public string Register(RegisterInfo info) { string error = string.Empty; LibDataAccess dataAccess = new LibDataAccess(); string userId = LibSysUtils.ToString(dataAccess.ExecuteScalar(string.Format("select USERID from AXPUSER where USERID={0}", LibStringBuilder.GetQuotString(info.inputId)))); if (string.IsNullOrEmpty(userId)) { string personId = LibSysUtils.ToString(dataAccess.ExecuteScalar(string.Format("select PERSONID from COMPERSON where PERSONNAME={0} and DEPTID={1}", LibStringBuilder.GetQuotString(info.inputName), LibStringBuilder.GetQuotString(info.inputDept)))); //如果遇到同部门同名的情况。建议客户手动创建人员主数据。 if (string.IsNullOrEmpty(personId)) { LibBcfData bcfData = (LibBcfData)LibBcfSystem.Default.GetBcfInstance("com.Person"); DataSet dataSet = bcfData.AddNew(null); DataRow masterRow = dataSet.Tables[0].Rows[0]; masterRow.BeginEdit(); try { if (string.IsNullOrEmpty(LibSysUtils.ToString(masterRow["PERSONID"]))) { masterRow["PERSONID"] = personId = LibCommUtils.GetInternalId().ToString(); } masterRow["PERSONNAME"] = info.inputName; masterRow["GENDER"] = info.gender; masterRow["DEPTID"] = info.inputDept; masterRow["MAIL"] = info.inputEmail; masterRow["PHONENO"] = info.inputPhone; } finally { masterRow.EndEdit(); } dataSet = bcfData.InnerSave(BillAction.AddNew, new object[] { personId }, dataSet); personId = LibSysUtils.ToString(dataSet.Tables[0].Rows[0]["PERSONID"]); } if (!string.IsNullOrEmpty(personId)) { string sql = string.Format("insert into AXPUSER(USERID,USERPASSWORD,PERSONID,ISUSE) values({0},{1},{2},0)", LibStringBuilder.GetQuotString(info.inputId), LibStringBuilder.GetQuotString(info.inputPassword1), LibStringBuilder.GetQuotString(personId)); dataAccess.ExecuteNonQuery(sql); } } else { error = "账号已注册"; } return(error); }
public SetPwdResult SetPassword(string handle, string oldPwd, string newPwd) { SetPwdResult result = new SetPwdResult(); LibHandle libHandle = LibHandleCache.Default.GetCurrentHandle(handle) as LibHandle; if (libHandle == null) { throw new Exception("用户句柄无效。"); } string sql = string.Format("select USERID from AXPUSER where USERID={0} and USERPASSWORD={1}", LibStringBuilder.GetQuotString(libHandle.UserId), LibStringBuilder.GetQuotString(oldPwd)); LibDataAccess dataAccess = new LibDataAccess(); string userId = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql)); if (string.IsNullOrEmpty(userId)) { result.Msg = "输入的旧密码与系统不匹配。"; result.Success = false; } else { dataAccess.ExecuteNonQuery(string.Format("update AXPUSER set USERPASSWORD={2} where USERID={0} and USERPASSWORD={1}", LibStringBuilder.GetQuotString(libHandle.UserId), LibStringBuilder.GetQuotString(oldPwd), LibStringBuilder.GetQuotString(newPwd))); result.Success = true; } return(result); }
/// <summary> /// 验证验证码是否正确 /// </summary> /// <param name="userId"></param> /// <param name="code"></param> /// <returns></returns> private static Result VerifyCode(string userId, string code) { Result res = new Result(); try { string sql = string.Format("SELECT VERIFYCODE FROM AXPVERIFYCODE WHERE USERID={0}", LibStringBuilder.GetQuotString(userId)); LibDataAccess access = new LibDataAccess(); string realCode = LibSysUtils.ToString(access.ExecuteScalar(sql)); if (realCode == string.Empty) { res.ReturnValue = false; res.Message = "该帐号没有对应的验证码"; return(res); } if (code != null && code.Equals(realCode)) { res.ReturnValue = true; return(res); } else { res.ReturnValue = false; res.Message = "验证码错误"; return(res); } } catch (Exception ex) { res.ReturnValue = false; res.Message = "注册失败!" + ex.Message; return(res); } }
private void InitData() { //授权规格 LibDataAccess dataAccess = new LibDataAccess(); decimal count = LibSysUtils.ToDecimal((dataAccess.ExecuteScalar("select count(*) from AXPPURCHASESPEC"))); if (count == 0) { dataAccess.ExecuteNonQuery("insert into AXPPURCHASESPEC(PURCHASERID,PURCHASERNAME,MAXUSERCOUNT,MAXWORKSTATIONCOUNT) values('ax','ax',1000,-1)"); } bool existsINTERNALID = false; LibSqlModel sqlModel = LibSqlModelCache.Default.GetSqlModel("axp.User"); if (sqlModel != null && sqlModel.Tables.Count > 0 && sqlModel.Tables[0].Columns.Contains("INTERNALID")) { existsINTERNALID = true; } string userId = LibSysUtils.ToString(dataAccess.ExecuteScalar("select USERID from