public async Task <IHttpActionResult> Post([FromBody] PaymentReq req)
{
try
{
string errorMessage = "UnknowError";
string errorCode = ErrorCodeEnum.UnknownError.ToString();
#region token
var header = Request.Headers;
if (header.Authorization == null)
{
return(StatusCode(HttpStatusCode.Unauthorized));
}
var token = header.Authorization.Parameter;
Employee employee;
if (string.IsNullOrWhiteSpace(token) || !TokenManager.ValidateToken(token, out employee))
{
return(StatusCode(HttpStatusCode.Unauthorized));
}
#endregion
if (!Operator.IsAdmin(employee))
{
return(Ok(new RequestErrorCode(false, ErrorCodeEnum.Error_NotHavePermision.ToString(), "Khong co quyen")));
}
var entityData = req.GetEntity();
#region Validate
if (!Validate(entityData, out errorCode, out errorMessage))
{
return(Ok(new RequestErrorCode(false, errorCode, errorMessage)));
}
#endregion
#region Tạo key
var oldKey = Memory.Memory.GetMaxKey(entityData.GetName());
int newKey = oldKey + 1;
// set key
req.Id = newKey;
#endregion
#region Process
req.CreatedAt = DateTime.Now;
req.CreatedBy = employee.Id;
req.IsDeleted = 0;
UpdateEntitySql updateEntitySql = new UpdateEntitySql();
var lstCommand = new List <EntityCommand>();
if (req.ListDataTemp != null)
{
foreach (var paymentFee in req.ListDataTemp)
{
paymentFee.IdPayment = newKey;
paymentFee.IsDeleted = 0;
lstCommand.Add(new EntityCommand {
BaseEntity = new Entity.Entity(paymentFee), EntityAction = EntityAction.Insert
});
MemorySet.UpdateAndInsertEntity(paymentFee);
}
}
lstCommand.Add(new EntityCommand {
BaseEntity = new Entity.Entity(req.GetEntity()), EntityAction = EntityAction.Insert
});
bool isOkDone = updateEntitySql.UpdateDefault(lstCommand);
if (!isOkDone)
{
return(Ok(new RequestErrorCode(false, errorCode, errorMessage)));
}
#endregion
// update memory
MemorySet.UpdateAndInsertEntity(req.GetEntity());
var result = new RequestErrorCode(true);
result.DataResult = req;
return(Ok(result));
}
catch (Exception ex)
{
Logger.Write(ex.ToString());
}
return(BadRequest("Unknow"));
}
public async Task <IHttpActionResult> Put(int id, [FromBody] PaymentReq req)
{
try
{
string errorMessage = "UnknowError";
string errorCode = ErrorCodeEnum.UnknownError.ToString();
#region token
var header = Request.Headers;
if (header.Authorization == null)
{
return(StatusCode(HttpStatusCode.Unauthorized));
}
var token = header.Authorization.Parameter;
Employee employee;
if (string.IsNullOrWhiteSpace(token) || !TokenManager.ValidateToken(token, out employee))
{
return(StatusCode(HttpStatusCode.Unauthorized));
}
#endregion
if (!Operator.IsAdmin(employee))
{
return(Ok(new RequestErrorCode(false, ErrorCodeEnum.Error_NotHavePermision.ToString(), "Khong co quyen")));
}
var entityData = req.GetEntity();
#region Validate
if (!ValidateUpdate(entityData, out errorCode, out errorMessage))
{
return(Ok(new RequestErrorCode(false, errorCode, errorMessage)));
}
#endregion
#region Check exist
var obj = MemoryInfo.GetPayment(id);
if (obj == null)
{
return(Ok(new RequestErrorCode(false, ErrorCodeEnum.DataNotExist.ToString(), "Khong ton tai")));
}
#endregion
req.Id = obj.Id; // gan lai id de update
#region Process
req.UpdatedAt = DateTime.Now;
req.UpdatedBy = employee.Id;
UpdateEntitySql updateEntitySql = new UpdateEntitySql();
var lstCommand = new List <EntityCommand>();
lstCommand.Add(new EntityCommand {
BaseEntity = new Entity.Entity(req.GetEntity()), EntityAction = EntityAction.Update
});
var isOkDone = updateEntitySql.UpdateDefault(lstCommand);
if (!isOkDone)
{
return(Ok(new RequestErrorCode(false, errorCode, errorMessage)));
