/// <summary>
/// 取得後台使用者 By 使用者Id No Lazy
/// </summary>
/// <param name="userId">使用者Id</param>
/// <returns>後台使用者</returns>
public LoginUserVO GetLoginUserByIdNoLazy(string userId)
{
LoginUserVO user = LoginUserDao.GetLoginUserById(userId);
if (user != null)
{
NHibernateUtil.Initialize(user.LoginRoleList);
if (user.LoginRoleList != null && user.LoginRoleList.Count > 0)
{
foreach (LoginRoleVO role in user.LoginRoleList)
{
NHibernateUtil.Initialize(role.MenuFuncList);
if (role.MenuFuncList != null && role.MenuFuncList.Count > 0)
{
foreach (MenuFuncVO menufunc in role.MenuFuncList)
{
NHibernateUtil.Initialize(menufunc.FuncionPaths);
}
}
}
}
}
return(user);
}
/// <summary>
/// 取得屬於這個User的權限的功能清單
/// </summary>
/// <returns>屬於這個User的權限的功能清單</returns>
public IList <MenuFuncVO> GetTopMenuFunc(LoginUserVO user, IList <MenuFuncVO> allMenu, Dictionary <int, LoginRoleVO> roleDic)
{
IList <MenuFuncVO> authMenuList = new List <MenuFuncVO>();
foreach (MenuFuncVO menu in allMenu)
{
if (menu.SubFuncs.Count > 0)
{
int i = 1; //判斷是否第一次執行
MenuFuncVO parentMenu = new MenuFuncVO();
foreach (MenuFuncVO subFunc in menu.SubFuncs)
{
if (UserHasMenuRight(user, subFunc, roleDic))
{
if (i == 1)
{
parentMenu = menu;
authMenuList.Add(parentMenu);
parentMenu.SubFuncs = new List <MenuFuncVO>();
}
parentMenu.SubFuncs.Add(subFunc);
i++;
}
}
}
}
return(authMenuList);
}
private void InitLoginRoleAndUser()
{
//建立後台角色
LoginRoleVO loginRoleVO = new LoginRoleVO("系統管理員");
loginRoleVO.MenuFuncList = m_AuthService.GetNotTopMenuFunc(); //角色功能權限
m_AuthService.CreateLoginRole(loginRoleVO);
LoginRoleVO loginRoleVO2 = new LoginRoleVO("行銷人員");
loginRoleVO2.MenuFuncList = m_AuthService.GetNotTopMenuFunc().Where(m => !8.Equals(m.ParentMenu.MenuFuncId)).ToList(); //角色功能權限
m_AuthService.CreateLoginRole(loginRoleVO2);
LoginUserVO loginUserVO = new LoginUserVO();
loginUserVO.UserId = "admin";
loginUserVO.Password = "******";
loginUserVO.FullNameInChinese = "系統管理者";
loginUserVO.FullNameInEnglish = "Administrator";
loginUserVO.LoginRoleList = new List <LoginRoleVO>();
loginUserVO.LoginRoleList.Add(loginRoleVO);
loginUserVO.CreateDate = DateTime.Now;
m_AuthService.CreateLoginUser(loginUserVO);
LoginUserVO loginUserVO2 = new LoginUserVO();
loginUserVO2.UserId = "test";
loginUserVO2.Password = "******";
loginUserVO2.FullNameInChinese = "行銷人員";
loginUserVO2.FullNameInEnglish = "Administrator";
loginUserVO2.LoginRoleList = new List <LoginRoleVO>();
loginUserVO2.LoginRoleList.Add(loginRoleVO2);
loginUserVO2.CreateDate = DateTime.Now;
m_AuthService.CreateLoginUser(loginUserVO2);
}
/// <summary>
/// 加入 system log
/// </summary>
/// <param name="action">異動行為</param>
public void AddSystemLog(MsgVO.Action action, object obj)
{
SessionHelper sHelper = new SessionHelper();
LoginUserVO userVO = sHelper.LoginUser;
LogSystemVO logVO = sHelper.LogVO;
if (!String.IsNullOrEmpty(logVO.Fucntion))
{
if (userVO != null)
{
logVO.UpdateId = userVO.UserId;
}
logVO.UpdateDate = DateTime.Now;
logVO.Action = action.ToString();
logVO.UpdateClassName = obj.GetType().ToString();
logVO.IpAddress = m_HttpHelper.GetUserIp(HttpContext.Current);