AXPUSER where USERID='admin'")); if (string.IsNullOrEmpty(userId)) { //考虑默认账户 使用admin if (existsINTERNALID == false) { dataAccess.ExecuteNonQuery("insert into AXPUSER(USERID,USERPASSWORD,ISUSE) values('admin','admin',1)"); } else { //如果AXPUser不再是Grid数据,则会有内码字段 dataAccess.ExecuteNonQuery("insert into AXPUSER(USERID,USERPASSWORD,ISUSE,INTERNALID,CREATORID,CURRENTSTATE) values('admin','admin',1,'" + Guid.NewGuid().ToString() + "','(NotSet)',2)"); } } if (existsINTERNALID) { // 升级时如果发现系统账户(axp.User)的数据表存在内码字段(即类型已修改为主数据),则需要修改所有内码为空的账户信息,为其生成新的Guid if (dataAccess.DatabaseType == LibDatabaseType.SqlServer) { dataAccess.ExecuteNonQuery("update AXPUSER set INTERNALID = NEWID(),CURRENTSTATE = 2 where INTERNALID=''"); } else if (dataAccess.DatabaseType == LibDatabaseType.Oracle) { dataAccess.ExecuteNonQuery("update AXPUSER set INTERNALID = sys_guid(),CURRENTSTATE = 2 where INTERNALID=''"); } } }
public string getSupplIer(string supplyUserId) { string supplierId = string.Empty; LibDataAccess dataAccess = new LibDataAccess(); string sql = string.Format("SELECT SUPPLIERID FROM COMPERSON WHERE PERSONID = '{0}'", supplyUserId); supplierId = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql)); return(supplierId); }
public static Result GetCount(string userId, string handle) { Result res = new Result(); res.ReturnValue = true; string personId = "018427"; //LibHandle Handle = LibHandleCache.Default.IsExistsHandle(LibHandeleType.None, userId); //VerificationHandle(userId, handle, Handle, res); if (res.ReturnValue) { LibDataAccess access = new LibDataAccess(); try { string sql = string.Empty; //if (!string.IsNullOrEmpty(Handle.PersonId))//待优化 //{ CountModel model = new CountModel(); sql = string.Format("SELECT COUNT(*) AS TOTALNUM FROM AXPAPPROVETASK WHERE PERSONID = {0} AND AUDITSTATE = 0 and FLOWLEVEL=CURRENTLEVEL+1", LibStringBuilder.GetQuotString(personId)); model.ApprovelCount = LibSysUtils.ToInt32(access.ExecuteScalar(sql)); sql = string.Format("SELECT COUNT(*) FROM COMABNORMALREPORT A INNER JOIN COMABNORMALREPORTTYPEFLOW B ON B.TYPEID = A.TYPEID WHERE A.TRANSMITLEVEL = B.TRANSMITLEVEL AND B.PERSONID = {0} AND A.BILLNO NOT IN (select FROMBILLNO from COMABNORMALTRACE)", LibStringBuilder.GetQuotString(personId)); model.AbnormalCount = LibSysUtils.ToInt32(access.ExecuteScalar(sql)); res.Info = model; res.ReturnValue = true; //} //else //{ // res.Message = "请重新登录!"; // res.ReturnValue = false; //} } catch (Exception ex) { res.ReturnValue = false; res.Message = "失败!" + ex.Message; } } return(res); }
/// <summary> /// 获取指定用户的SSO令牌信息。如果本站点不是SSO管理站点,则从管理站点获取 /// </summary> /// <param name="userHandle"></param> /// <param name="timeOutMs"></param> /// <param name="dataAccess">可选参数:数据库访问器。如果调用时使用了数据库事务,需要将开启了事务的数据库访问器传递进来,避免在本方法中查询数据库时因事务锁表而死锁。</param> /// <returns></returns> public static string GetToken(LibHandle userHandle, int timeOutMs = 30 * 1000, LibDataAccess dataAccess = null) { if (userHandle == null || string.IsNullOrEmpty(userHandle.UserId)) { return(string.Empty); } if (EnvProvider.Default.IsSSOManageSite) { return(userHandle.GetToCheckToken()); } if (string.IsNullOrEmpty(EnvProvider.Default.SSOManageSiteUrl)) { return(string.Empty); } try { string url = string.Format("{0}/sysSvc/getTokenByUserId", EnvProvider.Default.SSOManageSiteUrl); string password = string.Empty; string sql = string.Format("select USERPASSWORD from AXPUSER where USERID={0} And ISUSE=1", LibStringBuilder.GetQuotString(userHandle.UserId)); if (dataAccess == null) { password = LibSysUtils.ToString((new LibDataAccess()).ExecuteScalar(sql)); } else { password = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql)); } var postP = new { userId = userHandle.UserId, pwd = password }; string errorInfo = string.Empty; dynamic result = LibNetUtils.HttpPostCall <dynamic>(url, postP, out errorInfo, timeOutMs); if (string.IsNullOrEmpty(errorInfo) == false || result == null) { return(string.Empty); } else { return((string)result.GetTokenByUserIdResult); } } catch (Exception exp) { LibCommUtils.AddOutput("CrossSiteCall", string.Format("error:{0}\r\nStacktrace:{1}", exp.Message, exp.StackTrace)); return(string.Empty); } }