}
#endregion
// update memory
MemorySet.UpdateAndInsertEntity(req.GetEntity());
var result = new RequestErrorCode(true);
result.DataResult = req;
return(Ok(result));
}
catch (Exception ex)
{
Logger.Write(ex.ToString());
}
return(BadRequest("Unknow"));
}
public int saveTransaction(PaymentReq value, PaymentRes value2)
{
using (var conn = new OracleConnection(Database.conString))
{
try
{
conn.Open();
var createDate = DateTime.ParseExact(value2.CreatedDate, "yyyyMMddHHmmss", System.Globalization.CultureInfo.InvariantCulture);
var expireDate = DateTime.ParseExact(value2.ExpiredDate, "yyyyMMddHHmmss", System.Globalization.CultureInfo.InvariantCulture);
using (var cmd = new OracleCommand(SqlCmd.Payment.saveTransaction, conn)
{
CommandType = CommandType.Text
})
{
cmd.Parameters.Add("transNo", value2.TransactionId);
cmd.Parameters.Add(new OracleParameter("orderNo", Int32.Parse(value2.OrderNo)));
cmd.Parameters.Add(new OracleParameter("custNo", Int32.Parse(value2.CustomerId)));
cmd.Parameters.Add(new OracleParameter("channelId", value2.ChannelCode));
cmd.Parameters.Add(new OracleParameter("reqStatus", value2.Status));
cmd.Parameters.Add(new OracleParameter("tranStatus", value2.Code));
cmd.Parameters.Add(new OracleParameter("payAmt", value.PayAmt));
cmd.Parameters.Add(new OracleParameter("returnUrl", value2.ReturnUrl));
cmd.Parameters.Add(new OracleParameter("paymentUrl", value2.PaymentUrl));
cmd.Parameters.Add(new OracleParameter("ip", value2.IpAddress));
cmd.Parameters.Add(new OracleParameter("token", value2.Token));
cmd.Parameters.Add(new OracleParameter("createTime", createDate));
cmd.Parameters.Add(new OracleParameter("expireTime", expireDate));
cmd.Parameters.Add(new OracleParameter("transAmt", value2.Amount));
cmd.Parameters.Add(new OracleParameter
{
ParameterName = "trans_no",
OracleDbType = OracleDbType.Int32,
Direction = ParameterDirection.Output
});
cmd.ExecuteNonQuery();
var lastInsert = Int32.Parse(cmd.Parameters["trans_no"].Value.ToString());
cmd.Dispose();
return(lastInsert);
}
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return(0);
}
finally
{
conn.Close();
conn.Dispose();
}
}
//try
//{
// oracle = new Database();
// var createDate = DateTime.ParseExact(value2.CreatedDate, "yyyyMMddHHmmss", System.Globalization.CultureInfo.InvariantCulture);
// var expireDate = DateTime.ParseExact(value2.ExpiredDate, "yyyyMMddHHmmss", System.Globalization.CultureInfo.InvariantCulture);
// //string cmd = $@"INSERT INTO MPAY110(TRANS_NO, ORDER_NO, CUST_NO, CHANNEL_ID, REQ_STATUS_ID, TRANS_STATUS_ID, PAY_AMT, RETURN_URL, PAYMENT_URL, IP_ADDR, TOKEN, CREATED_TIME, EXPIRE_TIME)
// // VALUES(:transNo, :orderNo, :custNo, :channelId, :reqStatus, :tranStatus, :amount, :returnUrl, :paymentUrl, :ip, :token, :createTime, :expireTime) RETURNING TRANS_NO INTO :trans_no";
// List<OracleParameter> parameter = new List<OracleParameter>();
// parameter.Add(new OracleParameter("transNo", value2.TransactionId));
// parameter.Add(new OracleParameter("orderNo", Int32.Parse(value2.OrderNo)));
// parameter.Add(new OracleParameter("custNo", Int32.Parse(value2.CustomerId)));
// parameter.Add(new OracleParameter("channelId", value2.ChannelCode));
// parameter.Add(new OracleParameter("reqStatus", value2.Status));
// parameter.Add(new OracleParameter("tranStatus", value2.Code));
// parameter.Add(new OracleParameter("payAmt", value.PayAmt));
// parameter.Add(new OracleParameter("returnUrl", value2.ReturnUrl));
// parameter.Add(new OracleParameter("paymentUrl", value2.PaymentUrl));
// parameter.Add(new OracleParameter("ip", value2.IpAddress));
