980 lines
40 KiB
C#
980 lines
40 KiB
C#
using FrontendWebApi.Jwt;
|
|
using FrontendWebApi.Models;
|
|
using Microsoft.AspNetCore.Http;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.Extensions.Hosting;
|
|
using Microsoft.Extensions.Logging;
|
|
using Newtonsoft.Json.Linq;
|
|
using Repository.BackendRepository.Interface;
|
|
using Repository.BaseRepository.Interface;
|
|
using Repository.FrontendRepository.Interface;
|
|
using System;
|
|
using System.Collections.Generic;
|
|
using System.Data.SqlTypes;
|
|
using System.IdentityModel.Tokens.Jwt;
|
|
using System.Linq;
|
|
using System.Net;
|
|
using System.Net.Http;
|
|
using System.Threading.Tasks;
|
|
|
|
namespace FrontendWebApi.ApiControllers
|
|
{
|
|
//[ApiController]
|
|
public class UserController : MyBaseApiController<UserController>
|
|
{
|
|
private readonly IBackendRepository backendRepository;
|
|
private readonly IFrontendRepository frontendRepository;
|
|
|
|
public UserController
|
|
(
|
|
IBackendRepository backendRepository,
|
|
IFrontendRepository frontendRepository
|
|
)
|
|
{
|
|
this.backendRepository = backendRepository;
|
|
this.frontendRepository = frontendRepository;
|
|
}
|
|
|
|
[HttpPost]
|
|
[Route("api/AddUser")]
|
|
public async Task<ApiResult<JwtGet>> AddUser(bool str)
|
|
{
|
|
var a = User.Claims.Select(p => new { p.Type, p.Value });
|
|
ApiResult<JwtGet> apiResult = new ApiResult<JwtGet>(jwt_str);
|
|
apiResult.Data = myUser;
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 帳號管理列表
|
|
/// </summary>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ApiResult<List<UserManagerList>>> UserManagerList([FromBody] UserManagerList post)
|
|
{
|
|
ApiResult<List<UserManagerList>> apiResult = new ApiResult<List<UserManagerList>>();
|
|
List<UserManagerList> userManagerList = new List<UserManagerList>();
|
|
|
|
try
|
|
{
|
|
var sqlString = @$"SELECT A.userinfo_guid, A.full_name, B.full_name AS 'Role_full_name', A.email, A.phone, A.created_at,A.Account ,B.layer
|
|
FROM userinfo A
|
|
LEFT JOIN role B ON A.role_guid=B.role_guid AND B.deleted='0'
|
|
WHERE A.deleted = 0 ";
|
|
|
|
if (post != null)
|
|
{
|
|
if (post.Full_name != null)
|
|
sqlString += $@" and A.full_name like '%{post.Full_name}%'";
|
|
|
|
if (post.Role_full_name != null)
|
|
sqlString += $@" and B.full_name like '%{post.Role_full_name}%'";
|
|
}
|
|
|
|
sqlString += " ORDER BY A.created_at DESC";
|
|
userManagerList = await backendRepository.GetAllAsync<UserManagerList>(sqlString);
|
|
|
|
apiResult.Code = "0000";
|
|
apiResult.Data = userManagerList;
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 角色管理列表
|
|
/// </summary>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ApiResult<List<RoleManagerList>>> RoleManagerList([FromBody] RoleManagerList post) //是否判斷layer 0:否 1:是
|
|
{
|
|
ApiResult<List<RoleManagerList>> apiResult = new ApiResult<List<RoleManagerList>>();
|
|
List<RoleManagerList> roleList = new List<RoleManagerList>();
|
|
|
|
try
|
|
{
|
|
var whereSql = "";
|
|
if (post.Layer == 1)
|
|
{
|
|
whereSql += " and A.layer = 1 ";
|
|
}
|
|
|
|
if (post.Full_name != null)
|
|
{
|
|
whereSql += $@" and A.full_name like '%{post.Full_name}%'";
|
|
}
|
|
var sqlString = @$"SELECT *
|
|
FROM role A
|
|
WHERE A.deleted = 0 {whereSql}
|
|
ORDER BY A.created_at DESC";
|
|