public static Result GenerateCode(string userId, string phoneNo) { Result res = new Result(); try { // 生成四位数的验证码 Random r = new Random(); int i = (int)(r.NextDouble() * 10000); string code = i.ToString().PadLeft(4, '0'); // 查看是否存在该帐号对应的验证码 LibDataAccess access = new LibDataAccess(); string sql = string.Format("SELECT count(*) FROM AXPVERIFYCODE WHERE USERID = {0}", LibStringBuilder.GetQuotString(userId)); int count = LibSysUtils.ToInt32(access.ExecuteScalar(sql)); // 生成或者更新验证码 if (count == 0) { sql = string.Format("INSERT INTO AXPVERIFYCODE(USERID, VERIFYCODE, TIME) VALUES({0}, {1}, {2})", LibStringBuilder.GetQuotString(userId), LibStringBuilder.GetQuotString(code), LibDateUtils.GetCurrentDateTime()); } else if (count == 1) { sql = string.Format("UPDATE AXPVERIFYCODE SET VERIFYCODE={0}, TIME={1} WHERE USERID={2}", LibStringBuilder.GetQuotString(code), LibDateUtils.GetCurrentDateTime(), LibStringBuilder.GetQuotString(userId)); } access.ExecuteNonQuery(sql); // 发送短信 SendSMSParam sendSMSParam = new SendSMSParam(); sendSMSParam.Message = "验证码为:" + code; sendSMSParam.PhoneList.Add(phoneNo); LibSMSHelper.SendMsg(sendSMSParam); res.ReturnValue = true; res.Message = "成功!"; } catch (Exception ex) { res.ReturnValue = false; res.Message = "失败!" + ex.Message; } return(res); }
public object GetFormatData(string unitId) { object value = this.Get <object>(unitId); if (value == null) { //说明缓存不存在则需创建 string sql = string.Format("Select RETAINDIGITS From COMUNIT Where UNITID={0}", LibStringBuilder.GetQuotString(unitId)); LibDataAccess dataAccess = new LibDataAccess(); value = dataAccess.ExecuteScalar(sql); if (value != null) { this.Set(unitId, value, new TimeSpan(0, 180, 0)); } } return(value); }
public DataSet GetMyNews(string userId, string password) { SystemService server = new SystemService(); LibDataAccess access = new LibDataAccess(); string sql = string.Format("SELECT count(*) FROM AXPUSER WHERE USERID ='{0}' AND USERPASSWORD ='******'", userId, password); int count = LibSysUtils.ToInt32(access.ExecuteScalar(sql)); if (count > 0) { sql = string.Format("SELECT NEWSID ,USERID ,TITLE ,MAINCONTENT ,INFOID ,A.CREATETIME ,PERSONID ,ISREAD ,EXECTASKDATAID ,B.CREATETIME ,PROGID ,RESULTDATA FROM AXPUSERNEWS A LEFT JOIN AXAEXECTASKDATA B ON A.INFOID = B.EXECTASKDATAID WHERE A.USERID = {0} AND A.ISREAD = 0", LibStringBuilder.GetQuotString(userId)); return(access.ExecuteDataSet(sql)); } else { return(new DataSet()); } }
/// <summary> /// 检查用户账户是否存在 /// </summary> /// <param name="userId"></param> /// <returns></returns> public static bool CheckUserExist(string userId) { if (string.IsNullOrEmpty(userId)) { return(false); } try { LibDataAccess dataAccess = new LibDataAccess(); int count = LibSysUtils.ToInt32(dataAccess.ExecuteScalar(string.Format("select count(*) from AXPUSER where USERID={0} AND ISUSE=1", LibStringBuilder.GetQuotString(userId)))); return(count > 0); } catch (Exception exp) { LibCommUtils.AddOutput("CrossSiteCall", string.Format("error:{0}\r\nStacktrace:{1}", exp.Message, exp.StackTrace)); return(false); } }
/// <summary> /// 在跨站登陆前,访问获取Token /// </summary> /// <param name="userHandle">当前用户句柄</param> /// <returns></returns> public string GetToken(string userHandle) { LibHandle handle = LibHandleCache.Default.GetCurrentHandle(userHandle); if (handle == null) { return(string.Empty); } if (EnvProvider.Default.IsSSOManageSite) { return(handle.GetToCheckToken()); } else { try { string sql = string.Format("select USERPASSWORD from AXPUSER where USERID = {0}", LibStringBuilder.GetQuotString(handle.UserId)); LibDataAccess dataAccess = new LibDataAccess(); var pwd = dataAccess.ExecuteScalar(sql); if (pwd == null) { return(string.Empty); } string baseUrl = EnvProvider.Default.SSOManageSiteUrl; string url = baseUrl + "/sysSvc/getTokenByUserId"; string errorInfo = ""; dynamic obj = LibNetUtils.HttpPostCall <dynamic>(url, new { userId = handle.UserId, pwd = pwd.ToString() }, out errorInfo); if (string.IsNullOrEmpty(errorInfo)) { string token = obj.GetTokenByUserIdResult.Value; return(token); } return(string.Empty); } catch (Exception) { return(string.Empty); //throw; } } }