m_LogService.CreateLogSystem(logVO);
}
else
{
// log.Debug("logVO.Function is null ,updateClassName "+obj.ToString());
}
}
private void initLeftData()
{
LoginUserVO user = m_SessionHelper.LoginUser;
if (user != null)
{
// lblUserId.Text = user.UserId;
//快取載入
user = UserMenuFuncContainer.GetInstance().GetUser(user.UserId);
//user = m_AuthService.GetLoginUserByIdNoLazy(user.UserId);
IList <LoginRoleVO> roleList = user.LoginRoleList;
List <string> roleStr = new List <string>();
if (roleList != null && roleList.Count > 0)
{
foreach (LoginRoleVO role in roleList)
{
roleStr.Add(role.RoleName);
}
}
// lblRole.Text = String.Join(",", roleStr.ToArray());
}
else
{
Response.Redirect(UIHelper.LOGIN_PAGE_MANAGER, false);
return;
}
}
protected void GridView1_RowCommand(object sender, GridViewCommandEventArgs e)
{
lblMsg.Text = string.Empty;
string userId = string.Empty;
switch (e.CommandName)
{
case "MyEdit":
userId = e.CommandArgument.ToString();
m_Log.Debug("get UserId=" + userId);
LoadVoToUI(userId);
ToUpdateMode();
break;
case "MyDelete":
userId = e.CommandArgument.ToString();
m_Log.Debug("get UserId=" + userId);
LoginUserVO user = m_AuthService.GetLoginUserById(userId);
m_AuthService.DeleteLoginUser(user);
m_WebLogService.AddSystemLog(MsgVO.Action.刪除, user);
lblMsg.Text = MsgVO.DELETE_OK;
LoadDataToUI();
break;
case "MySelect":
Response.Redirect("~/admin/UC14/UserRoleSet.aspx?UserId=" + e.CommandArgument.ToString());
break;
}
}
/// <summary>
/// 登入
/// </summary>
/// <param name="userId">使用者Id</param>
/// <param name="userId">使用者密碼</param>
/// <returns>後台使用者</returns>
public LoginUserVO Login(string userId, string password)
{
LoginUserVO loginUserVO = GetLoginUserById(userId);
if (loginUserVO != null && loginUserVO.Password.Equals(password))
{
return(loginUserVO);
}
else
{
return(null);
}
}
/// <summary>
/// 判斷是否是admin
/// </summary>
/// <param name="loginUser"></param>
/// <returns></returns>
public bool IsAdmin(LoginUserVO user)
{
LoginUserVO loginUserVO = GetLoginUserById(user.UserId);
IList <LoginRoleVO> loginRoleList = loginUserVO.LoginRoleList;
foreach (LoginRoleVO role in loginRoleList)
{
if ("系統管理員".Equals(role.RoleName))
{
return(true);
}
}
return(false);
}
/// <summary>
/// 檢查密碼是否正確
/// </summary>
/// <param name="pw"></param>
/// <returns></returns>
public static bool CheckPassoword(string pw)
{
SessionHelper shelper = new SessionHelper();
LoginUserVO user = shelper.LoginUser;
if (user == null)
{
return(false);
}
else
{
return(user.Password.Equals(pw));
}
}
/// <summary>
/// 初始化左邊視窗
/// </summary>
/// <param name="selectedUserId"></param>
private void initRight(string selectedUserId)
{
LoginUserVO loginUser = m_AuthService.GetLoginUserByIdNoLazy(selectedUserId);
IList <LoginRoleVO> roleList = loginUser.LoginRoleList;
if (roleList != null)
{
foreach (LoginRoleVO role in roleList)
{
ListItem item = new ListItem(role.RoleName, role.RoleId.ToString());
lbxHadRole.Items.Add(item);
}
}
lbxHadRole.DataBind();
}
/// <summary>
/// 載入user的資料
/// </summary>
/// <param name="userId"></param>
private void loadUser(string userId)
{
m_UserDic = m_UserMenuFunc.m_UserDic;