// parameter.Add(new OracleParameter("token", value2.Token));
// parameter.Add(new OracleParameter("createTime", createDate));
// parameter.Add(new OracleParameter("expireTime", expireDate));
// parameter.Add(new OracleParameter("transAmt", value2.Amount));
// parameter.Add(new OracleParameter
// {
// ParameterName = "trans_no",
// OracleDbType = OracleDbType.Int32,
// Direction = ParameterDirection.Output
// });
// var resInsert = oracle.SqlExecuteWithParams(SqlCmd.Payment.saveTransaction, parameter);
// //var resInsert = oracle.SqlExecuteWithParams(cmd, parameter);
// var lastTransaction = Int32.Parse(resInsert.Parameters["trans_no"].Value.ToString());
// //parameter.Clear();
// //parameter.Add(new OracleParameter("order_no", value.OrderNo));
// //oracle.SqlExecuteWithParams(SqlCmd.Payment.setActiveOrder, parameter);
// resInsert.Dispose();
// oracle.OracleDisconnect();
// return lastTransaction;
//}
//catch (Exception e)
//{
// Console.WriteLine(e.Message);
// return 0;
//}
}
public int createOrder(PaymentReq value)
{
using (var conn = new OracleConnection(Database.conString))
{
try
{
conn.Open();
using (var cmd = new OracleCommand(SqlCmd.Payment.createOrder, conn)
{
CommandType = CommandType.Text
})
{
cmd.Parameters.Add(new OracleParameter("custId", value.CustomerId));
cmd.Parameters.Add(new OracleParameter("contractNo", value.ContractNo));
cmd.Parameters.Add(new OracleParameter("channelCode", value.ChannelCode));
cmd.Parameters.Add(new OracleParameter("payAmt", value.PayAmt));
cmd.Parameters.Add(new OracleParameter("phone", value.PhoneNumber));
cmd.Parameters.Add(new OracleParameter("ip", value.IPAddress));
cmd.Parameters.Add(new OracleParameter("description", value.Description));
cmd.Parameters.Add(new OracleParameter("transAmt", value.Amount));
cmd.Parameters.Add(new OracleParameter
{
ParameterName = "order_no",
OracleDbType = OracleDbType.Int32,
Direction = ParameterDirection.Output
});
var resInsert = cmd.ExecuteNonQuery();
var lastOrder = Int32.Parse(cmd.Parameters["order_no"].Value.ToString());
cmd.Dispose();
return(lastOrder);
}
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return(0);
}
finally
{
conn.Close();
conn.Dispose();
}
}
//try
//{
// oracle = new Database();
// List<OracleParameter> parameter = new List<OracleParameter>();
// parameter.Add(new OracleParameter("custId", value.CustomerId));
// parameter.Add(new OracleParameter("contractNo", value.ContractNo));
// parameter.Add(new OracleParameter("channelCode", value.ChannelCode));
// parameter.Add(new OracleParameter("payAmt", value.PayAmt));
// parameter.Add(new OracleParameter("phone", value.PhoneNumber));
// parameter.Add(new OracleParameter("ip", value.IPAddress));
// parameter.Add(new OracleParameter("description", value.Description));
// parameter.Add(new OracleParameter("transAmt", value.Amount));
// parameter.Add(new OracleParameter
// {
// ParameterName = "order_no",
// OracleDbType = OracleDbType.Int32,
// Direction = ParameterDirection.Output
// });
// var resInsert = oracle.SqlExecuteWithParams(SqlCmd.Payment.createOrder, parameter);
// var lastOrder = Int32.Parse(resInsert.Parameters["order_no"].Value.ToString());
// resInsert.Dispose();
// oracle.OracleDisconnect();
// return lastOrder;
//}
//catch(Exception e)
//{
// Console.WriteLine(e.Message);
// return 0;
//}
}
public PaymentRes createPayment(PaymentReq value)
{
try
{
var lastOrder = createOrder(value);
if (lastOrder > 0)
{
