using System.Data; using System.Data.SqlClient; using System.Dynamic; using System.Text; using Gs.Sys.Models; using Gs.Toolbox; using Gs.Toolbox.ApiCore.Abstract.Mvc; using Gs.Toolbox.ApiCore.Common.Mvc; using Gs.Toolbox.ApiCore.Group; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Newtonsoft.Json.Linq; using static Gs.Toolbox.UtilityHelper; namespace Gs.Sys.Services; [ApiGroup(ApiGroupNames.Sys)] public class RoleController : Repository, IRomteService { private readonly IHttpContextAccessor _http; private readonly string _userCode, _userGuid, _orgFids; public RoleController(IHttpContextAccessor httpContextAccessor) { _http = httpContextAccessor; (_userCode, _userGuid, _orgFids) = GetUserGuidAndOrgGuid(_http); } /// /// 查询列表,支持分页 /// /// /// [RequestMethod(RequestMethods.POST)] public ReturnDto> GetListPage(PageQuery query) { var pageList = new PageList(); try { var _sbWhere = new StringBuilder(" 1=1" + query.keyWhere); var _sbBy = new StringBuilder(query.sortName + " " + query.sortOrder); var totalCount = 0; var itemsList = Db.Queryable("") .Where(_sbWhere.ToString()) .OrderBy(_sbBy.ToString()) .ToPageList(query.currentPage, query.everyPageSize, ref totalCount); pageList = new PageList(itemsList, totalCount, query.everyPageSize); return ReturnDto>.QuickReturn(pageList, ReturnCode.Success, "读取成功"); } catch (Exception ex) { return ReturnDto>.QuickReturn(pageList, ReturnCode.Default, ex.Message); } } /// /// 删除 /// /// /// [RequestMethod(RequestMethods.POST)] public ReturnDto DeleteModel([FromBody] JArray guidList) { var intArray = guidList.ToObject(); var guid = intArray[0]; var rtnInt = (int)ReturnCode.Default; using (var conn = new SqlConnection(DbHelperSQL.strConn)) { using (var cmd = new SqlCommand("prc_sys_role_delete", conn)) { try { conn.Open(); cmd.CommandType = CommandType.StoredProcedure; SqlParameter[] parameters = { new("@outMsg", SqlDbType.NVarChar, 300), new("@roleGuid", guid), new("@edtUserGuid", _userGuid) }; parameters[0].Direction = ParameterDirection.Output; foreach (var parameter in parameters) cmd.Parameters.Add(parameter); rtnInt = cmd.ExecuteNonQuery(); } catch (Exception ex) { LogHelper.Debug(ToString(), "DeleteModel error:" + ex.Message); } finally { conn.Close(); } } if (rtnInt > 0) return ReturnDto.QuickReturn(default(int?), ReturnCode.Success, "操作成功,共删除" + rtnInt + "条数据!"); return ReturnDto.QuickReturn(default(int?), ReturnCode.Exception, "删除失败,请重试!"); } } /// /// 增加 /// /// /// [RequestMethod(RequestMethods.POST)] public ReturnDto EditModel([FromBody] SysRole model) { var _bl = false; try { if (!CheckGuid(model.Guid)) { model.Guid = Guid.NewGuid(); model.CreateBy = _userCode; model.CreateTime = DateTime.Now; _bl = base.Insert(model); } else { model.LastupdateBy = _userCode; model.LastupdateTime = DateTime.Now; // _bl = base.Update(model); _bl = Db.Updateable(model).IgnoreColumns(true) .ExecuteCommand() > 0 ? true : false; } } catch (Exception ex) { LogHelper.Debug(ToString(), "EditModel error:" + ex.Message); return ReturnDto.QuickReturn("", ReturnCode.Exception, ex.Message); } if (_bl) return ReturnDto.QuickReturn(model.Guid.ToString(), ReturnCode.Success, "操作成功!"); return ReturnDto.QuickReturn("", ReturnCode.Exception, "增加失败,请重试!"); } /// /// 读取 /// /// /// [RequestMethod(RequestMethods.POST)] [AllowAnonymous] public ReturnDto GetModel([FromBody] SysRole model) { var m = base.GetById(model.Guid); if (m != null) return ReturnDto.QuickReturn(m, ReturnCode.Success, "读取成功!"); return ReturnDto.QuickReturn(m, ReturnCode.Default, "读取失败!"); } /// /// 根据角色roleGuid读取权限 /// /// [RequestMethod(RequestMethods.POST)] public ReturnDto> GetListByRole([FromBody] dynamic model) { string roleGuid = model.roleGuid; System.Text.StringBuilder sbSql = new System.Text.StringBuilder(); sbSql.Append("select ma.guid,ma.up_Guid as upGuid ,ma.name,ma.is_Status as isStatus,ma.idx"); sbSql.Append(",(select count(1) from [dbo].