nelson.kai
/
GroupBy
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
182 MiB
Tree: 6f3d8a4da3
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6f3d8a4da3'
${ noResults }
GroupBy/04-程式設計/Trunk/GroupBuy/CounsellorBL/AuthorityService.cs

413 lines
22 KiB
Raw Normal View History

[WHAT] 把團購代碼放到git上
3 years ago
  1. namespace CounsellorBL
  2. {
  3. using CounsellorBL.BLStructure;
  4. using CounsellorBL.Common;
  5. using CounsellorBL.ConstDefinition;
  6. using CounsellorBL.Helper;
  7. using Microsoft.Extensions.Caching.Memory;
  8. using MonumentDefine;
  9. using OT.COM.ArsenalDB;
  10. using OT.COM.SignalerMessage;
  11. using SoldierData.EnterprizeV4;
  12. using System;
  13. using System.Collections.Concurrent;
  14. using System.Collections.Generic;
  15. using System.Globalization;
  16. using System.Linq;
  18. public partial class AuthorityService : DBService
  19. {
  20. public override string MainTable => null;
  22. [Auth(false)]
  23. public CResponseMessage HandShake(CRequestMessage i_crmInput)
  24. {
  25. CResponseMessage crmRes = new CSuccessResponseMessage(null, i_crmInput);
  26. crmRes.param[BLWording.TOKEN] = Guid.NewGuid().ToString();
  27. return crmRes;
  28. }
  30. [Auth(false)]
  31. public CResponseMessage Login(CRequestMessage i_crmInput)
  32. {
  33. int nExpMinute = Convert.ToInt32(CustomizeDBMgr.SettingData[BLWording.TOKEN_EXP_MINUTE], CultureInfo.CurrentCulture);
  34. string sMsg = null;
  35. CResponseMessage crmRes = null;
  37. do
  38. {
  39. List<Dictionary<string, object>> lDic = getQryParameterList(i_crmInput);
  41. IMemoryCache imc = GetMemoryCache();
  43. if (imc != null)
  44. {
  45. lock (imc)
  46. {
  47. if (imc.TryGetValue(BLWording.TOKENMAP, out ConcurrentDictionary<string, tb_sys_session> dicMap))
  48. {
  49. List<string> lKeys = dicMap.Keys.ToList();
  50. DateTime dtLast = DateTime.Now.AddMinutes(-1 * nExpMinute);
  52. foreach (string sKey in lKeys)
  53. {
  54. tb_sys_session s = dicMap[sKey];
  55. if (s.update_date < dtLast)
  56. {
  57. dicMap.TryRemove(sKey, out _);
  58. }
  59. }
  60. }
  61. }
  62. }
  64. if (lDic != null && lDic.Count == 1)
  65. {
  66. Dictionary<string, object> dicLoginInfo = lDic[0];
  67. bool bIsAD = false;
  68. if (dicLoginInfo.ContainsKey(BLWording.ENTERCODE) && dicLoginInfo.ContainsKey(BLWording.AUTOENTER))
  69. {
  70. string sEnterCode = dicLoginInfo[BLWording.ENTERCODE].ToString();
  71. string sAutoCode = dicLoginInfo[BLWording.AUTOENTER].ToString();
  73. int nLen = sEnterCode.Length;
  74. int nIdex = 0;
  75. if (nLen > 0 && nLen == sAutoCode.Length)
  76. {
  77. for (nIdex = 0; nIdex < nLen; nIdex++)
  78. {
  79. if (sEnterCode[nIdex] != sAutoCode[nLen - nIdex - 1])
  80. {
  81. break;
  82. }
  83. }
  84. }
  85. bIsAD = nIdex == nLen;
  86. }
  88. QueryJsonElementCollection lBlocks = new QueryJsonElementCollection();
  90. QueryJsonElement qjeA = lBlocks.GetInst();
  91. qjeA.table = tb_sys_user.TABLENAME;
