/// <summary>
/// 创建解除角色菜单按钮权限的sql
/// </summary>
/// <param name="cb"></param>
/// <param name="v"></param>
/// <returns></returns>
private string CreateUnDistributionButtonSql(List <dynamic> cb, string v)
{
StringBuilder sb = new StringBuilder();
for (int i = 0; i < cb.Count; i++)
{
sb.AppendLine(
DBSqlHelper.GetUpdateSQL <EHECD_PrivilegeDTO>(
new EHECD_PrivilegeDTO {
bIsDeleted = true
},
string.Format(
@"WHERE
sPrivilegeMaster = 'role' --特权分配给角色的
AND sPrivilegeMasterValue = '{0}' --角色ID
AND sBelong = 'menu' --属于菜单的
AND sBelongValue = '{2}' --菜单ID
AND sPrivilegeAccess = 'button' --特权类型是按钮
AND sPrivilegeAccessValue = '{1}'--按钮ID",
v, cb[i].id.ToString(), cb[i].menuid.ToString()
)
)
);
}
return(sb.ToString());
}
//删除角色
public override int DeleteRole(string ID, dynamic p)
{
StringBuilder sb = new StringBuilder();
//1.逻辑删除这个角色的所有特权
sb.Append(DBSqlHelper.GetUpdateSQL <EHECD_PrivilegeDTO>(new EHECD_PrivilegeDTO {
bIsDeleted = true
}, string.Format("WHERE ((sPrivilegeMaster = 'role' AND sPrivilegeMasterValue = '{0}'/*类别是角色*/) OR (sBelong = 'role' AND sBelongValue = '{0}'/*所有者是角色*/) OR (sPrivilegeAccess = 'role' AND sPrivilegeAccessValue = '{0}'/*提供者是角色*/))", ID)));
//2.逻辑删除这个角色
sb.Append(DBSqlHelper.GetUpdateSQL <EHECD_RoleDTO>(new EHECD_RoleDTO {
ID = Guid.Parse(ID), bIsDeleted = true
}, String.Format("WHERE ID = '{0}'", ID)));
//3.逻辑删除这个角色绑定的客户
sb.Append(DBSqlHelper.GetUpdateSQL <EHECD_SystemUser_R_RoleDTO>(new EHECD_SystemUser_R_RoleDTO {
sRoleID = Guid.Parse(ID), bIsDeleted = true
}, String.Format("WHERE sRoleID = '{0}'", ID)));
var ret = excute.ExcuteTransaction(sb.ToString());
//4.记录系统日志
InsertSystemLog(
p.sLoginName.ToString(),
p.sUserName.ToString(),
p.IP.ToString(),
(Int16)(SYSTEM_LOG_TYPE.DELETE | SYSTEM_LOG_TYPE.ROLE),
"系统用户删除角色" + ID,
ID,
ret > 0);
return(ret);
}
/// <summary>
/// 根据条件删除,此删除方法,不支持分表数据的删除
/// </summary>
/// <typeparam name="T">要删除的类型</typeparam>
/// <param name="where">删除条件</param>
/// <param name="paras">参数</param>
/// <returns>影响行数</returns>
public int Delete <T>(string where, params object[] paras)
{
Type type = typeof(T);
DBTable table = MapHelper.GetDBTable(type);
DBSql dbsql = DBSqlHelper.GetDBSql(table.Name, _dbContext.DataType);
where = FormatWhereOrder(table, where);
Command.CommandText = string.Format("delete from {0} {1}", table.Name, where.Length > 0 ? " where " + where : "");
Command.CommandType = CommandType.Text;
Command.Parameters.Clear();
int i = 0;
foreach (object obj in paras)
{
AddParameter(FormatParameterName("p" + (i++).ToString()), ParameterDirection.Input, obj);
}
return(Command.ExecuteNonQuery());
}
/// <summary>
/// 写入数据
/// </summary>
/// <param name="instance"></param>
/// <param name="type">映射表类型</param>
/// <param name="date">要写入表的拆分日期。注意该日期必须与Id中的日期对应。比如按年拆分的表,Id中的年份与该日期中的年份必须相同</param>
public void Insert(object instance, Type type, DateTime date)
{
DBTable table = MapHelper.GetDBTable(type);
//取主键值
object primaryVal = null;
