public string getInfoByToken()
{
string token = TokenHelper.GetTokenJson(HttpContext.Request.Headers["Authorization"]);
TokenInfo tokenInfo = JSONHelper.JSONToObject <TokenInfo>(token);
UserInfoVo userInfoVo = new UserInfoVo();
userInfoVo.Name = tokenInfo.UserName;
User user = new User();
user.Name = tokenInfo.UserName;
Workcell workcell = new Workcell();
workcell.Id = tokenInfo.workCell;
Workcell result = userService.getInfoByToken(workcell);
if (result == null)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
else
{
userInfoVo.WorkcellName = result.Name;
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok(userInfoVo)));
}
}
public string CreateFixtureOutRecord(string body)
{
string token = TokenHelper.GetTokenJson(HttpContext.Request.Headers["Authorization"]);
TokenInfo tokenInfo = JSONHelper.JSONToObject <TokenInfo>(token);
User temp = new User();
temp.Name = tokenInfo.UserName;
User user = userService.getUserByName(temp);
InventoryRecord inventoryRecord = JSONHelper.JSONToObject <InventoryRecord>(body);
inventoryRecord.InOrOut = true;
inventoryRecord.LogBy = user.Id;
inventoryRecord.LogOn = DateTime.Now;
InventoryRecord res = stockService.createFixtureRecord(inventoryRecord);
if (res != null)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok(res)));
}
else
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
}
public string delUser(string userName)
{
User user = new User();
user.Name = userName;
int result = userService.delUser(user);
if (result == 1)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok()));
}
else
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
}
public string UpdateRecord(int id, string body)
{
RepairRecord repairRecord = JSONHelper.JSONToObject <RepairRecord>(body);
repairRecord.Id = id;
RepairRecord result = repairService.UpdateRecord(repairRecord);
if (result != null)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok(result)));
}
else
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
}
public string setUserInfo(int id, string body)
{
User user = JSONHelper.JSONToObject <User>(body);
user.Id = id;
User result = userService.setUserInfo(user);
if (result == null)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
else
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok(result)));
}
}
public string MaintainStatus(int id, int status, string body)
{
RepairRecord repairRecord = JSONHelper.JSONToObject <RepairRecord>(body);
repairRecord.Id = id;
RepairRecord res = fixtureService.UpdateRepairRecordStatus(repairRecord, status);
if (res != null)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok(res)));
}
else
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
}
public string DeleteRecordById(int id)
{
RepairRecord repairRecord = new RepairRecord();
repairRecord.Id = id;
int result = repairService.DeleteRecordById(repairRecord);
if (result == 1)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok()));
}
else
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
}
public async Task <ResponseDataEntity> Login(LoginFormEntity formEntity)
{
if (string.IsNullOrEmpty(formEntity.LoginName) || string.IsNullOrEmpty(formEntity.Password))
{
return(ResponseUtil.Fail("请输入账号密码"));
}
if (formEntity.LoginName == "admin")
{
//这里实际应该通过db获取管理员
string password = EncryptUtil.MD5Encrypt(formEntity.Password, AprilConfig.SecurityKey);
if (password == "B092956160CB0018")
{
//获取管理员相关权限,同样是db获取,这里只做展示
AdminEntity admin = new AdminEntity
{
UserName = "******",
Avator = "",
IsSuperManager = true,
TokenType = (int)AprilEnums.TokenType.Web
};
string token = TokenUtil.GetToken(admin, out string expiretimestamp);
int expiretime = 0;
int.TryParse(expiretimestamp, out expiretime);
//可以考虑记录登录日志等其他信息
return(ResponseUtil.Success("", new { username = admin.UserName, avator = admin.Avator, token = token, expire = expiretime }));
}
}
else if (formEntity.LoginName == "test")
{
//这里做权限演示
AdminEntity admin = new AdminEntity
{
UserName = "******",
Avator = "",
TokenType = (int)AprilEnums.TokenType.Web
};
admin.Controllers.Add("weatherforecast");
admin.Permissions.Add("weatherforecast_log");//控制器_事件(Add,Update...)
