/// <summary> /// 逻辑删除参数 /// </summary> /// <param name="userInfo">用户</param> /// <param name="id">主键</param> /// <returns>影响行数</returns> public int SetDeleted(UserInfo userInfo, string id) { int returnValue = 0; var parameter = ParameterUtil.CreateWithMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName, RDIFrameworkMessage.ParameterService_Delete); ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider => { returnValue = new CiParameterManager(dbProvider).SetDeleted(id); }); return(returnValue); }
/// <summary> /// 设置参数值 /// </summary> /// <param name="userInfo">用户</param> /// <param name="categoryKey">分类键值</param> /// <param name="parameterId">参数主键</param> /// <param name="parameterCode">参数编号</param> /// <param name="parameterContent">参数内容</param> /// <param name="allowEdit">允许编辑</param> /// <param name="allowDelete">允许删除</param> /// <returns>影响行数</returns> public int SetParameter(UserInfo userInfo, string categoryKey, string parameterId, string parameterCode, string parameterContent, int allowEdit = 0, int allowDelete = 0) { var returnValue = 0; var parameter = ParameterUtil.CreateWithMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName, RDIFrameworkMessage.ParameterService_SetParameter, "分类键值:" + categoryKey + ",参数主键:" + parameterId + ",参数编号:" + parameterCode); ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider => { var parameterManager = new CiParameterManager(dbProvider, userInfo); returnValue = parameterManager.SetParameter(categoryKey, parameterId, parameterCode, parameterContent, allowEdit, allowDelete); }); return(returnValue); }
/// <summary> /// 获取实体 /// </summary> /// <param name="userInfo">用户</param> /// <param name="id">主键</param> /// <returns>实体</returns> public CiParameterEntity GetEntity(UserInfo userInfo, string id) { CiParameterEntity sequenceEntity = null; var parameter = ParameterUtil.CreateWithOutMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName); ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider => { sequenceEntity = new CiParameterManager(dbProvider, userInfo).GetEntity(id); }); return(sequenceEntity); }
/// <summary> /// 获取参数值 /// </summary> /// <param name="userInfo">用户</param> /// <param name="categoryKey">分类键值</param> /// <param name="parameterId">参数主键</param> /// <param name="parameterCode">参数编号</param> /// <returns>参数值</returns> public string GetParameter(UserInfo userInfo, string categoryKey, string parameterId, string parameterCode) { string returnValue = string.Empty; var parameter = ParameterUtil.CreateWithMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName, RDIFrameworkMessage.ParameterService_GetParameter); ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider => { var parameterManager = new CiParameterManager(dbProvider, userInfo); returnValue = parameterManager.GetParameter(categoryKey, parameterId, parameterCode); }); return(returnValue); }
/// <summary> /// 批量删除参数 /// </summary> /// <param name="userInfo">用户</param> /// <param name="ids">主键数组</param> /// <returns>影响行数</returns> public int BatchDelete(UserInfo userInfo, string[] ids) { var returnValue = 0; var parameter = ParameterUtil.CreateWithMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName, RDIFrameworkMessage.ParameterService_BatchDelete); ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider => { var parameterManager = new CiParameterManager(dbProvider, userInfo); returnValue += ids.Sum(t => parameterManager.Delete(t)); }); return(returnValue); }