if (table.PrimaryKey[0].DBPrimaryType != DBPrimaryType.Identity)
{
primaryVal = this.GetValue(table.PrimaryKey[0], instance);
if (primaryVal == null)
{
throw new MyDBException("新增对象,非自增长表主键不能为空");
}
}
//取表名。如果是拆分表,则获取拆分表名
string tbName = table.Name;
if (table.SeparateType != SeparateType.None)
{
//如果传入时间为空,则取myId中的时间
if (date == DateTime.MinValue)
{
date = MyIdMake.GetMyIdDate(primaryVal);
}
//获取数据库表名
tbName = TableSeparate.GetTableName(table, date);
}
//获取该数据库表 对应的DBSql中的Insert语句
DBSql dbsql = DBSqlHelper.GetDBSql(tbName, _dbContext.DataType);
if (string.IsNullOrEmpty(dbsql.InsertSql))//如果该表的新增语句为空,则生成该表的Insert语句
{
dbsql.InsertSql = GetInsertSql(table, tbName);
}
//将数据写入数据库
Insert(instance, primaryVal, table, dbsql.InsertSql);
}
/// <summary>
/// 创建解除角色菜单的sql
/// </summary>
/// <param name="cm">要解除的菜单集合</param>
/// <param name="v">要解除的角色</param>
/// <returns>sql</returns>
private string CreateUnDistributionMenuSql(List <string> cm, string v)
{
StringBuilder sb = new StringBuilder();
for (int i = 0; i < cm.Count; i++)
{
sb.AppendLine(
DBSqlHelper.GetUpdateSQL <EHECD_PrivilegeDTO>(
new EHECD_PrivilegeDTO {
bIsDeleted = true
},
string.Format(
"WHERE sPrivilegeMaster = 'role' AND sBelong = 'role' AND sPrivilegeMasterValue = '{0}' AND sBelongValue = '{0}' AND sPrivilegeAccess = 'menu' AND sPrivilegeAccessValue = '{1}'",
v, cm[i]
)
)
);
}
return(sb.ToString());
}
//添加角色
public override int AddRole(dynamic data, dynamic p)
{
//1.创建角色对象
EHECD_RoleDTO role = new EHECD_RoleDTO
{
ID = GuidHelper.GetSecuentialGuid(),
bEnable = Convert.ToBoolean(data.bEnable.Value),
bIsDeleted = false,
dCreateTime = DateTime.Now,
dModifyTime = DateTime.Now,
iOrder = Convert.ToInt32(data.iOrder.Value),
sRoleName = data.sRoleName.Value
};
var sqlIf = @"IF EXISTS(SELECT 1 FROM EHECD_Role WHERE sRoleName = @sRoleName)
BEGIN
SELECT -1 RET;
END
ELSE
BEGIN
{0}
END;";
sqlIf = string.Format(sqlIf, DBSqlHelper.GetInsertSQL <EHECD_RoleDTO>(role));
//2.插入角色信息
var ret = excute.Insert(sqlIf, new { sRoleName = role.sRoleName });
//3.记录系统日志
InsertSystemLog(
p.sLoginName.ToString(),
p.sUserName.ToString(),
p.IP.ToString(),
(Int16)(SYSTEM_LOG_TYPE.ADD | SYSTEM_LOG_TYPE.ROLE),
"系统用户添加角色" + role.ID,
role.ID.ToString(),
ret > 0);
return(ret);
}
/// <summary>
/// 修改对象,支持分表数据的修改
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="instance"></param>
/// <returns>受影响的行数</returns>
public int Update <T>(T instance)
{
Type type = typeof(T);
DBTable table = MapHelper.GetDBTable(type);
//获取修改对象的主键
object primaryVal = this.GetValue(table.PrimaryKey[0], instance);
//获取主键对应的数据库表名
string tbName = TableSeparate.GetTableName(table, primaryVal);
DBSql dbsql = DBSqlHelper.GetDBSql(tbName, _dbContext.DataType);
if (string.IsNullOrEmpty(dbsql.UpdateSql))//如果该表的修改语句为空,则生成该表的update语句
{
dbsql.UpdateSql = GetUpdateSql(table, tbName);
}
//修改数据
int retVal = Update <T>(instance, table, dbsql.UpdateSql, primaryVal);
return(retVal);
}
/// <summary>
/// This method will try to connect to the database.
