/// <summary>
/// 以AD帳號查詢使用者相關資訊
/// </summary>
/// <param name="USR_ID"></param>
/// <returns></returns>
public V_EMPLY2 qryByUsrId(String USR_ID, DB_INTRAEntities db)
{
V_EMPLY2 oaEmp = db.V_EMPLY2
.Where(x => x.USR_ID == USR_ID).FirstOrDefault();
return(oaEmp);
}
/// <summary>
/// 取得人員姓名
/// </summary>
/// <param name="userNameMap"></param>
/// <param name="usrId"></param>
/// <param name="db"></param>
/// <returns></returns>
public Dictionary <string, string> qryUsrName(Dictionary <string, string> userNameMap, string usrId, DB_INTRAEntities db)
{
if (!"".Equals(usrId))
{
if (!userNameMap.ContainsKey(usrId))
{
V_EMPLY2 oaEmp = qryByUsrId(usrId, db);
if (oaEmp != null)
{
if (!"".Equals(StringUtil.toString(oaEmp.EMP_NAME)))
{
userNameMap.Add(usrId, StringUtil.toString(oaEmp.EMP_NAME));
}
else
{
userNameMap.Add(usrId, "");
}
}
else
{
userNameMap.Add(usrId, "");
}
}
}
return(userNameMap);
}
protected void SetDetail(string vTreaRegisterId, string vUser_Id)
{
_REC = new REC();
using (TreasuryDBEntities db = new TreasuryDBEntities())
{
//取得開庫紀錄檔
var _TOR = db.TREA_OPEN_REC.AsNoTracking()
.FirstOrDefault(x => x.TREA_REGISTER_ID == vTreaRegisterId);
//金庫管理者
var UserData = new V_EMPLY2();
using (DB_INTRAEntities dbINTRA = new DB_INTRAEntities())
{
UserData = dbINTRA.V_EMPLY2.AsNoTracking().FirstOrDefault(x => x.USR_ID == vUser_Id);
}
//開庫類型
var OpenTreaType = db.SYS_CODE.AsNoTracking()
.Where(x => x.CODE_TYPE == "OPEN_TREA_TYPE").ToList();
if (_TOR != null)
{
_REC.SYS_DATE = DateTime.Now.ToString("yyyy/MM/dd");
_REC.TREA_REGISTER_ID = _TOR.TREA_REGISTER_ID;
_REC.USER_NAME = UserData.EMP_NAME;
_REC.ACTUAL_PUT_TIME = string.IsNullOrEmpty(_TOR.ACTUAL_PUT_TIME.ToString()) ? null : DateTime.Parse(_TOR.ACTUAL_PUT_TIME.ToString()).ToString("HH:mm");
_REC.ACTUAL_GET_TIME = string.IsNullOrEmpty(_TOR.ACTUAL_GET_TIME.ToString()) ? null : DateTime.Parse(_TOR.ACTUAL_GET_TIME.ToString()).ToString("HH:mm");
_REC.OPEN_TREA_TYPE = OpenTreaType.FirstOrDefault(x => x.CODE == _TOR.OPEN_TREA_TYPE).CODE_VALUE;
}
}
}
public UserMgrModel getUserOaData(UserMgrModel user, DB_INTRAEntities db)
{
V_EMPLY2 oaEmp = db.V_EMPLY2
.Where(x => x.USR_ID == user.cUserID).FirstOrDefault();
if (oaEmp != null)
{
if (!"".Equals(oaEmp.EMP_NO))
{
user.cUserName = StringUtil.toString(oaEmp.EMP_NAME);
user.cWorkUnitCode = StringUtil.toString(oaEmp.DPT_CD);
user.cWorkUnitDesc = StringUtil.toString(oaEmp.DPT_NAME);
}
}
return(user);
}
/// <summary>
/// 取中文姓名
/// </summary>
/// <param name="userId"></param>
/// <returns></returns>
public ActionResult getUserName(string userId)
{
string userName = "";
OaEmpDao oaEmpDao = new OaEmpDao();
V_EMPLY2 emp = new V_EMPLY2();
using (DB_INTRAEntities dbIntra = new DB_INTRAEntities())
{
emp = oaEmpDao.qryByUsrId(userId, dbIntra);
if (emp != null)
{
userName = StringUtil.toString(emp.EMP_NAME);
}
}
if ("".Equals(userName))
{
return(Json(new { success = false, err = "無此帳號資料,不可新增!!" }));
}
else
{
return(Json(new { success = true, userName = userName }));
}
}
public ActionResult Login(LoginModel loginModel)
{
logger.Info("[AccountController][Login]UserId:" + loginModel.UserId);
bool hasuser = System.Web.HttpContext.Current.User != null;
bool isAuthenticated = hasuser && System.Web.HttpContext.Current.User.Identity.IsAuthenticated;
if (ModelState.IsValid)
//if (isAuthenticated)
{
logger.Info("[AccountController][Login]IsValid");
this.HttpContext.Response.RemoveOutputCacheItem(Url.Action("MenuByUser", "NavigationController"));
string ADPath = System.Configuration.ConfigurationManager.AppSettings.Get("ADPath");
loginModel.UserId = loginModel.UserId.ToUpper();
DirectoryEntry entry = new DirectoryEntry(ADPath, loginModel.UserId, loginModel.Password);
try
{
string objectSid = (new SecurityIdentifier((byte[])entry.Properties["objectSid"].Value, 0).Value);
//AD驗證成功,檢查該user是否有系統權限
CodeUserDao codeUserDao = new CodeUserDao();
CODE_USER codeUser = codeUserDao.qryUserByKey(loginModel.UserId);
if (codeUser != null)
{
if ("N".Equals(codeUser.IS_DISABLED))
{
Session["UserID"] = loginModel.UserId;
//Session["UserID"] = "A8272";
//Session["UserID"] = "A7040";
//Session["UserID"] = "A0190";