[sys_Role_Menu_Action] act where act.role_Guid='" + roleGuid + "' and act.MENU_ACTION_GUID=ma.guid) as isCK"); sbSql.Append(" from sys_Menu_Action ma where ma.is_Status=1 order by ma.IDX asc"); var dset = new DataSet(); try { dset = DbHelperSQL.Query(sbSql.ToString()); } catch (Exception ex) { LogHelper.Debug(ToString(), "GetListByRole error:" + ex.Message); return ReturnDto>.QuickReturn(default(PageList), ReturnCode.Exception, "读取失败"); } var _pglist = new PageList { total = 0, everyPageSize = 0, pages = 0, list = new List() }; if (dset != null && dset.Tables.Count > 0 && dset.Tables[0].Rows.Count > 0) //有数据 { var intTotal = 999; var pages = 1; _pglist.total = intTotal; _pglist.everyPageSize = 1; _pglist.pages = pages; var _dy = dset.Tables[0].TableToDynamicList(); _pglist.list = _dy; } return ReturnDto>.QuickReturn(_pglist, ReturnCode.Success, "读取成功"); } /// /// 根据角色设置权限 /// /// /// [RequestMethod(RequestMethods.POST)] public ReturnDto SetRoleMenuAction([FromBody] dynamic model) { string roleGuid = model.roleGuid.ToString(); string actionLst = model.actionLst.ToString(); dynamic m = new ExpandoObject(); m.outMsg = ""; using (var conn = new SqlConnection(DbHelperSQL.strConn)) { using (var cmd = new SqlCommand("[prc_sys_role_set_menuOrAction]", conn)) { try { conn.Open(); cmd.CommandType = CommandType.StoredProcedure; SqlParameter[] parameters = { new("@outMsg", SqlDbType.NVarChar, 300), new("@roleGuid", roleGuid), new("@actionLst", actionLst), new("@edtUserGuid", _userGuid) }; parameters[0].Direction = ParameterDirection.Output; foreach (var parameter in parameters) cmd.Parameters.Add(parameter); cmd.ExecuteNonQuery(); m.outMsg = parameters[0].Value.ToString(); } catch (Exception ex) { LogHelper.Debug(ToString(), "SetMenuActionByRole error:" + ex.Message); m.outMsg = ex.Message; } finally { conn.Close(); } } } return ReturnDto.QuickReturn(m, ReturnCode.Success, "操作成功!"); } /// /// 根据用户设置角色 /// /// /// [RequestMethod(RequestMethods.POST)] public ReturnDto SetUserRole([FromBody] dynamic model) { string userGuid = model.userGuid.ToString(); string roleLst = model.roleLst.ToString(); dynamic m = new ExpandoObject(); m.outMsg = ""; using (var conn = new SqlConnection(DbHelperSQL.strConn)) { using (var cmd = new SqlCommand("[prc_sys_user_set_role]", conn)) { try { conn.Open(); cmd.CommandType = CommandType.StoredProcedure; SqlParameter[] parameters = { new("@outMsg", SqlDbType.NVarChar, 300), new("@userGuid", userGuid), new("@roleLst", roleLst), new("@edtUserGuid", _userGuid) }; parameters[0].Direction = ParameterDirection.Output; foreach (var parameter in parameters) cmd.Parameters.Add(parameter); cmd.ExecuteNonQuery(); m.outMsg = parameters[0].Value.ToString(); } catch (Exception ex) { LogHelper.Debug(ToString(), "SetRoleByUser error:" + ex.Message); m.outMsg = ex.Message; } finally { conn.Close(); } } } return ReturnDto.QuickReturn(m, ReturnCode.Success, "操作成功!"); } /// /// 根据用户读取角色 /// /// /// [RequestMethod(RequestMethods.POST)] public ReturnDto> GetUserRole([FromBody] dynamic model) { var lst = new List(); string userGuid = model.userGuid; var sbSql = new StringBuilder(); sbSql.Append( "select a.*,u.guid as isCk from sys_Role a left join sys_User_Role u on (a.guid=u.role_Guid and u.user_Guid='" + userGuid + "') where 1=1 and a.