roleList = await backendRepository.GetAllAsync<RoleManagerList>(sqlString);
|
|
|
|
apiResult.Code = "0000";
|
|
apiResult.Data = roleList;
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 新增 / 修改 使用者
|
|
/// </summary>
|
|
/// <param name="post"></param>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ApiResult<string>> SaveUser([FromBody] SaveUserManager post)
|
|
{
|
|
ApiResult<string> apiResult = new ApiResult<string>();
|
|
|
|
UserInfos userInfo = null;
|
|
|
|
try
|
|
{
|
|
userInfo = await backendRepository.GetOneAsync<UserInfos>("userinfo", $"userinfo_guid='{post.Id.ToString()}'");
|
|
|
|
if (userInfo == null)
|
|
{
|
|
|
|
if (post.Id != "0")
|
|
{
|
|
apiResult.Code = "9998";
|
|
apiResult.Msg = "查無該使用者。";
|
|
return apiResult;
|
|
}
|
|
|
|
#region 新增使用者
|
|
//判斷帳號 是否已存在
|
|
var exist = await backendRepository.HasExistsWithGuid(post.Account, "userinfo", "account");
|
|
if (exist)
|
|
{
|
|
apiResult.Code = "9986";
|
|
apiResult.Msg = "該帳號已被註冊,請重新輸入";
|
|
return apiResult;
|
|
}
|
|
|
|
EDFunction edFunction = new EDFunction();
|
|
|
|
//隨機產生亂數密碼
|
|
Random random = new Random((int)DateTime.Now.Ticks);
|
|
const string chars = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz23456789";
|
|
string random_password = new string(Enumerable.Repeat(chars, 8).Select(s => s[random.Next(chars.Length)]).ToArray());
|
|
|
|
var newPassword = edFunction.GetSHA256Encryption(random_password);
|
|
|
|
//產生一組GUID
|
|
var guid = Guid.NewGuid(); //使用者GUID
|
|
|
|
Dictionary<string, object> userinfo = new Dictionary<string, object>();
|
|
userinfo = new Dictionary<string, object>()
|
|
{
|
|
{ "@userinfo_guid", guid},
|
|
{ "@Full_name", post.Name},
|
|
{ "@Email", post.Email},
|
|
{ "@Account", post.Account},
|
|
{ "@Password", newPassword},
|
|
{ "@Role_guid", post.RoleId},
|
|
{ "@Phone", post.Phone},
|
|
{ "@created_by", myUser.userinfo_guid}
|
|
};
|
|
|
|
await backendRepository.AddOneByCustomTable(userinfo, "userinfo");
|
|
|
|
var sWhere = "system_type = 'website_config' AND system_key = 'website_url'";
|
|
var website_url = await backendRepository.GetOneAsync<Variable>("variable", sWhere);
|
|
|
|
|
|
var sendSubject = "新增帳號成功";
|
|
var sendContent = $@"您的新密碼為:{random_password}
|
|
<br>立即前往:<a href='{website_url.system_value}' target='_blank'>{website_url.system_value}</a>";
|
|
|
|
Dictionary<string, object> insertNotify = new Dictionary<string, object>()
|
|
{
|
|
{ "@task_type", 0},
|
|
{ "@recipient_name", post.Name},
|
|
{ "@recipient_phone", post.Phone},
|
|
{ "@recipient_email", post.Email},
|
|
{ "@message_content", sendContent}
|
|
};
|
|
|
|
//await backendRepository.AddOneByCustomTable(insertNotify, "background_service_message_notification_task");
|
|
|
|
apiResult.Code = "0000";
|
|
apiResult.Msg = "儲存成功";
|
|
#endregion
|
|
}
|
|
else
|
|
{
|
|
#region 修改使用者
|
|
Dictionary<string, object> userinfo = new Dictionary<string, object>();
|
|
var role = await backendRepository.GetOneAsync<byte>(@$"select layer from role where role_guid = '{post.RoleId}'");
|
|
var infoguid = await backendRepository.GetAllAsync<string>($@"select r.full_name from userinfo u
|
|
left join role r on u.role_guid = r.role_guid
|
|
where r.layer = 0 and u.userinfo_guid != '{post.Id}'");
|
|
if (infoguid.Count == 0 && role == 1)
|
|
{
|
|
apiResult.Code = "9998";
|