public static Result SavePictureCalidateCode(string userId, string code) { Result result = new Result(); LibDataAccess dataAccess = new LibDataAccess(); string sql = string.Format("SELECT count(*) FROM AXPVERIFYCODE WHERE USERID = {0}", LibStringBuilder.GetQuotString(userId)); int count = LibSysUtils.ToInt32(dataAccess.ExecuteScalar(sql)); // 生成或者更新验证码 if (count == 0) { sql = string.Format("INSERT INTO AXPVERIFYCODE(USERID, VERIFYCODE, TIME) VALUES({0}, {1}, {2})", LibStringBuilder.GetQuotString(userId), LibStringBuilder.GetQuotString(code), LibDateUtils.GetCurrentDateTime()); } else if (count == 1) { sql = string.Format("UPDATE AXPVERIFYCODE SET VERIFYCODE={0}, TIME={1} WHERE USERID={2}", LibStringBuilder.GetQuotString(code), LibDateUtils.GetCurrentDateTime(), LibStringBuilder.GetQuotString(userId)); } dataAccess.ExecuteNonQuery(sql); return(result); }
public static void PushMessage(string userId, PushType pushType) { LibDataAccess dataAccess = new LibDataAccess(); try { string sql = string.Format("SELECT UUID FROM AXPUSER WHERE USERID={0}"); string uuid = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql)); if (!string.IsNullOrEmpty(uuid)) { List <string> uuidList = new List <string>(); uuidList.Add(uuid); //PushMessageListToListByTransmissionTemplate(uuidList, pushType); } } catch (Exception) { throw; } }
/// <summary> /// 获取异常消息 /// </summary> /// <param name="userId">帐号</param> /// <param name="handle">句柄</param> /// <param name="info">分页参数</param> /// <returns></returns> public static Result GetAbnormalReport(string userId, string handle, PageModel info) { Result res = new Result(); res.ReturnValue = true; LibHandle Handle = LibHandleCache.Default.IsExistsHandle(LibHandeleType.PC, userId); Service.VerificationHandle(userId, handle, Handle, res); if (res.ReturnValue) { LibDataAccess access = new LibDataAccess(); try { string sql = string.Empty; if (!string.IsNullOrEmpty(Handle.PersonId)) { StringBuilder builder = new StringBuilder(); if (info.queryField != null) { switch (info.queryField[0].QueryChar) { case LibQueryChar.Equal: builder.AppendFormat("AND {0}{1}{2}", info.queryField[0].Name, "=", info.queryField[0].Value[0]); break; case LibQueryChar.Region: builder.AppendFormat("AND {0}{1}{2} AND {3}{4}{5}", info.queryField[0].Name, ">=", info.queryField[0].Value[0], info.queryField[0].Name, "<=", info.queryField[0].Value[1]); break; case LibQueryChar.GreaterOrEqual: builder.AppendFormat("AND {0}{1}{2}", info.queryField[0].Name, ">=", info.queryField[0].Value[0]); break; case LibQueryChar.LessOrEqual: builder.AppendFormat("AND {0}{1}{2}", info.queryField[0].Name, "<=", info.queryField[0].Value[0]); break; case LibQueryChar.GreaterThan: builder.AppendFormat("AND {0}{1}{2}", info.queryField[0].Name, ">", info.queryField[0].Value[0]); break; case LibQueryChar.LessThan: builder.AppendFormat("AND {0}{1}{2}", info.queryField[0].Name, "<", info.queryField[0].Value[0]); break; case LibQueryChar.UnequalTo: builder.AppendFormat("AND {0}{1}{2}", info.queryField[0].Name, "<>", info.queryField[0].Value[0]); break; } } //StringBuilder buildString = new StringBuilder(); Dictionary <string, object> dic = new Dictionary <string, object>(); int beginNum = 0, endNum = 0; sql = string.Format("SELECT COUNT(*) FROM COMABNORMALREPORT A LEFT JOIN COMABNORMALREPORTTYPEFLOW B ON B.TYPEID = A.TYPEID WHERE A.TRANSMITLEVEL = B.TRANSMITLEVEL AND B.PERSONID = '{0}' AND (SELECT COUNT(BILLNO) FROM COMABNORMALTRACE C WHERE C.FROMBILLNO=A.BILLNO )={1} {2}", Handle.PersonId, LibSysUtils.ToInt32(info.SelectCondition), builder); int totalCount = LibSysUtils.ToInt32(access.ExecuteScalar(sql)); int pageCount = 0; if (totalCount / info.PageSize == 0) { pageCount = totalCount / info.PageSize; } else { pageCount = totalCount / info.PageSize + 1; } endNum = info.PageNo * info.PageSize; beginNum = (info.PageNo - 1) * info.PageSize + 1; DatabaseProviderFactory factory = new DatabaseProviderFactory(ConfigurationSourceFactory.Create()); Database dataBase = factory.Create("DefaultConnection"); if (dataBase.GetType().Name == "OracleDatabase") { sql = string.Empty; sql = string.Format(@" SELECT DISTINCT A.BILLNO, A.BILLDATE, D.ABNORMALTYPENAME, A.FROMPERSONID, C.PERSONNAME AS FROMPERSONNAME, C.PHONENO AS FROMPHONENO, A.ABNORMALDESC FROM ( SELECT E.