protected bool HandleAuthToken(string token, string empAccount, out ArticleAjaxAuthData authData)
{
bool isValidToken = true;
authData = null;
if (string.IsNullOrEmpty(token))
{
isValidToken = false;
}
// decrypt token
if (isValidToken)
{
try
{
string aesKeyOfBP = ConfigurationManager.AppSettings["AesKeyOfBP"];
string basicIV = ConfigurationManager.AppSettings["AesIV"];
string authJson = AesUtility.Decrypt(token, aesKeyOfBP, basicIV);
authData = JsonConvert.DeserializeObject <ArticleAjaxAuthData>(authJson);
}
catch (Exception ex)
{
logger.Error("", ex);
isValidToken = false;
}
}
// check account
if (isValidToken)
{
if (empAccount != authData.EmpAccount)
{
isValidToken = false;
}
}
// check postDate
if (isValidToken)
{
if ((DateTime.Now - authData.PostDate).TotalHours >= 24)
{
isValidToken = false;
}
}
return(isValidToken);
}
public override ClientResult ProcessRequest()
{
ClientResult cr = null;
string mdfAccount = c.GetEmpAccount();
if (string.IsNullOrEmpty(mdfAccount))
{
cr = new ClientResult()
{
b = false,
err = "invalid login status"
};
return(cr);
}
string token = GetParamValue("token");
ArticleAjaxAuthData authData = null;
if (!HandleAuthToken(token, c.GetEmpAccount(), out authData))
{
cr = new ClientResult()
{
b = false,
err = "invalid token"
};
return(cr);
}
string artId = GetParamValue("artId");
Guid articleId;
if (!Guid.TryParse(artId, out articleId))
{
cr = new ClientResult()
{
b = false,
err = "invalid artId"
};
return(cr);
}
string sortField = GetParamValue("sortField");
string strIsSortDesc = GetParamValue("isSortDesc");
bool isSortDesc = false;
if (strIsSortDesc == "")
{
strIsSortDesc = isSortDesc.ToString();
}
else
{
isSortDesc = Convert.ToBoolean(strIsSortDesc);
}
if (sortField == "")
{
strIsSortDesc = "";
}
ArticlePublisherLogic artPub = new ArticlePublisherLogic();
ArticleUpdateSortFieldOfFrontStageParams param = new ArticleUpdateSortFieldOfFrontStageParams()
{
ArticleId = articleId,
SortFieldOfFrontStage = sortField,
IsSortDescOfFrontStage = isSortDesc,
MdfAccount = mdfAccount,
AuthUpdateParams = new AuthenticationUpdateParams()
{
CanEditSubItemOfOthers = authData.CanEditSubItemOfOthers,
CanEditSubItemOfCrew = authData.CanEditSubItemOfCrew,
CanEditSubItemOfSelf = authData.CanEditSubItemOfSelf,
MyAccount = c.GetEmpAccount(),
MyDeptId = c.GetDeptId()
}
};
bool result = artPub.UpdateArticleSortFieldOfFrontStage(param);
if (result)
{
SortFieldInfo sortFieldInfo = new SortFieldInfo()
{
sortField = sortField,
isSortDesc = strIsSortDesc
};
cr = new ClientResult()
{
b = true,
o = sortFieldInfo
};
}
else
{
cr = new ClientResult()
{
b = false, err = "update failed"
};
}
return(cr);
}
public override ClientResult ProcessRequest()
{
ClientResult cr = null;
string mdfAccount = c.GetEmpAccount();
if (string.IsNullOrEmpty(mdfAccount))
{
cr = new ClientResult()
{
b = false,
err = "invalid login status"
};
return(cr);
}
string token = GetParamValue("token");
ArticleAjaxAuthData authData = null;
if (!HandleAuthToken(token, c.GetEmpAccount(), out authData))
{
cr = new ClientResult()
{
b = false,
err = "invalid token"
};
return(cr);
}
string artId = GetParamValue("artId");
Guid articleId;
if (!Guid.TryParse(artId, out articleId))
{
cr = new ClientResult()
{
b = false,
err = "invalid artId"
};
return(cr);
}
string areaName = GetParamValue("areaName");
bool isShow = Convert.ToBoolean(GetParamValue("isShow"));
ArticlePublisherLogic artPub = new ArticlePublisherLogic();
ArticleUpdateIsAreaShowInFrontStageParams param = new ArticleUpdateIsAreaShowInFrontStageParams()
{
ArticleId = articleId,
AreaName = areaName,
IsShowInFrontStage = isShow,
MdfAccount = mdfAccount,
AuthUpdateParams = new AuthenticationUpdateParams()
{
CanEditSubItemOfOthers = authData.CanEditSubItemOfOthers,
CanEditSubItemOfCrew = authData.CanEditSubItemOfCrew,
CanEditSubItemOfSelf = authData.CanEditSubItemOfSelf,
MyAccount = c.GetEmpAccount(),
MyDeptId = c.GetDeptId()
}
};
bool result = artPub.UpdateArticleIsAreaShowInFrontStage(param);
if (result)
{
cr = new ClientResult()
{
b = true
};
}
else
{
cr = new ClientResult()
{
b = false, err = "update failed"
};
}
return(cr);
}