AuthFactory authFactory = new AuthFactory();
IAuthService authService = authFactory.GetAuthService();
LoginUserVO user = authService.GetLoginUserByIdNoLazy(userId);
m_Log.Debug("lock UserMenuFuncContainer loadUser");
lock (typeof(UserMenuFuncContainer))
{
m_UserDic.Remove(userId);
m_UserDic.Add(userId, user);
}
}
public async Task <ActionResult> Login(LoginUserVO loginUser)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState.Values.SelectMany(e => e.Errors)));
}
var result = await _signInMaganer.PasswordSignInAsync(loginUser.Email, loginUser.Password, false, false);
if (result.Succeeded)
{
return(Ok(await _authService.GetJwt(loginUser.Email)));
}
return(BadRequest("usuário ou senha invalidos"));
}
private void LoadVoToUI(string userId)
{
LoginUserVO user = m_AuthService.GetLoginUserById(userId);
txtId.Text = user.UserId;
txtFullNameInChinese.Text = user.FullNameInChinese;
txtFullNameInEnglish.Text = user.FullNameInEnglish;
hdnVersion.Value = user.Version.ToString();
rdbIsValidAccount.SelectedValue = user.IsAlive.ToString();
rdbShowInSalesStatistics.SelectedValue = user.ShowInSalesStatistics.ToString();
txtMobile.Text = user.Mobile;
txtSSID.Text = user.SSID;
txtEmail.Text = user.Email;
txtAddress.Text = user.ContactAddress;
}
/// <summary>
/// 初始化右邊視窗
/// </summary>
/// <param name="selectedUserId"></param>
private void initLeft(string selectedUserId)
{
IList <LoginRoleVO> allRoleList = m_AuthService.GetAllLoginRoleList();
LoginUserVO loginUser = m_AuthService.GetLoginUserByIdNoLazy(selectedUserId);
foreach (LoginRoleVO role in allRoleList)
{
if (loginUser.LoginRoleList == null || !loginUser.LoginRoleList.Contains(role))
{
ListItem item = new ListItem(role.RoleName, role.RoleId.ToString());
lblxToBeRole.Items.Add(item);
}
}
lblxToBeRole.DataBind();
}
protected void btnChangePassword_Click(object sender, EventArgs e)
{
LoginUserVO user = m_AuthService.GetLoginUserById(m_SessionHelper.LoginUser.UserId);
if (txtOldPassword.Text != user.Password)
{
ScriptManager.RegisterClientScriptBlock(Page, Page.GetType(), "js", JavascriptUtil.AlertJS(MsgVO.PASSWORD_WRONG), false);
return;
}
else//txtOldPassword.Text == sHelper.LoginUser.Password
{
user.Password = txtNewPassword.Text;
m_AuthService.UpdateLoginUser(user);
m_WebLogService.AddSystemLog(MsgVO.Action.修改, user);
ScriptManager.RegisterClientScriptBlock(Page, Page.GetType(), "js", JavascriptUtil.AlertJS(MsgVO.UPDATE_OK), false);
}
}
/// <summary>
/// 檢查使用者是否有此單一清單的權限
/// </summary>
/// <param name="user"></param>
/// <param name="subFunc"></param>
/// <returns></returns>
private bool UserHasMenuRight(LoginUserVO user, MenuFuncVO subFunc, Dictionary <int, LoginRoleVO> roleDic)
{
if (user.LoginRoleList != null && user.LoginRoleList.Count > 0)
{
foreach (LoginRoleVO role in user.LoginRoleList)
{
LoginRoleVO cacheRole = roleDic[role.RoleId];
if (RoleHasMenuRight(cacheRole, subFunc))
{
return(true);
}
}
}
return(false);
}
private bool PathHasRight(LoginUserVO loginUser, Uri uri, Dictionary <string, List <int> > pathFunc)
{
string url = uri.ToString();
foreach (string path in pathFunc.Keys)
{
