public ActionResult Register(RegisterVM registerVM)
{
if (!ModelState.IsValid)
{
return(View(registerVM));
}
_userService = new UserService();
DateTime nowDate = System.DateTime.Now;
Mapper.CreateMap <RegisterVM, User>();
User user = Mapper.Map <User>(registerVM);
user.UserPassword = MD5Encoder.Encrypt(registerVM.UserPassword);
user.UserStatus = "0";//0帳號未啟動 1帳號啟動
user.CreateDate = nowDate;
user.CreateId = "9999";
user.UpdateDate = nowDate;
user.UpdateId = "9999";
using (UserRepository _repo = new UserRepository())
{ _repo.Insert(user); }
return(RedirectToAction("RegistSuccess"));
}
public ActionResult Edit(UserEditVM userVM)
{
UserService _userService = new UserService();
if (!ModelState.IsValid)
{
return(View(userVM));
}
//MD5無法解密,故用此判斷是否更改過密碼
//無更改過密碼,已經為MD5密碼
if (userVM.UserPassword.Equals(userVM.OriginPassword))
{
}
else//更改過密碼,需加密為MD5
{
userVM.UserPassword = MD5Encoder.Encrypt(userVM.UserPassword);
}
Mapper.CreateMap <UserEditVM, UserEditSV>();
UserEditSV userEditSV = Mapper.Map <UserEditSV>(userVM);
userEditSV.UpdateDate = System.DateTime.Now;
userEditSV.UpdateId = Session["Account"].ToString();
_userService.ModifyUser(userEditSV);
if (Session["Account"].Equals("9999"))
{
return(RedirectToAction("Index"));
}
return(RedirectToAction("EditSuccess"));
}
public async Task <int> Put(int id, [FromBody] Users user)
{
DEFACEWEBSITEContext context = new DEFACEWEBSITEContext();
string password = MD5Encoder.MD5Hash(user.Password);
string command = $"dbo.Users_Upd @p_ID={user.Id},@p_USERNAME = '******',@p_FULLNAME='{user.Fullname}',@p_PASSWORD='******',@p_EMAIL = '{user.Email}',@p_PHONE={user.Phone},@p_PARENT_ID={user.ParentId},@p_DESCRIPTION='{user.Description}',@p_RECORD_STATUS='{user.RecordStatus}',@p_AUTH_STATUS='{user.AuthStatus}',@p_CREATE_DT='{user.CreateDt}',@p_APPROVE_DT='{user.ApproveDt}',@p_EDIT_DT='{user.EditDt}',@p_MAKER_ID='{user.MakerId}',@p_CHECKER_ID='{user.CheckerId}',@p_EDITOR_ID='{user.EditorId}'";
var result = await context.Database.ExecuteSqlCommandAsync(command, cancellationToken : CancellationToken.None);
return(result);
}
public async Task <int> Post([FromBody] UserObject user)
{
DEFACEWEBSITEContext context = new DEFACEWEBSITEContext();
string pass = MD5Encoder.MD5Hash(user.Password);
XElement xmldata = new XElement(new XElement("Root"));
XElement x = new XElement("Domain", new XElement("DOMAIN", user.Domain),
new XElement("DESCRIPTION", user.DomainDesc));
xmldata.Add(x);
string command = $"dbo.Users_Ins @p_USERNAME = '******', @p_FULLNAME='{user.Fullname}',@p_PASSWORD = '******',@p_EMAIL = '{user.Email}',@p_PHONE = {user.Phone},@p_PARENT_ID = {user.ParentId},@p_DESCRIPTION = '{user.Description}',@p_RECORD_STATUS = '{user.RecordStatus}',@p_AUTH_STATUS = '{user.AuthStatus}',@p_CREATE_DT = '{DateTime.Now}',@p_APPROVE_DT ='',@p_EDIT_DT='',@p_MAKER_ID ='{user.MakerId}',@p_CHECKER_ID = '{user.CheckerId}',@p_EDITOR_ID = '{user.EditorId}',@DOMAIN ={xmldata}";
var result = await context.Database.ExecuteSqlCommandAsync(command, cancellationToken : CancellationToken.None);
return(result);
}
public async Task <IActionResult> Login([FromBody] LoginViewModel user)
{
IActionResult _result = new ObjectResult(false);
GenericResult _authenticationResult = null;
try
{
DEFACEWEBSITEContext context = new DEFACEWEBSITEContext();
string password = MD5Encoder.MD5Hash(user.Password);
string command = $"dbo.Users_CheckLogin @p_USERNAME = '******',@p_PASSWORD='******',@p_TOKEN='{null}'";
var result = await context.Database.ExecuteSqlCommandAsync(command, cancellationToken : CancellationToken.None);
if (result == 1)
{
_authenticationResult = new GenericResult()
{
Succeeded = true,
Message = "Authentication succeeded"
};
}
else
{
_authenticationResult = new GenericResult()
