/// <summary>
/// 修改用户名
/// </summary>
/// <param name="token">token或用户id</param>
/// <param name="username"></param>
/// <returns></returns>
public IHttpActionResult ChangeUsername(string token, string username)
{
UserInfoDto user;
if (Guid.TryParse(token, out var userid))
{
//session登录
user = UserInfoBll.GetById(userid).Mapper <UserInfoDto>();
}
else
{
//api登录
if (!RedisHelper.KeyExists(token))
{
return(ResultData(null, false, "用户未登录系统!"));
}
user = RedisHelper.GetString <UserInfoDto>(token);
}
var userInfo = UserInfoBll.GetById(user.Id);
if (!username.Equals(userInfo.Username) && UserInfoBll.UsernameExist(username))
{
return(ResultData(null, false, $"用户名{username}已经存在,请尝试更换其他用户名!"));
}
userInfo.Username = username;
bool b = UserInfoBll.UpdateEntitySaved(userInfo);
return(ResultData(Mapper.Map <UserInfoDto>(userInfo), b, b ? $"用户名修改成功,新用户名为{username}。" : "用户名修改失败!"));
}
//获取审批人下拉列表数据
private List <SelectListItem> GetNextIdList()
{
UserInfo userInfo = UserInfoBll.GetById(UserLogin.UserId);
List <SelectListItem> ltResult = new List <SelectListItem> {
new SelectListItem()
};
if (userInfo != null && userInfo.RoleInfo != null)
{
List <RoleInfo> ltRole = userInfo.RoleInfo.ToList();
byte temp = 0;
foreach (var item in ltRole)
{
temp = item.RoleLevel > temp ? item.RoleLevel : temp;
}
IQueryable <RoleInfo> ltR = RoleInfoBll.GetList(r => (r.RoleLevel == temp + 1), r => r.RoleName);
ltResult = (from r in ltR
from u in r.UserInfo
select new SelectListItem
{
Text = u.Username + "(" + r.RoleName + ")",
Value = u.UserId + ""
}).ToList();
if (ltResult.Count > 0)
{
ltResult.Add(new SelectListItem {
Text = "---默认---", Value = ltResult[0].Value, Selected = true
});
}
}
return(ltResult);
}
/// <summary>
/// 修改用户头像
/// </summary>
/// <param name="id"></param>
/// <param name="path"></param>
/// <returns></returns>
public ActionResult ChangeAvatar(Guid id, string path)
{
UserInfo userInfo = UserInfoBll.GetById(id);
userInfo.Avatar = path;
bool b = UserInfoBll.UpdateEntitySaved(userInfo);
return(ResultData(Mapper.Map <UserInfoDto>(userInfo), b, b ? $"头像修改成功。" : "头像修改失败!"));
}
public ActionResult SetUserAction(int uId)
{
UserInfo userInfo = UserInfoBll.GetById(uId);
ViewBag.UserInfo = userInfo;
ViewBag.UserActionInfo = userInfo.UserActionInfo.ToList();
ViewData.Model = ActionInfoBll.GetList(a => a.IsDeleted == 0, a => a.ActionTitle).ToList();
return(View());
}
public ActionResult ChangeNickName(int id, string username)
{
UserInfo userInfo = UserInfoBll.GetById(id);
userInfo.NickName = username;
bool b = UserInfoBll.UpdateEntitySaved(userInfo);
return(ResultData(Mapper.Map <UserInfoOutputDto>(userInfo), b, b ? $"昵称修改成功,新昵称为{username}。" : "昵称修改失败!"));
}
public ActionResult CheckPwdRight(string uPwd)
{
string result = "no";
string temp = UserInfoBll.GetById(UserLogin.UserId).Password;
if (temp == CommonHelper.GetMD5String(uPwd + CommonHelper.GetPasswordSalt()))
{
result = "ok";
}
return(Content(result));
