public static string getFilterCond(string cond, string sessionKey)
{
AuthInfo auth = AuthModel.GetAuthInfo(sessionKey);
CatBranchDT branchDT = new CatBranchDT();
if (auth != null)
{
CatSalestaffDT staffDT = new CatSalestaffDT();
string branchIds = string.Join(",", branchDT.GetBranchTree(auth.BranchId).ToArray());
DataTable dtStaff = staffDT.GetByCond("BranchID IN (" + branchIds + ")");
string staffIds = string.Join(",", dtStaff.ColToListString("ID").ToArray());
cond += cond == string.Empty ? "" : " AND ";
if (auth.UserRightIds.Contains("1"))
{
cond += "";
}
else if (auth.UserRightIds.Contains("2"))
{
cond += " SaleStaffID in (" + staffIds + ")";
}
else if (auth.UserRightIds.Contains("3"))
{
cond += " SaleStaffID=" + auth.StaffId;
}
}
return(cond);
}
public HttpResponseMessage StaffInfo(string sessionKey)
{
CatSalestaffDT staffDT = new CatSalestaffDT();
DataTable dtSession = sessionDT.GetByCond("SessionID='" + sessionKey + "'", " ID DESC");
if (dtSession != null && dtSession.Rows.Count > 0)
{
// DataTable dtStaff = staffDT.GetByCond("UserID=" + dtSession.Rows[0][LoginSessionContract.Columns[(int)LoginSessionColumns.UserID]].ToString());
return(Request.CreateResponse <string>(HttpStatusCode.OK, JsonConvert.SerializeObject(AuthModel.GetAuthInfo(sessionKey))));
}
return(Request.CreateResponse <string>(HttpStatusCode.OK, "{}"));
}
