//后台登录
public override EHECD_SystemUserDTO Login(EHECD_SystemUserDTO t)
{
var IP = t.sAddress;
//1.查询用户数据
t = query.SingleQuery <EHECD_SystemUserDTO>("SELECT ID,sLoginName,sUserName,tUserState,tUserType,sUserNickName,dLastLoginTime,sProvice,sCity,sCounty,sAddress,tSex FROM EHECD_SystemUser WHERE sLoginName = @name and sPassWord = @pwd AND bIsDeleted = 0;", new { name = t.sLoginName, pwd = Security.GetMD5Hash(t.sPassWord) });
if (t != null)
{
//2.记录系统日志
InsertSystemLog(
t.sLoginName,
t.sUserName == null ? "用户" : t.sUserName,
IP,
(Int16)(SYSTEM_LOG_TYPE.LOGON | SYSTEM_LOG_TYPE.SYSTEMUSER),
"系统用户登录",
t.ID.ToString() == null ? "" : t.ID.ToString(),
t != default(EHECD_SystemUserDTO) && t.tUserState == 0);
}
if (t != default(EHECD_SystemUserDTO))
{
//3.更新最后登录时间
excute.ExcuteTransaction(Dapper.DBSqlHelper.GetUpdateSQL <EHECD_SystemUserDTO>(new EHECD_SystemUserDTO {
dLastLoginTime = DateTime.Now
}, string.Format("where ID = '{0}'", t.ID.ToString())));
//登录成功
return(t);
}
else
{
return(null);
}
}
//编辑用户
public override int EditSystemUser(EHECD_SystemUserDTO user, dynamic p)
{
var sqlIf = @"IF EXISTS(SELECT 1 FROM EHECD_SystemUser WHERE sMobileNum = @sMobileNum)
BEGIN
SELECT -2 RET;
END
ELSE
BEGIN
{0}
END;";
sqlIf = string.Format(sqlIf, Dapper.DBSqlHelper.GetUpdateSQL <EHECD_SystemUserDTO>(user, string.Format("where ID = '{0}'", user.ID)));
//1.保存至数据库
var ret = excute.Update(sqlIf, new { sMobileNum = user.sMobileNum });
//2.记录系统日志
InsertSystemLog(
p.sLoginName.ToString(),
p.sUserName.ToString(),
p.IP.ToString(),
(Int16)(SYSTEM_LOG_TYPE.MODIFY | SYSTEM_LOG_TYPE.SYSTEMUSER),
"系统用户编辑用户" + user.ID,
user.ID.ToString(),
ret > 0);
return(ret);
}
/// <summary>
/// 处理前
/// </summary>
/// <param name="requestContext"></param>
protected override void Initialize(RequestContext requestContext)
{
try
{
if (requestContext.HttpContext.Request.IsAjaxRequest() && requestContext.HttpContext.Request.RequestType.ToLower() == "post")
{
//预备给脚本端的数据获取接口
RequestParameters = ParameterLoader.LoadAjaxPostParameters(requestContext.HttpContext.Request.InputStream);
}
else
{
//直接post的加密接口
//RequestParameters = ParameterLoader.LoadSecurityParameters(requestContext.HttpContext.Request.InputStream);
RequestParameters = ParameterLoader.LoadAjaxPostParameters(requestContext.HttpContext.Request.InputStream);
if (!string.IsNullOrEmpty(RequestParameters.identity) && !string.IsNullOrWhiteSpace(RequestParameters.identity))
{
//保存在Session中
SessionInfo session = (SessionInfo)requestContext.HttpContext.Session[SessionInfo.APISESSION_NAME];
//session里面没有
if (session != null && session.SessionUser != null && session.SessionUser.User != null)