if (url.IndexOf(path) != -1)
{
m_Log.Fatal(path.IndexOf(url));
IList <int> funIdList = pathFunc[path];
//判斷是否有此功能權限
if (loginUser.LoginRoleList != null && loginUser.LoginRoleList.Count > 0)
{
foreach (LoginRoleVO role in loginUser.LoginRoleList)
{
if (role.MenuFuncList != null && role.MenuFuncList.Count > 0)
{
foreach (MenuFuncVO roleMenuFunc in role.MenuFuncList)
{
foreach (int id in funIdList)
{
if (id == roleMenuFunc.MenuFuncId)
{
return(true);
}
}
}
}
}
//若未有權限 則丟回false
return(false);
}
else
{
return(false);
}
}
}
return(true);
}
/// <summary>
/// 判斷路徑是否有權限
/// </summary>
/// <param name="loginUserVO">後台使用者</param>
/// <param name="uri">路徑</param>
/// <returns>路徑是否有權限 </returns>
public bool PathHasAuth(LoginUserVO user, Uri uri)
{
string path = uri.ToString();
LoginUserVO loginUserVO = LoginUserDao.GetLoginUserById(user.UserId);
IList <LoginRoleVO> loginRoleList = loginUserVO.LoginRoleList;
HashSet <string> pathRightSet = new HashSet <string>();
foreach (LoginRoleVO role in loginRoleList)
{
IList <MenuFuncVO> menuFuncList = role.MenuFuncList;
foreach (MenuFuncVO menuFunc in menuFuncList)
{
pathRightSet.Add(menuFunc.MainPath);
if (menuFunc.FuncionPaths != null && menuFunc.FuncionPaths.Count > 0)
{
foreach (FunctionPathVO fpth in menuFunc.FuncionPaths)
{
if (!string.IsNullOrEmpty(fpth.Path))
{
pathRightSet.Add(fpth.Path);
}
}
}
}
}
pathRightSet.Add("admin/index.aspx");
if (pathRightSet.Count > 0)
{
foreach (string rightPath in pathRightSet.ToArray <string>())
{
if (path.IndexOf(rightPath) != -1)
{
return(true);
}
}
}
return(false);
}
protected void btnAdd_Click(object sender, ImageClickEventArgs e)
{
lblMsg.Text = string.Empty;
//轉成小寫
string id = txtId.Text.Trim().ToLower();
string nameInChinese = txtFullNameInChinese.Text.Trim();
string nameInEnglish = txtFullNameInEnglish.Text.Trim();
int IsAlive = int.Parse(rdbIsValidAccount.SelectedValue);
int ShowInSalesStatistics = int.Parse(rdbShowInSalesStatistics.SelectedValue);
string mobie = txtMobile.Text.Trim();
string ssid = txtSSID.Text.Trim();
string email = txtEmail.Text.Trim();
string address = txtAddress.Text.Trim();
LoginUserVO user = m_AuthService.GetLoginUserById(id);
if (user != null)
{
lblMsg.Text = MsgVO.USER_ALREADY_EXIST;
return;
}
else
{
LoginUserVO newUser = new LoginUserVO();
newUser.UserId = id;
newUser.FullNameInChinese = nameInChinese;
newUser.FullNameInEnglish = nameInEnglish;
newUser.IsAlive = IsAlive;
newUser.ShowInSalesStatistics = ShowInSalesStatistics;
newUser.Mobile = mobie;
newUser.SSID = ssid;
newUser.Email = email;
newUser.ContactAddress = address;
newUser.Password = "******";
newUser.CreateDate = DateTime.Now;
m_AuthService.CreateLoginUser(newUser);
m_WebLogService.AddSystemLog(MsgVO.Action.新增, newUser);
lblMsg.Text = MsgVO.INSERT_OK;
clearInput();
LoadDataToUI();
}
}
private void initMenu()
{
LoginUserVO user = m_SessionHelper.LoginUser;
//快取載入
UserMenuFuncContainer userContainer = UserMenuFuncContainer.GetInstance();
if (user == null)
{
Response.Redirect(UIHelper.LOGIN_PAGE_MANAGER, false);
return;
}
user = userContainer.GetUser(user.UserId);
//TreeveiwService tvService = new TreeveiwService();