}
public ActionResult ChangeUsername(int id, string username)
{
UserInfo userInfo = UserInfoBll.GetById(id);
if (!username.Equals(userInfo.Username) && UserInfoBll.UsernameExist(username))
{
return(ResultData(null, false, $"用户名{username}已经存在,请尝试更换其他用户名!"));
}
userInfo.Username = username;
bool b = UserInfoBll.UpdateEntitySaved(userInfo);
return(ResultData(Mapper.Map <UserInfoOutputDto>(userInfo), b, b ? $"用户名修改成功,新用户名为{username}。" : "用户名修改失败!"));
}
public ActionResult Edit(UserInfo userInfo)
{
string result = "no";
UserInfo user = UserInfoBll.GetById(userInfo.UserId);
user.ModifiedTime = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
user.SubBy = UserLogin.UserId;
user.Username = userInfo.Username;
user.Remark = userInfo.Remark;
if (user.Username != string.Empty && UserInfoBll.Edit(user))
{
result = "ok";
}
return(Content(result));
}
/// <summary>
/// 移除用户组
/// </summary>
/// <param name="id">用户id</param>
/// <param name="gids">用户组id</param>
/// <returns></returns>
public ActionResult RemoveGroups(Guid id, string gids)
{
string[] ids = gids.Split(',');
UserInfo user = UserInfoBll.GetById(id);
if (user is null)
{
return(ResultData(null, false, "未找到用户!"));
}
List <UserGroup> groups = UserGroupBll.LoadEntities(g => ids.Contains(g.Id.ToString())).ToList();
groups.ForEach(g => user.UserGroup.Remove(g));
bool b = UserInfoBll.UpdateEntitySaved(user);
return(ResultData(null, b, b ? "移除用户组完成!" : "移除用户组失败!"));
}
/// <summary>
/// 分配给客户端子系统
/// </summary>
/// <param name="id"></param>
/// <param name="aids"></param>
/// <returns></returns>
public ActionResult AddApps(Guid id, string aids)
{
string[] ids = aids.Split(',');
UserInfo user = UserInfoBll.GetById(id);
if (user is null)
{
return(ResultData(null, false, "未找到用户!"));
}
List <ClientApp> apps = ClientAppBll.LoadEntities(a => ids.Contains(a.Id.ToString())).ToList();
apps.ForEach(a => user.ClientApp.Add(a));
bool b = UserInfoBll.UpdateEntitySaved(user);
return(ResultData(null, b, b ? "分配给客户端子系统完成!" : "分配给客户端子系统失败!"));
}
public ActionResult PasswordEdit(string pwd, string rpwd)
{
string result = "no";
if (pwd != rpwd)
{
return(Content("no"));
}
UserInfo userInfo = UserInfoBll.GetById(UserLogin.UserId);
userInfo.Password = CommonHelper.GetMD5String(pwd + CommonHelper.GetPasswordSalt());
if (UserInfoBll.Edit(userInfo))
{
result = "ok";
}
return(Content(result));
}
public ActionResult Approve(int stepId)
{
WFStep step = WFStepBll.GetById(stepId);
var uu = UserInfoBll.GetById(step.WFInstance.SubBy);
ApproveViewModel model = new ApproveViewModel
{
StepId = step.StepId,
InstanceId = step.InstanceId,
InstanceTitle = step.WFInstance.InstanceTitle,
Details = step.WFInstance.Details,
SubBy = uu.RealName != null && uu.RealName != "" ? uu.RealName : uu.Username,
Approve = true //默认选中同意
};
ViewData["SelectList"] = GetNextIdList();
return(View(model));
}
/// <summary>
/// 移除角色
/// </summary>
/// <param name="id">用户id</param>
/// <param name="rids">角色id</param>