//Session["AgentID"] = codeUser.CAGENTID;
//Session["UserName"] = "";
//Session["UserUnit"] = "";
OaEmpDao oaEmpDao = new OaEmpDao();
try
{
using (DB_INTRAEntities dbIntra = new DB_INTRAEntities())
{
V_EMPLY2 emp = oaEmpDao.qryByUsrId(loginModel.UserId, dbIntra);
if (emp != null)
{
Session["UserName"] = StringUtil.toString(emp.EMP_NAME);
Session["UserUnit"] = StringUtil.toString(emp.DPT_CD);
//Session["UserUnit"] = "VE303";
}
}
}
catch (Exception e)
{
}
writeLog("I", true, loginModel.UserId, codeUser);
LoginProcess(loginModel.UserId, false);
//System.Web.HttpContext context = System.Web.HttpContext.Current;
//SessionIDManager smgr = new SessionIDManager();
//string newId = smgr.CreateSessionID(context);
//string oldId = context.Session.SessionID;
//bool redirected = false;
//bool isAdded = false;
//smgr.SaveSessionID(context, newId, out redirected, out isAdded);
//string guid = Guid.NewGuid().ToString();
//string guid2 = Guid.NewGuid().ToString();
//Session["ASP.NET_SessionId"] = guid;
//// now create a new cookie with this guid value
//Response.Cookies["ASP.NET_SessionId"].Value = guid;
//Response.Cookies["adAuthCookie"].Value = guid2;
//Response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", guid));
//Response.Cookies.Add(new HttpCookie("adAuthCookie", guid2));
return(RedirectToAction("Index", "Home"));
}
}
writeLog("I", false, loginModel.UserId, null);
ModelState.AddModelError("", "找不到這個使用者或登入帳號密碼失敗!");
return(View(loginModel));
}
catch (Exception e)
{
logger.Error("[Login]其它錯誤:" + e.ToString());
writeLog("I", false, loginModel.UserId, null);
//驗證失敗
ModelState.AddModelError("", "找不到這個使用者或登入帳號密碼失敗!");
return(View(loginModel));
}
finally
{
logger.Info("[Login]finally:" + loginModel.UserId);
//entry.Dispose();
}
}
else
{
logger.Info("[Login](ModelState.IsValid=false):" + loginModel.UserId);
return(View(loginModel));
}
}
/// <summary>
/// 新增使用者
/// </summary>
/// <param name="user"></param>
/// <param name="conn"></param>
/// <param name="transaction"></param>
/// <returns></returns>
public int Create(CODE_USER user, SqlConnection conn, SqlTransaction transaction)
{
using (DB_INTRAEntities db = new DB_INTRAEntities())
{
OaEmpDao oaEmpDao = new OaEmpDao();
V_EMPLY2 emp = new V_EMPLY2();
try
{
emp = oaEmpDao.qryByUsrId(user.USER_ID, db);
if (emp != null)
{
user.USER_UNIT = StringUtil.toString(emp.DPT_CD);
}
}
catch (Exception e)
{
throw e;
}
}
string sql = @"
INSERT INTO [dbo].[CODE_USER]
([USER_ID]
,[USER_UNIT]
,[IS_DISABLED]
,[IS_MAIL]
,[MEMO]
,[DATA_STATUS]
,[CREATE_UID]
,[CREATE_DT]
,[LAST_UPDATE_UID]
,[LAST_UPDATE_DT]
,[APPR_UID]
,[APPR_DT]
)
VALUES
(
@USER_ID
,@USER_UNIT
,@IS_DISABLED
,@IS_MAIL
,@MEMO
,@DATA_STATUS
,@CREATE_UID
,@CREATE_DT
,@LAST_UPDATE_UID
,@LAST_UPDATE_DT
,@APPR_UID
,@APPR_DT
)
";
SqlCommand command = conn.CreateCommand();
command.Connection = conn;
command.Transaction = transaction;
try
{
command.CommandText = sql;
command.Parameters.AddWithValue("@USER_ID", StringUtil.toString(user.USER_ID));
command.Parameters.AddWithValue("@USER_UNIT", StringUtil.toString(user.USER_UNIT));
command.Parameters.AddWithValue("@IS_DISABLED", StringUtil.toString(user.IS_DISABLED));
command.Parameters.AddWithValue("@IS_MAIL", StringUtil.toString(user.IS_MAIL));
command.Parameters.AddWithValue("@MEMO", StringUtil.toString(user.MEMO));
command.Parameters.AddWithValue("@DATA_STATUS", StringUtil.toString(user.DATA_STATUS));
command.Parameters.AddWithValue("@CREATE_UID", StringUtil.toString(user.CREATE_UID));
command.Parameters.Add("@CREATE_DT", System.Data.SqlDbType.DateTime).Value = (System.Object)user.CREATE_DT ?? System.DBNull.Value;
command.Parameters.AddWithValue("@LAST_UPDATE_UID", StringUtil.toString(user.LAST_UPDATE_UID));
command.Parameters.Add("@LAST_UPDATE_DT", System.Data.SqlDbType.DateTime).Value = (System.Object)user.LAST_UPDATE_DT ?? System.DBNull.Value;
command.Parameters.AddWithValue("@APPR_UID", StringUtil.toString(user.APPR_UID));
command.Parameters.Add("@APPR_DT", System.Data.SqlDbType.DateTime).Value = (System.Object)user.APPR_DT ?? System.DBNull.Value;
int cnt = command.ExecuteNonQuery();
return(cnt);
}
catch (Exception e)
{
throw e;
}
}