string token = TokenUtil.GetToken(admin, out string expiretimestamp);
int expiretime = 0;
int.TryParse(expiretimestamp, out expiretime);
//可以考虑记录登录日志等其他信息
return(ResponseUtil.Success("", new { username = admin.UserName, avator = admin.Avator, token = token, expire = expiretime }));
}
//这里其实已经可以考虑验证码相关了,但是这是示例工程,后续可持续关注我,会有基础工程(带权限)的实例公开
return(ResponseUtil.Fail("账号密码错误"));
}
public string login(string userName, string passW)
{
User user = new User();
user.Name = userName;
user.Password = passW;
string result = userService.login(user);
if (result != null)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok(result)));
}
else
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
}
public string getUserByName(string userName)
{
string token = TokenHelper.GetTokenJson(HttpContext.Request.Headers["Authorization"]);//利用这个进行数据按部门进行隔离
TokenInfo tokenInfo = JSONHelper.JSONToObject <TokenInfo>(token);
int WorkcellId = tokenInfo.workCell;
User user = new User();
user.WorkcellId = WorkcellId;
user.Name = userName;
User result = userService.getUserByName(user);
if (result == null)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
else
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok(result)));
}
}
public string GetRecord(int id)
{
string token = TokenHelper.GetTokenJson(HttpContext.Request.Headers["Authorization"]);//利用这个进行数据按部门进行隔离
TokenInfo tokenInfo = JSONHelper.JSONToObject <TokenInfo>(token);
int WorkcellId = tokenInfo.workCell;
RepairRecord repairRecord = new RepairRecord();
repairRecord.Id = id;
repairRecord.WorkcellId = WorkcellId;
RepairRecord result = repairService.GetRecord(repairRecord);
if (result != null)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok(result)));
}
else
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
}
public string DeleteRecordById(int id)
{
string token = TokenHelper.GetTokenJson(HttpContext.Request.Headers["Authorization"]);//利用这个进行数据按部门进行隔离
TokenInfo tokenInfo = JSONHelper.JSONToObject <TokenInfo>(token);
InventoryRecord record = new InventoryRecord();
record.Id = id;
record.WorkcellId = tokenInfo.workCell;
int status = stockService.deleteRecordById(record);
if (1 == status)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok()));
}
else
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
}
public string UpdateDef(int id, string body)
{
string token = TokenHelper.GetTokenJson(HttpContext.Request.Headers["Authorization"]);
TokenInfo tokenInfo = JSONHelper.JSONToObject <TokenInfo>(token);
User p = new User();
p.Name = tokenInfo.UserName;
User user = userService.getUserByName(p);
TongsDefinition tongsDefinition = JSONHelper.JSONToObject <TongsDefinition>(body);
tongsDefinition.Id = id;
tongsDefinition.EditBy = user.Id;
tongsDefinition = fixtureService.updateTongsDefinition(tongsDefinition);
if (null == tongsDefinition)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
else
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok(tongsDefinition)));
}
}
public string PurchaseEntity(string body)
{
string token = TokenHelper.GetTokenJson(HttpContext.Request.Headers["Authorization"]);
TokenInfo tokenInfo = JSONHelper.JSONToObject <TokenInfo>(token);
User p = new User();
p.Name = tokenInfo.UserName;
User user = userService.getUserByName(p);
Purchase purchase = JSONHelper.JSONToObject <Purchase>(body);
purchase.OperatorId = user.Id;
Purchase res = fixtureService.PurhaseRequest(purchase);
if (res != null)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok(res)));
}
else
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
}
public string ScrapStatus(int id, int status, string body)
{
string token = TokenHelper.GetTokenJson(HttpContext.Request.Headers["Authorization"]);
TokenInfo tokenInfo = JSONHelper.JSONToObject <TokenInfo>(token);
User p = new User();
p.Name = tokenInfo.UserName;
User user = userService.getUserByName(p);
Scrap scrap = JSONHelper.JSONToObject <Scrap>(body);
scrap.Id = id;
scrap.OperatorId = user.Id;
Scrap res = fixtureService.UpdateScrapStatus(scrap, status);
if (res != null)
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Ok(res)));
}
else
{
return(JSONHelper.ObjectToJSON(ResponseUtil.Fail()));
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//获取当前方法上的所有自定义特性,false表示不递归查找
object[] objs = filterContext.ActionDescriptor.GetCustomAttributes(false);
//循环所有特性
foreach (object item in objs)
{
//如果此特性是我需要的(CheckAttribute)特性
if (item is CheckAttribute)
{
//强制转换成特性的对象(特性就是一个比较特殊的类,本质上还是类)
CheckAttribute attr = (CheckAttribute)item;
//下面可以对特性的数据做一些校验,比如:校验此方法需要什么样的权限才可以访问,校验请求端的IP地址是否在白名单等
if (attr.PermissionsID == 1)//第一级权限,判断是否登录即可,进出库操作、提交报修申请。
{
//如果此方法有1号权限则跳转提示页面,这里判断的逻辑等,都看业务的需求!!
