Пример #1
0
        /// <summary>
        /// 锁定用户
        /// </summary>
        /// <param name="taskId">任务标识</param>
        /// <param name="userInfo">用户</param>
        /// <param name="userName">用户名</param>
        /// <returns>是否成功锁定</returns>
        public bool LockUser(string taskId, BaseUserInfo userInfo, string userName)
        {
            bool result = false;

            var parameter = ServiceInfo.Create(taskId, userInfo, MethodBase.GetCurrentMethod());

            ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
            {
                // BaseLogManager.Instance.Add(result, this.serviceName, AppMessage.LogOnService_LockUser, MethodBase.GetCurrentMethod());
                var userManager = new BaseUserManager(userInfo);
                List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
                parameters.Add(new KeyValuePair <string, object>(BaseUserEntity.FieldUserName, userName));
                parameters.Add(new KeyValuePair <string, object>(BaseUserEntity.FieldEnabled, 1));
                parameters.Add(new KeyValuePair <string, object>(BaseUserEntity.FieldDeletionStateCode, 0));
                BaseUserEntity userEntity = BaseEntity.Create <BaseUserEntity>(userManager.GetDataTable(parameters));
                // 判断是否为空的
                if (userEntity != null && !string.IsNullOrEmpty(userEntity.Id))
                {
                    // 被锁定15分钟,不允许15分钟内登录,这时间是按服务器的时间来的。
                    var userLogOnManager = new BaseUserLogOnManager();
                    BaseUserLogOnEntity userLogOnEntity = userLogOnManager.GetObject(userEntity.Id);
                    userLogOnEntity.LockStartDate       = DateTime.Now;
                    userLogOnEntity.LockEndDate         = DateTime.Now.AddMinutes(BaseSystemInfo.PasswordErrorLockCycle);
                    result = userLogOnManager.UpdateObject(userLogOnEntity) > 0;
                }
            });

            return(result);
        }
Пример #2
0
        public static bool CheckIPAddressByCache(string userId, string ipAddress, bool autoAdd = false)
        {
            // 判断用户是否限制ip访问,有的是不限制访问的
            BaseUserLogOnManager userLogOnManager = new BaseUserLogOnManager();
            BaseUserLogOnEntity  userLogOnEntity  = userLogOnManager.GetObject(userId);

            return(CheckIPAddressByCache(userLogOnEntity, ipAddress, autoAdd));
        }
Пример #3
0
        /// <summary>
        /// 检查用户的登录许可信息
        /// </summary>
        /// <param name="userId">用户主键</param>
        /// <returns>用户登录信息</returns>
        public UserLogOnResult CheckUser(string userId)
        {
            // 这个从缓存获取,效率高,一般不会有经常在修改的事情,缓存的时间很短才可以,否则读取脏数据了
            BaseUserEntity userEntity = this.GetObject(userId);

            // 获取登录状态表
            BaseUserLogOnManager userLogOnManager = new BaseUserLogOnManager(this.UserInfo, this.UserLogOnTable);
            BaseUserLogOnEntity  userLogOnEntity  = userLogOnManager.GetObject(userId);

            return(CheckUser(userEntity, userLogOnEntity));
        }
Пример #4
0
        /// <summary>
        /// 获取实体
        /// </summary>
        /// <param name="taskId">任务标识</param>
        /// <param name="userInfo">用户</param>
        /// <param name="id">主键</param>
        /// <returns>实体</returns>
        public BaseUserLogOnEntity GetObject(string taskId, BaseUserInfo userInfo, string id)
        {
            BaseUserLogOnEntity result = null;

            var parameter = ServiceInfo.Create(taskId, userInfo, MethodBase.GetCurrentMethod());

            ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
            {
                var userManager = new BaseUserManager(dbHelper, userInfo);
                // 判断是否已经登录的用户?
                if (userManager.UserIsLogOn(userInfo))
                {
                    BaseUserLogOnManager userLogOnManager = new BaseUserLogOnManager();
                    result = userLogOnManager.GetObject(id);
                }
            });

            return(result);
        }
Пример #5
0
        public int ChangeEnabled(string id)
        {
            BaseUserEntity userEntity = this.GetObject(id);

            if (userEntity.Enabled != 1)
            {
                // 若用户要生效了,那就需要修改锁定的时间了,否则被锁定的用户有效后也无法登录系统了
                BaseUserLogOnManager manager = new BaseUserLogOnManager(this.DbHelper, this.UserInfo);
                BaseUserLogOnEntity  entity  = manager.GetObject(id);
                entity.LockStartDate = null;
                entity.LockEndDate   = null;
                manager.Update(entity);
                userEntity.AuditStatus       = string.Empty;
                userEntity.DeletionStateCode = 0;
                userEntity.Enabled           = 1;
            }
            else
            {
                // 若是有效的用户直接修改为无效的用户
                userEntity.Enabled = 0;
            }

            return(this.UpdateObject(userEntity));
        }
Пример #6
0
        /// <summary>
        /// 增加用户账号
        /// 传入dbhelper 方法调用使用事务 避免部分同步成功
        /// </summary>
        /// <param name="userEntity"></param>
        /// <param name="userContact"></param>
        /// <param name="userCenterDbHelper"></param>
        /// <param name="k8DbHelper"></param>
        /// <returns></returns>
        public bool AddUser(BaseUserEntity userEntity, BaseUserContactEntity userContact, IDbHelper userCenterDbHelper, IDbHelper k8DbHelper)
        {
            //1、先往中天里添加账号
            BaseUserManager userManager = new BaseUserManager(userCenterDbHelper);

            userEntity.UserFrom     = "Security";
            userEntity.CreateBy     = Utilities.UserInfo.RealName;
            userEntity.CreateUserId = Utilities.UserInfo.Id;
            bool identity = false;

            if (string.IsNullOrEmpty(userEntity.Id))
            {
                identity = true;
            }
            userEntity.Id = userManager.Add(userEntity, identity, true);
            //添加用户密码表
            BaseUserLogOnManager userLogOnManager = new BaseUserLogOnManager(userCenterDbHelper);
            BaseUserLogOnEntity  userLogOnEntity  = userLogOnManager.GetObject(userEntity.Id);

            userLogOnEntity    = new BaseUserLogOnEntity();
            userLogOnEntity.Id = userEntity.Id;
            //是否验证邦定mac地址,默认绑定
            userLogOnEntity.CheckIPAddress = 1;
            //产生盐
            var salt = BaseRandom.GetRandomString(20);

            userLogOnEntity.Salt         = salt;
            userLogOnEntity.UserPassword = userManager.EncryptUserPassword(userEntity.UserPassword, salt);
            //是否检查机器码MAC地址
            userLogOnManager.AddObject(userLogOnEntity);
            //添加用户的联系方式
            BaseUserContactManager userContactManager = new BaseUserContactManager(userCenterDbHelper);

            userContact.MobileValiated = 1;
            userContactManager.AddObject(userContact);

            //2、再往K8里加用户
            TAB_USERManager tabUserManager = new TAB_USERManager(k8DbHelper);
            TAB_USEREntity  tabUserEntity  = new TAB_USEREntity();

            tabUserEntity.OWNER_SITE        = userEntity.CompanyName;
            tabUserEntity.DEPT_NAME         = userEntity.DepartmentName;
            tabUserEntity.USER_NAME         = userEntity.UserName.ToLower();
            tabUserEntity.EMPLOYEE_CODE     = userEntity.Code;
            tabUserEntity.EMPLOYEE_NAME     = userEntity.RealName;
            tabUserEntity.REAL_NAME         = userEntity.RealName;
            tabUserEntity.ONLY_USER_NAME    = userEntity.NickName.ToLower();
            tabUserEntity.ID_CARD           = userEntity.IDCard;
            tabUserEntity.MOBILE            = userContact.Mobile;
            tabUserEntity.CREATE_SITE       = Utilities.UserInfo.CompanyName;
            tabUserEntity.CREATE_USER       = Utilities.UserInfo.RealName;
            tabUserEntity.CREATE_DATE       = DateTime.Now;
            tabUserEntity.BL_LOCK_FLAG      = 1;
            tabUserEntity.BL_TYPE           = 0;
            tabUserEntity.BL_CHECK_COMPUTER = 1;
            tabUserEntity.BL_CHECK_NAME     = 1;
            tabUserEntity.ID        = decimal.Parse(userEntity.Id);
            tabUserEntity.USER_DATE = DateTime.Now.AddYears(3);
            tabUserManager.Add(tabUserEntity, false, true);
            //更新密码和盐
            var sql = string.Format(" UPDATE TAB_USER SET USER_PASSWORD=NULL,USER_PASSWD='{0}',SALT ='{1}',  CHANGEPASSWORDDATE=to_date('{2}','yyyy-mm-dd-hh24:mi:ss')  WHERE ID = '{3}'",
                                    userEntity.UserPassword, salt, DateTime.Now, tabUserEntity.ID);