string[] sumArr = { merchantCode, lastOrder.ToString(), value.CustomerId.ToString(), value.Amount.ToString(), value.PhoneNumber == null ? "" : value.PhoneNumber, value.Description, value.ChannelCode, currecyCode.ToString(), langCode, routeNo.ToString(), value.IPAddress, apiKey, md5SecretKey };
string sumData = string.Concat(sumArr);
string checkSum = CreateMD5(sumData);
CpPaymentReq req = new CpPaymentReq();
req.MerchantCode = merchantCode;
req.OrderNo = lastOrder.ToString();
req.CustomerId = value.CustomerId;
req.Amount = value.Amount;
req.PhoneNumber = value.PhoneNumber == null ? "" : value.PhoneNumber;
req.Description = value.Description;
req.ChannelCode = value.ChannelCode;
req.Currency = currecyCode;
req.LangCode = langCode;
req.RouteNo = routeNo;
req.IPAddress = value.IPAddress;
req.ApiKey = apiKey;
req.CheckSum = checkSum.ToLower();
string postBody = JsonConvert.SerializeObject(req);
PaymentRes responseObj;
ConnectCP();
var action = JsonConvert.SerializeObject(req);
var content = new StringContent(action, Encoding.UTF8, "application/json");
var response = client.PostAsync(paymentUrl, content);
if (response.Result.IsSuccessStatusCode)
{
Console.WriteLine(response.Result.Content.ReadAsStringAsync().Result);
responseObj = JsonConvert.DeserializeObject <PaymentRes>(response.Result.Content.ReadAsStringAsync().Result);
var lastTransaction = saveTransaction(value, responseObj);
if (responseObj.Status == 0 && responseObj.Code == 200)
{
// setStatusOrder(lastOrder, "ACT");
if (responseObj.Status != 0)
{
// if (responseObj.Status == 1)
// setStatusOrder(lastOrder, "FAL");
// else
// setStatusOrder(lastOrder, "ERR");
}
}
if (responseObj.Code != 200)
{
// if// (responseObj.Code < 2007)
// setStatusOrder(lastOrder, "CAN");
// else
// setStatusOrder(lastOrder, "ERR");
}
return(responseObj);
}
else
{
Console.WriteLine("Error at Create new payment : " + response.Result.Content.ReadAsStringAsync().Result);
return(null);
}
}
else
{
return(null);
}
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return(null);
}
}
public IHttpActionResult PostNewPayment2([FromBody] PaymentReq value)
{
var setting = (AppSettingsSection)WebConfigurationManager.OpenWebConfiguration("~").GetSection("appSettings");
var appService = setting.Settings["AppService"].Value;
var paymentService = setting.Settings["PaymentService"].Value;
if (appService == "False" || paymentService == "False")
{
return(Unauthorized());
}
value.IPAddress = HttpContext.Current.Request.UserHostAddress;
string clientHostname = HttpContext.Current.Request.UserHostName;
string url = HttpContext.Current.Request.Path;
try
{
//value.OrderNo = "test001";
value.Description = "testAPI";
string strAmt = value.Amount.ToString();
strAmt = strAmt.Insert(strAmt.Length - 2, ".");
value.PayAmt = double.Parse(strAmt);
mlog = new m_LogReq();
if (!ModelState.IsValid)
{
return(BadRequest("Invalid parameter!"));
}
user = new User();
var cust = user.getProfileById(value.CustomerId);
if (cust != null)
{
var contract = user.findContract(value.CustomerId, value.ContractNo);
if (contract != null)
{
if (value.PayAmt <= (contract.BAL_AMT - contract.DISC_AMT))
{
Payment payment = new Payment();
PaymentRes res = payment.createPayment(value);
if (res == null)
{
//mlogOrder = new m_LogOrder();
//mlogOrder.cust_no = value.CustomerId;
//mlogOrder.con_no = value.ContractNo;
//mlogOrder.channel_id = value.ChannelCode;
//mlogOrder.pay_amt = value.PayAmt;
//mlogOrder.trans_amt = value.Amount;
//mlogOrder.device_id = value.DeviceId;
//mlogOrder.tel = value.PhoneNumber;
//mlogOrder.note = "ระบบขัดข้อง ไม่สามารถทำรายการได้";
//mlogOrder.ip_addr = value.IPAddress;