*,ROWNUM RN FROM (SELECT * FROM COMABNORMALREPORT F LEFT JOIN COMABNORMALREPORTTYPEFLOW B ON B.TYPEID = F.TYPEID WHERE B.PERSONID={2} AND F.TRANSMITLEVEL = B.TRANSMITLEVEL AND (SELECT COUNT(BILLNO) FROM COMABNORMALTRACE A WHERE A.FROMBILLNO=F.BILLNO )={3}) E WHERE ROWNUM <= {1} ) A LEFT JOIN COMPERSON C ON C.PERSONID=A.FROMPERSONID LEFT JOIN COMABNORMALTYPE D ON D.ABNORMALTYPEID=A.ABNORMALTYPEID WHERE RN>={0} {4}", beginNum, endNum, Handle.PersonId, LibSysUtils.ToInt32(info.SelectCondition), builder); } else { sql = string.Empty; sql = string.Format(""); } res.Info = access.ExecuteDataSet(sql); //res.Info = access.ExecuteStoredProcedureReturnDataSet("GETABNORMALREPORT", ref dic, beginNum, endNum, Handle.PersonId, LibSysUtils.ToInt32(info.SelectCondition), builder); res.pageModel.PageNo = info.PageNo; res.pageModel.PageSize = info.PageSize; res.pageModel.PageCount = pageCount; res.pageModel.TotalCount = totalCount; res.ReturnValue = true; } else { res.ReturnValue = false; res.Message = "请重新登录!"; } } catch (Exception ex) { res.ReturnValue = false; res.Message = "查询失败!" + ex.Message; } } return(res); }
public LoginInfo AppLogin(string userId, string password, string clientId, int clientType, bool quitOther = false) { LoginInfo loginInfo = new LoginInfo(); //检查是否具有 AXPUSERAPP数据表,用于判定是否支持移动端App登录 LibSqlModel sqlModel = LibSqlModelCache.Default.GetSqlModel("axp.User"); bool hasAXPUSERAPP = false; if (sqlModel != null && sqlModel.Tables.Count > 1 && sqlModel.Tables[1].TableName.Equals("AXPUSERAPP")) { hasAXPUSERAPP = true; } if (hasAXPUSERAPP == false) { return(loginInfo);//如果没有需要的相关字段则直接返回 } SqlBuilder builder = new SqlBuilder("axp.User"); string sql = string.Format(@"SELECT A.PERSONID, A.ROLEID, A.WALLPAPER,A.WALLPAPERSTRETCH,B.PERSONNAME,B.PHONENO,B.CORNET,B.HEADPORTRAIT,B.MAIL FROM AXPUSER A LEFT JOIN COMPERSON B ON B.PERSONID=A.PERSONID WHERE A.USERID={0} and A.USERPASSWORD={1} AND A.ISUSE=1", LibStringBuilder.GetQuotString(userId), LibStringBuilder.GetQuotString(password)); //builder.GetQuerySql(0, "A.PERSONID,A.PERSONNAME,A.PHONENO,A.CORNET,A.HEADPORTRAIT,A.MAIL,A.ROLEID,A.WALLPAPER,A.WALLPAPERSTRETCH", string.Format("A.USERID={0} And A.USERPASSWORD={1} And A.ISUSE=1", LibStringBuilder.GetQuotString(userId), LibStringBuilder.GetQuotString(password))); LibDataAccess dataAccess = new LibDataAccess(); string roleId = string.Empty; bool exists = false; using (IDataReader reader = dataAccess.ExecuteDataReader(sql)) { if (reader.Read()) { loginInfo.PersonId = LibSysUtils.ToString(reader["PERSONID"]); loginInfo.PersonName = LibSysUtils.ToString(reader["PERSONNAME"]); roleId = LibSysUtils.ToString(reader["ROLEID"]); loginInfo.Wallpaper = LibSysUtils.ToString(reader["WALLPAPER"]); loginInfo.Stretch = LibSysUtils.ToBoolean(reader["WALLPAPERSTRETCH"]); //20170214 施卢威 增加头像 Email 短号信息 loginInfo.Headportrait = LibSysUtils.ToString(reader["HEADPORTRAIT"]); loginInfo.UserEMail = LibSysUtils.ToString(reader["MAIL"]); loginInfo.Cornet = LibSysUtils.ToString(reader["CORNET"]); loginInfo.UserPhone = LibSysUtils.ToString(reader["PHONENO"]); exists = true; } } if (exists) { #region 帐号与登录设备关联 string appSql = string.Empty; //查询帐号是否已有设备标识 int isAPPClient = LibSysUtils.ToInt32(dataAccess.ExecuteScalar(string.Format("SELECT COUNT(*) from AXPUSERAPP WHERE USERID = '{0}' and CLIENTTYPE={1}", userId, clientType))); if (isAPPClient > 0) { //更新设备标识信息 appSql = string.Format("UPDATE AXPUSERAPP SET CLIENTID={1} WHERE USERID={0} AND CLIENTTYPE={2}", LibStringBuilder.GetQuotString(userId), LibStringBuilder.GetQuotString(clientId), clientType); } else { int curMaxRowId = LibSysUtils.ToInt32(dataAccess.ExecuteScalar(string.Format("SELECT Max(ROW_ID) from AXPUSERAPP WHERE USERID='{0}'", userId))); //插入账户对应的App设备标识信息。 