{
//如果传入token不一致,以客户端为准
if (session.SessionUser.User.ID.ToString() != RequestParameters.identity)
{
var login = DIEntity.GetInstance().GetImpl <ILogin>();
session.SessionUser.User = login.GetAppLoginInfo(RequestParameters.identity);
requestContext.HttpContext.Session[SessionInfo.APISESSION_NAME] = session;
}
else
{
SessionUser = session.SessionUser.User;
}
}
else
{
var login = DIEntity.GetInstance().GetImpl <ILogin>();
SessionInfo info = new SessionInfo();
info.SessionUser.User = login.GetAppLoginInfo(RequestParameters.identity);
requestContext.HttpContext.Session[SessionInfo.APISESSION_NAME] = info;
SessionUser = info.SessionUser.User;
}
}
}
}
catch (Exception e)
{
SystemLog.Logs.GetLog().WriteErrorLog(e);
}
base.Initialize(requestContext);
}
//冻结用户
public override int FrozenSystemUser(EHECD_SystemUserDTO user, dynamic p)
{
user.tUserState = user.tUserState == 1 ? (byte)0 : (byte)1;
//1.冻结用户
var ret = excute.UpdateSingle <EHECD_SystemUserDTO>(user, string.Format("where ID = '{0}'", user.ID));
//2.记录系统日志
InsertSystemLog(
p.sLoginName.ToString(),
p.sUserName.ToString(),
p.IP.ToString(),
(Int16)(SYSTEM_LOG_TYPE.MODIFY | SYSTEM_LOG_TYPE.SYSTEMUSER),
user.tUserState == 1 ? "系统用户冻结用户" + user.ID : "系统用户解冻用户" + user.ID,
user.ID.ToString(),
ret > 0);
return(ret);
}
//添加用户
public override int AddSystemUser(EHECD_SystemUserDTO user, dynamic p)
{
//1.完善用户信息
user.bIsDeleted = false;
user.dCreateTime = DateTime.Now;
user.dLastLoginTime = DateTime.Now;
user.tUserState = 0;
user.tUserType = 0;
user.ID = Helper.GuidHelper.GetSecuentialGuid();
user.sPassWord = Helper.Security.GetMD5Hash(user.sPassWord);
var sqlIf = @"IF EXISTS(SELECT 1 FROM EHECD_SystemUser WHERE sLoginName = @sLoginName)
BEGIN
SELECT -1 RET;
END
ELSE
BEGIN
IF EXISTS(SELECT 1 FROM EHECD_SystemUser WHERE sMobileNum = @sMobileNum)
BEGIN
SELECT -2 RET;
END
ELSE
BEGIN
{0}
END
END;";
sqlIf = string.Format(sqlIf, Dapper.DBSqlHelper.GetInsertSQL <EHECD_SystemUserDTO>(user));
//2.保存至数据库
var ret = excute.Insert(sqlIf, new { sLoginName = user.sLoginName, sMobileNum = user.sMobileNum });
//3.记录系统日志
InsertSystemLog(
p.sLoginName.ToString(),
p.sUserName.ToString(),
p.IP.ToString(),
(Int16)(SYSTEM_LOG_TYPE.ADD | SYSTEM_LOG_TYPE.SYSTEMUSER),
"系统用户添加用户" + user.ID,
user.ID.ToString(),
ret > 0);
return(ret);
}
/// <summary>
/// 修改密码
/// </summary>
/// <param name="t">用户信息</param>
/// <returns>修改后的用户信息</returns>
public virtual EHECD_SystemUserDTO ChangePassword(EHECD_SystemUserDTO t)
{
var ret = query.SingleQuery <EHECD_SystemUserDTO>("select * from EHECD_SystemUser where sLoginName = @sLoginName;", new { sLoginName = t.sLoginName });
if (ret != default(EHECD_SystemUserDTO))
