Пример #1
0
        // -------------------------------------------------------
        // 保存 删除
        // -------------------------------------------------------

        #region 函数:Save(XmlDocument doc)
        /// <summary>保存记录</summary>
        /// <param name="doc">Xml 文档对象</param>
        /// <returns>返回操作结果</returns>
        public string Save(XmlDocument doc)
        {
            ApplicationMethodInfo param = new ApplicationMethodInfo();

            string originalCode = XmlHelper.Fetch("originalCode", doc);

            string originalName = XmlHelper.Fetch("originalName", doc);

            param = (ApplicationMethodInfo)AjaxUtil.Deserialize(param, doc);

            if (originalCode != param.Code)
            {
                if (this.service.IsExistCode(param.Code))
                {
                    return("{\"message\":{\"returnCode\":1,\"value\":\"已存在相同的代码。\"}}");
                }
            }

            if (originalName != param.Name)
            {
                if (this.service.IsExistName(param.Name))
                {
                    return("{\"message\":{\"returnCode\":1,\"value\":\"已存在相同的名称。\"}}");
                }
            }

            this.service.Save(param);

            return(MessageObject.Stringify("0", I18n.Strings["msg_save_success"]));
        }
Пример #2
0
        /// <summary>创建新的对象</summary>
        /// <param name="doc">Xml 文档对象</param>
        /// <returns>返回操作结果</returns>
        public string CreateNewObject(XmlDocument doc)
        {
            StringBuilder outString = new StringBuilder();

            string applicationId = XmlHelper.Fetch("applicationId", doc);

            string applicationSettingGroupId = XmlHelper.Fetch("applicationSettingGroupId", doc);

            ApplicationMethodInfo param = new ApplicationMethodInfo();

            param.Id = DigitalNumberContext.Generate("Key_Guid");

            param.ApplicationId = applicationId;
            param.Type          = "generic";
            param.Version       = 1;

            param.Status = 1;

            param.CreatedDate = param.ModifiedDate = DateTime.Now;

            outString.Append("{\"data\":" + AjaxUtil.Parse <ApplicationMethodInfo>(param) + ",");

            outString.Append(MessageObject.Stringify("0", I18n.Strings["msg_query_success"], true) + "}");

            return(outString.ToString());
        }
        /// <summary>查询某条记录</summary>
        /// <param name="name">名称</param>
        /// <returns>返回实例<see cref="ApplicationMethodInfo"/>的详细信息</returns>
        public ApplicationMethodInfo FindOneByName(string name)
        {
            Dictionary <string, object> args = new Dictionary <string, object>();

            args.Add("Name", StringHelper.ToSafeSQL(name));

            ApplicationMethodInfo param = this.ibatisMapper.QueryForObject <ApplicationMethodInfo>(StringHelper.ToProcedurePrefix(string.Format("{0}_FindOneByName", tableName)), args);

            return(param);
        }
Пример #4
0
        /// <summary>删除记录</summary>
        /// <param name="id">实例的标识</param>
        public void Delete(string id)
        {
            ApplicationMethodInfo param = this.FindOne(id);

            if (param != null && this.dict.ContainsKey(param.Name))
            {
                this.dict.Remove(param.Name);
            }

            provider.Delete(id);
        }
Пример #5
0
        // -------------------------------------------------------
        // 保存 删除
        // -------------------------------------------------------

        #region 函数:Save(ApplicationMethodInfo param)
        /// <summary>保存记录</summary>
        /// <param name="param">实例<see cref="ApplicationMethodInfo"/>详细信息</param>
        /// <returns>实例<see cref="ApplicationMethodInfo"/>详细信息</returns>
        public ApplicationMethodInfo Save(ApplicationMethodInfo param)
        {
            this.provider.Save(param);

            if (param != null && this.dict.ContainsKey(param.Name))
            {
                // 同步到缓存
                this.dict[param.Name] = param;
            }

            return(param);
        }
        // -------------------------------------------------------
        // 添加 删除 修改
        // -------------------------------------------------------