/// <summary> /// 删除参数 /// </summary> /// <param name="userInfo">用户</param> /// <param name="categoryKey">分类键值</param> /// <param name="parameterId">参数主键</param> /// <returns>影响行数</returns> public int DeleteByParameter(UserInfo userInfo, string categoryKey, string parameterId) { var returnValue = 0; var parameter = ParameterUtil.CreateWithMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName, RDIFrameworkMessage.ParameterService_DeleteByParameter, "分类键值:" + categoryKey + ",参数主键:" + parameterId); ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider => { var parameterManager = new CiParameterManager(dbProvider, userInfo); returnValue = parameterManager.DeleteByParameter(categoryKey, parameterId); }); return(returnValue); }
/// <summary> /// 按编号获取参数列表 /// </summary> /// <param name="userInfo">用户</param> /// <param name="categoryKey">分类键值</param> /// <param name="parameterId">参数主键</param> /// <param name="parameterCode">参数编号</param> /// <returns>数据表</returns> public DataTable GetDTByParameterCode(UserInfo userInfo, string categoryKey, string parameterId, string parameterCode) { var dataTable = new DataTable(CiParameterTable.TableName); var parameter = ParameterUtil.CreateWithMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName, RDIFrameworkMessage.ParameterService_GetDTByParameterCode); ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider => { var parameterManager = new CiParameterManager(dbProvider, userInfo); dataTable = parameterManager.GetDTByParameterCode(categoryKey, parameterId, parameterCode); dataTable.TableName = CiParameterTable.TableName; }); return(dataTable); }
/// <summary> /// 获取参数列表 /// </summary> /// <param name="userInfo">用户</param> /// <param name="categoryKey">分类键值</param> /// <param name="parameterId">参数主键</param> /// <returns>数据表</returns> public List <CiParameterEntity> GetListByParameter(UserInfo userInfo, string categoryKey, string parameterId) { List <CiParameterEntity> list = new List <CiParameterEntity>(); var parameter = ParameterUtil.CreateWithMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName, RDIFrameworkMessage.ParameterService_GetDTByParameter); ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider => { var parameterManager = new CiParameterManager(dbProvider, userInfo); List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> > { new KeyValuePair <string, object>(CiParameterTable.FieldCategoryKey, categoryKey), new KeyValuePair <string, object>(CiParameterTable.FieldParameterId, parameterId), new KeyValuePair <string, object>(PiOrganizeTable.FieldDeleteMark, 0) }; list = parameterManager.GetList <CiParameterEntity>(parameters, CiParameterTable.FieldSortCode); }); return(list); }
/// <summary> /// 获取序列分页列表 /// </summary> /// <param name="userInfo">用户</param> /// <param name="recordCount">所有角色数</param> /// <param name="pageIndex">当前页</param> /// <param name="pageSize">分页大小(默认20条)</param> /// <param name="whereConditional">条件表达式</param> /// <param name="order">排序字段</param> /// <returns>数据表</returns> public DataTable GetDTByPage(UserInfo userInfo, out int recordCount, int pageIndex = 1, int pageSize = 20, string whereConditional = "", string order = "") { var dataTable = new DataTable(CiParameterTable.TableName); var returnRecordCount = 0; var parameter = ParameterUtil.CreateWithOutMessage(userInfo, MethodBase.GetCurrentMethod(), this.serviceName); ServiceUtil.ProcessRDIReadDb(userInfo, parameter, dbProvider => { var manager = new CiParameterManager(dbProvider, userInfo); if (string.IsNullOrEmpty(whereConditional)) { whereConditional = CiParameterTable.FieldDeleteMark + " = 0 "; } else { whereConditional += " AND " + CiParameterTable.FieldDeleteMark + " = 0 "; } dataTable = manager.GetDTByPage(out returnRecordCount, pageIndex, pageSize, whereConditional, order); dataTable.TableName = CiParameterTable.TableName; }); recordCount = returnRecordCount; return(dataTable); }