{
var exr = excute.Update("update EHECD_SystemUser set sPassWord = @PWD where ID = @ID;", new { PWD = Framework.Helper.Security.GetMD5Hash(t.sPassWord), ID = ret.ID });
if (exr > 0)
{
return(ret);
}
else
{
return(null);
}
}
else
{
return(null);
}
}
//删除用户
public override int DeleteSystemUser(EHECD_SystemUserDTO user, dynamic p)
{
StringBuilder sb = new StringBuilder();
//1.删除用户
sb.AppendLine(DBSqlHelper.GetUpdateSQL <EHECD_SystemUserDTO>(new EHECD_SystemUserDTO()
{
bIsDeleted = true
}, string.Format("where ID = '{0}'", user.ID)));
//2.删除用户的特权
sb.AppendLine(DBSqlHelper.GetUpdateSQL <EHECD_PrivilegeDTO>(new EHECD_PrivilegeDTO()
{
bIsDeleted = true
}, string.Format("where ((sPrivilegeMaster = 'user' AND sPrivilegeMasterValue = '{0}') OR (sBelong = 'user' AND sBelongValue = '{0}'))", user.ID)));
//3.解除用户权限
sb.AppendLine(DBSqlHelper.GetUpdateSQL <EHECD_SystemUser_R_RoleDTO>(new EHECD_SystemUser_R_RoleDTO()
{
bIsDeleted = true
}, string.Format("where sUserID = '{0}' AND bIsDeleted = 0", user.ID)));
var ret = excute.ExcuteTransaction(sb.ToString());
//3.记录系统日志
InsertSystemLog(
p.sLoginName.ToString(),
p.sUserName.ToString(),
p.IP.ToString(),
(Int16)(SYSTEM_LOG_TYPE.DELETE | SYSTEM_LOG_TYPE.SYSTEMUSER),
"系统用户删除用户" + user.ID,
user.ID.ToString(),
ret > 0);
return(ret);
}
/// <summary>
/// 修改用户信息
/// </summary>
/// <param name="t">用户信息</param>
/// <returns>修改后的用户信息</returns>
public virtual EHECD_SystemUserDTO ChangeUserInfo(EHECD_SystemUserDTO t)
{
return(default(EHECD_SystemUserDTO));
}
/// <summary> /// 载入用户权限信息 /// </summary> /// <param name="t">系统用户</param> /// <returns>用户权限相关信息(按钮,菜单等)</returns> public abstract UserRoleMenuInfo LoadUserRoleMenuInfo(EHECD_SystemUserDTO t);
/// <summary> /// 系统用户登录 /// </summary> /// <returns>登录结果,成功返回用户,失败返回null</returns> public abstract EHECD_SystemUserDTO Login(EHECD_SystemUserDTO t);
/// <summary> /// 冻结系统用户 /// </summary> /// <param name="user">系统用户</param> /// <param name="p">用来生成系统日志的动态类型</param> /// <returns>冻结结果</returns> public abstract int FrozenSystemUser(EHECD_SystemUserDTO user, dynamic p);
//载入权限菜单
public override UserRoleMenuInfo LoadUserRoleMenuInfo(EHECD_SystemUserDTO t)
{
//用户的权限和菜单、菜单按钮信息
UserRoleMenuInfo ret = new UserRoleMenuInfo();
//从配置中查看启不启用权限
if (WebConfig.LoadElement("UseUserRole") == "1")
{
//获取用户和用户角色下的菜单
ret.UserMenu = LoadUserAndRolesMenu(t.ID);
//获取用户的角色
ret.UserRole = query.QueryList <UserRole>(@"SELECT
r.ID,
r.sRoleName,
r.dModifyTime,
r.iOrder
FROM
EHECD_SystemUser_R_Role srr,
EHECD_Role r
WHERE
srr.sRoleID = r.ID
AND r.bIsDeleted = 0
AND srr.bIsDeleted = 0
AND r.bEnable = 1
AND srr.sUserID = @id ORDER BY r.iOrder;", new { id = t.ID });