|
var getrolename = await backendRepository.GetOneAsync<string>("select r.full_name from role r where r.layer = 0");
|
|
apiResult.Msg = getrolename + "-僅剩一位<br>故無法儲存";
|
|
}
|
|
else
|
|
{
|
|
userinfo = new Dictionary<string, object>()
|
|
{
|
|
{ "@Full_name", post.Name},
|
|
{ "@Email", post.Email},
|
|
{ "@Role_guid", post.RoleId},
|
|
{ "@Phone", post.Phone},
|
|
{ "@updated_by", myUser.userinfo_guid},
|
|
{ "@updated_at", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")}
|
|
};
|
|
await backendRepository.UpdateOneByCustomTable(userinfo, "userinfo", $"userinfo_guid='{post.Id}'");
|
|
|
|
apiResult.Code = "0000";
|
|
apiResult.Msg = "儲存成功";
|
|
}
|
|
#endregion
|
|
}
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
string json = System.Text.Json.JsonSerializer.Serialize(post);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + json);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 取得單一使用者
|
|
/// </summary>
|
|
/// <param name="guid"></param>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ApiResult<SimpleUser>> GetOneUser([FromBody] SaveUserManager post)
|
|
{
|
|
ApiResult<SimpleUser> apiResult = new ApiResult<SimpleUser>();
|
|
|
|
SimpleUser simpleUser = null;
|
|
|
|
try
|
|
{
|
|
simpleUser = await backendRepository.GetOneAsync<SimpleUser>("userinfo", $"userinfo_guid='{post.Id}'");
|
|
|
|
if (simpleUser == null)
|
|
{
|
|
apiResult.Code = "9998";
|
|
apiResult.Msg = "查無該使用者。";
|
|
return apiResult;
|
|
}
|
|
|
|
apiResult.Code = "0000";
|
|
apiResult.Data = simpleUser;
|
|
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + "Guid=" + post.Id);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 軟刪除單一使用者
|
|
/// </summary>
|
|
/// <param name="id"></param>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ApiResult<string>> DeleteOneUser([FromBody] SaveUserManager post)
|
|
{
|
|
ApiResult<string> apiResult = new ApiResult<string>();
|
|
|
|
SimpleUser simpleUser = null;
|
|
|
|
try
|
|
{
|
|
simpleUser = await backendRepository.GetOneAsync<SimpleUser>("userinfo", $"userinfo_guid='{post.Id}'");
|
|
|
|
if (simpleUser == null)
|
|
{
|
|
apiResult.Code = "9998";
|
|
apiResult.Msg = "查無該使用者。";
|
|
return apiResult;
|
|
}
|
|
|
|
await backendRepository.DeleteOne(post.Id, "userinfo", "userinfo_guid");
|
|
|
|
apiResult.Code = "0000";
|
|
apiResult.Msg = "刪除成功";
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + "Guid=" + post.Id);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 新增 / 修改 角色
|
|
/// </summary>
|
|
/// <param name="post"></param>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ApiResult<string>> SaveRole([FromBody] PostRole post)
|
|
{
|
|
ApiResult<string> apiResult = new ApiResult<string>();
|
|
|
|
RoleManagerList roleManager = null;
|
|
|
|
try
|
|
{
|
|
roleManager = await backendRepository.GetOneAsync<RoleManagerList>("role", $"role_guid='{post.Id.ToString()}'");
|
|
|
|
if (roleManager == null)
|
|
{
|
|
|
|
if (post.Id != "0")
|
|
{
|
|
apiResult.Code = "9994";
|
|
apiResult.Msg = "查無該角色";
|
|
return apiResult;
|
|
}
|
|
|
|
#region 新增角色
|
|
//產生一組GUID
|
|
var guid = Guid.NewGuid(); //角色GUID
|
|
Dictionary<string, object> role = new Dictionary<string, object>();
|
|
role = new Dictionary<string, object>()
|
|
{
|
|
{ "@role_guid", guid},
|
|
{ "@Full_name", post.Name},
|
|