/// <summary> /// 进行登录操作 /// </summary> /// <param name="userName">用户名</param> /// <param name="password">密码</param> /// <param name="openId">单点登录标识</param> /// <param name="createNewOpenId"></param> /// <param name="ipAddress">IP地址</param> /// <param name="macAddress">MAC地址</param> /// <param name="checkUserPassword">是否要检查用户密码</param> /// <returns>用户信息</returns> public UserInfo LogOn(string userName, string password, string openId = null, bool createNewOpenId = false, string ipAddress = null, string macAddress = null, bool checkUserPassword = true) { UserInfo userInfo = null; string realName = string.Empty; if (UserInfo != null) { realName = UserInfo.RealName; if (string.IsNullOrEmpty(ipAddress)) { ipAddress = UserInfo.IPAddress; } if (string.IsNullOrEmpty(macAddress)) { macAddress = UserInfo.MACAddress; } } PiUserLogOnManager userLogOnManager = new PiUserLogOnManager(this.DBProvider, this.UserInfo); // 01: 系统是否采用了在线用户的限制 if (SystemInfo.OnLineLimit > 0 && userLogOnManager.CheckOnLineLimit()) { this.ReturnStatusCode = StatusCode.ErrorOnLineLimit.ToString(); // LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager,"LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress,RDIFrameworkMessage.MSG0089 + SystemInfo.OnLineLimit.ToString()); return(userInfo); } // 02. 默认为用户没有找到状态,查找用户 // 这是为了达到安全要求,不能提示用户未找到,那容易让别人猜测到帐户 this.ReturnStatusCode = SystemInfo.EnableCheckPasswordStrength ? StatusCode.ErrorLogOn.ToString() : StatusCode.UserNotFound.ToString(); // 03. 查询数据库中的用户数据?只查询未被删除的 string[] names = { PiUserTable.FieldDeleteMark, PiUserTable.FieldUserName }; Object[] values = { 0, userName }; DataTable dataTable = this.GetDT(names, values); if (dataTable.Rows.Count == 0) { //TODO:若没数据再工号、邮件、手机号等方式登录 } PiUserEntity userEntity = null; PiUserLogOnEntity userLogOnEntity = null; if (dataTable.Rows.Count > 1) { this.ReturnStatusCode = StatusCode.UserDuplicate.ToString(); } else if (dataTable.Rows.Count == 1) { // 05. 判断密码,是否允许登录,是否离职是否正确 userEntity = BaseEntity.Create <PiUserEntity>(dataTable.Rows[0]); if (!string.IsNullOrEmpty(userEntity.AuditStatus) && userEntity.AuditStatus.EndsWith(AuditStatus.WaitForAudit.ToString())) { this.ReturnStatusCode = AuditStatus.WaitForAudit.ToString(); //LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress, RDIFrameworkMessage.MSG0078); return(userInfo); } // 用户无效、已离职的 if (userEntity.IsDimission == 1 || userEntity.Enabled == 0) { this.ReturnStatusCode = StatusCode.LogOnDeny.ToString(); return(userInfo); } // 用户是否有效的 if (userEntity.Enabled == -1) { this.ReturnStatusCode = StatusCode.UserNotActive.ToString(); //LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress, RDIFrameworkMessage.MSG0080); return(userInfo); } userLogOnEntity = userLogOnManager.GetEntity(userEntity.Id); if (string.IsNullOrEmpty(userEntity.UserName) || !userEntity.UserName.Equals("Administrator")) { // 06. 允许登录时间是否有限制 if (userLogOnEntity.AllowEndTime != null) { userLogOnEntity.AllowEndTime = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, userLogOnEntity.AllowEndTime.Value.Hour, userLogOnEntity.AllowEndTime.Value.Minute, userLogOnEntity.AllowEndTime.Value.Second); } if (userLogOnEntity.AllowStartTime != null) { userLogOnEntity.AllowStartTime = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, userLogOnEntity.AllowStartTime.Value.Hour, userLogOnEntity.AllowStartTime.Value.Minute, userLogOnEntity.AllowStartTime.Value.Second); if (DateTime.Now < userLogOnEntity.AllowStartTime) { this.ReturnStatusCode = StatusCode.UserLocked.ToString(); //LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress, RDIFrameworkMessage.MSG0081 + userLogOnEntity.AllowStartTime.Value.ToString("HH:mm")); return(userInfo); } } if (userLogOnEntity.AllowEndTime != null) { if (DateTime.Now > userLogOnEntity.AllowEndTime) { this.ReturnStatusCode = StatusCode.UserLocked.ToString(); //LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress, RDIFrameworkMessage.MSG0082 + userLogOnEntity.AllowEndTime.Value.ToString("HH:mm")); return(userInfo); } } // 07. 