public ActionResult CheckCode()
{
//得到验证码的图片
byte[] bytes = Model_SYS_USER.GenerateValidateCode();
////最后将验证码返回
return(File(bytes, @"image/jpeg"));
}
public JsonResult SetDefuSystem(string id)
{
try
{
if (!string.IsNullOrEmpty(id))
{
return(PackagingAjaxmsg(Model_SYS_USER.SetDefuSystem(id)));
}
return(PackagingAjaxmsg(new Message().NewAmm));
}
catch (Exception)
{
return(PackagingAjaxmsg(new Message().NewAmm));
}
}
public JsonResult LoginIn(string id)
{
string ip = Request.ServerVariables["REMOTE_ADDR"].ToString();
if (Request.Form["username"] == null || Request.Form["password"] == null || Request.Form["checkcode"] == null)
{
return(PackagingAjaxmsg(AjaxStatu.err, string.Format(Message.ParGetFail, "登录名|密码|验证码")));
}
string username = Request["username"].ToString();
string password = Request["password"].ToString();
string checkcode = Request["checkcode"].ToString();
AjaxMsgModel amm = Model_SYS_USER.LoginIn(username, password, checkcode, id);
Model_SYS_USER.GenerateValidateCode(); //北京后台刷新验证码
return(PackagingAjaxmsg(amm));
}
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken)
{
int matchHeaderCount = request.Headers.Count((item) =>
{
if ("keyword".Equals(item.Key))
{
foreach (var str in item.Value)
{
if ("SxSh".Equals(str))
{
return(true);
}
}
}
return(false);
});
if (matchHeaderCount > 0)
{
return(base.SendAsync(request, cancellationToken));
}
else
{
if (!Model_SYS_USER.IsLogin())
{
AjaxMsgModel amm = new AjaxMsgModel
{
BackUrl = "/Home/Login?msg=noLogin",
Data = null,
Msg = Message.NotLogin,
Statu = AjaxStatu.nologin
};
var response = request.CreateResponse(System.Net.HttpStatusCode.OK, amm);
//var response = new HttpResponseMessage(System.Net.HttpStatusCode.Forbidden);
var task = new TaskCompletionSource <HttpResponseMessage>();
task.SetResult(response);
return(task.Task);
}
return(base.SendAsync(request, cancellationToken));
}
}
public JsonResult EditPass()
{
if (Request.Form["txtoldpass"] == null || Request.Form["txtnewpass"] == null || Request.Form["txtrepass"] == null)
{
return(PackagingAjaxmsg(AjaxStatu.err, string.Format(Message.ParGetFail, "密码")));
}
string txtoldpass = Request["txtoldpass"].ToString();
string txtnewpass = Request["txtnewpass"].ToString();
string txtrepass = Request["txtrepass"].ToString();
if (txtnewpass != txtrepass)
{
return(PackagingAjaxmsg(AjaxStatu.err, string.Format(Message.MisMatch, "新密码")));
}
SYS_USER user = new SYS_USER
{
USER_NAME = oc.CurrentUser.USER_NAME,
PASSWORD = txtnewpass
};
AjaxMsgModel amm = Model_SYS_USER.EditUserPwd(user, txtoldpass);
return(PackagingAjaxmsg(amm));
}
public AjaxMsgModel Del(VIEW_SYS_USER data)
{
return(Model_SYS_USER.Del(data.USER_NAME));
}
public AjaxMsgModel Save(VIEW_SYS_USER data)
{
try
{
if (!string.IsNullOrEmpty(data.MANAGE_DEPT_CODE) && data.MANAGE_DEPT_CODE != "null")
{
if (oc.BllSession.ISYS_DEPTService.Entities.Where(o => o.DEPT_CODE == data.MANAGE_DEPT_CODE && o.DEPT_FLAG == 1).Count() == 0)
{
AjaxMsgModel amm = new Message().NewAmm;
amm.Statu = AjaxStatu.err;
amm.Msg = "用户所在部门选择不正确!";
return(amm);
}
}
Mapper.CreateMap <VIEW_SYS_USER, SYS_USER>();
SYS_USER u = Mapper.Map <VIEW_SYS_USER, SYS_USER>(data);
string role_id = "";
if (data.ROLE_EXT.Count > 0)
{
role_id = data.ROLE_EXT[0];
}
List <SYS_USER_ROLE_MAP> listRole = new List <SYS_USER_ROLE_MAP>();
if (!string.IsNullOrEmpty(role_id) && role_id != "null")
{
string[] roleid = role_id.Split(',');
for (int i = 0; i < roleid.Length; i++)
{
listRole.Add(
new SYS_USER_ROLE_MAP()
{
ROLE_ID = roleid[i],
USER_NAME = data.USER_NAME,
USER_ROLE_ID = DateTime.Now.ToString("yyyyMMddHHmmssfff") + i.ToString()