        #region 函数:Save(ApplicationMethodInfo param)
        /// <summary>保存记录</summary>
        /// <param name="param">实例<see cref="ApplicationMethodInfo"/>详细信息</param>
        /// <returns>实例<see cref="ApplicationMethodInfo"/>详细信息</returns>
        public ApplicationMethodInfo Save(ApplicationMethodInfo param)
        {
            if (!IsExist(param.Id))
            {
                Insert(param);
            }
            else
            {
                Update(param);
            }

            return((ApplicationMethodInfo)param);
        }
Пример #7
0
        // -------------------------------------------------------
        // 查询
        // -------------------------------------------------------

        #region 函数:FindOne(XmlDocument doc)
        /// <summary>获取详细信息</summary>
        /// <param name="doc">Xml 文档对象</param>
        /// <returns>返回操作结果</returns>
        public string FindOne(XmlDocument doc)
        {
            StringBuilder outString = new StringBuilder();

            string id = XmlHelper.Fetch("id", doc);

            ApplicationMethodInfo param = this.service.FindOne(id);

            outString.Append("{\"data\":" + AjaxUtil.Parse <ApplicationMethodInfo>(param) + ",");

            outString.Append(MessageObject.Stringify("0", I18n.Strings["msg_query_success"], true) + "}");

            return(outString.ToString());
        }
Пример #8
0
        /// <summary>查询某条记录</summary>
        /// <param name="name">名称</param>
        /// <returns>返回实例<see cref="ApplicationMethodInfo"/>的详细信息</returns>
        public ApplicationMethodInfo FindOneByName(string name)
        {
            ApplicationMethodInfo param = null;

            // 初始化缓存
            if (this.dict.Count == 0)
            {
                lock (lockDictObject)
                {
                    if (this.dict.Count == 0)
                    {
                        IList <ApplicationMethodInfo> list = this.provider.FindAll(new DataQuery());

                        foreach (ApplicationMethodInfo item in list)
                        {
                            if (this.dict.ContainsKey(item.Name))
                            {
                                KernelContext.Log.Warn(string.Format("method:{0}", item.Name) + " is exists.");
                            }
                            else
                            {
                                this.dict.Add(item.Name, item);
                            }
                        }
                    }
                }
            }

            // 查找缓存数据
            if (this.dict.ContainsKey(name))
            {
                param = this.dict[name];
            }

            // 如果缓存中未找到相关数据,则查找数据库内容
            return(param == null?this.provider.FindOneByName(name) : param);
        }
        public ActionResult Index(string methodName, string rawInput)
        {
            if (string.IsNullOrEmpty(methodName))
            {
                return(new EmptyResult());
            }

            if (Request.Browser.Crawler)
            {
                KernelContext.Log.Info("crawler:" + Request.UserAgent);

                return(Content(GenericException.Stringify(I18n.Exceptions["code_web_api_ban_search_engine_spider"],
                                                          I18n.Exceptions["text_web_api_ban_search_engine_spider"])));
            }

            // 限制 IP 访问频次 两个小时 500 次
            if (HttpRequestLimit.LimitIP())
            {
                return(Content(GenericException.Stringify(I18n.Exceptions["code_web_api_request_exceed_limit"],
                                                          I18n.Exceptions["text_web_api_request_exceed_limit"])));
            }

            DateTime timestamp = DateTime.Now;

            HttpContextBase context = this.HttpContext;

            IDictionary <string, APIMethod> dictionary = APIsConfigurationView.Instance.Configuration.APIMethods;

            string responseText = string.Empty;

            // 支持两种格式 connect/auth/authorize 和 connect.auth.authorize, 内部统一使用 connect.auth.authorize 格式
            if (methodName.IndexOf("/") > -1)
            {
                methodName = methodName.Replace("/", ".");
            }