{
Succeeded = false,
Message = "Authentication failed"
};
}
}
catch (Exception ex)
{
_authenticationResult = new GenericResult()
{
Succeeded = false,
Message = ex.Message
};
_loggingRepository.Add(new Error()
{
Message = ex.Message, StackTrace = ex.StackTrace, DateCreated = DateTime.Now
});
_loggingRepository.Commit();
}
_result = new ObjectResult(_authenticationResult);
return(_result);
}
public int ChangePassword(string username, string currentpassword, string newpassword)
{
//DEFACEWEBSITEContext context = new DEFACEWEBSITEContext();
var result = _context.Users.FromSql("dbo.Users_ById @p_USERNAME = {0}, @p_USERID = null ", username).Single();
if (MD5Encoder.MD5Hash(currentpassword).Equals(result.Password))
{
result.Password = MD5Encoder.MD5Hash(newpassword);
string command = $"dbo.Users_Upd @p_ID={result.Id},@p_USERNAME = '******',@p_FULLNAME=N'{result.Fullname}',@p_PASSWORD='******',@p_EMAIL = '{result.Email}',@p_PHONE={result.Phone},@p_PARENT_ID='{result.ParentId}',@p_DESCRIPTION=N'{result.Description}',@p_RECORD_STATUS='{result.RecordStatus}',@p_AUTH_STATUS='{result.AuthStatus}',@p_CREATE_DT='{result.CreateDt}',@p_APPROVE_DT='{result.ApproveDt}',@p_EDIT_DT='{DateTime.Now.Date}',@p_MAKER_ID='{result.MakerId}',@p_CHECKER_ID='{result.CheckerId}',@p_EDITOR_ID='{result.EditorId}'";
int updResult = _context.Database.ExecuteSqlCommand(command);
return(updResult);
}
else
{
return(-1);
}
}
public ActionResult Login(LoginVM model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
// 登入時清空所有 Session 資料
Session.RemoveAll();
//MD5加密密碼
string encrypt = MD5Encoder.Encrypt(model.Password);
UserService _userService = new UserService();
ValidateLoginSM validateLoginSV = _userService.ValidateLogin(model.AccountId, encrypt);
int loginStatus = validateLoginSV.LoginStatus;
if (loginStatus == 0)
{
ModelState.AddModelError(string.Empty, "登入失敗,請重新登入。");
ModelState.AddModelError(string.Empty, "員工編號或密碼輸入錯誤。");
return(View(model));
}
else if (loginStatus == 1)
{
ModelState.AddModelError(string.Empty, "登入失敗,請重新登入。");
ModelState.AddModelError(string.Empty, "帳號未啟動,請聯絡管理員。");
return(View(model));
}
else
{
Session["Id"] = validateLoginSV.UserId;
Session["Account"] = validateLoginSV.UserAccount;
Session["Name"] = validateLoginSV.UserName;
if (Session["Account"].ToString().Equals("9999"))
{
//return RedirectToAction("Index","User");
return(RedirectToAction("MasterIndex", "DiaryLogNew"));
}
return(RedirectToAction("Index", "DiaryLogNew", new { userId = validateLoginSV.UserId }));
}
}
/// <summary>
/// 產生檢查碼。
/// 並排除不作驗證的字串
/// </summary>
/// <param name="param"></param>
/// <returns></returns>
internal string BuildCheckMacValue(string param)
{
//排除不作驗證的字串
string urlparams = RemoveIgnoreMacValues(param);
//2. 參數最前面加上 HashKey、最後面加上 HashIV
var szCheckMacValue = $"HashKey={_settings.HashKey}&{urlparams}&HashIV={_settings.HashIV}";
//3. 將整串字串進行 URL encode
//4. 轉為小寫
szCheckMacValue = HttpUtility.UrlEncode(szCheckMacValue).ToLower();
//5. 依 URLEncode 轉換表更換字元,在.net環境下不需要實作
//6. 以 MD5 加密方式來產生雜凑值
//7. 再轉大寫產生 CheckMacValue
szCheckMacValue = MD5Encoder.Encrypt(szCheckMacValue);
//轉換成大寫
return(szCheckMacValue.ToUpper());
}
protected override void Seed(SMGPA.Models.SMGPAContext context)
{
Role rol = new Role {
Nombre = "Usuario ROOT", Descripcion = "Usuario con acceso global al sistema"
};
Permission p1 = new Permission {
TextLink = "Usuarios", Controller = "Users", ActionResult = "Index", ActiveMenu = true
};
Permission p2 = new Permission {
TextLink = "Crear Usuario", Controller = "Users", ActionResult = "Create", ActiveMenu = false
};
Permission p3 = new Permission {
TextLink = "Editar Usuarios", Controller = "Users", ActionResult = "Edit", ActiveMenu = false
};
Permission p4 = new Permission {