            tabUserManager.ExecuteNonQuery(sql);

            //3、新增账号的时候默认增加新员工的权限为网点员工
            var roleMenus = GetMenusByUserCode(k8DbHelper, "网点员工", "", "上海");
            TAB_USERPOPEDOMManager userMenuManager = new TAB_USERPOPEDOMManager(k8DbHelper);

            foreach (var roleMenu in roleMenus)
            {
                TAB_USERPOPEDOMEntity userPOPEDOM = new TAB_USERPOPEDOMEntity();
                userPOPEDOM.BL_INSERT  = roleMenu.BL_INSERT;
                userPOPEDOM.BL_UPDATE  = roleMenu.BL_UPDATE;
                userPOPEDOM.BL_DELETE  = roleMenu.BL_DELETE;
                userPOPEDOM.USER_NAME  = tabUserEntity.USER_NAME;
                userPOPEDOM.OWNER_SITE = tabUserEntity.OWNER_SITE;
                userPOPEDOM.MENU_GUID  = roleMenu.MENU_GUID;
                userMenuManager.Add(userPOPEDOM);
            }
            return(true);
        }
Пример #7
0
        /// <summary>
        /// 检查一个服务调用是否是允许调用的?
        /// 1:是否要记录日志?
        /// 2:是否需要埋点?检查性能?访问频率等?调用次数?
        /// 3:非合法的调用?是否日志记录?
        /// 4:异常的要进行处理?
        /// </summary>
        /// <param name="appKey">应用唯一标识</param>
        /// <param name="appSecret">应用的签名密钥</param>
        /// <param name="callLimit">是否进行限制</param>
        /// <param name="systemCode">访问子系统</param>
        /// <param name="permissionCode">判断的权限编号</param>
        /// <returns>验证情况</returns>
        public static BaseResult CheckService(string appKey, string appSecret, bool callLimit = false, string systemCode = "Base", string permissionCode = null)
        {
            BaseResult result = new DotNet.Utilities.BaseResult();

            result.Status = false;

            // AppKey: 23286115
            // AppSecret: c8d1f06f599d7370467993c72a34c701
            // permissionCode: "User.Add"

            string ipAddress = Utilities.GetIPAddress(true);

            // 1: 判断参数是否合理?目标服务,总不可以为空,否则怎么区别谁在调用这个服务了?
            if (string.IsNullOrEmpty(appKey))
            {
                result.StatusCode    = "AccessDeny";
                result.StatusMessage = "appKey为空、访问被拒绝";
                return(result);
            }

            // 2: 判断是否在接口角色里, 只有在接口角色里的,才可以进行远程调用,这样也方便把接口随时踢出来。
            string roleCode = "Interface";

            if (!BaseUserManager.IsInRoleByCache(systemCode, appKey, roleCode))
            {
                result.StatusCode    = "AccessDeny";
                result.StatusMessage = "非接口用户、访问被拒绝";
                return(result);
            }

            // 3: 判断调用的频率是否?这里需要高速判断,不能总走数据库?调用的效率要高,不能被远程接口给拖死了、自己的服务都不正常了。
            if (callLimit && PooledRedisHelper.CallLimit(appKey, 10, 10000))
            {
                result.StatusCode    = "AccessDeny";
                result.StatusMessage = "访问频率过高、访问被拒绝";
                return(result);
            }