  92. qjeA.wherecols = new WhereNode(WhereNode.ENodeOperation.ENO_AND,
  93. new WhereNode(tb_sys_user.CN_ACCOUNT, WhereNode.EColumnOperation.EOT_EQ, typeof(tb_sys_user), dicLoginInfo[tb_sys_user.CN_ACCOUNT]),
  94. new WhereNode(tb_sys_user.CN_STATUS_FLAG, WhereNode.EColumnOperation.EOT_EQ, typeof(tb_sys_user), BLWording.STATUS_FLAG_ON)
  95. );
  96. qjeA.displaycols = new List<string>() { tb_sys_user.CN_UID };
  97. lBlocks.Add(qjeA);
  99. QueryJsonElement qjeEmp = lBlocks.GetInst();
  100. qjeEmp.table = tb_hr_employee.TABLENAME;
  101. qjeEmp.jointype = QueryJsonElement.LEFT_JOIN;
  102. qjeEmp.joincols = new Dictionary<string, string>()
  103. { {tb_hr_employee.CN_UID, tb_sys_user.CN_UID } };
  104. qjeEmp.jointable = qjeA;
  105. lBlocks.Add(qjeEmp);
  107. QueryJsonElement qjeB = lBlocks.GetInst();
  108. qjeB.table = tb_sys_user2entercode.TABLENAME;
  109. qjeB.jointype = QueryJsonElement.LEFT_JOIN;
  110. qjeB.joincols = new Dictionary<string, string>()
  111. { {tb_sys_user2entercode.CN_USER_UID, tb_sys_user.CN_UID } };
  112. qjeB.jointable = qjeA;
  114. sMsg = EncryptHelper.Encrypt(dicLoginInfo[BLWording.ENTERCODE].ToString(), out string sEnc);
  115. if (sMsg != null)
  116. {
  117. break;
  118. }
  120. if (!bIsAD)
  121. {
  122. qjeB.wherecols = new WhereNode(tb_sys_user2entercode.CN_USER_ENTERCODE, WhereNode.EColumnOperation.EOT_EQ, typeof(tb_sys_user2entercode), sEnc);
  123. }
  124. lBlocks.Add(qjeB);
  126. QueryJsonElement qjeC = lBlocks.GetInst();
  127. qjeC.table = tb_sys_user2role.TABLENAME;
  128. qjeC.jointype = QueryJsonElement.LEFT_JOIN;
  129. qjeC.displaycols = new List<string>() { tb_sys_user2role.CN_ROLE_UID, tb_sys_user2role.CN_STATUS_FLAG };
  130. qjeC.joincols = new Dictionary<string, string>()
  131. { {tb_sys_user2role.CN_USER_UID, tb_sys_user.CN_UID } };
  132. qjeC.jointable = qjeA;
  133. //qjeC.wherecols = new WhereNode(tb_sys_user2role.CN_STATUS_FLAG, WhereNode.EColumnOperation.EOT_EQ, typeof(tb_sys_user2role), BLWording.STATUS_FLAG_ON);
  134. lBlocks.Add(qjeC);
  137. // QueryJsonElement qjeD = lBlocks.GetInst();
  138. // qjeD.table = tb_sys_role2org.TABLENAME;
  139. // qjeD.jointype = QueryJsonElement.LEFT_JOIN;
  140. // qjeD.joincols = new Dictionary<string, string>()
  141. //{ {tb_sys_role2org.CN_ROLE_UID, tb_sys_user2role.CN_ROLE_UID } };
  142. // qjeD.jointable = qjeC;
  143. // qjeD.wherecols = new WhereNode(WhereNode.ENodeOperation.ENO_AND,
  144. // new WhereNode(tb_sys_role2org.CN_ORG_UID, WhereNode.EColumnOperation.EOT_EQ, typeof(tb_sys_role2org), dicLoginInfo[BLWording.ORGANIZATION]),
  145. // new WhereNode(tb_sys_role2org.CN_STATUS_FLAG, WhereNode.EColumnOperation.EOT_EQ, typeof(tb_sys_role2org), BLWording.STATUS_FLAG_ON));
  146. // lBlocks.Add(qjeD);
  148. sMsg = MakeSelectJoinByBlocks(lBlocks, out Command cSelect);
  150. ArsenalInterface ai = ArsenalDBMgr.GetInst(cSelect);
  151. List<tb_sys_user2role> lRes = ai.RunQueryList<tb_sys_user2role>(cSelect, null);