/// </summary>
private async Task ConnectToDBAsync()
{
// Reset the values so we can start anew.
ConnectedSuccessfully = false;
ErroredConnecting = false;
// Build connection string and initialize connection with it.
Task <bool> result = DBSqlHelper.InitializeConnectionAsync();
bool conected = await result;
// Check if conection to database has been successfully established.
if (conected)
{
ConnectedSuccessfully = true;
ConnectedStatusTextBlock.Text = "Connected";
}
else
{
ErroredConnecting = true;
ConnectedStatusTextBlock.Text = "Error connecting";
}
}
//删除用户
public override int DeleteSystemUser(EHECD_SystemUserDTO user, dynamic p)
{
StringBuilder sb = new StringBuilder();
//1.删除用户
sb.AppendLine(DBSqlHelper.GetUpdateSQL <EHECD_SystemUserDTO>(new EHECD_SystemUserDTO()
{
bIsDeleted = true
}, string.Format("where ID = '{0}'", user.ID)));
//2.删除用户的特权
sb.AppendLine(DBSqlHelper.GetUpdateSQL <EHECD_PrivilegeDTO>(new EHECD_PrivilegeDTO()
{
bIsDeleted = true
}, string.Format("where ((sPrivilegeMaster = 'user' AND sPrivilegeMasterValue = '{0}') OR (sBelong = 'user' AND sBelongValue = '{0}'))", user.ID)));
//3.解除用户权限
sb.AppendLine(DBSqlHelper.GetUpdateSQL <EHECD_SystemUser_R_RoleDTO>(new EHECD_SystemUser_R_RoleDTO()
{
bIsDeleted = true
}, string.Format("where sUserID = '{0}' AND bIsDeleted = 0", user.ID)));
var ret = excute.ExcuteTransaction(sb.ToString());
//3.记录系统日志
InsertSystemLog(
p.sLoginName.ToString(),
p.sUserName.ToString(),
p.IP.ToString(),
(Int16)(SYSTEM_LOG_TYPE.DELETE | SYSTEM_LOG_TYPE.SYSTEMUSER),
"系统用户删除用户" + user.ID,
user.ID.ToString(),
ret > 0);
return(ret);
}
/// <summary>
/// 根据主键删除,支持分表数据的删除
/// </summary>
/// <typeparam name="T">要删除的类型</typeparam>
/// <typeparam name="IdT">主键类型</typeparam>
/// <param name="id">主键值</param>
/// <returns>影响行数</returns>
public int Delete <T, IdT>(IdT id)
{
Type type = typeof(T);
DBTable table = MapHelper.GetDBTable(type);
if (table.PrimaryKey.Count > 1)
{
throw new Exception("联合主键表,不支持根据主键删除");
}
//获取对应的数据库表名
string tbName = TableSeparate.GetTableName(table, id);
DBSql dbsql = DBSqlHelper.GetDBSql(tbName, _dbContext.DataType);
if (string.IsNullOrEmpty(dbsql.DeleteSql))//如果该表的修改语句为空,则生成该表的update语句
{
dbsql.DeleteSql = GetDeleteSql(table, tbName);
}
int retVal = Delete <T, IdT>(id, table, dbsql.DeleteSql);
return(retVal);
}
private void ContentDialog_PrimaryButtonClick(ContentDialog sender, ContentDialogButtonClickEventArgs args)
{
string CurrentPassword, NewPassword, NewPasswordRetype;
CurrentPassword = CurrentPasswordTextBox.Password;
NewPassword = NewPasswordTextBox.Password;
NewPasswordRetype = NewPasswordRetypeTextBox.Password;
// Check if all inputs are filled.
if (!string.IsNullOrEmpty(NewPassword) && !string.IsNullOrEmpty(NewPasswordRetype))
{
if (NewLogin)
{
// Check if both inputs are the same.
if (NewPassword == NewPasswordRetype)
{
// Check if password meets our security standards.