            // 4: 判断签名是否有效?是否过期?可以支持多个签名,容易升级、容易兼容、容易有个过度的缓冲期。为了提高安全性,必须要有签名才对。
            if (!BaseServicesLicenseManager.CheckServiceByCache(appKey, appSecret))
            {
                result.StatusCode    = "AccessDeny";
                result.StatusMessage = "不合法签名、访问被拒绝";
                return(result);
            }

            // 5: 判断对方的ip是否合法的?1个服务程序,可以有多个ip。可以把服务当一个用户看待,一个目标用户可能也配置了多个服务,一般是远程连接。
            BaseUserLogOnManager userLogOnManager = new BaseUserLogOnManager();
            BaseUserLogOnEntity  userLogOnEntity  = userLogOnManager.GetObject(appKey);

            if (BaseUserManager.CheckIPAddressByCache(userLogOnEntity, ipAddress, true))
            {
                result.StatusCode    = "AccessDeny";
                result.StatusMessage = "不合法IP、访问被拒绝";
                return(result);
            }

            // 6: 判断是否有权限?防止被过渡调用,拖死数据库,可以用缓存的方式进行判断,这样不容易被客户端、合作伙伴拖垮。
            if (!string.IsNullOrEmpty(permissionCode) && !BasePermissionManager.IsAuthorizedByCache(systemCode, appKey, permissionCode))
            {
                result.StatusCode    = "AccessDeny";
                result.StatusMessage = "无权限 " + permissionCode + "、访问被拒绝";
                return(result);
            }

            // 7: 判断是否有效?判断时间是否对?
            BaseUserManager userManager     = new BaseUserManager();
            BaseUserEntity  userEntity      = userManager.GetObject(appKey);
            UserLogOnResult userLogOnResult = userManager.CheckUser(userEntity, userLogOnEntity);

            if (!string.IsNullOrEmpty(userLogOnResult.StatusCode))
            {
                BaseLoginLogManager.AddLog(systemCode, userEntity, ipAddress, string.Empty, string.Empty, userLogOnResult.StatusMessage);
                result.StatusCode    = userLogOnResult.StatusCode;
                result.StatusMessage = userLogOnResult.StatusMessage;
                return(result);
            }

            // 8:目前需要判断的,都加上了。
            result.Status = true;
            return(result);
        }
Пример #8
0
        /// <summary>
        /// 增加用户账号
        /// </summary>
        /// <param name="user"></param>
        /// <returns></returns>
        public bool AddUser(TAB_USEREntity user)
        {
            //1、先往中天里添加账号
            BaseUserEntity       userEntity       = new BaseUserEntity();
            BaseUserManager      userManager      = new BaseUserManager();
            BaseUserLogOnManager userLogOnManager = new BaseUserLogOnManager();

            userEntity.UserFrom    = "K8";
            userEntity.UserName    = user.USER_NAME;
            userEntity.Code        = user.EMPLOYEE_CODE;
            userEntity.RealName    = user.REAL_NAME;
            userEntity.CompanyName = user.OWNER_SITE;
            var organize = new BaseOrganizeManager().GetObjectByName(user.OWNER_SITE);

            if (organize != null)
            {
                userEntity.CompanyId = organize.Id.ToString();
            }
            userEntity.Description       = user.REMARK;
            userEntity.DeletionStateCode = 0;
            userEntity.DepartmentName    = user.DEPT_NAME;
            userEntity.Enabled           = int.Parse(user.BL_LOCK_FLAG.ToString());
            bool identity = false;

            if (!string.IsNullOrEmpty(userEntity.Id))
            {
                identity = true;
            }
            userEntity.Id = userManager.Add(userEntity, identity, true);

            //添加用户密码表
            BaseUserLogOnEntity userLogOnEntity = userLogOnManager.GetObject(userEntity.Id);

            userLogOnEntity    = new BaseUserLogOnEntity();
            userLogOnEntity.Id = userEntity.Id;
            //邦定mac地址
            userLogOnEntity.CheckIPAddress = 1;
            var salt = BaseRandom.GetRandomString(20);

            userLogOnEntity.Salt         = salt;
            userLogOnEntity.UserPassword = userManager.EncryptUserPassword(user.USER_PASSWD, salt);