/// <returns></returns>
public ActionResult RemoveRoles(Guid id, string rids)
{
string[] ids = rids.Split(',');
UserInfo user = UserInfoBll.GetById(id);
if (user is null)
{
return(ResultData(null, false, "未找到用户!"));
}
List <Role> groups = RoleBll.LoadEntities(r => ids.Contains(r.Id.ToString())).ToList();
groups.ForEach(r => user.Role.Remove(r));
bool b = UserInfoBll.UpdateEntitySaved(user);
return(ResultData(null, b, b ? "移除角色完成!" : "移除角色失败!"));
}
/// <summary>
/// 锁定用户
/// </summary>
/// <param name="id">用户id</param>
/// <param name="state">用户状态</param>
/// <returns></returns>
public ActionResult LockUser(Guid id, bool state)
{
UserInfo user = UserInfoBll.GetById(id);
if (user != null)
{
if (user.IsPreset)
{
return(ResultData(null, false, "内置管理员不可禁用!"));
}
user.Locked = !state;
bool b = UserInfoBll.UpdateEntitySaved(user);
return(ResultData(null, b, b ? "用户状态切换成功!" : "用户状态切换失败!"));
}
return(ResultData(null, false, "未找到用户!"));
}
/// <summary>
/// 用户详情
/// </summary>
/// <param name="id"></param>
/// <returns></returns>
public ActionResult Details(Guid id)
{
UserInfo user = UserInfoBll.GetById(id);
if (user != null)
{
(List <ClientApp>, List <UserGroup>, List <Role>, List <Permission>, List <Control>, List <Menu>)details = UserInfoBll.Details(user);
return(ResultData(new
{
apps = details.Item1.Mapper <List <ClientAppInputDto> >(),
groups = details.Item2.Mapper <List <UserGroupInputDto> >(),
roles = details.Item3.Mapper <List <RoleInputDto> >(),
permissions = details.Item4.Mapper <List <PermissionInputDto> >(),
controls = details.Item5.Mapper <List <ControlOutputDto> >(),
menus = details.Item6.Mapper <List <MenuOutputDto> >()
}));
}
return(ResultData(null, false, "用户不存在"));
}
public ActionResult ReApply(int InstanceId)
{
WFStep lastStep = WFStepBll.GetList <int>(s => s.WFInstance.InstanceId == InstanceId).OrderByDescending(s => s.StepId).FirstOrDefault();
WFInstance instance = lastStep.WFInstance;
var uu = UserInfoBll.GetById(lastStep.SubBy);
ReApplyViewModel raView = new ReApplyViewModel
{
InstanceId = instance.InstanceId,
InstanceTitle = instance.InstanceTitle,
Details = instance.Details,
Tips = lastStep.Tips,
RejectBy = uu.RealName != null && uu.RealName != "" ? uu.RealName : uu.Username,
RejectTime = lastStep.SubTime
};
var result = GetNextIdList();
ViewData["SelectList"] = result;
return(View(raView));
}
public IHttpActionResult ChangePasspord(string token, string old, string password, string confirm)
{
UserInfoDto user;
if (Guid.TryParse(token, out var userid))
{
//session登录
user = UserInfoBll.GetById(userid).Mapper <UserInfoDto>();
}
else
{
//api登录
if (!RedisHelper.KeyExists(token))
{
return(ResultData(null, false, "用户未登录系统!"));
}
user = RedisHelper.GetString <UserInfoDto>(token);
}
if (password.Length <= 6)
{
return(ResultData(null, false, "密码过短,至少需要6个字符!"));
}
if (!password.Equals(confirm))
{
return(ResultData(null, false, "两次输入的密码不一致!"));
}
