,Remark")] SuncereUser user)
{
if (ModelState.IsValid)
{
SuncereUser item = model.SuncereUser.FirstOrDefault(o => o.UserName == user.UserName);
if (item == null)
{
user.Status = true;
user.CreationTime = DateTime.Now;
user.Password = SHA1Encryption.Default.EncryptPassword(user.Password);
model.SuncereUser.Add(user);
model.SaveChanges();
return(RedirectToAction("UserList"));
}
else
{
ModelState.AddModelError("UserName", "账号已存在!");
}
}
return(View(user));
}
public ActionResult UserRoleAdd(int userId, int roleId)
{
SuncereUser user = model.SuncereUser.Find(userId);
if (user == null)
{
return(HttpNotFound());
}
SuncereRole role = model.SuncereRole.Find(roleId);
if (role == null)
{
return(HttpNotFound());
}
if (!user.SuncereRole.Any(o => o.Id == roleId))
{
user.SuncereRole.Add(role);
model.SaveChanges();
}
return(RedirectToAction("UserRoleList", new { userId = userId }));
}
public ActionResult UserEdit(int id, SuncereUser model)
{
AjaxResult result;
try
{
int[] roleIds = Request.Params["SuncereRoles"].Split(',').Select(o => int.Parse(o)).ToArray();
FluentModel db = Session.GetFluentModel();
SuncereUserRepository repository = new SuncereUserRepository(db);
SuncereRoleRepository roleRepository = new SuncereRoleRepository(db);
SuncereUser user = repository.FirstOrDefault(id);
if (!string.IsNullOrEmpty(model.Password))
{
user.Password = AsymmetricEncryption.Default.Encrypt(model.Password);
}
user.EmailAddress = model.EmailAddress;
user.PhoneNumber = model.PhoneNumber;
foreach (SuncereRole role in user.SuncereRoles)
{
role.SuncereUsers.Remove(user);
}
user.SuncereRoles.Clear();
foreach (int roleId in roleIds)
{
SuncereRole role = roleRepository.FirstOrDefault(roleId);
user.SuncereRoles.Add(role);
role.SuncereUsers.Add(user);
}
user.Remark = model.Remark;
user.LastModifierUserId = Session.GetCurrentUser().Id;
db.SaveChanges();
result = AjaxResult.GetEditAjaxResult(true);
}
catch (Exception e)
{
result = AjaxResult.GetEditAjaxResult(false);
}
return(Json(result, JsonRequestBehavior.DenyGet));
}
public ActionResult Login3(string returnUrl)
{
if (string.IsNullOrWhiteSpace(returnUrl))
{
returnUrl = Request.ApplicationPath;
}
SuncereUser user = Session.GetCurrentUser();
if (user == null)
{
ViewData["returnUrl"] = returnUrl;
string path = string.Format("/Captchas/{0}.jpg", Guid.NewGuid());
string captcha = CaptchaHelper.Captcha(Server.MapPath(path));
Session.SetCaptcha(captcha);
ViewData["captchaPath"] = path;
return(View());
}
else
{
return(Redirect(returnUrl));
}
}
public ActionResult ChangePassword(ChangePasswordViewModel item, int id)
{
if (ModelState.IsValid)
{
SuncereUser user = model.SuncereUser.Find(id);
if (user == null)
{
return(HttpNotFound());
}
if (SHA1Encryption.Default.EncryptPassword(item.OldPassword) == user.Password)
{
user.Password = SHA1Encryption.Default.EncryptPassword(item.NewPassword);
user.LastModificationTime = DateTime.Now;
model.SaveChanges();
return(RedirectToAction("Index", "Home"));
}
else
{
ModelState.AddModelError("OldPassword", "旧密码不正确。");
}
}
return(View(item));
}
public void InitData()
{
SuncereUser user = new SuncereUser()
{
UserName = "******",
Password = AsymmetricEncryption.Default.Encrypt("123456"),
Status = true,
IsStatic = true
};
SuncereRole role = new SuncereRole()
{
Name = LanguageHelper.L("admin"),
Status = true,
IsStatic = true
};
SuncerePermission system = new SuncerePermission()
{
ParentId = 0,
Name = LanguageHelper.L("SystemManage"),
Type = 0,
Controller = "System",
