ibms-dome/FrontendWebApi/ApiControllers/UserController.cs

715 lines
28 KiB
C#
Raw Normal View History

2022-10-14 16:08:54 +08:00
using FrontendWebApi.Jwt;
using FrontendWebApi.Models;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
2022-12-15 14:26:20 +08:00
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;
2022-11-05 11:26:34 +08:00
using Newtonsoft.Json.Linq;
2022-10-14 16:08:54 +08:00
using Repository.BackendRepository.Interface;
using Repository.BaseRepository.Interface;
using Repository.FrontendRepository.Interface;
using System;
using System.Collections.Generic;
2022-12-15 14:26:20 +08:00
using System.Data.SqlTypes;
2022-12-14 11:57:40 +08:00
using System.IdentityModel.Tokens.Jwt;
2022-10-14 16:08:54 +08:00
using System.Linq;
2022-12-14 11:57:40 +08:00
using System.Net;
2022-10-14 16:08:54 +08:00
using System.Net.Http;
using System.Threading.Tasks;
namespace FrontendWebApi.ApiControllers
{
//[ApiController]
public class UserController : MyBaseApiController<UserController>
{
private readonly IBackendRepository backendRepository;
private readonly IFrontendRepository frontendRepository;
public UserController
(
IBackendRepository backendRepository,
IFrontendRepository frontendRepository
)
{
this.backendRepository = backendRepository;
this.frontendRepository = frontendRepository;
}
[HttpPost]
[Route("api/AddUser")]
2022-11-05 11:26:34 +08:00
public async Task<ApiResult<JwtGet>> AddUser(bool str)
2022-10-14 16:08:54 +08:00
{
var a = User.Claims.Select(p => new { p.Type, p.Value });
ApiResult<JwtGet> apiResult = new ApiResult<JwtGet>(jwt_str);
apiResult.Data = myUser;
return apiResult;
}
/// <summary>
/// 帳號管理列表
/// </summary>
/// <returns></returns>
[HttpPost]
2022-12-12 16:09:44 +08:00
public async Task<ApiResult<List<UserManagerList>>> UserManagerList([FromBody] UserManagerList post)
{
ApiResult<List<UserManagerList>> apiResult = new ApiResult<List<UserManagerList>>();
List<UserManagerList> userManagerList = new List<UserManagerList>();
try
{
var sqlString = @$"SELECT A.userinfo_guid, A.full_name, B.full_name AS 'Role_full_name', A.email, A.phone, A.created_at,A.Account ,B.layer
FROM userinfo A
LEFT JOIN role B ON A.role_guid=B.role_guid AND B.deleted='0'
2022-12-12 16:09:44 +08:00
WHERE A.deleted = 0 ";
if (post != null)
{
if (post.Full_name != null)
sqlString += $@" and A.full_name like '%{post.Full_name}%'";
if (post.Role_full_name != null)
sqlString += $@" and B.full_name like '%{post.Role_full_name}%'";
}
sqlString += " ORDER BY A.created_at DESC";
userManagerList = await backendRepository.GetAllAsync<UserManagerList>(sqlString);
apiResult.Code = "0000";
apiResult.Data = userManagerList;
}
catch (Exception exception)
{
apiResult.Code = "9999";
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
}
return apiResult;
}
/// <summary>
/// 角色管理列表
/// </summary>
/// <returns></returns>
[HttpPost]
2022-12-15 14:26:20 +08:00
public async Task<ApiResult<List<RoleManagerList>>> RoleManagerList([FromBody] RoleManagerList post) //是否判斷layer 0:否 1:是
{
ApiResult<List<RoleManagerList>> apiResult = new ApiResult<List<RoleManagerList>>();
List<RoleManagerList> roleList = new List<RoleManagerList>();
try
{
2022-12-15 14:26:20 +08:00
var whereSql = "";
if (post.Layer == 1)
{
2022-12-15 14:26:20 +08:00
whereSql += " and A.layer = 1 ";
}
if (post.Full_name != null)
{
whereSql += $@" and A.full_name like '%{post.Full_name}%'";
}
var sqlString = @$"SELECT *
FROM role A
2022-12-15 14:26:20 +08:00
WHERE A.deleted = 0 {whereSql}
ORDER BY A.created_at DESC";
roleList = await backendRepository.GetAllAsync<RoleManagerList>(sqlString);
apiResult.Code = "0000";
apiResult.Data = roleList;
}
catch (Exception exception)
{
apiResult.Code = "9999";