TextLink = "Eliminar Usuarios", Controller = "Users", ActionResult = "Delete", ActiveMenu = false
};
Permission p5 = new Permission {
TextLink = "Detalles de Usuario", Controller = "Users", ActionResult = "Details", ActiveMenu = false
};
Permission p6 = new Permission {
TextLink = "Carreras", Controller = "Careers", ActionResult = "Index", ActiveMenu = true
};
Permission p7 = new Permission {
TextLink = "Crear Carrera", Controller = "Careers", ActionResult = "Create", ActiveMenu = false
};
Permission p8 = new Permission {
TextLink = "Editar Carreras", Controller = "Careers", ActionResult = "Edit", ActiveMenu = false
};
Permission p9 = new Permission {
TextLink = "Eliminar Carreras", Controller = "Careers", ActionResult = "Delete", ActiveMenu = false
};
Permission p10 = new Permission {
TextLink = "Detalles de Carrera", Controller = "Careers", ActionResult = "Details", ActiveMenu = false
};
Permission p11 = new Permission {
TextLink = "Roles", Controller = "Roles", ActionResult = "Index", ActiveMenu = true
};
Permission p12 = new Permission {
TextLink = "Crear Roles", Controller = "Roles", ActionResult = "Create", ActiveMenu = false
};
Permission p13 = new Permission {
TextLink = "Editar Roles", Controller = "Roles", ActionResult = "Edit", ActiveMenu = false
};
Permission p14 = new Permission {
TextLink = "Eliminar Roles", Controller = "Roles", ActionResult = "Delete", ActiveMenu = false
};
Permission p15 = new Permission {
TextLink = "Detalles Rol", Controller = "Roles", ActionResult = "Details", ActiveMenu = false
};
Permission p16 = new Permission {
TextLink = "Permisos", Controller = "Roles", ActionResult = "Permissions", ActiveMenu = false
};
Permission p17 = new Permission {
TextLink = "Desagregar Permiso", Controller = "Roles", ActionResult = "DeletePermission", ActiveMenu = false
};
Permission p18 = new Permission {
TextLink = "Agregar Permiso", Controller = "Roles", ActionResult = "AddPermission", ActiveMenu = false
};
Permission p19 = new Permission {
TextLink = "Procesos", Controller = "Processes", ActionResult = "Index", ActiveMenu = true
};
Permission p20 = new Permission {
TextLink = "Crear Proceso", Controller = "Processes", ActionResult = "Create", ActiveMenu = false
};
Permission p21 = new Permission {
TextLink = "Editar Procesos", Controller = "Processes", ActionResult = "Edit", ActiveMenu = false
};
Permission p22 = new Permission {
TextLink = "Eliminar Procesos", Controller = "Processes", ActionResult = "Delete", ActiveMenu = false
};
Permission p23 = new Permission {
TextLink = "Detalles Proceso", Controller = "Processes", ActionResult = "Details", ActiveMenu = false
};
Permission p24 = new Permission {
TextLink = "Operaciones", Controller = "Processes", ActionResult = "Operations", ActiveMenu = false
};
Permission p25 = new Permission {
TextLink = "Crear Operaciones", Controller = "Processes", ActionResult = "AddOperation", ActiveMenu = false
};
Permission p26 = new Permission {
TextLink = "Editar Operaciones", Controller = "Processes", ActionResult = "EditOperation", ActiveMenu = false
};
Permission p27 = new Permission {
TextLink = "Eliminar Operaciones", Controller = "Processes", ActionResult = "DeleteOperation", ActiveMenu = false
};
Permission p28 = new Permission {
TextLink = "Entidades", Controller = "Entities", ActionResult = "Index", ActiveMenu = true
};
Permission p29 = new Permission {
TextLink = "Crear Entidad", Controller = "Entities", ActionResult = "Create", ActiveMenu = false
};
Permission p30 = new Permission {
TextLink = "Editar Entidad", Controller = "Entities", ActionResult = "Edit", ActiveMenu = false
};
Permission p31 = new Permission {
TextLink = "Eliminar Entidad", Controller = "Entities", ActionResult = "Delete", ActiveMenu = false