锁定日期是否有限制 if (userLogOnEntity.LockStartDate != null && DateTime.Now > userLogOnEntity.LockStartDate) { if (userLogOnEntity.LockEndDate == null || DateTime.Now < userLogOnEntity.LockEndDate) { this.ReturnStatusCode = StatusCode.UserLocked.ToString(); //LogManager.Instance.Add(DBProvider, userName, realName, "LogOn",RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn,userName, ipAddress,RDIFrameworkMessage.MSG0083 + userLogOnEntity.LockStartDate.Value.ToString("yyyy-MM-dd")); return(userInfo); } } if (userLogOnEntity.LockEndDate != null && DateTime.Now < userLogOnEntity.LockEndDate) { this.ReturnStatusCode = StatusCode.UserLocked.ToString(); //LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager,"LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress,RDIFrameworkMessage.MSG0084 + userEntity.LockEndDate.Value.ToString("yyyy-MM-dd")); return(userInfo); } } // 08. 是否检查用户IP地址,是否进行访问限制?管理员不检查IP. && !this.IsAdministrator(userEntity.Id.ToString() if (SystemInfo.EnableCheckIPAddress && userLogOnEntity.CheckIPAddress == 1 && (!(userEntity.UserName.Equals("Administrator") || userEntity.Code.Equals("Administrator")))) { var parameterManager = new CiParameterManager(this.DBProvider); var nameArr = new string[2]; var valueArr = new string[2]; nameArr[0] = CiParameterTable.FieldParameterId; nameArr[1] = CiParameterTable.FieldCategoryKey; valueArr[0] = userEntity.Id.ToString(); // 没有设置IP地址时不检查 valueArr[1] = "IPAddress"; if (!string.IsNullOrEmpty(ipAddress)) { if (parameterManager.Exists(nameArr, valueArr)) { if (!this.CheckIPAddress(ipAddress, userEntity.Id.ToString())) { var parameters = new List <KeyValuePair <string, object> > { new KeyValuePair <string, object>(PiUserLogOnTable.FieldIPAddress, ipAddress) }; //this.SetProperty(userEntity.Id, PiUserLogOnTable.FieldIPAddress, ipAddress); this.ReturnStatusCode = StatusCode.ErrorIPAddress.ToString(); //LogManager.Instance.Add(DBProvider, userName, realName, "LogOn",RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn,ipAddress, ipAddress, RDIFrameworkMessage.MSG0085); return(userInfo); } } } // 没有设置MAC地址时不检查 valueArr[1] = "MacAddress"; if (!string.IsNullOrEmpty(macAddress)) { if (parameterManager.Exists(nameArr, valueArr)) { if (!this.CheckMacAddress(macAddress, userEntity.Id.ToString())) { this.ReturnStatusCode = StatusCode.ErrorMacAddress.ToString(); //this.SetProperty(userEntity.Id, PiUserLogOnTable.FieldMACAddress, macAddress); //LogManager.Instance.Add(DBProvider, userName, realName, "LogOn",RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn,macAddress, ipAddress, RDIFrameworkMessage.MSG0086); return(userInfo); } } } } // 10. 只允许登录一次,需要检查是否自己重新登录了,或者自己扮演自己了 if ((UserInfo != null) && (!UserInfo.Id.Equals(userEntity.Id.ToString()))) { if (SystemInfo.CheckOnLine && userLogOnEntity.MultiUserLogin == 0 && userLogOnEntity.UserOnLine > 0) { // 自己是否登录了2次,在没下线的情况下 bool isSelf = false; if (!string.IsNullOrEmpty(openId)) { if (!string.IsNullOrEmpty(userLogOnEntity.OpenId)) { if (userLogOnEntity.OpenId.Equals(openId)) { isSelf = true; } } } if (!isSelf) { this.ReturnStatusCode = StatusCode.ErrorOnLine.ToString(); //LogManager.Instance.Add(DBProvider, userName, realName, "LogOn",RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn,userName, ipAddress, RDIFrameworkMessage.MSG0087); return(userInfo); } } } // 04. 系统是否采用了密码加密策略? if (checkUserPassword && SystemInfo.EnableEncryptServerPassword) { password = this.EncryptUserPassword(password); } // 11. 密码是否正确(null 与空看成是相等的) if (!