MES-WEB-API.git

			@@ -1,4 +1,5 @@
			using Newtonsoft.Json.Linq;
			using Newtonsoft.Json;
			using Newtonsoft.Json.Linq;
			using Pub_Class;
			using System;
			using System.Collections;
			@@ -27,36 +28,118 @@
			/// </summary>
			[Route("WW_EntrustOrderBill/list")]
			[HttpGet]
			public object list(string sWhere)
			public object list(string sWhere, string user)
			{
			try
			{
			if (sWhere == null \|\| sWhere.Equals(""))
			List<object> columnNameList = new List<object>(); //定义声明变量，把通过 new List<object>()创建的实例，赋值给变量
			//判断是否有查询权限
			//if (!DBUtility.ClsPub.Security_Log("WW_EntrustOrderBillQuery", 1, false, user))
			//{
			// objJsonResult.code = "0";
			// objJsonResult.count = 0;
			// objJsonResult.Message = "无查询权限!";
			// objJsonResult.data = null;
			// return objJsonResult;
			//}

			//string sql1 = "select * from h_v_IF_EntrustOrderBillList where 1 = 1 ";
			//if (sWhere == null \|\| sWhere.Equals(""))
			//{
			// ds = oCN.RunProcReturn(sql1+ " order by hmainid desc", "h_v_IF_EntrustOrderBillList");
			//}
			//else
			//{
			// ds = oCN.RunProcReturn(sql1+ sWhere+ " order by hmainid desc", "h_v_IF_EntrustOrderBillList");
			//}

			//判断是否有采购经理权限（安瑞）
			bool isCgjl = Security_Log("WW_EntrustOrderBill_PurchasManager", 1, false, user);
			if (!isCgjl)
			{
			ds = oCN.RunProcReturn("select * from h_v_IF_EntrustOrderBillList " + sWhere, "h_v_IF_EntrustOrderBillList");
			sWhere += $" and HEmpID in (select HEmpID from Gy_Czygl where Czymc='{user}' )";
			}
			else
			string sql = "select * from h_v_IF_EntrustOrderBillList where 1 = 1 " + sWhere;
			ds = oCN.RunProcReturn(sql, "h_v_IF_EntrustOrderBillList");
			foreach (DataColumn col in ds.Tables[0].Columns)//遍历ds中第一个表（Tables[0]）的所有列（Columns）每次循环中，col变量会持有当前列的引用
			{
			string sql1 = "select * from h_v_IF_EntrustOrderBillList where 1 = 1 ";
			string sql = sql1 + sWhere;
			ds = oCN.RunProcReturn(sql, "h_v_IF_EntrustOrderBillList");
			Type dataType = col.DataType; //获取当前数据类型传入自定义变量datadataType
			string ColmString = "{\"ColmCols\":\"" + col.ColumnName + "\",\"ColmType\":\"" + dataType.Name + "\"}"; //字符串拼接 // 将列名和数据类型信息拼接成一个JSON格式的字符串
			columnNameList.Add(JsonConvert.DeserializeObject(ColmString));//获取到DataColumn列对象的列名
			}
			if (ds == null \|\| ds.Tables[0].Rows.Count == 0)
			{
			objJsonResult.code = "0";
			objJsonResult.count = 0;
			objJsonResult.Message = "没有返回任何记录！";
			objJsonResult.data = null;
			return objJsonResult;
			}
			else
			{
			objJsonResult.code = "1";
			objJsonResult.count = 1;
			objJsonResult.Message = "Sucess！";
			objJsonResult.data = ds.Tables[0];
			return objJsonResult;
			}
			//if (ds.Tables[0].Rows.Count != 0 \|\| ds != null)
			//{
			objJsonResult.code = "1";
			objJsonResult.count = 1;
			objJsonResult.Message = "Sucess！";
			objJsonResult.data = ds.Tables[0];
			objJsonResult.list = columnNameList;
			return objJsonResult;
			//}
			//else
			//{
			//objJsonResult.code = "0";
			//objJsonResult.count = 0;
			//objJsonResult.Message = "无数据";
			//objJsonResult.data = null;
			//return objJsonResult;
			//}
			}
			catch (Exception e)
			{
			objJsonResult.code = "0";
			objJsonResult.count = 0;
			objJsonResult.Message = "Exception！" + e.ToString();
			objJsonResult.data = null;
			return objJsonResult;
			}
			}