};
Permission p32 = new Permission {
TextLink = "Detalles Entidad", Controller = "Entities", ActionResult = "Details", ActiveMenu = false
};
Permission p33 = new Permission {
TextLink = "Funcionarios de Entidad", Controller = "Entities", ActionResult = "Functionaries", ActiveMenu = false
};
Permission p34 = new Permission {
TextLink = "Agregar Funcionarios a Entidad", Controller = "Entities", ActionResult = "AddFunctionary", ActiveMenu = false
};
Permission p35 = new Permission {
TextLink = "Desagregar Funcionarios a Entidad", Controller = "Entities", ActionResult = "DeleteFunctionary", ActiveMenu = false
};
Permission p36 = new Permission {
TextLink = "Actividades", Controller = "Activities", ActionResult = "Index", ActiveMenu = true
};
Permission p37 = new Permission {
TextLink = "Crear Actividad", Controller = "Activities", ActionResult = "Create", ActiveMenu = false
};
Permission p38 = new Permission {
TextLink = "Editar Actividad", Controller = "Activities", ActionResult = "Edit", ActiveMenu = false
};
Permission p39 = new Permission {
TextLink = "Eliminar Actividad", Controller = "Activities", ActionResult = "Delete", ActiveMenu = false
};
Permission p40 = new Permission {
TextLink = "Detalles Actividad", Controller = "Activities", ActionResult = "Details", ActiveMenu = false
};
Permission p41 = new Permission {
TextLink = "Tareas", Controller = "Activities", ActionResult = "Tasks", ActiveMenu = false
};
Permission p42 = new Permission {
TextLink = "Cofigurar Tarea", Controller = "Activities", ActionResult = "ConfigureTask", ActiveMenu = false
};
Permission p43 = new Permission {
TextLink = "Detalles Tareas", Controller = "Activities", ActionResult = "DetailsTask", ActiveMenu = false
};
Permission p44 = new Permission {
TextLink = "Crear Facultad", Controller = "Entities", ActionResult = "CreateFaculty", ActiveMenu = false
};
Permission p45 = new Permission {
TextLink = "Agregar Carrera a Facultad", Controller = "Entities", ActionResult = "AddCareer", ActiveMenu = false
};
Permission p46 = new Permission {
TextLink = "Editar Facultad", Controller = "Entities", ActionResult = "EditFaculty", ActiveMenu = false
};
Permission p47 = new Permission {
TextLink = "Desactivar Funcionario", Controller = "Users", ActionResult = "Off", ActiveMenu = false
};
List <Permission> permisos = new List <Permission>();
permisos.Add(p1); permisos.Add(p2); permisos.Add(p3); permisos.Add(p4); permisos.Add(p5); permisos.Add(p6); permisos.Add(p7); permisos.Add(p8);
permisos.Add(p9); permisos.Add(p10); permisos.Add(p11); permisos.Add(p12); permisos.Add(p13); permisos.Add(p14); permisos.Add(p15); permisos.Add(p16);
permisos.Add(p17); permisos.Add(p18); permisos.Add(p19); permisos.Add(p20); permisos.Add(p21); permisos.Add(p22); permisos.Add(p23); permisos.Add(p24);
permisos.Add(p25); permisos.Add(p26); permisos.Add(p27); permisos.Add(p28); permisos.Add(p29); permisos.Add(p30); permisos.Add(p31); permisos.Add(p32);
permisos.Add(p33); permisos.Add(p34); permisos.Add(p35); permisos.Add(p36); permisos.Add(p37); permisos.Add(p38); permisos.Add(p39); permisos.Add(p40);
permisos.Add(p41); permisos.Add(p42); permisos.Add(p43); permisos.Add(p44); permisos.Add(p45); permisos.Add(p46); permisos.Add(p47);
foreach (Permission p in permisos)
{
p.Roles.Add(rol);
rol.Permisos.Add(p);
context.Permission.AddOrUpdate(pe => pe.idPermission, p);
}
context.Role.AddOrUpdate(r => r.idRole, rol);
MD5Encoder md = new MD5Encoder();
string pass = md.EncodePasswordMd5("1234.pass");
context.User.AddOrUpdate(u => u.idUser,
new Administrator()
{
Rut = "1111111-1", Nombre = "Administrador", Apellido = "Root", MailInstitucional = "*****@*****.**", Contrasena = pass, Rol = context.Role.FirstOrDefault()
});
}