            //是否检查机器码 MAC地址
            int checkIPAddress = 1;

            int.TryParse(user.BL_CHECK_COMPUTER.ToString(), out checkIPAddress);
            userLogOnEntity.CheckIPAddress = checkIPAddress;
            userLogOnManager.AddObject(userLogOnEntity);

            //用户的联系方式
            BaseUserContactManager userContactManager = new BaseUserContactManager();
            BaseUserContactEntity  userContactEntity  = new BaseUserContactEntity();

            userContactEntity.Id = userEntity.Id;
            if (!string.IsNullOrEmpty(user.MOBILE))
            {
                userContactEntity.Mobile = user.MOBILE;
            }
            userContactManager.AddObject(userContactEntity);

            //2、再往K8里加用户
            TAB_USERManager        tabUserManager  = new TAB_USERManager();
            TAB_USERPOPEDOMManager userMenuManager = new TAB_USERPOPEDOMManager();

            user.CREATE_SITE = Utilities.UserInfo.CompanyName;
            user.CREATE_USER = Utilities.UserInfo.RealName;
            user.CREATE_DATE = DateTime.Now;
            user.USER_NAME   = user.USER_NAME.Trim();
            user.ID          = decimal.Parse(userEntity.Id);
            tabUserManager.Add(user, false, true);
            var sql = string.Format(" UPDATE TAB_USER SET USER_PASSWORD=NULL,USER_PASSWD='{0}',SALT ='{1}',  CHANGEPASSWORDDATE=to_date('{2}','yyyy-mm-dd-hh24:mi:ss')  WHERE ID = '{3}'",
                                    userEntity.UserPassword, salt, DateTime.Now, user.ID);

            tabUserManager.ExecuteNonQuery(sql);

            //3、新增账号的时候默认增加新员工的权限为网点员工
            var roleMenus = GetMenusByUserCode("网点员工", "", "上海");

            foreach (var roleMenu in roleMenus)
            {
                TAB_USERPOPEDOMEntity userPOPEDOM = new TAB_USERPOPEDOMEntity();
                userPOPEDOM.BL_INSERT  = roleMenu.BL_INSERT;
                userPOPEDOM.BL_UPDATE  = roleMenu.BL_UPDATE;
                userPOPEDOM.BL_DELETE  = roleMenu.BL_DELETE;
                userPOPEDOM.USER_NAME  = user.USER_NAME;
                userPOPEDOM.OWNER_SITE = user.OWNER_SITE;
                userPOPEDOM.MENU_GUID  = roleMenu.MENU_GUID;
                userMenuManager.Add(userPOPEDOM);
            }
            return(true);
        }
Пример #9
0
        public int ImportUser(System.Data.IDataReader dataReader, BaseOrganizeManager organizeManager, BaseUserLogOnManager userLogOnManager, BaseUserContactManager userContactManager)
        {
            int            result     = 0;
            BaseUserEntity userEntity = this.GetObject(dataReader["ID"].ToString());

            if (userEntity == null)
            {
                userEntity    = new BaseUserEntity();
                userEntity.Id = dataReader["ID"].ToString();
            }
            userEntity.Id       = dataReader["ID"].ToString();
            userEntity.UserFrom = "K8";
            userEntity.UserName = dataReader["USER_NAME"].ToString();
            userEntity.IDCard   = dataReader["ID_Card"].ToString();
            userEntity.Code     = dataReader["EMPLOYEE_CODE"].ToString();
            userEntity.RealName = dataReader["REAL_NAME"].ToString();
            if (string.IsNullOrWhiteSpace(userEntity.RealName))
            {
                userEntity.RealName = dataReader["EMPLOYEE_NAME"].ToString();
            }
            userEntity.NickName    = dataReader["ONLY_USER_NAME"].ToString();
            userEntity.CompanyName = dataReader["OWNER_SITE"].ToString();
            userEntity.Description = dataReader["REMARK"].ToString();
            // 把被删除的数据恢复过来
            userEntity.DeletionStateCode = 0;
            if (string.IsNullOrEmpty(userEntity.CompanyId))
            {
                userEntity.CompanyId = organizeManager.GetProperty(new KeyValuePair <string, object>(BaseOrganizeEntity.FieldFullName, userEntity.CompanyName), BaseOrganizeEntity.FieldId);
                if (string.IsNullOrEmpty(userEntity.CompanyId))
                {
                    System.Console.WriteLine("无CompanyId " + userEntity.Id + ":" + userEntity.UserName + ":" + userEntity.RealName);
                    return(0);
                }
            }
            // 不是内部组织机构的才进行调整
            if (string.IsNullOrEmpty(userEntity.DepartmentId))
            {
                userEntity.DepartmentName = dataReader["DEPT_NAME"].ToString();
            }
            if (!string.IsNullOrEmpty(dataReader["IM_NAME"].ToString()))
            {
                // userEntity.QQ = dataReader["IM_NAME"].ToString();
            }