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
}
return apiResult;
}
/// <summary>
/// 新增 / 修改 使用者
/// </summary>
/// <param name="post"></param>
/// <returns></returns>
[HttpPost]
public async Task<ApiResult<string>> SaveUser([FromBody] SaveUserManager post)
{
ApiResult<string> apiResult = new ApiResult<string>();
UserInfos userInfo = null;
try
{
userInfo = await backendRepository.GetOneAsync<UserInfos>("userinfo", $"userinfo_guid='{post.Id.ToString()}'");
if (userInfo == null)
{
if (post.Id != "0")
{
apiResult.Code = "9998";
apiResult.Msg = "查無該使用者。";
return apiResult;
}
#region 使
//判斷帳號 是否已存在
var exist = await backendRepository.HasExistsWithGuid(post.Account, "userinfo", "account");
if (exist)
{
apiResult.Code = "9986";
apiResult.Msg = "該帳號已被註冊,請重新輸入";
return apiResult;
}
EDFunction edFunction = new EDFunction();
//隨機產生亂數密碼
Random random = new Random((int)DateTime.Now.Ticks);
const string chars = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz23456789";
string random_password = new string(Enumerable.Repeat(chars, 8).Select(s => s[random.Next(chars.Length)]).ToArray());
var newPassword = edFunction.GetSHA256Encryption(random_password);
//產生一組GUID
var guid = Guid.NewGuid(); //使用者GUID
Dictionary<string, object> userinfo = new Dictionary<string, object>();
userinfo = new Dictionary<string, object>()
{
{ "@userinfo_guid", guid},
{ "@Full_name", post.Name},
{ "@Email", post.Email},
{ "@Account", post.Account},
{ "@Password", newPassword},
{ "@Role_guid", post.RoleId},
{ "@Phone", post.Phone},
{ "@created_by", myUser.userinfo_guid}
};
await backendRepository.AddOneByCustomTable(userinfo, "userinfo");
var sWhere = "system_type = 'website_config' AND system_key = 'website_url'";
var website_url = await backendRepository.GetOneAsync<Variable>("variable", sWhere);
var sendSubject = "新增帳號成功";
var sendContent = $@"您的新密碼為:{random_password}
<br><a href='{website_url.system_value}' target='_blank'>{website_url.system_value}</a>";
Dictionary<string, object> insertNotify = new Dictionary<string, object>()
{
{ "@task_type", 0},
{ "@recipient_name", post.Name},
{ "@recipient_phone", post.Phone},
{ "@recipient_email", post.Email},
{ "@message_content", sendContent}
};
2022-11-05 18:18:29 +08:00
//await backendRepository.AddOneByCustomTable(insertNotify, "background_service_message_notification_task");
apiResult.Code = "0000";
apiResult.Msg = "儲存成功";
#endregion
}
else
{
#region 使
Dictionary<string, object> userinfo = new Dictionary<string, object>();
var role = await backendRepository.GetOneAsync<byte>(@$"select layer from role where role_guid = '{post.RoleId}'");
var infoguid = await backendRepository.GetAllAsync<string>($@"select r.full_name from userinfo u
left join role r on u.role_guid = r.role_guid
where r.layer = 0 and u.userinfo_guid != '{post.Id}'");
if (infoguid.Count == 0 && role == 1)
{
apiResult.Code = "9998";
var getrolename = await backendRepository.GetOneAsync<string>("select r.full_name from role r where r.layer = 0");
apiResult.Msg = getrolename + "-僅剩一位<br>故無法儲存";
}
else
{
userinfo = new Dictionary<string, object>()
{
{ "@Full_name", post.Name},
{ "@Email", post.Email},
{ "@Role_guid", post.RoleId},
{ "@Phone", post.Phone},
{ "@updated_by", myUser.userinfo_guid},
{ "@updated_at", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")}
};
await backendRepository.UpdateOneByCustomTable(userinfo, "userinfo", $"userinfo_guid='{post.Id}'");
apiResult.Code = "0000";
apiResult.Msg = "儲存成功";
}
#endregion
}
}
catch (Exception exception)
{
apiResult.Code = "9999";
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
string json = System.Text.Json.JsonSerializer.Serialize(post);
Logger.LogError("【" + controllerName + "/" + actionName + "】" + json);