{ "@created_by", myUser.userinfo_guid}
|
|
};
|
|
|
|
await backendRepository.AddOneByCustomTable(role, "role");
|
|
|
|
apiResult.Code = "0000";
|
|
apiResult.Msg = "儲存成功";
|
|
#endregion
|
|
}
|
|
else
|
|
{
|
|
#region 修改角色
|
|
Dictionary<string, object> role = new Dictionary<string, object>();
|
|
role = new Dictionary<string, object>()
|
|
{
|
|
{ "@Full_name", post.Name},
|
|
{ "@updated_by", myUser.userinfo_guid},
|
|
{ "@updated_at", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")}
|
|
};
|
|
await backendRepository.UpdateOneByCustomTable(role, "role", $"role_guid='{post.Id}'");
|
|
|
|
|
|
apiResult.Code = "0000";
|
|
apiResult.Msg = "儲存成功";
|
|
#endregion
|
|
}
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
string json = System.Text.Json.JsonSerializer.Serialize(post);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + json);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 取得單一角色
|
|
/// </summary>
|
|
/// <param name="id"></param>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ApiResult<SimpleRole>> GetOneRole([FromBody] PostRole post)
|
|
{
|
|
ApiResult<SimpleRole> apiResult = new ApiResult<SimpleRole>();
|
|
|
|
SimpleRole simpleRole = null;
|
|
|
|
try
|
|
{
|
|
simpleRole = await backendRepository.GetOneAsync<SimpleRole>("role", $"role_guid='{post.Id}'");
|
|
|
|
if (simpleRole == null)
|
|
{
|
|
apiResult.Code = "9994";
|
|
apiResult.Msg = "查無該角色";
|
|
return apiResult;
|
|
}
|
|
|
|
apiResult.Code = "0000";
|
|
apiResult.Data = simpleRole;
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + "Guid=" + post.Id);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 軟刪除單一角色
|
|
/// </summary>
|
|
/// <param name="id"></param>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ApiResult<string>> DeleteOneRole([FromBody] PostRole post)
|
|
{
|
|
ApiResult<string> apiResult = new ApiResult<string>();
|
|
|
|
SimpleRole simpleRole = null;
|
|
|
|
try
|
|
{
|
|
simpleRole = await backendRepository.GetOneAsync<SimpleRole>("role", $"role_guid='{post.Id}'");
|
|
|
|
if (simpleRole == null)
|
|
{
|
|
apiResult.Code = "9998";
|
|
apiResult.Msg = "查無該角色";
|
|
return apiResult;
|
|
}
|
|
|
|
//檢查是否有使用者為該角色
|
|
var sWhere = $@"deleted = 0 AND role_guid = @Guid";
|
|
var userInfos = await backendRepository.GetAllAsync<UserInfos>("userinfo", sWhere, new { Guid = post.Id });
|
|
if (userInfos.Count > 0)
|
|
{
|
|
apiResult.Code = "9997";
|
|
apiResult.Msg = "帳號管理中尚有帳號正在使用該角色,故無法刪除";
|
|
return apiResult;
|
|
}
|
|
|
|
|
|
await backendRepository.DeleteOne(post.Id, "role", "role_guid");
|
|
|
|
apiResult.Code = "0000";
|
|
apiResult.Msg = "刪除成功";
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + "Guid=" + post.Id);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 角色權限管理列表
|
|
/// </summary>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ApiResult<List<RoleAuthList>>> RoleAuthList([FromBody] PostRoleAuthFilter post)
|
|
{
|
|
ApiResult<List<RoleAuthList>> apiResult = new ApiResult<List<RoleAuthList>>();
|
|
List<RoleAuthList> roleAuthList = new List<RoleAuthList>();
|
|
|
|
try
|
|
{
|
|
var sqlString = @$"SELECT A.role_guid, A.AuthCode, B.full_name AS 'Role_full_name', C.AuthType, C.MainName, C.SubName, D.full_name AS 'Building_full_name', A.created_at
|
|
FROM role_auth A
|
|
LEFT JOIN role B ON A.role_guid=B.role_guid AND B.deleted=0