  152. //QueryDataSet lRes = ai.RunQueryDataSet(cSelect, null);
  153. if (!cSelect.IsSuccess)
  154. {
  155. break;
  156. }
  158. if (!lRes.Any())
  159. {
  160. sMsg = BseMessageWording.NO_MATCHED_ACCOUNT;
  161. break;
  162. }
  164. string sRoleName = "NoRole";
  165. if (!string.IsNullOrEmpty(lRes[0].role_uid) && lRes[0].status_flag == BLWording.STATUS_FLAG_ON)
  166. {
  167. tb_sys_role rData = new tb_sys_role();
  168. rData.SetDirty(tb_sys_role.CN_NAME);
  169. tb_sys_role rCond = new tb_sys_role() { uid = lRes[0].role_uid };
  170. Command cSelectRoleName = Command.SetupSelectCmd(rData, rCond);
  171. List<tb_sys_role> lRole = ai.RunQueryList<tb_sys_role>(cSelectRoleName, null);
  172. sRoleName = lRole[0].name;
  173. }
  175. List<Command> lCmds = new List<Command>();
  176. DateTime dtNow = DateTime.Now.AddMinutes(-1 * Convert.ToInt32(CustomizeDBMgr.SettingData[BLWording.TOKEN_EXP_MINUTE], CultureInfo.CurrentCulture));
  177. WhereNode wn = new WhereNode(tb_sys_session.CN_UPDATE_DATE, WhereNode.EColumnOperation.EOT_LT, typeof(tb_sys_session), dtNow);
  179. Command cDelete = Command.SetupDeleteCmd(wn);
  180. lCmds.Add(cDelete);
  181. tb_sys_session s = new tb_sys_session();
  182. s.create_user_uid = s.update_user_uid = lRes[0].uid;
  183. s.create_org_uid = s.update_org_uid = dicLoginInfo[BLWording.ORGANIZATION].ToString();
  184. s.role_name = sRoleName;
  185. s.uid = Guid.NewGuid().ToString();
  186. Command cInsert = Command.SetupInsertCmd(s);
  188. lCmds.Add(cInsert);
  189. ai.RunEditCmds(lCmds);
  191. if (!cInsert.IsSuccess)
  192. {
  193. sMsg = cInsert.LastErrorCode;
  194. break;
  195. }
  197. // Privilidges
  198. List<string> lRoles = new List<string>();
  199. foreach (tb_sys_user2role r in lRes)
  200. {
  201. lRoles.Add(r.role_uid);
  202. }
  204. lBlocks.Clear();
  206. QueryJsonElement qjeAp = lBlocks.GetInst();
  207. qjeAp.table = tb_sys_program2action_grant.TABLENAME;
  208. qjeAp.displaycols = new List<string>() { tb_sys_program2action_grant.CN_PROGRAM2ACTION_UID, tb_sys_program2action_grant.CN_UID, tb_sys_program2action_grant.CN_GRANT_UID };
  209. qjeAp.wherecols = new WhereNode(WhereNode.ENodeOperation.ENO_AND,
  210. new WhereNode(tb_sys_program2action_grant.CN_GRANT_TYPE, WhereNode.EColumnOperation.EOT_IN, typeof(tb_sys_program2action_grant), BLWording.ROLE_ID),
  211. new WhereNode(tb_sys_program2action_grant.CN_GRANT_UID, WhereNode.EColumnOperation.EOT_IN, typeof(tb_sys_program2action_grant), lRoles.ToArray()),
  212. new WhereNode(tb_sys_program2action_grant.CN_STATUS_FLAG, WhereNode.EColumnOperation.EOT_EQ, typeof(tb_sys_program2action_grant), BLWording.STATUS_FLAG_ON)
  213. );
  215. lBlocks.Add(qjeAp);
  217. QueryJsonElement qjeBp = lBlocks.GetInst();
  218. qjeBp.table = tb_sys_program2action.TABLENAME;
  219. qjeBp.aliascols = new Dictionary<string, List<string>>() { { tb_sys_program2action.CN_ACTION_NAME, new List<string>() { "action_name" } } };
  220. qjeBp.jointype = QueryJsonElement.LEFT_JOIN;