var regex = new Regex(@"(?=.*[0-9]) #必须包含数字
(?=.*[a-zA-Z]) #必须包含小写或大写字母
(?=([\x21-\x7e]+)[^a-zA-Z0-9]) #必须包含特殊符号
.{6,30} #至少6个字符,最多30个字符
", RegexOptions.Multiline | RegexOptions.IgnorePatternWhitespace);
if (!regex.Match(password).Success)
{
return(ResultData(null, false, "密码强度值不够,密码必须包含数字,必须包含小写或大写字母,必须包含至少一个特殊符号,至少6个字符,最多30个字符!"));
}
bool b = UserInfoBll.ChangePassword(user.Id, old, password);
return(ResultData(null, b, b ? $"密码修改成功,新密码为:{password}!" : "密码修改失败,可能是原密码不正确!"));
}
/// <summary>
/// 授予临时权限
/// </summary>
/// <param name="id">用户id</param>
/// <param name="pids">权限id</param>
/// <returns></returns>
public ActionResult AddPermissions(Guid id, string pids)
{
string[] ids = pids.Split(',');
var user = UserInfoBll.GetById(id);
if (user is null)
{
return(ResultData(null, false, "用户不存在"));
}
List <Permission> permissions = PermissionBll.LoadEntities(p => ids.Contains(p.Id.ToString())).ToList();
permissions.ForEach(r => { UserPermissionBll.AddEntity(new UserPermission()
{
HasPermission = true, Permission = r, PermissionId = r.Id, UserInfo = user, UserInfoId = user.Id
}); });
bool b = UserPermissionBll.SaveChanges() > 0;
return(ResultData(null, b, b ? "临时权限配置完成!" : "临时权限配置失败!"));
}
public object User(string appid, string token)
{
UserInfoDto user;
if (token.Contains("-") && Guid.TryParse(token, out var userid))
{
user = UserInfoBll.GetById(userid).Mapper <UserInfoDto>();
}
else
{
if (!RedisHelper.KeyExists(token))
{
return(null);
}
RedisHelper.Expire(token, TimeSpan.FromMinutes(20));
user = RedisHelper.GetString <UserInfoDto>(token);
}
List <ControlOutputDto> acl = UserInfoBll.GetAccessControls(appid, user.Id);
List <MenuOutputDto> menus = UserInfoBll.GetMenus(appid, user.Id);
return(new { user, acl, menus });
}
/// <summary>
/// 获取登陆记录
/// </summary>
/// <param name="token">token或用户id</param>
/// <param name="page"></param>
/// <param name="size"></param>
/// <returns></returns>
public IHttpActionResult LoginRecord(string token, int page = 1, int size = 10)
{
UserInfoDto user;
if (Guid.TryParse(token, out var userid))
{
//session登录
user = UserInfoBll.GetById(userid).Mapper <UserInfoDto>();
}
else
{
//api登录
if (!RedisHelper.KeyExists(token))
{
return(ResultData(null, false, "用户未登录系统!"));
}
user = RedisHelper.GetString <UserInfoDto>(token);
}
List <LoginRecordDto> list = LoginRecordBll.LoadPageEntitiesNoTracking <DateTime, LoginRecordDto>(page, size, out int total, r => r.UserInfoId.Equals(user.Id), r => r.LoginTime, false).ToList();
int pages = (int)Math.Ceiling(total * 1.0 / size);
return(ResultData(new { list, pages }));
}
public ActionResult PersonalInfo(UserInfo userInfo)
{
string result = "no";
UserInfo user = UserInfoBll.GetById(userInfo.UserId);
user.ModifiedTime = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
user.Username = userInfo.Username;
user.RealName = userInfo.RealName;
user.Age = userInfo.Age;
user.Gender = userInfo.Gender;
user.PhoneNumber = userInfo.PhoneNumber;