appSql = string.Format("insert into AXPUSERAPP(USERID,ROW_ID,ROWNO,CLIENTTYPE,CLIENTID) values('{0}',{1},{2},{3},'{4}')", userId, curMaxRowId + 1, curMaxRowId + 1, clientType, clientId, 1); } dataAccess.ExecuteNonQuery(appSql); #endregion LibHandle handle = LibHandleCache.Default.IsExistsHandle(LibHandeleType.PC, userId); if (handle != null) { if (quitOther) { LibHandleCache.Default.RemoveHandle(handle.Handle); } else { loginInfo.IsUsed = true; } } if (!loginInfo.IsUsed) { long currentCount = LibHandleCache.Default.GetCount(); long maxUserCount = (long)LibHandleCache.Default.MaxUserCount; if (maxUserCount != -1 && maxUserCount < currentCount) { loginInfo.IsOverUser = true; } else { string loginIp = string.Empty; //Zhangkj20161219 增加LoginIp System.ServiceModel.OperationContext context = System.ServiceModel.OperationContext.Current; //对于非WCF的访问context为null if (context != null) { System.ServiceModel.Channels.MessageProperties properties = context.IncomingMessageProperties; System.ServiceModel.Channels.RemoteEndpointMessageProperty endpoint = properties[System.ServiceModel.Channels.RemoteEndpointMessageProperty.Name] as System.ServiceModel.Channels.RemoteEndpointMessageProperty; loginIp = endpoint.Address + ":" + endpoint.Port.ToString(); handle = LibHandleCache.Default.GetHandle(string.Empty, LibHandeleType.PC, userId, loginInfo.PersonId, loginInfo.PersonName, roleId, loginIp); } else { handle = LibHandleCache.Default.GetHandle(string.Empty, LibHandeleType.PC, userId, loginInfo.PersonId, loginInfo.PersonName, roleId); } //创建新的Handle if (handle != null) { loginInfo.Handle = handle.Handle; } } } } return(loginInfo); }
/// <summary> /// 检查表单附件目录,如果需要的目录不存在则创建。返回检查得到的目录编号 /// 目录编号为表单的功能代码progid,名称为表单的功能显示名称 /// 添加到公共目录下的“表单附件”目录下,如该父目录不存在则创建 /// 子目录按照日期构建 /// </summary> /// <param name="progId"></param> /// <param name="displayName"></param> /// <returns></returns> public bool CheckAndAddBillAttachmentDir(string progId, out string retDirId) { retDirId = string.Empty; if (string.IsNullOrEmpty(progId)) { return(false); } string displayName = string.Empty; string sql = string.Empty; object obj = DBNull.Value; Dictionary <string, LibChangeRecord> dicChanges = new Dictionary <string, LibChangeRecord>(); Dictionary <string, object> dicChangeColumns = new Dictionary <string, object>(); try { LibHandle systemHandle = LibHandleCache.Default.GetSystemHandle(); this.Handle = systemHandle;//设置为系统用户 LibDataAccess dataAccess = this.DataAccess; //检查“表单附件”一级公共目录 if (string.IsNullOrEmpty(ProgDirInfo.BillAttachmentTopDirId)) { sql = string.Format("select DIRID from DMDIRECTORY where DIRNAME = '{0}' and DIRTYPE = 0 and PARENTDIRID = '' order by CREATETIME asc", ProgDirInfo.BillAttachmentTopDirName); obj = dataAccess.ExecuteScalar(sql); if (string.IsNullOrEmpty(LibSysUtils.ToString(obj))) { //表单附件一级目录还不存在 string topDirId = string.Empty; if (AddDirDirectly(ref topDirId, ProgDirInfo.BillAttachmentTopDirName, DirTypeEnum.Public, "") == false) { return(false); } else { ProgDirInfo.BillAttachmentTopDirId = topDirId; } } else { ProgDirInfo.BillAttachmentTopDirId = (string)obj; } } ProgDirInfo progDirInfo = ProgDirInfo.GetDirInfo(progId); if (progDirInfo == null || string.IsNullOrEmpty(progDirInfo.DirId) || string.IsNullOrEmpty(progDirInfo.ProgDisplayName)) { progDirInfo = new ProgDirInfo(progId); //查找ProgId对应的功能名称 sql = string.Format("select PROGNAME from AXPFUNCLIST where PROGID = '{0}'", progId); displayName = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql)); if (string.IsNullOrEmpty(displayName)) { return(false); } progDirInfo.ProgDisplayName = displayName; } if (string.IsNullOrEmpty(progDirInfo.DirId)) { //检查功能模块二级目录 sql = string.Format("select DIRID from DMDIRECTORY where DIRID = '{0}'", progId); obj = dataAccess.ExecuteScalar(sql); if (string.IsNullOrEmpty(LibSysUtils.ToString(obj))) { //表单附件二级目录(功能模块)还不存在 if (AddDirDirectly(ref progId, displayName, DirTypeEnum.Public, ProgDirInfo.BillAttachmentTopDirId) == false) { return(false); } progDirInfo.DirId = progId; } progDirInfo.DirId = progId; } //检查三级目录,日期名 string threeDirName = DateTime.Now.ToString("yyyyMMdd"); retDirId = progDirInfo.GetDayDirId(threeDirName); if (string.IsNullOrEmpty(retDirId)) { sql = string.Format("select DIRID from DMDIRECTORY where DIRNAME = '{0}' and DIRTYPE = 0 and PARENTDIRID = '{1}' order by CREATETIME asc", threeDirName, progId); obj = dataAccess.ExecuteScalar(sql); if (string.IsNullOrEmpty(LibSysUtils.ToString(obj))) { //表单附件三级目录还不存在 bool ret = AddDirDirectly(ref retDirId, threeDirName, DirTypeEnum.Public, progDirInfo.DirId); if (ret) { progDirInfo.AddDayDirId(threeDirName, retDirId); ProgDirInfo.AddDirInfo(progDirInfo); } return(ret); } else { retDirId = (string)obj; if (string.IsNullOrEmpty(retDirId)) { return(false); } else { progDirInfo.AddDayDirId(threeDirName, retDirId); ProgDirInfo.AddDirInfo(progDirInfo); } } } return(true); } catch (Exception exp) { DMCommonMethod.WriteLog("DmDirectoryBcf.AddBillAttachmentDir", string.Format("ProgId:{0}\r\nDisplayName:{1}\r\nError:{2}", progId, displayName, exp.ToString())); return(false); } }