            userEntity.Enabled = int.Parse(dataReader["BL_LOCK_FLAG"].ToString());
            System.Console.WriteLine("ImportK8User:"******":" + userEntity.RealName);
            // 02:可以把读取到的数据能写入到用户中心的。
            result = this.UpdateObject(userEntity);
            if (result == 0)
            {
                this.AddObject(userEntity);
            }
            // 添加用户密码表
            BaseUserLogOnEntity userLogOnEntity = userLogOnManager.GetObject(userEntity.Id);

            if (userLogOnEntity == null)
            {
                userLogOnEntity    = new BaseUserLogOnEntity();
                userLogOnEntity.Id = userEntity.Id;
                // 邦定mac地址
                userLogOnEntity.CheckIPAddress = 1;
                userLogOnEntity.UserPassword   = dataReader["USER_PASSWD"].ToString();
                userLogOnEntity.Salt           = dataReader["SALT"].ToString();
                // 是否检查机器码 MAC地址
                int checkIPAddress = 1;
                int.TryParse(dataReader["BL_CHECK_COMPUTER"].ToString(), out checkIPAddress);
                userLogOnEntity.CheckIPAddress = checkIPAddress;
                if (!string.IsNullOrEmpty(dataReader["CHANGEPASSWORDDATE"].ToString()))
                {
                    userLogOnEntity.ChangePasswordDate = DateTime.Parse(dataReader["CHANGEPASSWORDDATE"].ToString());
                }
                userLogOnManager.AddObject(userLogOnEntity);
            }
            else
            {
                userLogOnEntity.Id           = userEntity.Id;
                userLogOnEntity.UserPassword = dataReader["USER_PASSWD"].ToString();
                userLogOnEntity.Salt         = dataReader["SALT"].ToString();
                if (!string.IsNullOrEmpty(dataReader["CHANGEPASSWORDDATE"].ToString()))
                {
                    userLogOnEntity.ChangePasswordDate = DateTime.Parse(dataReader["CHANGEPASSWORDDATE"].ToString());
                }
                result = userLogOnManager.UpdateObject(userLogOnEntity);
            }
            // 用户的联系方式
            BaseUserContactEntity userContactEntity = userContactManager.GetObject(userEntity.Id);

            if (userContactEntity == null)
            {
                userContactEntity        = new BaseUserContactEntity();
                userContactEntity.Id     = userEntity.Id;
                userContactEntity.QQ     = dataReader["QQ"].ToString();
                userContactEntity.Mobile = dataReader["Mobile"].ToString();
                userContactEntity.Email  = dataReader["Email"].ToString();
                userContactManager.AddObject(userContactEntity);
            }
            else
            {
                if (!string.IsNullOrEmpty(dataReader["QQ"].ToString()))
                {
                    userContactEntity.QQ = dataReader["QQ"].ToString();
                }
                if (!string.IsNullOrEmpty(dataReader["Mobile"].ToString()))
                {
                    userContactEntity.Mobile = dataReader["Mobile"].ToString();
                }
                if (!string.IsNullOrEmpty(dataReader["Email"].ToString()))
                {
                    userContactEntity.Email = dataReader["Email"].ToString();
                }
                userContactManager.UpdateObject(userContactEntity);
            }
            return(result);
        }