Regex regex = new Regex(@"^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#\$%\^&\*])(?=.{8,})");
Match match = regex.Match(NewPassword);
if (match.Success)
{
// Hash the password.
string hashedPassword = DBSqlHelper.SHA512(NewPassword);
string query = "UPDATE user_table " +
"SET pw = @password, first_time_login = 0 " +
"WHERE id_user = @id_user";
SqlCommand cmd = DBSqlHelper.Connection.CreateCommand();
cmd.CommandText = query;
SqlParameter sqlPassword = new SqlParameter("password", SqlDbType.NVarChar);
sqlPassword.Value = hashedPassword;
cmd.Parameters.Add(sqlPassword);
SqlParameter sqlUserId = new SqlParameter("id_user", DbType.Int32);
sqlUserId.Value = UserId;
cmd.Parameters.Add(sqlUserId);
cmd.ExecuteNonQuery();
ContentDialog successDialog = new ContentDialog
{
Title = "Success",
Content = "User details updated successfully!",
CloseButtonText = "OK"
};
App.ShowContentDialog(successDialog, null);
}
else
{
ResetTextBlock.Text = "The password must contain at least 1 lowercase, 1 uppercase, 1 numeric character, one special character, and be be 8 characters or longer!";
NewPasswordTextBox.Password = "";
NewPasswordRetypeTextBox.Password = "";
args.Cancel = true;
}
}
else
{
ResetTextBlock.Text = "Both fields must be the same!";
NewPasswordTextBox.Password = "";
NewPasswordRetypeTextBox.Password = "";
args.Cancel = true;
}
}
else
{
if (!string.IsNullOrEmpty(CurrentPassword))
{
// Check if both inputs are the same.
if (NewPassword == NewPasswordRetype)
{
// Check if password meets our security standards.
Regex regex = new Regex(@"^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#\$%\^&\*])(?=.{8,})");
Match match = regex.Match(NewPassword);
if (match.Success)
{
// Check if the current password is correct.
string hashedPassword = DBSqlHelper.SHA512(CurrentPassword);
string query = "SELECT COUNT(*) FROM user_table " +
"WHERE pw = @password";
SqlCommand cmd = DBSqlHelper.Connection.CreateCommand();
cmd.CommandText = query;
SqlParameter sqlPassword = new SqlParameter("password", SqlDbType.NVarChar);
sqlPassword.Value = hashedPassword;
cmd.Parameters.Add(sqlPassword);
int count = (int)cmd.ExecuteScalar();
if (count >= 1)
{
// Hash the password.
hashedPassword = DBSqlHelper.SHA512(NewPassword);
query = "UPDATE user_table " +
"SET pw = @password, first_time_login = 0 " +
"WHERE id_user = @id_user";
cmd = DBSqlHelper.Connection.CreateCommand();
cmd.CommandText = query;
sqlPassword = new SqlParameter("password", SqlDbType.NVarChar);
sqlPassword.Value = hashedPassword;
cmd.Parameters.Add(sqlPassword);
SqlParameter sqlUserId = new SqlParameter("id_user", DbType.Int32);
sqlUserId.Value = Data.Instance.LoggedInUser.Id;
cmd.Parameters.Add(sqlUserId);
cmd.ExecuteNonQuery();
ContentDialog successDialog = new ContentDialog
{
Title = "Success",