Action = "",
Order = 99,
Icon = "",
Status = true,
IsStatic = true
};
SuncerePermission roleList = new SuncerePermission()
{
ParentId = 1,
Name = LanguageHelper.L("RoleList"),
Type = 1,
Controller = "System",
Action = "RoleList",
Order = 0,
Icon = "",
Status = true,
IsStatic = true
};
SuncerePermission userList = new SuncerePermission()
{
ParentId = 1,
Name = LanguageHelper.L("UserList"),
Type = 1,
Controller = "System",
Action = "UserList",
Order = 1,
Icon = "",
Status = true,
IsStatic = true
};
SuncerePermission permissionList = new SuncerePermission()
{
ParentId = 1,
Name = LanguageHelper.L("PermissionList"),
Type = 1,
Controller = "System",
Action = "PermissionList",
Order = 2,
Icon = "",
Status = true,
IsStatic = true
};
SuncerePermission auditLogList = new SuncerePermission()
{
ParentId = 1,
Name = LanguageHelper.L("AuditLogList"),
Type = 1,
Controller = "System",
Action = "AuditLogList",
Order = 3,
Icon = "",
Status = true,
IsStatic = true
};
Add(user);
Add(role);
Add(system);
Add(roleList);
Add(userList);
Add(permissionList);
Add(auditLogList);
user.SuncereRoles.Add(role);
role.SuncereUsers.Add(user);
role.SuncerePermissions.Add(system);
system.SuncereRoles.Add(role);
role.SuncerePermissions.Add(roleList);
roleList.SuncereRoles.Add(role);
role.SuncerePermissions.Add(userList);
userList.SuncereRoles.Add(role);
role.SuncerePermissions.Add(permissionList);
permissionList.SuncereRoles.Add(role);
role.SuncerePermissions.Add(auditLogList);
auditLogList.SuncereRoles.Add(role);
SaveChanges();
}
public void Init()
{
using (SuncereDataCenterModel db = new SuncereDataCenterModel())
{
DateTime now = DateTime.Now;
SuncereUser user = new SuncereUser()
{
UserName = "******",
DisplayName = "系统管理员",
Password = SHA1Encryption.Default.EncryptPassword("Suncere@123"),
Status = true,
Static = true,
CreationTime = now
};
SuncereRole role = new SuncereRole()
{
Name = "系统管理员",
Status = true,
Static = true,
CreationTime = now
};
user.SuncereRole.Add(role);
db.SuncereUser.Add(user);
SuncerePermission systemPermission = new SuncerePermission()
{
Name = "系统管理",
Type = 1,
Controller = "System",
Order = 99,
Icon = "system",
Status = true,
Static = true,
CreationTime = now
};
SuncerePermission userPermission = new SuncerePermission()
{
Name = "用户管理",
Type = 2,
Controller = "System",
Action = "UserList",
Order = 1,
ParentId = 1,
Status = true,
Static = true,
CreationTime = now
};
SuncerePermission rolePermission = new SuncerePermission()
{
Name = "角色管理",
Type = 2,
Controller = "System",
Action = "RoleList",
Order = 2,
ParentId = 1,
Status = true,
Static = true,
CreationTime = now
};
SuncerePermission permissionPermission = new SuncerePermission()
{
Name = "权限管理",
Type = 2,
Controller = "System",
Action = "PermissionList",
Order = 3,
ParentId = 1,
Status = true,
Static = true,
CreationTime = now
};
role.SuncerePermission.Add(systemPermission);
role.SuncerePermission.Add(userPermission);
role.SuncerePermission.Add(rolePermission);
role.SuncerePermission.Add(permissionPermission);
db.SuncereRole.Add(role);
db.SuncerePermission.Add(systemPermission);
db.SuncerePermission.Add(userPermission);
db.SuncerePermission.Add(rolePermission);
db.SuncerePermission.Add(permissionPermission);
db.SaveChanges();
}
}
public static void SetCurrentUser(SuncereUser user)
{
HttpContext.Current.Session[currentUserKey] = user;
}
public static void SetCurrentUser(this HttpSessionStateBase session, SuncereUser user)
{
session[CurrentUser] = user;
}