}
);
}
}
if (u.PASSWORD != null)
{
u.PASSWORD = DataHelper.TOMD5(u.PASSWORD);
}
else
{
u.PASSWORD = "";
}
u.UPDATE_DATE = DateTime.Now;
u.UPDATE_USER = oc.CurrentUser.USER_NAME;
u.SYS_USER_ROLE_MAP = listRole;
if (data.ISUP_FLAG_EXT == null || data.ISUP_FLAG_EXT == "")
{
return(Model_SYS_USER.Add(u));
}
else
{
return(Model_SYS_USER.Edit(u, u.PASSWORD));
}
}
catch (Exception)
{
return(new Message().NewAmm);
}
}
//
// 摘要:
// 在过程请求授权时调用。
//
// 参数:
// filterContext:
// 筛选器上下文,它封装有关使用 System.Web.Mvc.AuthorizeAttribute 的信息。
//
// 异常:
// System.ArgumentNullException:
// filterContext 参数为 null。
public override void OnAuthorization(AuthorizationContext filterContext)
{
/**
* 如果请求的区域包含area并且area的名称等于SYSs
* 那么就进行权限验证
* */
if (filterContext.RouteData.DataTokens.Keys.Contains("area") &&
(filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "sys" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "gate" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "gis" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "job" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "material" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "rule" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "scripts" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "rain" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "tool" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "rail" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "car" ||
filterContext.RouteData.DataTokens["area"].ToString().ToLower() == "repair"
))
{
///**
// * 验证用户是否登录
// * */
if (!Model_SYS_USER.IsLogin())
{ ///如果没有登录那么就跳转到登录页面
filterContext.Result = new BaseController().Redirect("/Home/Login?msg=noLogin", filterContext.ActionDescriptor, AjaxStatu.nologin);
}
else
{
if (!AuthorizeIs(filterContext.HttpContext))
{
filterContext.Result = new BaseController().Redirect("/Home/Login?msg=noLogin", filterContext.ActionDescriptor, AjaxStatu.none);
}
else
{
/**
* Action方法本身及它所属控制器都没有定义Skip特性
* 那么就可以进行权限验证
* */
if (!filterContext.ActionDescriptor.AttributeExists <Common.Attributes.SkipAttribute>(false) &&
!filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(Common.Attributes.SkipAttribute), false))
{
//验证该登录用户是否有访问该页面的权限
string strAreaName = filterContext.RouteData.DataTokens["area"].ToString().ToLower();
string strControllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName.ToLower();
string strActionName = filterContext.ActionDescriptor.ActionName.ToLower();
if (strActionName == "index")
{
string[] url = filterContext.HttpContext.Request.FilePath.Split('/');
if (url.Length > 4)
{
for (int i = 4; i < url.Length; i++)
{
strActionName = strActionName + "/" + url[i];
}
}
}
string strHttpMethod = filterContext.HttpContext.Request.HttpMethod;
HttpMethod httpMethod = strHttpMethod.ToLower().Equals("get") ? HttpMethod.Get
: strHttpMethod.ToLower().Equals("post") ? HttpMethod.Post : HttpMethod.HEAD;
if (!Model_SYS_MENU.HasPermission(strAreaName, strControllerName, strActionName, httpMethod))
{
filterContext.Result = new BaseController().Redirect("/Home/Login?msg=noPermission", filterContext.ActionDescriptor, AjaxStatu.noperm);
}
else
{
if (strActionName.ToLower() == "list" && filterContext.HttpContext.Request["page"] != null && filterContext.HttpContext.Request["rows"] != null)
{
string pageIndex = filterContext.HttpContext.Request["page"].ToString();
string pageSize = filterContext.HttpContext.Request["rows"].ToString();
if (pageIndex == "0" && pageSize == "0")
{
filterContext.Result = ObjToJson.GetToJson(null, 0, true);
}
}
}
}
}
}
}
}