//判断是否开启绑定到菜单按钮
if (WebConfig.LoadElement("UseMenuBottn") == "1")
{
//获取这个用户所有的角色ID
string userRoles = string.Join(",", ret.UserRole.Select(m => string.Concat("'", m.ID, "'")));
//获取用户和用户角色的菜单按钮
for (int i = 0; i < ret.UserMenu.Count; i++)
{
ret.UserMenu[i].Buttons = LoadUserAndRolesMenuButton(userRoles, ret.UserMenu[i].ID, t.ID);
}
}
else
{
//如果不启用菜单按钮和角色与客户绑定的话,则获取每个菜单的按钮
for (int i = 0; i < ret.UserMenu.Count; i++)
{
ret.UserMenu[i].Buttons = query.QueryList <UserMenuButton>(@"SELECT
*
FROM
EHECD_MenuButton
WHERE
ID IN (
SELECT DISTINCT
sPrivilegeAccessValue
FROM
EHECD_Privilege
WHERE
sBelong = 'menu'
AND sBelongValue = @ID
AND sPrivilegeMaster = 'menu'
AND sPrivilegeMasterValue = @ID
AND sPrivilegeAccess = 'button'
)
AND bIsDeleted = 0
ORDER BY iOrder;", new { ID = ret.UserMenu[i].ID });
}
}
ret.AllMenu = ret.UserMenu;
//初始化菜单使其具有层级关系
ret.UserMenu = InitMenu(ret.UserMenu);
ret.LoadSuccess = true;
}
else
{
//如果不启用权限,就获取所有菜单
ret.UserMenu = query.QueryList <UserMenu>("SELECT ID,sMenuName,sPID,sUrl,iOrder from EHECD_FunctionMenu WHERE bIsDeleted = 0 ORDER BY iOrder;", null);
//判断是否开启菜单按钮配置:在不开启权限的情况下,这里的菜单按钮只获取绑定到个人身上的,不再获取绑定到权限的
if (WebConfig.LoadElement("UseMenuBottn") == "1")
{
//获取用户菜单按钮
for (int i = 0; i < ret.UserMenu.Count; i++)
{
ret.UserMenu[i].Buttons = LoadUserMenuButton(ret.UserMenu[i].ID, t.ID);
}
}
else
{
//获取所有菜单按钮
for (int i = 0; i < ret.UserMenu.Count; i++)
{
ret.UserMenu[i].Buttons = query.QueryList <UserMenuButton>(@"SELECT
*
FROM
EHECD_MenuButton
WHERE
ID IN (
SELECT DISTINCT
sPrivilegeAccessValue
FROM
EHECD_Privilege
WHERE
sBelong = 'menu'
AND sBelongValue = @ID
AND sPrivilegeMaster = 'menu'
AND sPrivilegeMasterValue = @ID
AND sPrivilegeAccess = 'button'
)
AND bIsDeleted = 0
ORDER BY iOrder;", new { ID = ret.UserMenu[i].ID });
}
}
ret.AllMenu = ret.UserMenu;
//初始化菜单使其具有层级关系
ret.UserMenu = InitMenu(ret.UserMenu);
ret.LoadSuccess = true;
}
return(ret);
}
//分配角色
public override int DistributionRole(EHECD_SystemUserDTO user, dynamic p)
{
var ret = 0;
if (p.data.ids != null)
{
string idsStr = p.data.ids.Value.ToString();
if (!string.IsNullOrWhiteSpace(idsStr))
{
//1.有角色id,表示要给他重新分配角色
var ids = idsStr.Split(new char[] { ',' });
StringBuilder sb = new StringBuilder();
//解除未选中的其他角色
sb.AppendFormat("UPDATE EHECD_SystemUser_R_Role SET bIsDeleted = 1 WHERE sRoleID NOT IN ({0}) AND sUserID = '{1}';",
string.Join(",", ids.Select(m => "'" + m + "'")), user.ID);
string sql = @"IF EXISTS(SELECT 1 FROM EHECD_SystemUser_R_Role WHERE sRoleID = '{2}' AND sUserID = '{3}')
BEGIN
{0}
END
ELSE
BEGIN
{1}
END;";
for (int i = 0; i < ids.Length; i++)
{
sb.AppendFormat(sql,