			/// <summary>
			/// 采购订单分配
			///参数：string sql。
			///返回值：object。
			/// </summary>
			[Route("WW_EntrustOrderBill/distribut")]
			[HttpGet]
			public object distribut(string Hmainid, string HSupplierId)
			{
			try
			{
			string sql = $"update　WW_EntrustOrderBillMain　 set HBusinessStatus = 2 ,HEmpID ={HSupplierId} where HInterID in ({Hmainid})";
			oCN.RunProc(sql);
			objJsonResult.code = "1";
			objJsonResult.count = 1;
			objJsonResult.Message = "操作成功！";
			return objJsonResult;
			}
			catch (Exception e)
			{
			objJsonResult.code = "0";
			objJsonResult.count = 0;
			objJsonResult.Message = "Exception！" + e.ToString();
			objJsonResult.data = null;
			return objJsonResult;
			}
			}

			/// <summary>
			/// 采购订单发布
			///参数：string sql。
			///返回值：object。
			/// </summary>
			[Route("WW_EntrustOrderBill/release")]
			[HttpGet]
			public object release(string Hmainid)
			{
			try
			{
			string sql = $"update　WW_EntrustOrderBillMain　 set HBusinessStatus = 3 where HInterID in ({Hmainid})";
			oCN.RunProc(sql);
			objJsonResult.code = "1";
			objJsonResult.count = 1;
			objJsonResult.Message = "操作成功！";
			return objJsonResult;
			}
			catch (Exception e)
			{
			@@ -69,7 +152,212 @@
			}


			/// <summary>
			/// 采购订单撤销
			///参数：string sql。
			///返回值：object。
			/// </summary>
			[Route("WW_EntrustOrderBill/Back")]
			[HttpGet]
			public object Back(string Hmainid)
			{
			try
			{
			string sql = $"update　WW_EntrustOrderBillMain　 set HBusinessStatus = 2 where HInterID in ({Hmainid})";
			oCN.RunProc(sql);
			objJsonResult.code = "1";
			objJsonResult.count = 1;
			objJsonResult.Message = "操作成功！";
			return objJsonResult;
			}
			catch (Exception e)
			{
			objJsonResult.code = "0";
			objJsonResult.count = 0;
			objJsonResult.Message = "Exception！" + e.ToString();
			objJsonResult.data = null;
			return objJsonResult;
			}
			}

			//

			/// <summary>
			/// 采购订单优先级
			///参数：string sql。
			///返回值：object。
			/// </summary>
			[Route("WW_EntrustOrderBill/yxj")]
			[HttpGet]
			public object yxj(string Hmainid, string HyxjId)
			{
			try
			{
			string sql = $"update　WW_EntrustOrderBillMain　 set HPriority ={HyxjId} where HInterID in ({Hmainid})";

			oCN.RunProc(sql);
			objJsonResult.code = "1";
			objJsonResult.count = 1;
			objJsonResult.Message = "操作成功！";
			return objJsonResult;
			}
			catch (Exception e)
			{
			objJsonResult.code = "0";
			objJsonResult.count = 0;
			objJsonResult.Message = "Exception！" + e.ToString();
			objJsonResult.data = null;
			return objJsonResult;
			}
			}