IList <MenuFuncVO> menuFuncList = m_AuthService.GetTopMenuFunc(user, userContainer.AllMenu, userContainer.RoleDic);
foreach (MenuFuncVO menu in menuFuncList)
{
TreeNode treeNode = new TreeNode(menu.MenuFuncName, menu.MenuFuncId.ToString(), "", "welcome.aspx", "mainfrm");
if (menu.SubFuncs.Count > 0)
{
foreach (MenuFuncVO subMenu in menu.SubFuncs)
{
if (string.IsNullOrEmpty(subMenu.Note) || subMenu.Note.ToLower().IndexOf("_sub") == -1)
{
TreeNode subTreeNode = new TreeNode(subMenu.MenuFuncName, null, null, "~/" + subMenu.MainPath, "mainfrm");
treeNode.ChildNodes.Add(subTreeNode);
}
}
}
tvMenu.Nodes.Add(treeNode);
}
if (tvMenu.Nodes != null && tvMenu.Nodes.Count > 0)
{
tvMenu.Nodes[0].Expand();
tvMenu.DataBind();
}
}
protected void btnUpdate_Click(object sender, ImageClickEventArgs e)
{
string id = txtId.Text;
string nameInChinese = txtFullNameInChinese.Text.Trim();
string nameInEnglish = txtFullNameInEnglish.Text.Trim();
string version = hdnVersion.Value;
int isAlive = int.Parse(rdbIsValidAccount.SelectedValue);
int showInSalesStatistics = int.Parse(rdbShowInSalesStatistics.SelectedValue);
string mobie = txtMobile.Text.Trim();
string ssid = txtSSID.Text.Trim();
string email = txtEmail.Text.Trim();
string address = txtAddress.Text.Trim();
LoginUserVO user = m_AuthService.GetLoginUserById(id);
user.FullNameInChinese = nameInChinese;
user.FullNameInEnglish = nameInEnglish;
user.Version = Int32.Parse(version);
user.IsAlive = isAlive;
user.ShowInSalesStatistics = showInSalesStatistics;
user.Mobile = mobie;
user.SSID = ssid;
user.Email = email;
try
{
m_AuthService.UpdateLoginUser(user);
m_WebLogService.AddSystemLog(MsgVO.Action.修改, user);
lblMsg.Text = MsgVO.UPDATE_OK;
clearInput();
ToInsertMode();
GridView1.DataBind();
}
catch (StaleObjectStateException ex)
{
m_Log.Info(ex);
lblMsg.Text = MsgVO.STALE_EXCEPTION_MSG;
clearInput();
}
}
protected void Button3_Click(object sender, ImageClickEventArgs e)
{
string userId = ddlUser.SelectedValue;
LoginUserVO user = m_AuthService.GetLoginUserByIdNoLazy(userId);
List <LoginRoleVO> loginRoleList = new List <LoginRoleVO>();
foreach (ListItem item in lbxHadRole.Items)
{
loginRoleList.Add(m_AuthService.GetLoginRoleById(int.Parse(item.Value)));
}
user.LoginRoleList = loginRoleList;
m_AuthService.UpdateLoginUser(user);
m_WebLogService.AddSystemLog(MsgVO.Action.修改, user);
//更新快取
UserMenuFuncContainer.GetInstance().ResetAll();
lblMsg.Text = MsgVO.UPDATE_OK;
}
/// <summary>
/// 加入 system log
/// </summary>
/// <param name="action">異動行為</param>
public void AddSystemLog(MsgVO.Action action, object obj, string function, string note)
{
SessionHelper sHelper = new SessionHelper();
LoginUserVO userVO = sHelper.LoginUser;
LogSystemVO logVO = new LogSystemVO();
if (userVO != null)
{
logVO.UpdateId = userVO.UserId;
}
logVO.UpdateDate = DateTime.Now;
logVO.Action = action.ToString();
logVO.UpdateClassName = obj.GetType().ToString();
logVO.Fucntion = function;
logVO.SubFucntion = logVO.SubFucntion;
logVO.Note = note;
logVO.IpAddress = m_HttpHelper.GetUserIp(HttpContext.Current);
m_LogService.CreateLogSystem(logVO);
}
/// <summary>