  221. qjeBp.jointable = qjeAp;
  222. qjeBp.joincols = new Dictionary<string, string>() {
  223. { tb_sys_program2action.CN_UID,tb_sys_program2action_grant.CN_PROGRAM2ACTION_UID }};
  225. lBlocks.Add(qjeBp);
  227. QueryJsonElement qjeCp = lBlocks.GetInst();
  228. qjeCp.table = tb_sys_program.TABLENAME;
  229. qjeCp.displaycols = new List<string>() { tb_sys_program.CN_ROUT_PATH, tb_sys_program.CN_MODULE_UID, tb_sys_program.CN_SEQ, tb_sys_program.CN_ICON, tb_sys_program.CN_MENUDISPLAY };
  230. qjeCp.aliascols = new Dictionary<string, List<string>>() { { tb_sys_program.CN_NAME, new List<string>() { "program_name" } }, { tb_sys_program.CN_UID, new List<string>() { "program_id" } } };
  231. qjeCp.jointype = QueryJsonElement.LEFT_JOIN;
  232. qjeCp.joincols = new Dictionary<string, string>()
  233. { {tb_sys_program.CN_UID, tb_sys_program2action.CN_PROGRAM_UID } };
  234. qjeCp.jointable = qjeBp;
  235. qjeCp.wherecols = new WhereNode(tb_sys_program.CN_STATUS_FLAG, WhereNode.EColumnOperation.EOT_EQ, typeof(tb_sys_program), BLWording.STATUS_FLAG_ON);
  237. lBlocks.Add(qjeCp);
  239. QueryJsonElement qjeDp = lBlocks.GetInst();
  240. qjeDp.table = tb_sys_role.TABLENAME;
  241. qjeDp.aliascols = new Dictionary<string, List<string>>() { { tb_sys_role.CN_NAME, new List<string>() { "role_name" } } };
  242. qjeDp.jointype = QueryJsonElement.LEFT_JOIN;
  243. qjeDp.joincols = new Dictionary<string, string>()
  244. { {tb_sys_role.CN_UID, tb_sys_program2action_grant.CN_GRANT_UID } };
  245. qjeDp.jointable = qjeAp;
  247. lBlocks.Add(qjeDp);
  249. qjeAp.ordercols = new List<Tuple<QueryJsonElement, string, string>>() {
  250. Tuple.Create<QueryJsonElement, string, string>(qjeCp, tb_sys_program.CN_SEQ, BLWording.ORDER_ASC),
  251. Tuple.Create<QueryJsonElement, string, string>(qjeBp, tb_sys_program2action.CN_SEQUENCE, BLWording.ORDER_ASC)
  252. };
  254. sMsg = MakeSelectJoinByBlocks(lBlocks, out cSelect);
  256. QueryDataSet qds = ai.RunQueryDataSet(cSelect, null);
  259. lBlocks.Clear();
  260. QueryJsonElement qjeUser = lBlocks.GetInst();
  261. qjeUser.table = tb_sys_program2action_grant.TABLENAME;
  262. qjeUser.displaycols = new List<string>() { tb_sys_program2action_grant.CN_PROGRAM2ACTION_UID, tb_sys_program2action_grant.CN_UID, tb_sys_program2action_grant.CN_GRANT_UID };
  263. qjeUser.wherecols = new WhereNode(WhereNode.ENodeOperation.ENO_AND,
  264. new WhereNode(tb_sys_program2action_grant.CN_GRANT_TYPE, WhereNode.EColumnOperation.EOT_EQ, typeof(tb_sys_program2action_grant), BLWording.USER_ID),
  265. new WhereNode(tb_sys_program2action_grant.CN_GRANT_UID, WhereNode.EColumnOperation.EOT_IN, typeof(tb_sys_program2action_grant), lRes.Select(x => x.user_uid).FirstOrDefault()),
  266. new WhereNode(tb_sys_program2action_grant.CN_STATUS_FLAG, WhereNode.EColumnOperation.EOT_EQ, typeof(tb_sys_program2action_grant), BLWording.STATUS_FLAG_ON)
  267. );
  269. lBlocks.Add(qjeUser);
  271. QueryJsonElement qjeUserA = lBlocks.GetInst();
