HttpStatusCode CheckRole(HttpActionContext actionContext)
{
try
{
var address = actionContext.Request.RequestUri;
string MethodName = actionContext.Request.Method.Method.ToLower();
string ControllerName = actionContext.ControllerContext.ControllerDescriptor.ControllerName.ToLower();
string ActionName = actionContext.ActionDescriptor.ActionName.ToLower();
aModel db = new aModel();
xTaiKhoan taiKhoan = db.xTaiKhoan.Find(Convert.ToInt32(actionContext.Request.Headers.GetValues("IDAccount").ToList()[0]));
if (taiKhoan == null)
{
return(HttpStatusCode.NotFound);
}
xPhanQuyen phanQuyen = db.xPhanQuyen.FirstOrDefault(x =>
x.IDNhomQuyen == taiKhoan.IDNhomQuyen &&
((x.MacDinh && x.Action.Equals(ActionName) && x.Method.Equals(MethodName)) || (!x.MacDinh && x.Controller.Equals(ControllerName) && x.Action.Equals(ActionName) && x.Method.Equals(MethodName))));
if (phanQuyen == null)
{
return(HttpStatusCode.NotFound);
}
//if (userFeature.TrangThai == 3)
// return HttpStatusCode.BadRequest;
return(HttpStatusCode.OK);
}
catch
{
return(HttpStatusCode.BadRequest);
}
}
public async Task <ActionResult> Login()
{
aModel db = new aModel();
try
{
string Username = Request.Headers["Username"];
string Password = Request.Headers["Password"];
if (string.IsNullOrWhiteSpace(Username) || string.IsNullOrWhiteSpace(Password))
{
throw new Exception("Username hoặc Password không hợp lệ");
}
xTaiKhoan account = await db.xTaiKhoan.FirstOrDefaultAsync(x => x.Username.ToLower().Equals(Username.ToLower()) && x.Password.ToLower().Equals(Password.ToLower()));
if (account == null)
{
throw new Exception("Tài khoản không tồn tại");
}
xNhanVien personnel = await db.xNhanVien.FindAsync(account.KeyID);
if (personnel == null)
{
throw new Exception("Nhân viên không tồn tại");
}
ThongTinNguoiDung user = new ThongTinNguoiDung()
{
xPersonnel = personnel,
xAccount = account
};
return(Ok(user));
}
catch (Exception ex)
{
ModelState.AddModelError("Exception_Message", ex.Message);
return(BadRequest(ModelState));
}
}
public async Task <ActionResult> InitUser()
{
aModel db = new aModel();
DateTime time = DateTime.Now;
try
{
db.BeginTransaction();
xNhomQuyen nhomQuyen = new xNhomQuyen()
{
KeyID = 0,
Ma = "ADMIN",
Ten = "ADMIN",
NgayTao = time
};
db.xNhomQuyen.Add(nhomQuyen);
await db.SaveChangesAsync();
xNhanVien nhanVien = new xNhanVien()
{
KeyID = 0,
Ma = "NV0001",
Ten = "Nhân viên 0001",
NgayTao = time
};
db.xNhanVien.Add(nhanVien);
await db.SaveChangesAsync();
xTaiKhoan taiKhoan = new xTaiKhoan()
{
KeyID = nhanVien.KeyID,
NgayTao = time,
MaNhanVien = nhanVien.Ma,
TenNhanVien = nhanVien.Ten,
Username = "******",
Password = "******",
IDNhomQuyen = nhomQuyen.KeyID,
MaNhomQuyen = nhomQuyen.Ma,
TenNhomQuyen = nhomQuyen.Ten
};
db.xTaiKhoan.Add(taiKhoan);
await db.SaveChangesAsync();
List <xQuyen> lstQuyens = await db.xQuyen.ToListAsync();
List <xPhanQuyen> lstPhanQuyens = new List <xPhanQuyen>();
foreach (xQuyen quyen in lstQuyens)
{
lstPhanQuyens.Add(new xPhanQuyen()
{
KeyID = 0,
IDNhomQuyen = nhomQuyen.KeyID,
MaNhomQuyen = nhomQuyen.Ma,
TenNhomQuyen = nhomQuyen.Ten,
IDQuyen = quyen.KeyID,
Controller = quyen.Controller,
Action = quyen.Action,
Method = quyen.Method,
Template = quyen.Template,
Path = quyen.Path,
NgayTao = time
});
}
db.xPhanQuyen.AddRange(lstPhanQuyens.ToArray());
await db.SaveChangesAsync();
db.CommitTransaction();
return(Ok(lstPhanQuyens));
}
catch (Exception ex)
{
db.RollbackTransaction();
ModelState.AddModelError("Exception_Message", ex.Message);
return(BadRequest(ModelState));
}
}