user.Email = userInfo.Email;
user.Remark = userInfo.Remark;
if (userInfo.Username != UserLogin.UserName)
{
UserLogin.UserName = userInfo.Username;
}
user.SubBy = UserLogin.UserId;
if (user.Username != string.Empty && UserInfoBll.Edit(user))
{
result = "ok";
}
return(Content(result));
}
public ActionResult PersonalInfo()
{
var result = UserInfoBll.GetById(UserLogin.UserId);
return(View(result));
}
public UserInfoDto GetUser(Guid id) => UserInfoBll.GetById(id).Mapper <UserInfoDto>();
public IHttpActionResult Register(string appid, string name, string email, string pwd, string confirm)
{
if (!ClientAppBll.Any(a => a.AppId.Equals(appid)))
{
return(ResultData(null, false, "应用不存在!"));
}
if (String.IsNullOrEmpty(name.Trim()))
{
return(ResultData(null, false, "用户名不能为空"));
}
if (!email.MatchEmail())
{
return(ResultData(null, false, "邮箱格式不正确!"));
}
if (pwd.Length <= 6)
{
return(ResultData(null, false, "密码过短,至少需要6个字符!"));
}
if (!pwd.Equals(confirm))
{
return(ResultData(null, false, "两次输入的密码不一致!"));
}
if (UserInfoBll.UsernameExist(name))
{
return(ResultData(null, message: $"用户名【{name}】已经存在!"));
}
if (UserInfoBll.EmailExist(email))
{
return(ResultData(null, message: $"邮箱【{email}】已经存在!"));
}
var regex = new Regex(@"(?=.*[0-9]) #必须包含数字
(?=.*[a-zA-Z]) #必须包含小写或大写字母
(?=([\x21-\x7e]+)[^a-zA-Z0-9]) #必须包含特殊符号
.{6,30} #至少6个字符,最多30个字符
", RegexOptions.Multiline | RegexOptions.IgnorePatternWhitespace);
if (regex.Match(pwd).Success)
{
UserInfoDto user = UserInfoBll.Register(new UserInfo()
{
Username = name, Password = pwd, Email = email
});
if (user != null)
{
ClientApp app = ClientAppBll.GetFirstEntity(a => a.AppId.Equals(appid));
if (app.Available)
{
app.UserInfo.Add(UserInfoBll.GetById(user.Id));
bool b = ClientAppBll.UpdateEntitySaved(app);
return(ResultData(user, true, b ? "用户注册成功!" : "用户注册成功,但尚未分配到指定的应用子系统,请联系管理员!"));
}
return(ResultData(user, false, $"用户注册成功,但由于【{app.AppName}】网站当前服务不可用,而无法登陆,请联系管理员!"));
}
return(ResultData(null, false, "用户注册失败!"));
}
return(ResultData(null, false, "密码强度值不够,密码必须包含数字,必须包含小写或大写字母,必须包含至少一个特殊符号,至少6个字符,最多30个字符!"));
}
//行为前过滤
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
#region 验证是否有访问权限
////留个后门,给管理方便,发布时删除
//if (UserLogin.UserName.Equals("admin123"))
//{
// return;
//}
//获取用户以及要访问的url
UserInfo userInfo = UserInfoBll.GetById(UserLogin.UserId);
string controllerName = RouteData.GetRequiredString("controller");
string actionName = RouteData.GetRequiredString("action");
if (actionName == "CheckExist" || actionName == "GetSelect" || actionName == "CheckPwdRight")
{
//默认所有人都有验证字段名是否存在、获取下拉列表数据和判断密码是否正确的权限
return;
}
ActionInfo actionInfo = ActionInfoBll.GetList <int>(a =>
(a.ControllerName.ToLower().Equals(controllerName.ToLower()))
&&
(a.ActionName.ToLower().Equals(actionName.ToLower()))
&&
a.IsDeleted == 0)
.FirstOrDefault();
if (actionInfo == null)
{
//访问url有误
filterContext.Result = new RedirectResult("/Error.html");
return;
}
//查询否决,看有无数据