Content = "User details updated successfully!",
CloseButtonText = "OK"
};
App.ShowContentDialog(successDialog, null);
this.Hide();
}
else
{
ResetTextBlock.Text = "Current password is incorrect";
CurrentPasswordTextBox.Password = "";
NewPasswordTextBox.Password = "";
NewPasswordRetypeTextBox.Password = "";
args.Cancel = true;
}
}
else
{
ResetTextBlock.Text = "The password must contain at least 1 lowercase, 1 uppercase, 1 numeric character, 1 special character, and be be 8 characters or longer!";
CurrentPasswordTextBox.Password = "";
NewPasswordTextBox.Password = "";
NewPasswordRetypeTextBox.Password = "";
args.Cancel = true;
}
}
else
{
ResetTextBlock.Text = "Both new password fields must be the same!";
NewPasswordTextBox.Password = "";
NewPasswordRetypeTextBox.Password = "";
args.Cancel = true;
}
}
}
}
}
/// <summary>
/// 创建分配角色按钮权限的sql
/// </summary>
/// <param name="jb"></param>
/// <param name="v"></param>
/// <returns></returns>
private string CreateDistributionButtonSql(List <dynamic> jb, string v)
{
StringBuilder sb = new StringBuilder();
//赋予角色菜单按钮权限的sql
string dsql =
@"IF EXISTS (
SELECT
1
FROM
EHECD_Privilege
WHERE
sPrivilegeMaster = 'role'--分配给角色的
AND sPrivilegeMasterValue = '{0}'--角色ID
AND sPrivilegeAccess = 'button'--特权类型是按钮
AND sPrivilegeAccessValue = '{1}'--按钮ID
AND sBelong = 'menu'--属于菜单的
AND sBelongValue = '{4}'--菜单ID
)
BEGIN
--存在直接更新
{2}
END
ELSE
BEGIN
--不存在就插入一条
{3}
END;";
for (int i = 0; i < jb.Count; i++)
{
sb.AppendFormat(dsql, v, jb[i].id.ToString(),
DBSqlHelper.GetUpdateSQL <EHECD_PrivilegeDTO>(
new EHECD_PrivilegeDTO {
bIsDeleted = false
},
string.Format(
@"WHERE
sPrivilegeMaster = 'role'--分配给角色的
AND sPrivilegeMasterValue = '{0}'--角色ID
AND sPrivilegeAccess = 'button'--特权类型是按钮
AND sPrivilegeAccessValue = '{1}'--按钮ID
AND sBelong = 'menu'--属于菜单的
AND sBelongValue = '{2}'--菜单ID",
v, jb[i].id.ToString(), jb[i].menuid.ToString()
)
),
DBSqlHelper.GetInsertSQL <EHECD_PrivilegeDTO>(
new EHECD_PrivilegeDTO
{
bIsDeleted = false,
bPrivilegeOperation = false,
ID = GuidHelper.CreateRpcrt4Guid(),
sBelong = "menu",
sBelongValue = Guid.Parse(jb[i].menuid.ToString()),
sPrivilegeAccess = "button",
sPrivilegeAccessValue = Guid.Parse(jb[i].id.ToString()),
sPrivilegeMaster = "role",
sPrivilegeMasterValue = Guid.Parse(v)
}
), jb[i].menuid.ToString()
);
}
return(sb.ToString());
}
/// <summary>
/// 创建分配角色菜单的sql
/// </summary>
/// <param name="jm">要分配的菜单集合</param>
/// <param name="roleId">要分配的角色</param>
/// <returns>sql</returns>
private string CreateDistributionMenuSql(List <string> jm, string roleId)
{
StringBuilder sb = new StringBuilder();
//赋予角色菜单权限的sql
string dsql =
@"IF EXISTS (
SELECT
1
FROM
EHECD_Privilege
WHERE
sPrivilegeMaster = 'role'
AND sBelong = 'role'
AND sPrivilegeMasterValue = '{0}'--角色ID
AND sBelongValue = '{0}'--角色ID