DBSqlHelper.GetUpdateSQL <EHECD_SystemUser_R_RoleDTO>(
new EHECD_SystemUser_R_RoleDTO {
bIsDeleted = false
},
string.Format("WHERE sRoleID = '{0}' AND sUserID = '{1}'", ids[i], user.ID)),
DBSqlHelper.GetInsertSQL <EHECD_SystemUser_R_RoleDTO>(
new EHECD_SystemUser_R_RoleDTO
{
ID = GuidHelper.GetSecuentialGuid(),
bIsDeleted = false,
sRoleID = Guid.Parse(ids[i]),
sUserID = user.ID
}),
ids[i],
user.ID
);
}
//2.执行插入和更新
ret = excute.ExcuteTransaction(sb.ToString());
//3.记录系统日志
InsertSystemLog(
p.sLoginName.ToString(),
p.sUserName.ToString(),
p.IP.ToString(),
(Int16)(SYSTEM_LOG_TYPE.MODIFY | SYSTEM_LOG_TYPE.ADD | SYSTEM_LOG_TYPE.ROLE | SYSTEM_LOG_TYPE.SYSTEMUSER),
"分配系统用户角色" + user.ID,
user.ID.ToString(),
ret > 0);
}
else
{
//1.没有角色id,表示这个用户没有分配角色,解除他以前的所有角色信息
ret = excute.UpdateSingle <EHECD_SystemUser_R_RoleDTO>(
new EHECD_SystemUser_R_RoleDTO {
bIsDeleted = true
},
string.Format("WHERE sUserID = '{0}'", user.ID));
//2.记录系统日志
InsertSystemLog(
p.sLoginName.ToString(),
p.sUserName.ToString(),
p.IP.ToString(),
(Int16)(SYSTEM_LOG_TYPE.MODIFY | SYSTEM_LOG_TYPE.DELETE | SYSTEM_LOG_TYPE.ROLE | SYSTEM_LOG_TYPE.SYSTEMUSER),
"解除系统用户角色" + user.ID,
user.ID.ToString(),
ret >= 0);
}
}
return(ret);
}
/// <summary> /// 载入用户的角色 /// </summary> /// <param name="user">用户</param> /// <returns>用户的角色</returns> public abstract IList <EHECD_RoleDTO> LoadUserRole(EHECD_SystemUserDTO user);
//获取用户信息
public override EHECD_SystemUserDTO GetSystemUserInfoById(EHECD_SystemUserDTO user)
{
user = query.SingleQuery <EHECD_SystemUserDTO>("SELECT * FROM EHECD_SystemUser WHERE ID = @ID", new { ID = user.ID });
return(user == default(EHECD_SystemUserDTO) ? null : user);
}
//载入用户权限
public override IList <EHECD_RoleDTO> LoadUserRole(EHECD_SystemUserDTO user)
{
return(query.QueryList <EHECD_RoleDTO>("SELECT r.ID FROM EHECD_Role r,EHECD_SystemUser_R_Role srr WHERE r.bIsDeleted = 0 AND r.bEnable = 1 AND r.ID = srr.sRoleID AND srr.bIsDeleted = 0 AND srr.sUserID = @ID", new { ID = user.ID.ToString() }));
}
/// <summary> /// 根据ID获取用户完整信息 /// </summary> /// <param name="user">用户</param> /// <returns>完整用户信息</returns> public abstract EHECD_SystemUserDTO GetSystemUserInfoById(EHECD_SystemUserDTO user);
/// <summary> /// 编辑系统用户 /// </summary> /// <param name="user">系统用户</param> /// <param name="p">用来生成系统日志的动态类型</param> /// <returns>编辑结果</returns> public abstract int EditSystemUser(EHECD_SystemUserDTO user, dynamic p);
/// <summary> /// 删除系统用户 /// </summary> /// <param name="user">系统用户</param> /// <param name="p">用来生成系统日志的动态类型</param> /// <returns>删除结果</returns> public abstract int DeleteSystemUser(EHECD_SystemUserDTO user, dynamic p);