|
|
INNER JOIN auth_page C ON A.AuthCode=C.AuthCode
|
|
LEFT JOIN building D ON C.building_tag=D.building_tag AND D.deleted=0
|
|
WHERE A.role_guid='{post.SelectedRoleId}' and A.AuthCode not like '%B%'
|
|
ORDER BY A.AuthCode ASC";
|
|
roleAuthList = await backendRepository.GetAllAsync<RoleAuthList>(sqlString);
|
|
|
|
apiResult.Code = "0000";
|
|
apiResult.Data = roleAuthList;
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 取得此角色未選擇的權限
|
|
/// </summary>
|
|
/// <param name="post"></param>
|
|
/// <returns></returns>
|
|
public async Task<ApiResult<List<AuthPage>>> GetRoleNotAuthPageList([FromBody] PostRoleAuthFilter post)
|
|
{
|
|
ApiResult<List<AuthPage>> apiResult = new ApiResult<List<AuthPage>>();
|
|
List<AuthPage> authPage = new List<AuthPage>();
|
|
|
|
try
|
|
{
|
|
if (!string.IsNullOrEmpty(post.SelectedRoleId))
|
|
{
|
|
var buildingGuid = "";
|
|
if (post.SelectedBuild != "0")
|
|
{
|
|
buildingGuid = $" AND ap.building_tag = '{post.SelectedBuild}'";
|
|
}
|
|
var sqlString = @$" SELECT ap.AuthCode, ap.MainName, ap.SubName FROM auth_page ap
|
|
WHERE ap.AuthType='{post.SelectedAuthType}'
|
|
{buildingGuid}
|
|
AND ap.AuthCode NOT IN (
|
|
SELECT ra.AuthCode FROM role_auth ra
|
|
LEFT JOIN auth_page ap ON ra.AuthCode = ap.AuthCode
|
|
WHERE ra.role_guid = '{post.SelectedRoleId}'
|
|
{buildingGuid}
|
|
AND ap.AuthType='{post.SelectedAuthType}'
|
|
)";
|
|
authPage = await backendRepository.GetAllAsync<AuthPage>(sqlString);
|
|
}
|
|
apiResult.Code = "0000";
|
|
apiResult.Data = authPage;
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 新增 權限
|
|
/// </summary>
|
|
/// <param name="post"></param>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ApiResult<string>> SaveRoleAuth([FromBody] PostSaveRoleAuth post)
|
|
{
|
|
ApiResult<string> apiResult = new ApiResult<string>();
|
|
|
|
RoleManagerList roleManager = null;
|
|
|
|
try
|
|
{
|
|
roleManager = await backendRepository.GetOneAsync<RoleManagerList>("role", $"role_guid='{post.SelectedRoleId}'");
|
|
|
|
if (roleManager == null)
|
|
{
|
|
apiResult.Code = "9994";
|
|
apiResult.Msg = "查無該角色";
|
|
return apiResult;
|
|
}
|
|
else
|
|
{
|
|
await backendRepository.ExecuteSql($"delete from role_auth where role_guid = '{post.SelectedRoleId}' and AuthCode like '%PF%'");
|
|
if (post.SaveCheckAuth.Count > 0)
|
|
{
|
|
foreach (var item in post.SaveCheckAuth)
|
|
{
|
|
#region 新增權限
|
|
{
|
|
Dictionary<string, object> roleAuth = new Dictionary<string, object>();
|
|
roleAuth = new Dictionary<string, object>()
|
|
{
|
|
{ "@role_guid", post.SelectedRoleId},
|
|
{ "@AuthCode", item},
|
|
{ "@created_by", myUser.userinfo_guid}
|
|
};
|
|
|
|
await backendRepository.AddOneByCustomTable(roleAuth, "role_auth");
|
|
}
|
|
#endregion
|
|
}
|
|
}
|
|
apiResult.Code = "0000";
|
|
apiResult.Msg = "儲存成功";
|
|
}
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
string json = System.Text.Json.JsonSerializer.Serialize(post);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + json);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 刪除 權限
|
|
/// </summary>
|
|
/// <param name="post"></param>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ApiResult<string>> DeleteOneRoleAuth([FromBody] PostDeleteRoleAuth post)
|
|
{
|
|
ApiResult<string> apiResult = new ApiResult<string>();
