Exemplo n.º 1
0
 /// <summary>
 /// 构造函数
 /// </summary>
 public URLoginService()
 {
     currentClientIP = DACommonHelper.GetClientIP();
     internalRequest = GetInternalRequest();
 }
Exemplo n.º 2
0
        /// <summary>
        /// 获取指定用户在指定系统所有拥有的权限信息(专门用于第三方系统调用)
        /// </summary>
        /// <param name="sysId"></param>
        /// <param name="account"></param>
        /// <param name="sign"></param>
        /// <returns></returns>
        public string GetUserRightsJson(int sysId, string account, string sign)
        {
            try
            {
                //验证请求参数
                if (sysId <= 0 || string.IsNullOrEmpty(account) || string.IsNullOrEmpty(sign))
                {
                    return("{\"State\":1,\"Message\":\"请求参数无效。\"}");
                }

                //限定配置过的IP才能请求
                string clientIp = DACommonHelper.GetClientIP();
                //if (clientIp != "127.0.0.1"
                //    && !clientIp.StartsWith("10.")
                //    && !clientIp.StartsWith("192.168.")
                //    && !Regex.IsMatch(clientIp, @"^172\.(1([6-9]{1})|2([0-9]{1})|3([0-1]{1}))(\.[0-9]+){2}$")
                //    && !GetUserRightsJson_ClientIP.Contains(clientIp))
                //{
                //    return "{\"State\":2,\"Message\":\"当前请求IP无效。\"}";
                //}

                //指定的系统必须存在
                SystemInfo system = DABasicInfoHelper.GetSystem(sysId, CacheTimeOption.Short);
                if (system == null)
                {
                    return("{\"State\":101,\"Message\":\"当前系统不存在。\"}");
                }
                if (system.Status == StatusOptions.Invalid)
                {
                    return("{\"State\":102,\"Message\":\"当前系统已被禁用。\"}");
                }

                //请求有做MD5校验
                string md5 = CryptoHelper.MD5_Encrypt(string.Format("{0}{1}{2}", sysId, system.Md5Key, account));
                if (md5.ToLower() != sign.ToLower())
                {
                    return("{\"State\":3,\"Message\":\"无效的请求。\"}");
                }

                //验证用户有效性
                User user = DABasicInfoHelper.GetUser(account);
                if (user == null)
                {
                    return("{\"State\":103,\"Message\":\"用户不存在。\"}");
                }
                if (user.Status == StatusOptions.Invalid)
                {
                    return("{\"State\":104,\"Message\":\"用户已被禁用。\"}");
                }
                if (user.AccountType != UserTypeOptions.SuperAdmin &&
                    (DateTime.Now > user.EndTime || DateTime.Now < user.BeginTime))
                {
                    return("{\"State\":105,\"Message\":\"用户权限已过期。\"}");
                }
                List <UserSystem> userSystems = DARightsHelper.GetUserSystems(user.ID);
                UserSystem        userSystem  = userSystems.FirstOrDefault(a => a.SystemID == sysId);
                if (userSystem == null)
                {
                    return("{\"State\":106,\"Message\":\"用户没有当前系统的访问权限。\"}");
                }

                //提取用户权限
                List <Right>     allRights = DABasicInfoHelper.GetRights(sysId, -1, CacheTimeOption.Short);
                List <RightItem> myRights  = DARightsHelper.GetUserRights(sysId, user.ID, user.AccountType);
                var rights = from a in allRights
                             join b in myRights on a.ID equals b.RightID
                             where a.Status == StatusOptions.Valid
                             select a;
                if (rights.Count() == 0)
                {
                    return("{\"State\":107,\"Message\":\"用户没有当前系统的操作权限。\"}");
                }

                //生成正常返回JSON
                StringBuilder result = new StringBuilder("{\"State\":0,\"Message\":\"OK\",");
                result.AppendFormat("\"System\":{{\"ID\":{0},\"Name\":\"{1}\",\"Url\":\"{2}\"}},", system.ID, system.Name, system.Url);
                result.AppendFormat("\"User\":{{\"ID\":{0},\"Account\":\"{1}\",\"TrueName\":\"{2}\",\"UserType\":{3},\"Email\":\"{4}\",\"Department\":\"{5}\",\"LastLoginTime\":\"{6}\"}},"
                                    , user.ID, user.Account, user.TrueName, userSystem.Admin ? (int)user.AccountType : 0, user.Email, user.Department, userSystem.LastLoginTime.ToString("yyyy-MM-dd HH:mm:ss"));
                result.Append("\"Rights\":[");
                foreach (var right in rights)
                {
                    result.AppendFormat("{{\"ID\":{0},\"PID\":{1},\"Name\":\"{2}\",\"Level\":{3},\"Type\":{4},\"SortIndex\":{5},\"URL\":\"{6}\"}},"
                                        , right.ID, right.ParentID, right.Name, right.RightLevel, (int)right.RightType, right.SortIndex, right.PageUrl);
                }

                //更新最后一次访问时间
                DABasicInfoHelper.UpdateSystemLastLoginTime(sysId, user.ID);

                //记录日志
                DABasicInfoHelper.AddAdminLog(
                    new AdminLog
                {
                    Account     = user.Account,
                    TrueName    = user.TrueName,
                    AccountType = user.AccountType,
                    AddTime     = DateTime.Now,
                    IP          = clientIp,
                    PageUrl     = "GetUserRightsJson",
                    SystemID    = sysId,
                    Memo        = string.Format("{0}系统获取用户{1}权限", system.Name, user.Account)
                });

                return(result.ToString(0, result.Length - 1) + "]}");
            }
            catch (Exception ex)
            {
                LogHelper.WriteException("GetUserRightsJson异常", ex);
                return("{\"State\":4,\"Message\":\"系统异常。\"}");
            }
        }