if (filterContext.HttpContext.Request.Headers["Authorization"] != null)
{
if (!TokenHelper.DecodeToken())
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
else
{
string temp = TokenHelper.GetTokenJson(filterContext.HttpContext.Request.Headers["Authorization"]);
TokenInfo token = JSONHelper.JSONToObject <TokenInfo>(temp);
//进行登录验证
User par = new User();
par.Name = token.UserName;
User user = userDao.selectUserByUserName(par);
if (user == null)
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
else
{
//密码核对
if (MD5Util.MD5Encrypt(token.Pwd) != user.Password)
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
}
}
else
{
var _response = filterContext.HttpContext.Response;
//_response.Redirect("~/Error.html");
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
else if (attr.PermissionsID == 2)//第二级权限,提交采购入库申请、修改工夹具基础信息、处理报修申请、提交报废申请。
{
if (filterContext.HttpContext.Request.Headers["Authorization"] != null)
{
if (!TokenHelper.DecodeToken())
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
else
{
string temp = TokenHelper.GetTokenJson(filterContext.HttpContext.Request.Headers["Authorization"]);
TokenInfo token = JSONHelper.JSONToObject <TokenInfo>(temp);
//进行登录验证
User par = new User();
par.Name = token.UserName;
User user = userDao.selectUserByUserName(par);
if (user == null)
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
else
{
//密码核对
if (MD5Util.MD5Encrypt(token.Pwd) == user.Password)
{
//进一步进行权限等级的验证
if (user.RoleId < 2)
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(506, "无操作权限")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
else
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
}
}
else
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
else if (attr.PermissionsID == 3)//第三级权限,创建和修改工夹具类别、处理采购入库申请、处理报废申请。
{
if (filterContext.HttpContext.Request.Headers["Authorization"] != null)
{
if (!TokenHelper.DecodeToken())
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
else
{
string temp = TokenHelper.GetTokenJson(filterContext.HttpContext.Request.Headers["Authorization"]);
TokenInfo token = JSONHelper.JSONToObject <TokenInfo>(temp);
//进行登录验证
User par = new User();
par.Name = token.UserName;
User user = userDao.selectUserByUserName(par);
if (user == null)
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
else
{
//密码核对
if (MD5Util.MD5Encrypt(token.Pwd) == user.Password)
{
//进一步进行权限等级的验证
if (user.RoleId < 3)
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(506, "无操作权限")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
else
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
}
}
else
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
else if (attr.PermissionsID == 4)//第四级权限,对采购入库申请和报废申请进行最终处理。
{
if (filterContext.HttpContext.Request.Headers["Authorization"] != null)
{
if (!TokenHelper.DecodeToken())
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
else
{
string temp = TokenHelper.GetTokenJson(filterContext.HttpContext.Request.Headers["Authorization"]);
TokenInfo token = JSONHelper.JSONToObject <TokenInfo>(temp);
//进行登录验证
User par = new User();
par.Name = token.UserName;
User user = userDao.selectUserByUserName(par);
if (user == null)
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
else
{
//密码核对
if (MD5Util.MD5Encrypt(token.Pwd) == user.Password)
{
//进一步进行权限等级的验证
if (user.RoleId < 4)
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(506, "无操作权限")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
else
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
}
}
else
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
else if (attr.PermissionsID == 5)//第五级权限,添加或删除用户、更改用户权限。
{
if (filterContext.HttpContext.Request.Headers["Authorization"] != null)
{
if (!TokenHelper.DecodeToken())
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
else
{
string temp = TokenHelper.GetTokenJson(filterContext.HttpContext.Request.Headers["Authorization"]);
TokenInfo token = JSONHelper.JSONToObject <TokenInfo>(temp);
//进行登录验证
User par = new User();
par.Name = token.UserName;
User user = userDao.selectUserByUserName(par);
if (user == null)
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
else
{
//密码核对
if (MD5Util.MD5Encrypt(token.Pwd) == user.Password)
{
//进一步进行权限等级的验证
if (user.RoleId < 5)
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(506, "无操作权限")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
else
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
}
}
else
{
var _response = filterContext.HttpContext.Response;
byte[] ss = System.Text.Encoding.UTF8.GetBytes(JSONHelper.ObjectToJSON(ResponseUtil.Fail(501, "请登录")));
_response.OutputStream.Write(ss, 0, ss.Length);
_response.ContentType = "text/plain";
_response.End();
}
}
}
}
}