|
|
|
|
RoleManagerList roleManager = null;
|
|
|
|
try
|
|
{
|
|
roleManager = await backendRepository.GetOneAsync<RoleManagerList>("role", $"role_guid='{post.Id}'");
|
|
|
|
if (roleManager == null)
|
|
{
|
|
apiResult.Code = "9994";
|
|
apiResult.Msg = "查無該角色";
|
|
return apiResult;
|
|
}
|
|
|
|
await backendRepository.PurgeOneByGuidWithCustomDBNameAndTable("role_auth", $"role_guid='{post.Id}' AND AuthCode='{post.AuthCode}'");
|
|
|
|
apiResult.Code = "0000";
|
|
apiResult.Msg = "刪除成功";
|
|
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
string json = System.Text.Json.JsonSerializer.Serialize(post);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + json);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 前台頁面列表
|
|
/// </summary>
|
|
/// <param name="post"></param>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ApiResult<List<AuthPage>>> AuthPageList()
|
|
{
|
|
ApiResult<List<AuthPage>> apiResult = new ApiResult<List<AuthPage>>();
|
|
List<AuthPage> authPage = new List<AuthPage>();
|
|
|
|
try
|
|
{
|
|
var sqlString = $@"select * from auth_page where AuthCode like 'PF%' order by AuthCode";
|
|
authPage = await backendRepository.GetAllAsync<AuthPage>(sqlString);
|
|
apiResult.Code = "0000";
|
|
apiResult.Data = authPage;
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
|
|
return apiResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// 即時趨勢條件過濾條件面板
|
|
/// </summary>
|
|
/// <param name="account"></param>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ActionResult<ApiResult<List<string>>>> GetUsrDevSys([FromBody] User u)
|
|
{
|
|
ApiResult<List<string>> apiResult = new ApiResult<List<string>>();
|
|
List<string> ss = new List<string>();
|
|
try
|
|
{
|
|
var sqlString = $@"select ap.AuthCode
|
|
from role_auth ra
|
|
join auth_page ap on ra.AuthCode = ap.AuthCode
|
|
join variable v on ap.ShowView = v.id
|
|
join userinfo ui on ra.role_guid = ui.role_guid
|
|
where v.system_type = 'device_system_category_layer3' and v.deleted = 0 and ui.userinfo_guid = @user_guid";
|
|
|
|
ss = await backendRepository.GetAllAsync<string>(sqlString, new { @user_guid = u.userinfo_guid });
|
|
|
|
apiResult.Data= ss;
|
|
apiResult.Code = "0000";
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
return Ok(apiResult);
|
|
}
|
|
return Ok(apiResult);
|
|
}
|
|
|
|
/// <summary>
|
|
/// 編輯 系統權限
|
|
/// </summary>
|
|
/// <param name="post"></param>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ApiResult<string>> DelDevSysRoleAuth([FromBody] PostSaveRoleAuth post)
|
|
{
|
|
ApiResult<string> apiResult = new ApiResult<string>();
|
|
|
|
RoleManagerList roleManager = null;
|
|
|
|
try
|
|
{
|
|
roleManager = await backendRepository.GetOneAsync<RoleManagerList>("role", $"role_guid='{post.SelectedRoleId}'");
|
|
|
|
if (roleManager == null)
|
|
{
|
|
apiResult.Code = "9994";
|
|
apiResult.Msg = "查無該角色";
|
|
return apiResult;
|
|
}
|
|
else
|
|
{
|
|
if (post.SaveCheckAuth.Count > 0)
|
|
{
|
|
foreach (var item in post.SaveCheckAuth)
|
|
{
|
|
#region 刪除權限
|
|
await backendRepository.PurgeOneByGuidWithCustomDBNameAndTable("role_auth", $"role_guid = '{post.SelectedRoleId}' and AuthCode = '{item}'");
|
|
#endregion
|
|
}
|
|
}
|
|
apiResult.Code = "0000";
|
|
apiResult.Msg = "儲存成功";
|
|
}
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