AND sPrivilegeAccess = 'menu'
AND sPrivilegeAccessValue = '{1}'--菜单ID
)
BEGIN
--存在直接更新
{2}
END
ELSE
BEGIN
--不存在就插入一条
{3}
END;";
for (int i = 0; i < jm.Count; i++)
{
sb.AppendFormat(dsql, roleId, jm[i],
DBSqlHelper.GetUpdateSQL <EHECD_PrivilegeDTO>(
new EHECD_PrivilegeDTO {
bIsDeleted = false
},
string.Format(
"WHERE sPrivilegeMaster = 'role' AND sBelong = 'role' AND sPrivilegeMasterValue = '{0}' AND sBelongValue = '{0}' AND sPrivilegeAccess = 'menu' AND sPrivilegeAccessValue = '{1}'",
roleId, jm[i]
)
),
DBSqlHelper.GetInsertSQL <EHECD_PrivilegeDTO>(
new EHECD_PrivilegeDTO
{
bIsDeleted = false,
bPrivilegeOperation = false,
ID = GuidHelper.CreateRpcrt4Guid(),
sBelong = "role",
sBelongValue = Guid.Parse(roleId),
sPrivilegeAccess = "menu",
sPrivilegeAccessValue = Guid.Parse(jm[i]),
sPrivilegeMaster = "role",
sPrivilegeMasterValue = Guid.Parse(roleId)
}
)
);
}
return(sb.ToString());
}
//分配角色
public override int DistributionRole(EHECD_SystemUserDTO user, dynamic p)
{
var ret = 0;
if (p.data.ids != null)
{
string idsStr = p.data.ids.Value.ToString();
if (!string.IsNullOrWhiteSpace(idsStr))
{
//1.有角色id,表示要给他重新分配角色
var ids = idsStr.Split(new char[] { ',' });
StringBuilder sb = new StringBuilder();
//解除未选中的其他角色
sb.AppendFormat("UPDATE EHECD_SystemUser_R_Role SET bIsDeleted = 1 WHERE sRoleID NOT IN ({0}) AND sUserID = '{1}';",
string.Join(",", ids.Select(m => "'" + m + "'")), user.ID);
string sql = @"IF EXISTS(SELECT 1 FROM EHECD_SystemUser_R_Role WHERE sRoleID = '{2}' AND sUserID = '{3}')
BEGIN
{0}
END
ELSE
BEGIN
{1}
END;";
for (int i = 0; i < ids.Length; i++)
{
sb.AppendFormat(sql,
DBSqlHelper.GetUpdateSQL <EHECD_SystemUser_R_RoleDTO>(
new EHECD_SystemUser_R_RoleDTO {
bIsDeleted = false
},
string.Format("WHERE sRoleID = '{0}' AND sUserID = '{1}'", ids[i], user.ID)),
DBSqlHelper.GetInsertSQL <EHECD_SystemUser_R_RoleDTO>(
new EHECD_SystemUser_R_RoleDTO
{
ID = GuidHelper.GetSecuentialGuid(),
bIsDeleted = false,
sRoleID = Guid.Parse(ids[i]),
sUserID = user.ID
}),
ids[i],
user.ID
);
}
//2.执行插入和更新
ret = excute.ExcuteTransaction(sb.ToString());
//3.记录系统日志
InsertSystemLog(
p.sLoginName.ToString(),
p.sUserName.ToString(),
p.IP.ToString(),
(Int16)(SYSTEM_LOG_TYPE.MODIFY | SYSTEM_LOG_TYPE.ADD | SYSTEM_LOG_TYPE.ROLE | SYSTEM_LOG_TYPE.SYSTEMUSER),
"分配系统用户角色" + user.ID,
user.ID.ToString(),
ret > 0);
}
else
{
//1.没有角色id,表示这个用户没有分配角色,解除他以前的所有角色信息
ret = excute.UpdateSingle <EHECD_SystemUser_R_RoleDTO>(
new EHECD_SystemUser_R_RoleDTO {
bIsDeleted = true
},
string.Format("WHERE sUserID = '{0}'", user.ID));
//2.记录系统日志
InsertSystemLog(
p.sLoginName.ToString(),
p.sUserName.ToString(),
p.IP.ToString(),
(Int16)(SYSTEM_LOG_TYPE.MODIFY | SYSTEM_LOG_TYPE.DELETE | SYSTEM_LOG_TYPE.ROLE | SYSTEM_LOG_TYPE.SYSTEMUSER),
"解除系统用户角色" + user.ID,
user.ID.ToString(),
ret >= 0);
}
}
return(ret);
}
