//执行存储
public async Task <JsonResult> dojob(string tsqlkey, string param)
{
try
{
using (var svc = new OrmService(AppConfigs.sqlfaceconn))
{
var setting = (await svc.FilterWhereAsync <SqlKeySetting>(s => s.SQLKEY == tsqlkey && s.STS == "A")).FirstOrDefault();
if (setting != null && setting.CLASS == "proc")
{
if (!setting.EvalAuthorized(this.User.Identity.Name, Helper.Roles(this)))
{
return(Json("你没有权限执行!", JsonRequestBehavior.AllowGet));
}
var sqlresult = CalcMain.ExternalExecutor(setting.SQL, param, System.Configuration.ConfigurationManager.AppSettings[setting.DBCONN]);
return(Json(sqlresult, JsonRequestBehavior.AllowGet));
}
throw new ApplicationException("没有配置执行语句[" + tsqlkey + "]!");
}
}
catch (Exception e)
{
return(Json(new { ErrorMsg = e.Message }, JsonRequestBehavior.AllowGet));
}
}
//[Authorize]
private Task <RenderContext> _ExecuteHandler(decimal id, RenderContext context)
{
bool EvolvesSafe = true;//Convert.ToBoolean(System.Configuration.ConfigurationManager.AppSettings["EvolvesSafe"]);//是否全盘接受客户端参数
bool isGetPagedDataing = null != context.ExecutionIO && context.ExecutionIO.HasTable;
var valuecontext = context.paramsScaledValues;
if (EvolvesSafe)//安全方式,从服务端加载参数.
{
var mainid = id;
using (var svc = new OrmService(AppConfigs.sqlfaceconn))
{
//List<String> cols = new List<string>();
//List<Object[]> data = new List<object[]>();
ExecutionIO outputMsg = context.ExecutionIO;
var handler = svc.GetByIdAsync <EasyHandler>(id).Result;
bool isSelect = "SELECT".Equals(handler.SQL_CMD_TYPE);
context.handler = handler;//防止被黑
//var logservice = new OrmService<AP_ACTION_LOG_DBA>(svc);
//var seqservice = new OrmService<CustomSequence>(svc);
var log = new SqlFace.Models.AP_ACTION_LOG_DBA
{
LOG_ID = CustomSequence.GetNextVal("AP_ACTION_LOG_DBA_ID", svc),
ACTION_BRIEF = null,
ACTION_IP = base.GetIp(),
ACTION_PAGE = this.Request.RequestUri.AbsolutePath,
ACTION_PARAM = String.Format("执行通用处理器{0}-{1},参数={2}", handler.HANDLER_ID, handler.HANDLER_NAME, Newtonsoft.Json.JsonConvert.SerializeObject(context.paramsScaledValues)),
ACTION_RESULT = string.Format("开始执行@{0}...", DateTime.Now.ToString()),
ACTION_TIME = DateTime.Now,
USER_ID = this.User.Identity.Name
};
var calcMain = new CalcMain(context, new Dictionary <string, string> {
{ "username", this.User.Identity.Name }, { "ip", base.GetIp() }
});
try
{
if (!isSelect && !isGetPagedDataing)
{ //非查询
var returnstr = calcMain.ExeSqlBlock();
if (string.IsNullOrWhiteSpace(returnstr))
{
// 正常输出
outputMsg.msg = "无错误无输出";
log.ACTION_RESULT += string.Format("{1},返回信息={0}", returnstr, DateTime.Now.ToString());
}
else if (Regex.IsMatch(returnstr, "^ORA-[0-9]{4,5}\\b"))
{
string innerErr = string.Format(",执行中断@{1},发生数据库内部错误={0}", returnstr, DateTime.Now.ToString());
throw new ApplicationException(innerErr);
}
else
{ // 正常输出
outputMsg.msg = returnstr;
log.ACTION_RESULT += string.Format("{1},返回信息={0}", returnstr, DateTime.Now.ToString());
}
if (!string.IsNullOrWhiteSpace(handler.PREPARING_BLOCK))
{
//额外数据表输出
string extramsg = calcMain.GetQuery();
//outputMsg.msg = extramsg;
log.ACTION_RESULT += string.Format("匿名块执行成功,执行额外查询结束@{0},结果{1}", DateTime.Now.ToString(), extramsg);
}
}
else //查询
{
string extramsg = calcMain.GetQuery();
outputMsg.msg = extramsg;
log.ACTION_RESULT += string.Format(",执行额外查询结束@{0},结果{1}", DateTime.Now.ToString(), extramsg);
}
}
catch (Exception ex)
{
//捕获异常,for查询类或者非查询类
outputMsg.hasError = true;
outputMsg.msg = "执行失败!" + ex.Message + "\n" + outputMsg;
if (isGetPagedDataing)
{
log.ACTION_RESULT += "--分页--";
}
log.ACTION_RESULT += string.Format("执行失败@{0},错误信息={1}", DateTime.Now.ToString(), ex.Message);
}
finally
{
if (!isGetPagedDataing)
{
svc.CreateAsync(log);
}
}
return(Task.FromResult(context));
}
}
else
{
throw new ApplicationException("不安全的执行");
}
}