string json = System.Text.Json.JsonSerializer.Serialize(post);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + json);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
|
|
return apiResult;
|
|
|
|
}
|
|
|
|
[HttpPost]
|
|
[Route("api/getUser")]
|
|
public ActionResult GetUser()
|
|
{
|
|
return Json(new
|
|
{
|
|
code = "0000",
|
|
data = myUser.userinfo_guid
|
|
});
|
|
}
|
|
|
|
[HttpPost]
|
|
[Route("api/getUserFull")]
|
|
public ActionResult GetUserFull()
|
|
{
|
|
return Json(new
|
|
{
|
|
code = "0000",
|
|
data = myUser
|
|
});
|
|
}
|
|
|
|
[HttpPost]
|
|
public async Task<ApiResult<string>> GetUsrRolId([FromBody] User post)
|
|
{
|
|
ApiResult<string> apiResult = new ApiResult<string>();
|
|
|
|
User user = null;
|
|
|
|
try
|
|
{
|
|
user = await backendRepository.GetOneAsync<User>("userinfo", $"userinfo_guid='{post.userinfo_guid}'");
|
|
|
|
if (user == null)
|
|
{
|
|
apiResult.Code = "9994";
|
|
apiResult.Msg = "查無該使用者";
|
|
return apiResult;
|
|
}
|
|
else
|
|
{
|
|
apiResult.Code = "0000";
|
|
apiResult.Data = await backendRepository.GetOneAsync<string>($@"select role_guid from userinfo where userinfo_guid = @userinfo_guid", new { @userinfo_guid = post.userinfo_guid });
|
|
}
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
string json = System.Text.Json.JsonSerializer.Serialize(post);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + json);
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
}
|
|
|
|
return apiResult;
|
|
|
|
}
|
|
|
|
/// <summary>
|
|
/// 即時趨勢條件過濾條件面板
|
|
/// </summary>
|
|
/// <param name="account"></param>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<ActionResult<ApiResult<History_MainSubBuildFloor>>> GetMainSub([FromBody] HistoryFind hf)
|
|
{
|
|
ApiResult<History_MainSubBuildFloor> apiResult = new ApiResult<History_MainSubBuildFloor>(jwt_str);
|
|
if (!jwtlife)
|
|
{
|
|
apiResult.Code = "5000";
|
|
return BadRequest(apiResult);
|
|
}
|
|
else if (string.IsNullOrEmpty(hf.building_tag))
|
|
{
|
|
apiResult.Code = "0002";
|
|
apiResult.Msg = "必須選擇東別";
|
|
return apiResult;
|
|
}
|
|
|
|
try
|
|
{
|
|
// User 權限可見的系統
|
|
var dbsub = await frontendRepository.GetAllAsync<HistoryDBMainSub>(
|
|
@$"select distinct v1.system_key main_name, v1.system_value main_system_tag, v2.system_key sub_name, v2.system_value sub_system_tag, v1.system_priority, v2.system_priority,
|
|
d.device_number, d.full_name as device_full_name, d.device_serial_tag, b.AuthCode
|
|
from role_auth a
|
|
join auth_page b on a.AuthCode = b.AuthCode
|
|
join userinfo c on c.role_guid = a.role_guid
|
|
join variable v2 on b.ShowView = v2.id and v2.system_type = @sub_system_type
|
|
join variable v1 on v1.id = v2.system_parent_id and v1.system_type = @main_system_type
|
|
left join device d on v1.system_value = d.device_system_tag and v2.system_value = d.device_name_tag and d.deleted = 0
|
|
where c.account = @account
|
|
order by v1.system_priority, v2.system_priority", new { @account = myUser.account, @sub_system_type = sub_system_type, @main_system_type = main_system_type });
|
|
// User
|
|
var dbbuilding = await frontendRepository.GetAllAsync<History_Build>(
|
|
@$"select distinct d.building_guid,d.full_name,d.priority from role_auth a
|
|
join auth_page b on a.AuthCode = b.AuthCode
|
|