  272. qjeUserA.table = tb_sys_program2action.TABLENAME;
  273. qjeUserA.aliascols = new Dictionary<string, List<string>>() { { tb_sys_program2action.CN_ACTION_NAME, new List<string>() { "action_name" } } };
  274. qjeUserA.jointype = QueryJsonElement.LEFT_JOIN;
  275. qjeUserA.jointable = qjeUser;
  276. qjeUserA.joincols = new Dictionary<string, string>() {
  277. { tb_sys_program2action.CN_UID,tb_sys_program2action_grant.CN_PROGRAM2ACTION_UID }};
  278. lBlocks.Add(qjeUserA);
  280. QueryJsonElement qjeUserP = lBlocks.GetInst();
  281. qjeUserP.table = tb_sys_program.TABLENAME;
  282. qjeUserP.displaycols = new List<string>() { tb_sys_program.CN_ROUT_PATH, tb_sys_program.CN_MODULE_UID, tb_sys_program.CN_SEQ, tb_sys_program.CN_ICON, tb_sys_program.CN_MENUDISPLAY };
  283. qjeUserP.aliascols = new Dictionary<string, List<string>>() { { tb_sys_program.CN_NAME, new List<string>() { "program_name" } }, { tb_sys_program.CN_UID, new List<string>() { "program_id" } } };
  284. qjeUserP.jointype = QueryJsonElement.LEFT_JOIN;
  285. qjeUserP.joincols = new Dictionary<string, string>()
  286. { {tb_sys_program.CN_UID, tb_sys_program2action.CN_PROGRAM_UID } };
  287. qjeUserP.jointable = qjeUserA;
  288. qjeUserP.wherecols = new WhereNode(tb_sys_program.CN_STATUS_FLAG, WhereNode.EColumnOperation.EOT_EQ, typeof(tb_sys_program), "1");
  289. lBlocks.Add(qjeUserP);
  291. qjeUser.ordercols = new List<Tuple<QueryJsonElement, string, string>>() {
  292. Tuple.Create(qjeUserP, tb_sys_program.CN_SEQ, BLWording.ORDER_ASC),
  293. Tuple.Create(qjeUserA, tb_sys_program2action.CN_SEQUENCE, BLWording.ORDER_ASC)
  294. };
  296. cSelect = null;
  297. sMsg = MakeSelectJoinByBlocks(lBlocks, out cSelect);
  298. QueryDataSet qdsUser = ai.RunQueryDataSet(cSelect, null);
  300. var roleData = new QueryResponse(qds).Records;
  301. var userData = new QueryResponse(qdsUser).Records;
  302. var qrsPrivilidge = roleData.Union(userData).ToList();
  304. crmRes = new CSuccessResponseMessage(null, i_crmInput);
  305. crmRes.param[BLWording.TOKEN] = s.uid;
  306. crmRes.param[BLWording.PRIVILEGES] = qrsPrivilidge;
  307. crmRes.param["rolename"] = sRoleName;
  308. }
  309. }
  310. while (false);
  312. if (sMsg != null)
  313. {
  314. crmRes = new CErrorResponseMessage(sMsg, i_crmInput);
  315. }
  316. return crmRes;
  317. }
  318. private class VarificationModel
  319. {
  320. public string ip_address { get; set; }
  321. public string create_user_uid { get; set; }
  322. public string branch_name { get; set; }
  324. }
  325. public CResponseMessage VerifyIPAddress(CRequestMessage i_crmInput)
  326. {
  327. string sMsg = null;
  328. CResponseMessage crmRes = null;
  330. do
  331. {
  332. List<Dictionary<string, object>> lDic = getQryParameterList(i_crmInput);
  333. var receive_branch_uid = ProjectHelper.GetLoginUser(i_crmInput).receive_branch_uid;
  335. if (lDic != null && lDic.Count == 1)
  336. {
  337. if (i_crmInput == null)
  338. {