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
}
return apiResult;
}
/// <summary>
/// 取得單一使用者
/// </summary>
/// <param name="guid"></param>
/// <returns></returns>
[HttpPost]
2022-12-12 16:09:44 +08:00
public async Task<ApiResult<SimpleUser>> GetOneUser([FromBody] SaveUserManager post)
{
ApiResult<SimpleUser> apiResult = new ApiResult<SimpleUser>();
SimpleUser simpleUser = null;
try
{
2022-12-12 16:09:44 +08:00
simpleUser = await backendRepository.GetOneAsync<SimpleUser>("userinfo", $"userinfo_guid='{post.Id}'");
if (simpleUser == null)
{
apiResult.Code = "9998";
apiResult.Msg = "查無該使用者。";
return apiResult;
}
apiResult.Code = "0000";
apiResult.Data = simpleUser;
}
catch (Exception exception)
{
apiResult.Code = "9999";
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
2022-12-12 16:09:44 +08:00
Logger.LogError("【" + controllerName + "/" + actionName + "】" + "Guid=" + post.Id);
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
}
return apiResult;
}
/// <summary>
/// 軟刪除單一使用者
/// </summary>
/// <param name="id"></param>
/// <returns></returns>
[HttpPost]
2022-12-12 16:09:44 +08:00
public async Task<ApiResult<string>> DeleteOneUser([FromBody] SaveUserManager post)
{
ApiResult<string> apiResult = new ApiResult<string>();
SimpleUser simpleUser = null;
try
{
2022-12-12 16:09:44 +08:00
simpleUser = await backendRepository.GetOneAsync<SimpleUser>("userinfo", $"userinfo_guid='{post.Id}'");
if (simpleUser == null)
{
apiResult.Code = "9998";
apiResult.Msg = "查無該使用者。";
return apiResult;
}
2022-12-12 16:09:44 +08:00
await backendRepository.DeleteOne(post.Id, "userinfo", "userinfo_guid");
apiResult.Code = "0000";
apiResult.Msg = "刪除成功";
}
catch (Exception exception)
{
apiResult.Code = "9999";
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
2022-12-12 16:09:44 +08:00
Logger.LogError("【" + controllerName + "/" + actionName + "】" + "Guid=" + post.Id);
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
}
return apiResult;
}
/// <summary>
/// 新增 / 修改 角色
/// </summary>
/// <param name="post"></param>
/// <returns></returns>
[HttpPost]
public async Task<ApiResult<string>> SaveRole([FromBody] PostRole post)
{
ApiResult<string> apiResult = new ApiResult<string>();
RoleManagerList roleManager = null;
try
{
roleManager = await backendRepository.GetOneAsync<RoleManagerList>("role", $"role_guid='{post.Id.ToString()}'");
if (roleManager == null)
{
if (post.Id != "0")
{
apiResult.Code = "9994";
apiResult.Msg = "查無該角色";
return apiResult;
}
#region
//產生一組GUID
var guid = Guid.NewGuid(); //角色GUID
Dictionary<string, object> role = new Dictionary<string, object>();
role = new Dictionary<string, object>()
{
{ "@role_guid", guid},
{ "@Full_name", post.Name},
{ "@created_by", myUser.userinfo_guid}
};
await backendRepository.AddOneByCustomTable(role, "role");
apiResult.Code = "0000";
apiResult.Msg = "儲存成功";
#endregion
}
else
{
#region
Dictionary<string, object> role = new Dictionary<string, object>();
role = new Dictionary<string, object>()
{
{ "@Full_name", post.Name},
{ "@updated_by", myUser.userinfo_guid},
{ "@updated_at", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")}
};
await backendRepository.UpdateOneByCustomTable(role, "role", $"role_guid='{post.Id}'");
apiResult.Code = "0000";
apiResult.Msg = "儲存成功";
#endregion
}
}
catch (Exception exception)
{
apiResult.Code = "9999";
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
string json = System.Text.Json.JsonSerializer.Serialize(post);
Logger.LogError("【" + controllerName + "/" + actionName + "】" + json);
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
}
return apiResult;
}
/// <summary>
/// 取得單一角色
/// </summary>
/// <param name="id"></param>
/// <returns></returns>
[HttpPost]
2022-12-12 16:09:44 +08:00