            // 调试情况下记录输入参数
            if (context.Request.QueryString["xhr-debug"] == "1")
            {
                logger.Info("api:" + methodName + " start.");

                logger.Info(RequestHelper.Dump(context.Request, rawInput));
            }

            if (dictionary.ContainsKey(methodName))
            {
                // 优先执行 WebAPI 配置文件中设置的方法.
                responseText = APIHub.ProcessRequest(context, methodName, rawInput, logger, APIMethodInvoke);
            }
            else
            {
                // 匿名方法允许用户跳过验证直接访问
                // 应用方法信息
                ApplicationMethodInfo method = AppsContext.Instance.ApplicationMethodService.FindOneByName(methodName);

                if (method == null)
                {
                    logger.Warn(string.Format(I18n.Exceptions["text_web_api_method_not_exists"], methodName));

                    responseText = GenericException.Stringify(I18n.Exceptions["code_web_api_method_not_exists"],
                                                              string.Format(I18n.Exceptions["text_web_api_method_not_exists"], methodName));
                }
                else if (method.EffectScope == 1 || Authenticate(context, methodName))
                {
                    // 直接执行匿名方法 或者 验证需要身份验证方法

                    // 尝试执行 Application Method 中设置的方法.
                    responseText = APIHub.ProcessRequest(context, methodName, rawInput, logger, MethodInvoker.Invoke);
                }
                else
                {
                    responseText = "401";
                }
            }

            // 调试情况下记录输出参数
            if (context.Request.QueryString["xhr-debug"] == "1")
            {
                KernelContext.Log.Info("api " + methodName + " finished, timespan:" + DateHelper.GetTimeSpan(timestamp).TotalSeconds + "s.");

                KernelContext.Log.Info(responseText);
            }

            return(Content(responseText));
        }
        // -------------------------------------------------------
        // 执行方法
        // -------------------------------------------------------

        #region 属性:Invoke(string methodName, XmlDocument doc)
        /// <summary>执行方法</summary>
        /// <param name="methodName">方法名称</param>
        /// <param name="doc">Xml 文档元素</param>
        /// <param name="logger">日志对象</param>
        public static string Invoke(string methodName, XmlDocument doc, ILog logger)
        {
            IMethod method = null;

            // 应用方法信息
            ApplicationMethodInfo param = AppsContext.Instance.ApplicationMethodService.FindOneByName(methodName);

            if (param == null)
            {
                logger.Warn(string.Format(I18n.Exceptions["text_web_api_method_not_exists"], methodName));

                throw new GenericException(I18n.Exceptions["code_web_api_method_not_exists"],
                                           string.Format(I18n.Exceptions["text_web_api_method_not_exists"], methodName));
            }

            // 应用方法所属的应用信息
            ApplicationInfo application = param.Application;

            if (param.Status == 0)
            {
                throw new GenericException(I18n.Exceptions["code_web_api_method_is_disabled"],
                                           string.Format(I18n.Exceptions["text_web_api_method_is_disabled"], methodName));
            }

            if (param.EffectScope == 1)
            {
                // 允许所有人可以访问
            }
            else
            {
                // 当前用户信息
                IAccountInfo account = KernelContext.Current == null ? null : KernelContext.Current.User;

                if (param.EffectScope == 2 && account == null)
                {
                    // 需要【登录用户】以上级别权限才能调用此方法
                    throw new GenericException(I18n.Exceptions["code_web_api_method_need_elevated_privileges"],
                                               string.Format(I18n.Exceptions["text_web_api_method_need_elevated_privileges"], methodName, "登录用户"));
                }
                else if (param.EffectScope == 4 && !(AppsSecurity.IsMember(account, application.ApplicationName) || AppsSecurity.IsReviewer(account, application.ApplicationName) || AppsSecurity.IsAdministrator(account, application.ApplicationName)))
                {
                    // 需要【应用可访问成员】以上级别权限才能调用此方法
                    throw new GenericException(I18n.Exceptions["code_web_api_method_need_elevated_privileges"],
                                               string.Format(I18n.Exceptions["text_web_api_method_need_elevated_privileges"], methodName, "应用可访问成员"));
                }
                else if (param.EffectScope == 8 && !(AppsSecurity.IsReviewer(account, application.ApplicationName) || AppsSecurity.IsAdministrator(account, application.ApplicationName)))
                {
                    // 需要【应用审查员】以上级别权限才能调用此方法
                    throw new GenericException(I18n.Exceptions["code_web_api_method_need_elevated_privileges"],
                                               string.Format(I18n.Exceptions["text_web_api_method_need_elevated_privileges"], methodName, "应用审查员"));
                }
                else if (param.EffectScope == 16 && !AppsSecurity.IsAdministrator(account, application.ApplicationName))
                {
                    // 需要【应用管理员】以上级别权限才能调用此方法
                    throw new GenericException(I18n.Exceptions["code_web_api_method_need_elevated_privileges"],
                                               string.Format(I18n.Exceptions["text_web_api_method_need_elevated_privileges"], methodName, "应用管理员"));
                }
            }

