public string MethodsForm(int id) { try { string SqlExecAction = "alert"; DersaSqlManager DM = new DersaSqlManager(); string userName = HttpContext.Current.User.Identity.Name; IParameterCollection UserParams = new ParameterCollection(); UserParams.Add("@login", userName); UserParams.Add("@password", Util.GetPassword(userName)); int userPermissions = DM.ExecuteSPWithResult("DERSA_USER$GetPermissions", false, UserParams); int canExecSql = userPermissions & 1; if (canExecSql != 0) { UserParams.Add("@user_setting_name", "Выполнять SQL локально"); int execSqlLocal = DM.ExecuteSPWithResult("DERSA_USER$GetBoolUserSetting", false, UserParams); int canExecLocalSql = userPermissions & 2; if (execSqlLocal > 0 && canExecLocalSql != 0) { SqlExecAction = "exec"; } } System.Data.DataTable T = DM.ExecuteSPWithParams("ENTITY$GetMethods", new object[] { id, userName, Util.GetPassword(userName) }); int i = 1; var query = from System.Data.DataRow R in T.Rows select new { Name = R["name"], Value = "", ReadOnly = false, Type = -1, ControlType = "button", ChildFormAttrs = new { Height = 800, Width = 600, DisplayValue = "...", InfoLink = (int)R["get_result_type"] == 1 ? "Node/ExecMethodForm?id=" + id.ToString() + "&method_name=" + R["name"].ToString() : "", SaveLink = "Query/ExecSql",//GetSaveLink((int)R["get_result_type"], R["name"].ToString(), id), OnClick = GetOnClick((int)R["get_result_type"], R["name"].ToString(), id), ActionAfterExec = SqlExecAction } }; string result = JsonConvert.SerializeObject(query); return(result); } catch { return(""); } }
public string Create(int parent) { IParameterCollection Params = new ParameterCollection(); Params.Add("@parent", parent); string currentUser = System.Web.HttpContext.Current.User.Identity.Name; Params.Add("@login", currentUser); Params.Add("@password", Util.GetPassword(currentUser)); DersaSqlManager M = new DersaSqlManager(); int res = M.ExecuteSPWithResult("DIAGRAM$Create", false, Params); return(res.ToString()); }
public string Save(string id, string xml) { XmlDocument doc = new XmlDocument(); string decodedXml = xml.Replace("{lt;", "<").Replace("{gt;", ">"); IParameterCollection Params = new ParameterCollection(); Params.Add("@diagram", id.Replace("D_", "")); Params.Add("@xml", decodedXml); string currentUser = System.Web.HttpContext.Current.User.Identity.Name; Params.Add("@login", currentUser); Params.Add("@password", Util.GetPassword(currentUser)); DersaSqlManager M = new DersaSqlManager(); int res = M.ExecuteSPWithResult("DIAGRAM$SaveFromXml", false, Params); return(res.ToString()); }
public int CanDnD(string src, int dst) { try { DersaSqlManager DM = new DersaSqlManager(); string userName = HttpContext.Current.User.Identity.Name; IParameterCollection Params = new ParameterCollection(); Params.Add("dnd_source", src); Params.Add("dnd_target", dst); Params.Add("login", userName); Params.Add("password", Util.GetPassword(userName)); int result = DM.ExecuteSPWithResult("ENTITY$CanDnD", false, Params); return(result); } catch { return(0); } }
public string ExecSql(string json_params) { IParameterCollection Params = Util.DeserializeParams(json_params); if (!Params.Contains("SQL")) { return(json_params); } else { DersaSqlManager M = new DersaSqlManager(); string sql = Params["SQL"].Value.ToString().Replace("$gt$", ">").Replace("$lt$", "<"); IParameterCollection UserParams = new ParameterCollection(); string userName = HttpContext.Current.User.Identity.Name; UserParams.Add("@login", userName); UserParams.Add("@password", Util.GetPassword(userName)); int userPermissions = M.ExecuteSPWithResult("DERSA_USER$GetPermissions", false, UserParams); int canExecSql = userPermissions & 1; if (canExecSql == 0) { return("You have no permissions to exec SQL in database."); } UserParams.Add("@user_setting_name", "Выполнять SQL локально"); int execSqlLocal = M.ExecuteSPWithResult("DERSA_USER$GetBoolUserSetting", false, UserParams); int canExecLocalSql = userPermissions & 2; if (execSqlLocal > 0) { if (canExecLocalSql == 0) { return("You have no permissions to exec SQL locally."); } else { string queryId = GetQueryId(sql); (UserParams["@user_setting_name"] as IParameter).Value = "Функция вызова локального клиента SQL"; System.Data.DataTable VT = M.ExecuteSPWithParams("DERSA_USER$GetTextUserSetting", UserParams); if (VT == null || VT.Rows.Count < 1) { throw new Exception("Функция вызова локального клиента SQL не определена"); } string functionBody = VT.Rows[0][0].ToString(); var result = new { action = functionBody, arg_name = "queryId", arg = queryId }; return(JsonConvert.SerializeObject(result)); } } try { string result = "Unknown error"; if (Params.Contains("Server") && Params["Server"].Value != null) { string connectionString = string.Format("Server={0};Database={1};user={2};password={3}", Params["Server"].Value, Params["Database"].Value, Params["Login"].Value, Params["Password"].Value); SqlManager ExecM = new SqlManager(connectionString); result = ExecM.ExecMultiPartSql(sql); } else { DersaUserSqlManager UM = new DersaUserSqlManager(); result = UM.ExecMultiPartSql(sql); } if (result != "") { return(result); } return("Запрос успешно выполнен:\n\n" + sql); } catch (Exception exc) { return(exc.Message); } } }