/// 傳回whomak
/// </summary>
/// <returns></returns>
public static string GetWhoMake()
{
SessionHelper shelper = new SessionHelper();
LoginUserVO user = shelper.LoginUser;
if (user == null)
{
return("");
}
else
{
if (user.UserId.Length > 10)
{
return(user.UserId.Substring(0, 10));
}
else
{
return(user.UserId);
}
}
}
/// <summary>
/// 檢查權限
/// </summary>
/// <param name="application"></param>
/// <param name="uri"></param>
/// <param name="rawUrl"></param>
private void CheckAuth(HttpApplication application, Uri uri, string rawUrl)
{
SessionHelper sHelper = new SessionHelper();
LoginUserVO loginUser = sHelper.LoginUser;
string applicationPath = application.Request.ApplicationPath;
string mamagePath = String.IsNullOrEmpty(applicationPath) ? "/admin" : applicationPath + "/admin";
mamagePath = mamagePath.Replace("//", "/");
if (rawUrl.StartsWith(mamagePath) == true)
{
AuthFactory authFactory = new AuthFactory();
IAuthService authService = authFactory.GetAuthService();
if (loginUser == null)
{
toLoginPage(application.Response);
return;
}
string userId = loginUser.UserId;
//判斷只有主路徑是否有權限
//if (!PathHasRight(UserMenuFuncContainer.GetInstance().GetUser(userId), uri, UserMenuFuncContainer.GetInstance().PathFunc))
//{
// toLoginNoAuthPage(application.Response);
//}
//判斷所有路徑是否有權限
if (!authService.PathHasAuth(UserMenuFuncContainer.GetInstance().GetUser(userId), uri))
{
toLoginNoAuthPage(application.Response);
}
}
}
private void doLogin(string id, string pw)
{
//帳號皆改為小寫
if (!string.IsNullOrEmpty(id))
{
id = id.ToLower();
}
LoginUserVO loginUser = m_AuthService.Login(id, pw);
if (loginUser != null)
{
SessionHelper sHelper = new SessionHelper();
sHelper.LoginUser = loginUser;
sHelper.IsAdmin = m_AuthService.IsAdmin(loginUser);
//sHelper.LoginUserBelongToBranchNo = loginUser.BelongToBranch[0].BranchNo;
//加入log
webLogService.AddSystemLogLogin(loginUser.UserId);
//NHibernateUtil.Initialize(loginUser.BelongRoles);
//清除快取
UserMenuFuncContainer.GetInstance().ReloadAllMenu();
//HttpHelper httpHelper = new HttpHelper();
//string referer = httpHelper.GetReferer(HttpContext.Current);
Response.Redirect("~/admin/index.aspx", false);
return;
}
else
{
ScriptManager.RegisterClientScriptBlock(Page, Page.GetType(), "js", JavascriptUtil.AlertJSAndRedirect(MsgVO.LOGIN_ERROR, "Login.aspx"), false);
}
}
public void Test_IsAdmin()
{
LoginUserVO user = m_AuthService.GetLoginUserById("petechen");
Assert.IsTrue(m_AuthService.IsAdmin(user));
}
/// <summary>
/// 新增後台使用者
/// </summary>
/// <param name="loginUserVO">被新增的後台使用者</param>
/// <returns>新增後的後台使用者</returns>
public LoginUserVO CreateLoginUser(LoginUserVO loginUserVO)
{
return(LoginUserDao.CreateLoginUser(loginUserVO));
}
/// <summary>
/// 刪除後台使用者
/// </summary>
/// <param name="loginUserVO">被刪除的後台使用者</param>
public void DeleteLoginUser(LoginUserVO loginUserVO)
{
LoginUserDao.DeleteLoginUser(loginUserVO);
}
/// <summary>
/// 更新後台使用者
/// </summary>
/// <param name="loginUserVO">被更新的後台使用者</param>
/// <returns>更新後的後台使用者</returns>
public LoginUserVO UpdateLoginUser(LoginUserVO loginUserVO)
{
return(LoginUserDao.UpdateLoginUser(loginUserVO));
}