            Dictionary <string, string> options = new Dictionary <string, string>();

            JsonObject optionObjects = null;

            try
            {
                optionObjects = JsonObjectConverter.Deserialize(param.Options);
            }
            catch (Exception ex)
            {
                logger.Error("methodName:" + methodName + ",options:" + param.Options);
                logger.Error(ex);
                throw;
            }

            foreach (string key in optionObjects.Keys)
            {
                if (optionObjects[key] is JsonPrimary)
                {
                    options.Add(key, ((JsonPrimary)optionObjects[key]).Value.ToString());
                }
                else if (optionObjects[key] is JsonObject)
                {
                    StringBuilder outString = new StringBuilder();

                    JsonObject obj = (JsonObject)optionObjects[key];

                    outString.Append("{");

                    foreach (string objkey in obj.Keys)
                    {
                        outString.AppendFormat("\"{0}\":\"{1}\",", objkey, ((JsonPrimary)obj[objkey]).Value.ToString());
                    }

                    outString = StringHelper.TrimEnd(outString, ",");

                    outString.Append("}");

                    options.Add(key, outString.ToString());
                }
                else if (optionObjects[key] is JsonArray)
                {
                    StringBuilder outString = new StringBuilder();

                    JsonArray list = (JsonArray)optionObjects[key];

                    outString.Append("[");

                    for (int i = 0; i < list.Count; i++)
                    {
                        if (list[i] is String || list[i] is DateTime)
                        {
                            outString.AppendFormat("\"{0}\",", list[i].ToString());
                        }
                        else
                        {
                            outString.AppendFormat("{0},", list[i].ToString());
                        }
                    }

                    outString = StringHelper.TrimEnd(outString, ",");

                    outString.Append("]");

                    options.Add(key, outString.ToString());
                }
            }

            IDictionary <string, string> types = APIsConfigurationView.Instance.Configuration.APIMethodTypes;

            if (param.Type == "generic")
            {
                method = new GenericMethod(options, doc);
            }
            else if (types.ContainsKey(param.Type))
            {
                method = (IMethod)KernelContext.CreateObject(types[param.Type], options, doc);;
            }
            ;

            if (method != null)
            {
                object result = method.Execute();

                return(result == null ? string.Empty : result.ToString());
            }

            return(string.Empty);
        }
        // -------------------------------------------------------
        // 同步管理
        // -------------------------------------------------------

        #region 函数:SyncFromPackPage(ApplicationMethodInfo param)
        ///<summary>同步信息</summary>
        ///<param name="param">应用请求路由信息</param>
        public void SyncFromPackPage(ApplicationMethodInfo param)
        {
            this.ibatisMapper.Insert(StringHelper.ToProcedurePrefix(string.Format("{0}_SyncFromPackPage", tableName)), param);
        }
 /// <summary>修改记录</summary>
 /// <param name="param">实例<see cref="ApplicationMethodInfo"/>详细信息</param>
 public void Update(ApplicationMethodInfo param)
 {
     this.ibatisMapper.Update(StringHelper.ToProcedurePrefix(string.Format("{0}_Update", tableName)), param);
 }
Пример #13
0
 ///<summary>同步信息</summary>
 ///<param name="param">应用方法信息</param>
 public void SyncFromPackPage(ApplicationMethodInfo param)
 {
     provider.SyncFromPackPage(param);
 }