//log.logOrder(mlogOrder);
monitor.sendMessage(url, clientHostname, value, new { request_status = "FAILURE", desc = "Internal server error / Invalid parameter!", data = res });
return(Ok(new { code = 500, message = "ระบบขัดข้อง ไม่สามารถทำรายการได้", data = res }));
}
else
{
monitor.sendMessage(url, clientHostname, value, new { request_status = "SUCCESS", desc = "Requested to Payment Gateway", data = res });
return(Ok(new { code = 200, message = "สร้างรายการชำระเงินสำเร็จ", data = res }));
}
}
else
{
mlogOrder = new m_LogOrder();
mlogOrder.cust_no = value.CustomerId;
mlogOrder.con_no = value.ContractNo;
mlogOrder.channel_id = value.ChannelCode;
mlogOrder.pay_amt = value.PayAmt;
mlogOrder.trans_amt = value.Amount;
mlogOrder.device_id = value.DeviceId;
mlogOrder.tel = value.PhoneNumber;
mlogOrder.note = "จำนวนเงินที่ต้องการชำระมากกว่ายอดคงเหลือหลังจากที่หักส่วนลดแล้ว";
mlogOrder.ip_addr = value.IPAddress;
log.logOrder(mlogOrder);
//mlog.cust_no = value.CustomerId;
//mlog.device_id = value.DeviceId;
//mlog.ip_addr = value.IPAddress;
//mlog.note = "จำนวนเงินที่ต้องการชำระมากกว่ายอดคงเหลือหลังจากที่หักส่วนลดแล้ว";
//mlog.url = "api/authen/newpayment2";
//log.logRequest(mlog);
monitor.sendMessage(url, clientHostname, value, new { request_status = "FAILURE", desc = "จำนวนเงินที่ต้องการชำระมากกว่ายอดคงเหลือหลังจากที่หักส่วนลดแล้ว", data = string.Empty });
return(Ok(new { code = 400, message = "จำนวนเงินที่ต้องการชำระมากกว่ายอดคงเหลือหลังจากที่หักส่วนลดแล้ว", data = contract }));
}
}
else
{
mlogOrder = new m_LogOrder();
mlogOrder.cust_no = value.CustomerId;
mlogOrder.con_no = value.ContractNo;
mlogOrder.channel_id = value.ChannelCode;
mlogOrder.pay_amt = value.PayAmt;
mlogOrder.trans_amt = value.Amount;
mlogOrder.device_id = value.DeviceId;
mlogOrder.tel = value.PhoneNumber;
mlogOrder.note = "ไม่พบสัญญาของลูกค้า";
mlogOrder.ip_addr = value.IPAddress;
log.logOrder(mlogOrder);
//mlog.cust_no = value.CustomerId;
//mlog.device_id = value.DeviceId;
//mlog.ip_addr = value.IPAddress;
//mlog.note = "ไม่พบสัญญาของลูกค้า";
//mlog.url = "api/authen/newpayment2";
//log.logRequest(mlog);
monitor.sendMessage(url, clientHostname, value, new { request_status = "FAILURE", desc = "Not found contract!", data = contract });
return(Ok(new { code = 400, message = "ไม่พบข้อมูลสัญญาในระบบ", data = contract }));
}
}
else
{
mlogOrder = new m_LogOrder();
mlogOrder.cust_no = value.CustomerId;
mlogOrder.con_no = value.ContractNo;
mlogOrder.channel_id = value.ChannelCode;
mlogOrder.pay_amt = value.PayAmt;
mlogOrder.trans_amt = value.Amount;
mlogOrder.device_id = value.DeviceId;
mlogOrder.tel = value.PhoneNumber;
mlogOrder.note = "ไม่พบข้อมูลลูกค้าในระบบ";
mlogOrder.ip_addr = value.IPAddress;
log.logOrder(mlogOrder);
//mlog.cust_no = value.CustomerId;
//mlog.device_id = value.DeviceId;
//mlog.ip_addr = value.IPAddress;
//mlog.note = "ไม่พบข้อมูลลูกค้า";
//mlog.url = "api/authen/newpayment2";
//log.logRequest(mlog);
monitor.sendMessage(url, clientHostname, value, new { request_status = "FAILURE", desc = "Not found customer!", data = cust });
return(Ok(new { code = 400, message = "ไม่พบข้อมูลลูกค้าในระบบ", data = cust }));
}
}
catch (Exception e)
{
mlog = new m_LogReq();
mlog.cust_no = value.CustomerId;
mlog.device_id = value.DeviceId;
mlog.ip_addr = value.IPAddress;
mlog.note = e.Message;
mlog.url = "api/authen/newpayment2";
log.logRequest(mlog);
monitor.sendMessage(url, clientHostname, value, new { request_status = "FAILURE", Message = e.Message });
return(Ok(new { code = 500, message = e.Message, data = string.Empty }));
}
}