/// <summary> /// 使用用户名密码 下载文件 /// 检查用户对指定文档的下载权限,如果有则将文件复制到临时目录然后通过文件流返回 /// </summary> /// <returns></returns> public FileStreamResult DownloadForPassword() { string docId = string.Empty; int modifyVerId = -1; try { docId = Request.Form["docId"]; string userId = Request.Form["userId"]; string password = Request.Form["password"]; string modifyVerIdStr = Request.Form["modifyVerId"]; if (string.IsNullOrEmpty(docId) || string.IsNullOrEmpty(userId) || string.IsNullOrEmpty(modifyVerIdStr) || string.IsNullOrEmpty(password)) { return(null); } if (int.TryParse(modifyVerIdStr, out modifyVerId) == false) { return(null); } string downloadName = string.Empty; SqlBuilder builder = new SqlBuilder("axp.User"); string sql = builder.GetQuerySql(0, "A.PERSONID", string.Format("A.USERID={0} And A.USERPASSWORD={1} And A.ISUSE=1", LibStringBuilder.GetQuotString(userId), LibStringBuilder.GetQuotString(password))); LibDataAccess dataAccess = new LibDataAccess(); string personId = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql)); if (personId == null) { throw new Exception("用户账户或密码错误"); } //权限判断 if (userId.ToLower() != "admin") { //DMUserPermission userPermission = DMUserPermissionCache.Default.GetCacheItem(personId); //if (!userPermission.CheckCan(string.Empty, docId, DMFuncPermissionEnum.Download)) //{ // throw new Exception("没有权限下载该文件"); //} } DirLinkAddress dirlink = new DirLinkAddress(docId); downloadName = dirlink.DocName; //复制一份到临时目录 string tempPath = Path.Combine(DMCommonMethod.GetDMRootTempPath(), string.Format("{0}_{1}", DateTime.Now.Ticks.ToString(), downloadName)); string docFullPath = dirlink.GetDocFullPath(modifyVerId); if (System.IO.File.Exists(docFullPath)) { System.IO.File.Copy(docFullPath, tempPath); var contentType = MimeMapping.GetMimeMapping(downloadName); return(File(new FileStream(tempPath, FileMode.Open), contentType, downloadName)); } throw new Exception("文件不存在"); } catch (Exception exp) { DMCommonMethod.WriteLog("DocumentController.Download", string.Format("DocId:{0}\r\nModifyVerId:{1}\r\nError:{2}", docId, modifyVerId, exp.ToString())); return(null); } }
private LibPermissionGroup GetPermissionGroupData(string groupId) { LibPermissionGroup groupData = null; string sql = string.Format("select PARENTGROUPID from AXPPERMISSIONGROUP where PERMISSIONGROUPID={0} and ISVALIDITY=1", LibStringBuilder.GetQuotString(groupId)); LibDataAccess dataAccess = new LibDataAccess(); string parentGroupId = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql, false)); if (!string.IsNullOrEmpty(parentGroupId)) { groupData = GetPermissionGroupData(parentGroupId); } if (groupData == null) { groupData = new LibPermissionGroup(); } sql = string.Format("select PROGID,SHOWCONDITION,OPERATEMARK from AXPPERMISSIONGROUPDETAIL where PERMISSIONGROUPID={0}", LibStringBuilder.GetQuotString(groupId)); using (IDataReader reader = dataAccess.ExecuteDataReader(sql, false)) { while (reader.Read()) { string progId = LibSysUtils.ToString(reader["PROGID"]); LibPermission permission = new LibPermission(); string showCondition = LibSysUtils.ToString(reader["SHOWCONDITION"]); if (!string.IsNullOrEmpty(showCondition)) { LibQueryCondition condition = JsonConvert.DeserializeObject(showCondition, typeof(LibQueryCondition)) as LibQueryCondition; permission.ShowCondition = LibQueryConditionParser.GetQueryData(progId, condition); if (!string.IsNullOrEmpty(permission.ShowCondition.Trim())) { foreach (var queryField in condition.QueryFields) { if (!permission.QueryFieldDic.ContainsKey(queryField.Name)) { permission.QueryFieldDic.Add(queryField.Name, new List <LibQueryField>() { queryField }); } } permission.ShowCondition = string.Format("({0})", permission.ShowCondition); } } permission.OperateMark = LibSysUtils.ToInt32(reader["OPERATEMARK"]); if (groupData.PermissionDic.ContainsKey(progId)) //对于继承关系的,直接用子覆盖父的权限 { groupData.PermissionDic[progId] = permission; } else { groupData.PermissionDic.Add(progId, permission); } } } sql = string.Format("select B.PROGID,A.TABLEINDEX,A.FIELDNAME,A.FIELDPOWER,A.USECONDITION from AXPFIELDPOWER A inner join AXPPERMISSIONGROUPDETAIL B on B.ROW_ID=A.PARENTROWID where A.PERMISSIONGROUPID={0}", LibStringBuilder.GetQuotString(groupId)); using (IDataReader reader = dataAccess.ExecuteDataReader(sql, false)) { while (reader.Read()) { string progId = LibSysUtils.ToString(reader["PROGID"]); if (groupData.PermissionDic.ContainsKey(progId)) { int tableIndex = LibSysUtils.ToInt32(reader["TABLEINDEX"]); string fieldName = LibSysUtils.ToString(reader["FIELDNAME"]); if (!groupData.PermissionDic[progId].FieldPowerDic.ContainsKey(tableIndex)) { groupData.PermissionDic[progId].FieldPowerDic.Add(tableIndex, new Dictionary <string, FieldPower>()); } Dictionary <string, FieldPower> dic = groupData.PermissionDic[progId].FieldPowerDic[tableIndex]; if (!dic.ContainsKey(fieldName)) { string useCondition = LibSysUtils.ToString(reader["USECONDITION"]); if (!string.IsNullOrEmpty(useCondition)) { useCondition = string.Format("({0})", useCondition); } dic.Add(fieldName, new FieldPower() { Condition = useCondition, PowerOption = (FieldPowerOption)LibSysUtils.ToInt32(reader["FIELDPOWER"]) }); } } } } sql = string.Format("select B.PROGID,A.BUTTONID from AXPBUTTONPOWER A inner join AXPPERMISSIONGROUPDETAIL B on B.ROW_ID=A.PARENTROWID where A.PERMISSIONGROUPID={0} and A.CANUSE=0", LibStringBuilder.GetQuotString(groupId)); using (IDataReader reader = dataAccess.ExecuteDataReader(sql, false)) { while (reader.Read()) { string progId = LibSysUtils.ToString(reader["PROGID"]); if (groupData.PermissionDic.ContainsKey(progId)) { string buttonId = LibSysUtils.ToString(reader["BUTTONID"]); if (!groupData.PermissionDic[progId].NoUseButton.Contains(buttonId)) { groupData.PermissionDic[progId].NoUseButton.Add(buttonId); } } } } return(groupData); }
/// <summary> /// 获取消息 /// </summary> /// <param name="userId"></param> /// <param name="handle"></param> /// <param name="info"></param> /// <returns></returns> public static Result GetMyNews(string userId, string handle, PageModel info) { Result res = new Result(); res.ReturnValue = true; LibHandle Handle = LibHandleCache.Default.IsExistsHandle(LibHandeleType.PC, userId); VerificationHandle(userId, handle, Handle, res); if (res.ReturnValue) { LibDataAccess access = new LibDataAccess(); try { string sql = string.Empty; if (!string.IsNullOrEmpty(Handle.PersonId))//待优化 { string selectCondition = string.Empty; if (info.SelectCondition == 0) { selectCondition = string.Format("AND ISPASS = {0}", 0); } else { selectCondition = string.Format("AND ISPASS <> {0}", 0); } Dictionary <string, object> dic = new Dictionary <string, object>(); int beginNum = 0, endNum = 0; sql = string.Format("SELECT COUNT(*) AS TOTALNUM FROM AXPAPPROVETASK WHERE PERSONID = {0} {1}", LibStringBuilder.GetQuotString(Handle.PersonId), selectCondition); int totalCount = LibSysUtils.ToInt32(access.ExecuteScalar(sql)); int pageCount = 0; if (totalCount / info.PageSize == 0) { pageCount = totalCount / info.PageSize; } else { pageCount = totalCount / info.PageSize + 1; } endNum = info.PageNo * info.PageSize; beginNum = (info.PageNo - 1) * info.PageSize + 1; sql = string.Empty; sql = string.Format(@" SELECT A.PROGID, B.PROGNAME, A.BILLNO, A.FROMROWID, A.SUBMITPERSONID, D.PERSONNAME AS SUBMITPERSONNAME, A.PERSONID, C.PERSONNAME, A.CREATETIME FROM ( SELECT E.*,ROWNUM RN FROM (SELECT * FROM AXPAPPROVETASK) E WHERE ROWNUM <= {1} AND PERSONID={2} {3}) A LEFT JOIN AXPFUNCLIST B ON A.PROGID = B.PROGID LEFT JOIN COMPERSON C ON A.PERSONID = C.PERSONID LEFT JOIN COMPERSON D ON A.SUBMITPERSONID = D.PERSONID WHERE RN>={0}", beginNum, endNum, LibStringBuilder.GetQuotString(Handle.PersonId), selectCondition); res.Info = access.ExecuteDataSet(sql); res.pageModel.PageNo = info.PageNo; res.pageModel.PageSize = info.PageSize; res.pageModel.PageCount = pageCount; res.pageModel.TotalCount = totalCount; res.ReturnValue = true; } else { res.Message = "请重新登录!"; } } catch (Exception ex) { res.ReturnValue = false; res.Message = "查询失败!" + ex.Message; } } return(res); }