(string.IsNullOrEmpty(userLogOnEntity.UserPassword) && string.IsNullOrEmpty(password))) { bool userPasswordOK = true; // 用户密码是空的 if (string.IsNullOrEmpty(userLogOnEntity.UserPassword)) { // 但是输入了不为空的密码 if (!string.IsNullOrEmpty(password)) { userPasswordOK = false; } } else { // 用户的密码不为空,但是用户是输入了密码、 再判断用户的密码与输入的是否相同 userPasswordOK = !string.IsNullOrEmpty(password) && userLogOnEntity.UserPassword.Equals(password); } // 用户的密码不相等 if (!userPasswordOK) { userLogOnEntity.PasswordErrorCount = userLogOnEntity.PasswordErrorCount + 1; if (SystemInfo.PasswordErrorLockLimit > 0 && userLogOnEntity.PasswordErrorCount >= SystemInfo.PasswordErrorLockLimit) { if (SystemInfo.PasswordErrorLockCycle == 0) //密码错误锁定周期若为0,直接设帐号无效,需要管理员审核 { string[] names1 = { PiUserTable.FieldEnabled, PiUserTable.FieldAuditStatus }; object[] values1 = { "0", AuditStatus.WaitForAudit.ToString() }; this.SetProperty(userEntity.Id, names1, values1); } else { //进行帐号锁定 userLogOnEntity.LockStartDate = DateTime.Now; userLogOnEntity.LockEndDate = DateTime.Now.AddMinutes(SystemInfo.PasswordErrorLockCycle); string[] names2 = { PiUserLogOnTable.FieldLockStartDate, PiUserLogOnTable.FieldLockEndDate }; object[] values2 = { userLogOnEntity.LockStartDate, userLogOnEntity.LockEndDate }; userLogOnManager.SetProperty(userEntity.Id, names2, values2); } } else { userLogOnManager.SetProperty(userEntity.Id, PiUserLogOnTable.FieldPasswordErrorCount, userLogOnEntity.PasswordErrorCount); } //密码错误后处理: // 11.1:记录日志 //LogManager.Instance.Add(DBProvider, userEntity.Id.ToString(), userEntity.RealName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userEntity.RealName, ipAddress, RDIFrameworkMessage.MSG0088); // TODO: 11.2:看当天(24小时内)输入错误密码多少次了? // TODO: 11.3:若输错密码数量已经超过了系统限制,则用户被锁定系统设定的小时数。 // TODO: 11.4:同时处理返回值,由于输入错误密码次数过多导致被锁定,登录时应读取这个状态比较,时间过期后应处理下状态。 // 密码强度检查,若是要有安全要求比较高的,返回的提醒消息要进行特殊处理,不能返回非常明确的提示信息。 this.ReturnStatusCode = SystemInfo.EnableCheckPasswordStrength ? StatusCode.ErrorLogOn.ToString() : StatusCode.PasswordError.ToString(); return(userInfo); } } // 12. 更新IP地址,更新MAC地址 userLogOnEntity.PasswordErrorCount = 0; if (!string.IsNullOrEmpty(ipAddress)) { userLogOnEntity.IPAddress = ipAddress; } if (!string.IsNullOrEmpty(macAddress)) { userLogOnEntity.MACAddress = macAddress; } userLogOnManager.SetProperty(userEntity.Id, new string[] { PiUserLogOnTable.FieldPasswordErrorCount, PiUserLogOnTable.FieldIPAddress, PiUserLogOnTable.FieldMACAddress }, new object[] { 0, ipAddress, macAddress }); // 可以正常登录了 this.ReturnStatusCode = StatusCode.OK.ToString(); // 13. 登录、重新登录、扮演时的在线状态进行更新 //userLogOnManager.ChangeOnLine(userEntity.Id); userInfo = this.ConvertToUserInfo(userEntity, userLogOnEntity); userInfo.IPAddress = ipAddress; userInfo.MACAddress = macAddress; userInfo.Password = password; // 这里是判断用户是否为系统管理员的 userInfo.IsAdministrator = IsAdministrator(userEntity); // 数据找到了,就可以退出循环了 /* * // 获得员工的信息 * if (userEntity.IsStaff == 1) * { * PiStaffManager staffManager = new PiStaffManager(DBProvider, UserInfo); * //这里需要按 员工的用户ID来进行查找对应的员工-用户关系 * PiStaffEntity staffEntity = new PiStaffEntity(staffManager.GetDT(PiStaffTable.FieldUserId, userEntity.Id)); * if (!string.IsNullOrEmpty(staffEntity.Id)) * { * userInfo = staffManager.ConvertToUserInfo(staffEntity, userInfo); * } * * }*/ } // 14. 记录系统访问日志 if (this.ReturnStatusCode == StatusCode.OK.ToString()) { //LogManager.Instance.Add(DBProvider, userEntity.Id.ToString(), userEntity.RealName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userEntity.RealName, ipAddress, RDIFrameworkMessage.UserManager_LogOnSuccess); if (string.IsNullOrEmpty(userInfo.OpenId)) { createNewOpenId = true; } if (createNewOpenId) { userInfo.OpenId = userLogOnManager.UpdateVisitDate(userEntity.Id.ToString(), createNewOpenId); } else { userLogOnManager.UpdateVisitDate(userEntity.Id.ToString()); } } else { //LogManager.Instance.Add(DBProvider, userName, realName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userName, ipAddress, RDIFrameworkMessage.MSG0090); } return(userInfo); }