/// <summary>
/// Checks the user is access to feature whose link like the "path"
/// </summary>
/// <param name="userId">User id</param>
/// <param name="controlerName">The controller name</param>
/// <param name="actionName">The action name</param>
/// <param name="isModeUri">Is mode uri</param>
/// <returns>true if the user is accessed</returns>
public async Task <bool> IsAccessedToTheFeature(int userId, string controlerName, string actionName, bool isModeUri)
{
var dyParam = new OracleDynamicParameters();
dyParam.Add("p_userId", OracleDbType.Int64, ParameterDirection.Input, userId);
dyParam.Add("p_controllerName", OracleDbType.Varchar2, ParameterDirection.Input, controlerName);
dyParam.Add("p_actionName", OracleDbType.Varchar2, ParameterDirection.Input, actionName);
dyParam.Add("p_isModeUri", OracleDbType.Int64, ParameterDirection.Input, isModeUri);
dyParam.Add("o_isAccess", OracleDbType.Int64, ParameterDirection.Output);
await this.DbConnection.ExecuteAsync(QueryResource.Feature_IsAccessedFeature, dyParam, commandType : CommandType.StoredProcedure);
return(int.Parse(dyParam.GetByName("o_isAccess").Value.ToString()) == 1);
}
public async Task <bool> ChangePassword(string username, int idNguoiDung, string matKhauCu, string matKhauMoi)
{
using (var dbConnection = new OracleConnection(WebConfig.ConnectionString))
{
var dyParam = new OracleDynamicParameters();
dyParam.Add("p_username", OracleDbType.Varchar2, ParameterDirection.Input, username);
dyParam.Add("p_id_nhanvien", OracleDbType.Int64, ParameterDirection.Input, idNguoiDung);
dyParam.Add("p_current_password", OracleDbType.Varchar2, ParameterDirection.Input, Common.MD5Hash(matKhauCu));
dyParam.Add("p_new_password", OracleDbType.Varchar2, ParameterDirection.Input, Common.MD5Hash(matKhauMoi));
dyParam.Add("rs", OracleDbType.Int16, ParameterDirection.Output);
var query = QueryResource.Account_ChangePassword;
await SqlMapper.QueryAsync <Account>(dbConnection, query, param : dyParam, commandType : CommandType.StoredProcedure);
var rs = int.Parse(dyParam.GetByName("rs").Value.ToString());
return(rs == 1 ? true : false);
}
}
public async Task <TEntity> AddAsync(TEntity entity, IDbTransaction transaction = null)
{
try
{
var dyParam = new OracleDynamicParameters();
var properties = typeof(TEntity).GetProperties();
var pars = new List <string>();
var returns = new List <string>();
foreach (var p in properties)
{
if (Attribute.IsDefined(p, typeof(ComputedAttribute)))
{
continue;
}
if (Attribute.IsDefined(p, typeof(ExplicitKeyAttribute)) || Attribute.IsDefined(p, typeof(ReturningAttribute)))
{
returns.Add(p.Name);
var oracleType = this.GenerateOracleType(p);
if (oracleType == OracleDbType.Varchar2)
{
dyParam.Add(p.Name, oracleType, ParameterDirection.Output, size: 20);
}
else
{
dyParam.Add(p.Name, oracleType, ParameterDirection.Output);
}
continue;
}
var val = GetPropValue(entity, p.Name);
if (val != null)
{
pars.Add(p.Name);
dyParam.Add(p.Name, this.GenerateOracleType(p), ParameterDirection.Input, val);
}
}
var sql = @"insert into {0}({1})values({2}){3}";
sql = string.Format(sql,
this.GetTableName(),
string.Join(',', pars),
string.Join(',', pars.Select(x => ":" + x)),
returns.Count == 0 ? "" : " returning " + string.Join(", ", returns) + " into " + string.Join(", ", returns.Select(x => ":" + x)));
if (transaction == null)
{
await this.DbConnection.ExecuteAsync(sql, param : dyParam, commandType : CommandType.Text);
}
else
{
await transaction.Connection.ExecuteAsync(sql, param : dyParam, transaction : transaction, commandType : CommandType.Text);
}
foreach (var i in returns)
{
var oracleParam = dyParam.GetByName(i);
if (oracleParam.DbType == DbType.Int64 || oracleParam.DbType == DbType.Int32 || oracleParam.DbType == DbType.Int16)
{
typeof(TEntity).GetProperty(i).SetValue(entity, int.Parse(oracleParam.Value.ToString()));
}
else
{
typeof(TEntity).GetProperty(i).SetValue(entity, oracleParam.Value.ToString());
}
}
return(entity);
}
catch (Exception ex)
{
throw ex;
}
}