public async Task<ApiResult<SimpleRole>> GetOneRole([FromBody] PostRole post)
{
ApiResult<SimpleRole> apiResult = new ApiResult<SimpleRole>();
SimpleRole simpleRole = null;
try
{
2022-12-12 16:09:44 +08:00
simpleRole = await backendRepository.GetOneAsync<SimpleRole>("role", $"role_guid='{post.Id}'");
if (simpleRole == null)
{
apiResult.Code = "9994";
apiResult.Msg = "查無該角色";
return apiResult;
}
apiResult.Code = "0000";
apiResult.Data = simpleRole;
}
catch (Exception exception)
{
apiResult.Code = "9999";
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
2022-12-12 16:09:44 +08:00
Logger.LogError("【" + controllerName + "/" + actionName + "】" + "Guid=" + post.Id);
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
}
return apiResult;
}
/// <summary>
/// 軟刪除單一角色
/// </summary>
/// <param name="id"></param>
/// <returns></returns>
[HttpPost]
2022-12-12 16:09:44 +08:00
public async Task<ApiResult<string>> DeleteOneRole([FromBody] PostRole post)
{
ApiResult<string> apiResult = new ApiResult<string>();
SimpleRole simpleRole = null;
try
{
2022-12-12 16:09:44 +08:00
simpleRole = await backendRepository.GetOneAsync<SimpleRole>("role", $"role_guid='{post.Id}'");
if (simpleRole == null)
{
apiResult.Code = "9998";
apiResult.Msg = "查無該角色";
return apiResult;
}
//檢查是否有使用者為該角色
var sWhere = $@"deleted = 0 AND role_guid = @Guid";
2022-12-12 16:09:44 +08:00
var userInfos = await backendRepository.GetAllAsync<UserInfos>("userinfo", sWhere, new { Guid = post.Id });
if (userInfos.Count > 0)
{
apiResult.Code = "9997";
apiResult.Msg = "帳號管理中尚有帳號正在使用該角色,故無法刪除";
return apiResult;
}
2022-12-12 16:09:44 +08:00
await backendRepository.DeleteOne(post.Id, "role", "role_guid");
apiResult.Code = "0000";
apiResult.Msg = "刪除成功";
}
catch (Exception exception)
{
apiResult.Code = "9999";
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
2022-12-12 16:09:44 +08:00
Logger.LogError("【" + controllerName + "/" + actionName + "】" + "Guid=" + post.Id);
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
}
return apiResult;
}
/// <summary>
/// 角色權限管理列表
/// </summary>
/// <returns></returns>
[HttpPost]
public async Task<ApiResult<List<RoleAuthList>>> RoleAuthList([FromBody] PostRoleAuthFilter post)
{
ApiResult<List<RoleAuthList>> apiResult = new ApiResult<List<RoleAuthList>>();
List<RoleAuthList> roleAuthList = new List<RoleAuthList>();
try
{
var sqlString = @$"SELECT A.role_guid, A.AuthCode, B.full_name AS 'Role_full_name', C.AuthType, C.MainName, C.SubName, D.full_name AS 'Building_full_name', A.created_at
FROM role_auth A
LEFT JOIN role B ON A.role_guid=B.role_guid AND B.deleted=0
INNER JOIN auth_page C ON A.AuthCode=C.AuthCode
LEFT JOIN building D ON C.building_tag=D.building_tag AND D.deleted=0
WHERE A.role_guid='{post.SelectedRoleId}'
2022-12-15 14:26:20 +08:00
ORDER BY A.AuthCode ASC";
roleAuthList = await backendRepository.GetAllAsync<RoleAuthList>(sqlString);
apiResult.Code = "0000";
apiResult.Data = roleAuthList;
}
catch (Exception exception)
{
apiResult.Code = "9999";
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
}
return apiResult;
}
/// <summary>
/// 取得此角色未選擇的權限
/// </summary>
/// <param name="post"></param>
/// <returns></returns>
2022-11-05 18:18:29 +08:00
public async Task<ApiResult<List<AuthPage>>> GetRoleNotAuthPageList([FromBody] PostRoleAuthFilter post)
{
ApiResult<List<AuthPage>> apiResult = new ApiResult<List<AuthPage>>();
List<AuthPage> authPage = new List<AuthPage>();
try
{
if (!string.IsNullOrEmpty(post.SelectedRoleId))
{
var buildingGuid = "";
if (post.SelectedBuild != "0")
{
buildingGuid = $" AND ap.building_tag = '{post.SelectedBuild}'";
}
var sqlString = @$" SELECT ap.AuthCode, ap.MainName, ap.SubName FROM auth_page ap
WHERE ap.AuthType='{post.SelectedAuthType}'