  339. throw new ArgumentNullException(nameof(i_crmInput));
  340. }
  341. var token = i_crmInput.token;
  342. if (!string.IsNullOrEmpty(token))
  343. {
  344. QueryJsonElementCollection lBlocks = new QueryJsonElementCollection();
  346. QueryJsonElement qjeSession = lBlocks.GetInst();
  347. qjeSession.table = tb_sys_session.TABLENAME;
  348. qjeSession.wherecols = new WhereNode(tb_sys_session.CN_UID, WhereNode.EColumnOperation.EOT_EQ, typeof(tb_sys_session), token);
  349. qjeSession.displaycols = new List<string> { tb_sys_session.CN_CREATE_USER_UID };
  350. // 人員資訊
  351. QueryJsonElement qjeEmployee = lBlocks.GetInst();
  352. qjeEmployee.table = tb_hr_employee.TABLENAME;
  353. qjeEmployee.jointype = QueryJsonElement.JOIN;
  354. qjeEmployee.joincols = new Dictionary<string, string>() { { tb_hr_employee.CN_UID, tb_sys_session.CN_CREATE_USER_UID } };
  355. qjeEmployee.jointable = qjeSession;
  357. // 所屬社團
  358. QueryJsonElement qjeEmp2Branch = lBlocks.GetInst();
  359. qjeEmp2Branch.table = tb_hr_employee2branch.TABLENAME;
  360. qjeEmp2Branch.jointype = QueryJsonElement.JOIN;
  361. qjeEmp2Branch.joincols = new Dictionary<string, string>() { { tb_hr_employee2branch.CN_UID, tb_hr_employee.CN_UID } };
  362. qjeEmp2Branch.jointable = qjeEmployee;
  365. // 社團資訊
  366. QueryJsonElement qjeBranch = lBlocks.GetInst();
  367. qjeBranch.table = tb_grp_branch.TABLENAME;
  368. qjeBranch.jointype = QueryJsonElement.JOIN;
  369. qjeBranch.joincols = new Dictionary<string, string>() { { tb_grp_branch.CN_UID, tb_hr_employee2branch.CN_BRANCH_UID } };
  370. qjeBranch.wherecols = new WhereNode(tb_grp_branch.CN_UID, WhereNode.EColumnOperation.EOT_EQ, typeof(tb_grp_branch), receive_branch_uid);
  371. qjeBranch.jointable = qjeEmp2Branch;
  372. qjeBranch.displaycols = new List<string>() {
  373. tb_grp_branch.CN_BRANCH_NAME,
  374. tb_grp_branch.CN_IP_ADDRESS,
  375. };
  376. lBlocks.Add(qjeSession);
  377. lBlocks.Add(qjeEmployee);
  378. lBlocks.Add(qjeEmp2Branch);
  379. lBlocks.Add(qjeBranch);
  381. sMsg = MakeSelectJoinByBlocks(lBlocks, out Command cRes);
  383. ArsenalInterface ai = ArsenalDBMgr.GetInst(cRes);
  384. var qds = ai.RunQueryList<VarificationModel>(cRes);
  385. List<string> ipList = new List<string>();
  386. foreach (var item in qds)
  387. {
  388. if (!string.IsNullOrEmpty(item.ip_address))
  389. {
  390. ipList.AddRange(item.ip_address.Split(',').ToList());
  391. }
  392. }
  393. var count = ipList.Count(x => x == i_crmInput.clientip);
  394. Logger.Info("IP_Address = " + i_crmInput.clientip);
  395. if (ipList.Count > 0 && count < 1 && i_crmInput.clientip != "::1" && i_crmInput.clientip != "127.0.0.1")
  396. {
  397. sMsg = "IP address invalid";
  398. break;
  399. }
  400. }
  401. crmRes = new CSuccessResponseMessage(null, i_crmInput);
  402. }
  403. }
  404. while (false);
  406. if (sMsg != null)
  407. {
  408. crmRes = new CErrorResponseMessage(sMsg, i_crmInput);
  409. }
  410. return crmRes;
  411. }
  412. }
  413. }