join userinfo c on c.role_guid = a.role_guid
|
|
join building d on d.building_tag = b.building_tag
|
|
where c.account = @account and d.building_tag = @building_tag
|
|
order by d.priority
|
|
", new { @account = myUser.account, @building_tag = hf.building_tag });
|
|
var mains = dbsub.GroupBy(a => a.main_system_tag).ToList();
|
|
apiResult.Data = new History_MainSubBuildFloor();
|
|
apiResult.Data.history_Main_Systems = new List<History_Main_system>();
|
|
foreach (var main in mains)
|
|
{
|
|
History_Main_system history_Main_System = new History_Main_system();
|
|
history_Main_System.main_system_tag = main.Select(a => a.main_system_tag).FirstOrDefault();
|
|
history_Main_System.full_name = main.Select(a => a.main_name).FirstOrDefault();
|
|
|
|
var subs = dbsub.Where(x => x.main_system_tag == main.Select(m => m.main_system_tag).FirstOrDefault()).GroupBy(x => x.sub_system_tag).ToList();
|
|
history_Main_System.History_Sub_systems = subs.Count > 0 ? new List<History_Sub_system>() : null;
|
|
foreach (var sub in subs)
|
|
{
|
|
History_Sub_system history_Sub_System = new History_Sub_system();
|
|
history_Sub_System.full_name = sub.Select(x => x.sub_name).FirstOrDefault();
|
|
history_Sub_System.sub_system_tag = sub.Select(x => x.sub_system_tag).FirstOrDefault();
|
|
history_Sub_System.auth_code = sub.Select(x => x.AuthCode).FirstOrDefault();
|
|
history_Main_System.History_Sub_systems.Add(history_Sub_System);
|
|
}
|
|
apiResult.Data.history_Main_Systems.Add(history_Main_System);
|
|
}
|
|
apiResult.Data.history_Builds = dbbuilding;
|
|
apiResult.Code = "0000";
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
return Ok(apiResult);
|
|
}
|
|
return Ok(apiResult);
|
|
}
|
|
|
|
[HttpPost]
|
|
public async Task<ActionResult<ApiResult<string>>> SyncUser([FromBody] List<SaveUserManager> post)
|
|
{
|
|
ApiResult<string> apiResult = new ApiResult<string>();
|
|
|
|
try
|
|
{
|
|
await backendRepository.ExecuteSql("update userinfo set deleted = 1 where deleted = 0");
|
|
|
|
if (post != null)
|
|
{
|
|
if (post.Count > 0)
|
|
{
|
|
foreach(var acc in post)
|
|
{
|
|
var account = await frontendRepository.GetOneAsync<UserManagerList>("select * from userinfo where account = @account", new { @account = acc.Account });
|
|
if (account != null)
|
|
{
|
|
await backendRepository.ExecuteSql("update userinfo set deleted = 0 where userinfo_guid = @guid", new { @guid = account.Userinfo_guid });
|
|
}
|
|
else
|
|
{
|
|
//產生一組GUID
|
|
var guid = Guid.NewGuid(); //角色GUID
|
|
Dictionary<string, object> user = new Dictionary<string, object>();
|
|
user = new Dictionary<string, object>()
|
|
{
|
|
{ "@userinfo_guid", guid},
|
|
{ "@full_name", acc.Account},
|
|
{ "@account", acc.Account},
|
|
{ "@role_guid", "F127F501-A7BB-4C46-AB82-0809C1C8D2C1"},
|
|
{ "@created_by", myUser.userinfo_guid},
|
|
{ "@created_at", DateTime.Now}
|
|
};
|
|
|
|
await backendRepository.AddOneByCustomTable(user, "userinfo");
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
apiResult.Code = "0000";
|
|
apiResult.Data = "同步成功";
|
|
}
|
|
catch (Exception exception)
|
|
{
|
|
apiResult.Code = "9999";
|
|
apiResult.Msg = "系統內部錯誤,請聯絡管理者。";
|
|
Logger.LogError("【" + controllerName + "/" + actionName + "】" + exception.Message);
|
|
return Ok(apiResult);
|
|
}
|
|
|
|
return Ok(apiResult);
|
|
}
|
|
}
|
|
}
|