UserActionInfo userActionInfo = UserActionInfoBll.GetList <int>(ua =>
(ua.UserId == userInfo.UserId)
&&
(ua.ActionId == actionInfo.ActionId)).FirstOrDefault();
if (userActionInfo != null)
{
//否决表中有数据
if (userActionInfo.IsAllow == 1)
{
//允许
return;
}
else
{
//拒绝,跳转到无权限页面
filterContext.Result = new RedirectResult("/NoAccess.html");
}
}
else
{
//否决表中无数据,则通过用户找角色,通过角色找权限
var result = from r in userInfo.RoleInfo
from a in r.ActionInfo
where a.ActionId == actionInfo.ActionId
select a;
if (result.Count() > 0)
{
//有权限
return;
}
else
{
//无权限,跳转到无权限页面
filterContext.Result = new RedirectResult("/NoAccess.html");
}
}
#endregion
}
/// <summary>
/// 用户详情
/// </summary>
/// <param name="id"></param>
/// <returns></returns>
public ActionResult Get(Guid id)
{
UserInfoDto user = UserInfoBll.GetById(id).Mapper <UserInfoDto>();
return(ResultData(user));
}
public UserInfo GetById(int id)
{
return(ubll.GetById(id));
}
public ActionResult Edit(int uId)
{
UserInfo userInfo = UserInfoBll.GetById(uId);
return(View(userInfo));
}
public ActionResult SetUserRole(int uId)
{
ViewBag.UserInfo = UserInfoBll.GetById(uId);
ViewData.Model = RoleInfoBll.GetList(r => r.IsDeleted == 0, r => r.RoleName).ToList();
return(View());
}
//首页
public ActionResult Index()
{
#region 查找待办事项信息并放在ViewData中
List <QuickEntryViewModel> ltEntry = new List <QuickEntryViewModel>();
ViewBag.CurrentUser = UserLogin.UserName;
var aSteps = WFStepBll.GetList(s => (s.NextId == UserLogin.UserId) && s.IsEnd == 0, s => s.StepId);
var aInstances = from s in aSteps
select s.WFInstance;
AddEntryViewToList(ltEntry, aInstances);
var rInstances = WFInstanceBll.GetList(i => (i.SubBy == UserLogin.UserId) && (i.InstanceState == 1), i => i.InstanceId);
AddEntryViewToList(ltEntry, rInstances);
ViewData["Entry"] = ltEntry;
#endregion
#region 主菜单过滤
//准备目标集合
List <MenuViewModel> listMenu = new List <MenuViewModel>();
//获取所有的桌面菜单
List <ActionInfo> aList = ActionInfoBll.GetList(a => a.IsDeleted == 0 && a.IsMenu == 1, a => a.ActionTitle).ToList();
//获取当前登录的用户的对象
UserInfo userInfo = UserInfoBll.GetById(UserLogin.UserId);
//遍历所有桌面菜单,逐个判断是否有权限
foreach (var actionInfo in aList)
{
//根据当前数据,构造一个菜单对象
MenuViewModel menu = new MenuViewModel()
{
ActionTitle = actionInfo.ActionTitle,
ControllerName = actionInfo.ControllerName,
ActionName = actionInfo.ActionName,
MenuIcon = actionInfo.MenuIcon
};
//查找否决中是否允许,如果允许,直接加入目标集合
if (UserActionInfoBll.GetList <int>(ua =>
(ua.ActionId == actionInfo.ActionId) &&
(ua.UserId == UserLogin.UserId) &&
(ua.IsAllow == 1)).Count() > 0)
{
listMenu.Add(menu);
continue;
}
//如果否决没有允许,则查找角色-权限过程
var raList = from r in userInfo.RoleInfo
from a in r.ActionInfo
where a.ActionId == actionInfo.ActionId
select a;
if (raList.Count() > 0)
{
listMenu.Add(menu);
}
//排除拒绝的特殊权限
var forbidList = from ua in userInfo.UserActionInfo
where ua.ActionId == actionInfo.ActionId
&&
ua.IsAllow == 0
select ua;
if (forbidList.Count() > 0)
{
listMenu.Remove(menu);
}
}
#endregion
return(View(listMenu));
}