[is_Status]=1 order by a.ROLE_NAME asc"); var dset = new DataSet(); try { dset = DbHelperSQL.Query(sbSql.ToString()); } catch (Exception ex) { LogHelper.Debug(ToString(), "GetUserRole error:" + ex.Message); return ReturnDto>.QuickReturn(lst, ReturnCode.Exception, "读取失败!"); } if (dset != null && dset.Tables.Count > 0 && dset.Tables[0].Rows.Count > 0) //有数据 foreach (DataRow dr in dset.Tables[0].Rows) lst.Add(new { guid = Guid.Parse(dr["guid"].ToString()), roleName = dr["role_Name"].ToString(), rolRemark = dr["role_Remark"].ToString(), isCk = string.IsNullOrEmpty(dr["isCk"].ToString()) ? false : true }); return ReturnDto>.QuickReturn(lst, ReturnCode.Success, "读取成功!"); } /// /// 根据用户读取权限 /// /// /// [RequestMethod(RequestMethods.POST)] public ReturnDto> GetUserMenuAction( [FromBody] dynamic model) { string userGuid = model.userGuid; var sbSql = new StringBuilder(); sbSql.Append(" ; with cet as ("); sbSql.Append(" select ma.guid,ma.up_Guid,ma.name,ma.is_Status as isStatus,ma.idx"); sbSql.Append(" , (select count(1) from[dbo].[sys_Role_Menu_Action] act left join sys_User_Role u on act.role_Guid = u.role_Guid"); sbSql.Append(" where u.user_Guid = '"+ userGuid + "' and act.menu_Action_Guid = ma.guid) as isCK"); sbSql.Append(" from sys_Menu_Action ma where ma.[is_Status] = 1"); sbSql.Append(" ),cet2 as ("); sbSql.Append(" select ma.guid,ma.up_Guid,ma.name,ma.is_Status as isStatus,ma.idx"); sbSql.Append(" , (select count(1) from[dbo].[sys_Role_Menu_Action] act left join sys_User u on act.role_Guid = u.GUID"); sbSql.Append(" where u.GUID = '"+ userGuid + "' and act.menu_Action_Guid = ma.guid) as isCK"); sbSql.Append(" from sys_Menu_Action ma where ma.[is_Status] = 1"); sbSql.Append(" ),cet3 as ("); sbSql.Append(" select * from cet2 where isCK > 0"); sbSql.Append(" ),cet4 as ("); sbSql.Append(" select * from cet"); sbSql.Append(" union all"); sbSql.Append(" select * from cet3"); sbSql.Append(" )"); sbSql.Append(" ,cet5 as ("); sbSql.Append(" select distinct * from cet4"); sbSql.Append("),cet6 as ("); sbSql.Append(" SELECT"); sbSql.Append(" *,"); sbSql.Append(" ROW_NUMBER() OVER(PARTITION BY guid ORDER BY isck DESC) AS rn"); sbSql.Append(" FROM"); sbSql.Append(" cet5"); sbSql.Append(")"); sbSql.Append(" select * from cet6 where rn = 1"); var dset = new DataSet(); try { dset = DbHelperSQL.Query(sbSql.ToString()); } catch (Exception ex) { LogHelper.Debug(ToString(), "GetUserMenuAction error:" + ex.Message); return ReturnDto>.QuickReturn(default(PageList), ReturnCode.Exception, "读取失败"); } var _pglist = new PageList { total = 0, everyPageSize = 0, pages = 0, list = new List() }; if (dset != null && dset.Tables.Count > 0 && dset.Tables[0].Rows.Count > 0) //有数据 { var intTotal = 999; var pages = 1; _pglist.total = intTotal; _pglist.everyPageSize = 1; _pglist.pages = pages; var _dy = dset.Tables[0].TableToDynamicList(); _pglist.list = _dy; } return ReturnDto>.QuickReturn(_pglist, ReturnCode.Success, "读取成功"); } /// /// 根据用户,组织,窗体命名空间读工具条权限 /// /// /// [RequestMethod(RequestMethods.POST)] public ReturnDto> GetListByUserOrgSpace( [FromBody] dynamic model) { var lst = new List(); string userGuid = model.userGuid; string formNamespace = model.formNamespace; var dset = new DataSet(); using (var conn = new SqlConnection(DbHelperSQL.strConn)) { using (var cmd = new SqlCommand("[prc_sys_toolbar_action]", conn)) { try { conn.Open(); cmd.CommandType = CommandType.StoredProcedure; SqlParameter[] parameters = { new("@userGuid", userGuid), new("@formNamespace", formNamespace) }; foreach (var parameter in parameters) cmd.Parameters.Add(parameter); using (var dt = new SqlDataAdapter(cmd)) { dt.Fill(dset, "0"); } } catch (Exception ex) { LogHelper.Debug(ToString(), "GetListByUserOrgSpace error:" + ex.Message); } finally { conn.Close(); } } } if (dset != null && dset.Tables.Count > 0 && dset.Tables[0].Rows.Count > 0) //有数据 foreach (DataRow dr in dset.Tables[0].Rows) lst.Add(new { guid = Guid.Parse(dr["guid"].ToString()), name = dr["name"].ToString() }); return ReturnDto>.QuickReturn(lst, ReturnCode.Success, "读取成功!"); } }