{buildingGuid}
AND ap.AuthCode NOT IN (
SELECT ra.AuthCode FROM role_auth ra
LEFT JOIN auth_page ap ON ra.AuthCode = ap.AuthCode
WHERE ra.role_guid = '{post.SelectedRoleId}'
{buildingGuid}
AND ap.AuthType='{post.SelectedAuthType}'
)";
authPage = await backendRepository.GetAllAsync<AuthPage>(sqlString);
}
apiResult.Code = "0000";
apiResult.Data = authPage;
}
catch (Exception exception)
{
apiResult.Code = "9999";
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
}
return apiResult;
}
/// <summary>
/// 新增 權限
/// </summary>
/// <param name="post"></param>
/// <returns></returns>
[HttpPost]
2022-11-05 18:18:29 +08:00
public async Task<ApiResult<string>> SaveRoleAuth([FromBody] PostSaveRoleAuth post)
{
ApiResult<string> apiResult = new ApiResult<string>();
RoleManagerList roleManager = null;
try
{
roleManager = await backendRepository.GetOneAsync<RoleManagerList>("role", $"role_guid='{post.SelectedRoleId}'");
if (roleManager == null)
{
apiResult.Code = "9994";
apiResult.Msg = "查無該角色";
return apiResult;
}
else
{
if (post.SaveCheckAuth.Count > 0)
{
foreach (var item in post.SaveCheckAuth)
{
#region
Dictionary<string, object> roleAuth = new Dictionary<string, object>();
roleAuth = new Dictionary<string, object>()
{
{ "@role_guid", post.SelectedRoleId},
{ "@AuthCode", item},
{ "@created_by", myUser.userinfo_guid}
};
await backendRepository.AddOneByCustomTable(roleAuth, "role_auth");
#endregion
}
}
apiResult.Code = "0000";
apiResult.Msg = "儲存成功";
}
}
catch (Exception exception)
{
apiResult.Code = "9999";
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
string json = System.Text.Json.JsonSerializer.Serialize(post);
Logger.LogError("【" + controllerName + "/" + actionName + "】" + json);
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
}
return apiResult;
}
/// <summary>
/// 刪除 權限
/// </summary>
/// <param name="post"></param>
/// <returns></returns>
[HttpPost]
public async Task<ApiResult<string>> DeleteOneRoleAuth([FromBody] PostDeleteRoleAuth post)
{
ApiResult<string> apiResult = new ApiResult<string>();
RoleManagerList roleManager = null;
try
{
2022-12-15 14:26:20 +08:00
roleManager = await backendRepository.GetOneAsync<RoleManagerList>("role", $"role_guid='{post.Id}'");
if (roleManager == null)
{
apiResult.Code = "9994";
apiResult.Msg = "查無該角色";
return apiResult;
}
2022-12-15 14:26:20 +08:00
await backendRepository.PurgeOneByGuidWithCustomDBNameAndTable("role_auth", $"role_guid='{post.Id}' AND AuthCode='{post.AuthCode}'");
apiResult.Code = "0000";
apiResult.Msg = "刪除成功";
}
catch (Exception exception)
{
apiResult.Code = "9999";
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
string json = System.Text.Json.JsonSerializer.Serialize(post);
Logger.LogError("【" + controllerName + "/" + actionName + "】" + json);
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
}
return apiResult;
}
2022-12-14 11:57:40 +08:00
2022-12-15 14:26:20 +08:00
/// <summary>
/// 前台頁面列表
/// </summary>
/// <param name="post"></param>
/// <returns></returns>
[HttpPost]
public async Task<ApiResult<List<AuthPage>>> AuthPageList()
{
ApiResult<List<AuthPage>> apiResult = new ApiResult<List<AuthPage>>();
List<AuthPage> authPage = new List<AuthPage>();
try
{
var sqlString = $@"select * from auth_page where AuthCode like 'FL%' order by AuthCode";
authPage = await backendRepository.GetAllAsync<AuthPage>(sqlString);
apiResult.Code = "0000";
apiResult.Data = authPage;
}
catch (Exception exception)
{
apiResult.Code = "9999";
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
}
return apiResult;
}
2022-12-14 11:57:40 +08:00
[HttpPost]
[Route("api/getUser")]
public ActionResult GetUser()
{
return Json(new
{
code = "0000",
data = myUser.userinfo_guid
});
}
2022-10-14 16:08:54 +08:00
}
}