			[Route("POOrderBack")]
			[HttpGet]
			/// <summary>
			/// 订单反馈状态
			/// </summary>
			/// <param name=""></param>
			/// <returns></returns>
			public object POOrderBack(string HmainidList, string OrderBackId)
			{
			try
			{
			string sql = "";
			for (int i = 0; i < HmainidList.Split(',').Length; i++)
			{
			var Hmainid = HmainidList.Split(',')[i];
			sql = string.Format(@"
			update WW_EntrustOrderBillSub set
			HFeedback ='{0}'
			where HInterID = '{1}' and HEntryID = '{2}' ", OrderBackId, Hmainid.Split('-')[0], Hmainid.Split('-')[1]);
			oCN.RunProc(sql);

			}
			objJsonResult.code = "0";
			objJsonResult.count = 1;
			objJsonResult.Message = "操作成功！";
			//objJsonResult.Message = string.Join(",", HmainidList.ToArray());
			objJsonResult.data = 1;
			return objJsonResult;
			}
			catch (Exception e)
			{
			objJsonResult.code = "0";
			objJsonResult.count = 0;
			objJsonResult.Message = "失败！" + e.ToString();
			objJsonResult.data = null;
			return objJsonResult;
			}
			}

			//判断是否存在权限,并写入日志
			public static bool Security_Log(string gnsy, int LogTF, bool Msg, string CurUserName)
			{
			//gnsy 功能索引,模块
			//usercode 当前用户代码
			//LogTF 1判断权限并写日志，2只写日志，3只判断权限
			//Msg 没有权限时是否提示框
			string UserID = CurUserName;
			try
			{
			ClsSqlHelper oCn = new ClsSqlHelper();
			DataSet Ds = new DataSet();
			DataSet DsUser = new DataSet();
			DataSet DsJS = new DataSet();//角色
			long ModID = 0;
			bool HavRight = false;
			//找到模块权限
			Ds = oCn.RunProcReturn("select * from xt_xtgnb where gnsy='" + gnsy.Trim() + "'", "xt_xtgnb");
			if (Ds.Tables[0].Rows.Count == 0)
			{
			if (Msg == true)
			{
			//MessageBox.Show("没有找到该功能模块！", "提示");
			}
			return false;
			}
			else
			{
			ModID = ClsPub.isLong(Ds.Tables[0].Rows[0]["ID"].ToString()); //返回模块
			}
			if (LogTF == 1 \|\| LogTF == 3)//需要判断权限
			{
			//根据用户名称判断权限
			DsUser = oCn.RunProcReturn("select * from gy_czygl where czymc='" + UserID.Trim() + "'", "gy_czygl");
			if (DsUser.Tables[0].Rows.Count == 0)
			{
			if (Msg == true)
			{
			//MessageBox.Show("没有找到当前操作员！", "提示");
			}
			return false;
			}
			//根据用户名称判断权限
			if ((bool)DsUser.Tables[0].Rows[0]["ManagerFlag"]) //是否管理员
			{
			HavRight = true;
			}
			else
			{
			if (DsUser.Tables[0].Rows[0]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
			{
			HavRight = true;
			}
			else
			{
			//获取用户组并循环判断权限
			//判断角色是否有权限
			DsJS = oCn.RunProcReturn("select isnull(AuthorityID,'') AuthorityID from System_UserGroupinfo a inner join System_UserGroup b on a.GroupID=b.GroupID " +
			" Where a.USERID='" + UserID.Trim() + "'", "gy_czygl");
			if (DsJS == null)
			{
			HavRight = false;
			}
			else
			{
			HavRight = false;
			for (int i = 0; i < DsJS.Tables[0].Rows.Count; i++)
			{
			if (ClsPub.isStrNull(DsJS.Tables[0].Rows[i]["AuthorityID"]).Length > ModID)
			{
			if (DsJS.Tables[0].Rows[i]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1")
			{
			HavRight = true;
			break;
			}
			}
			}

			}
			}
			}

			if (HavRight == false)
			{
			if (Msg == true)
			{
			//MessageBox.Show("您没有权限,请与管理员联系！", "提示");
			}
			}
			}
			//需要写入日志
			if ((LogTF == 1 && HavRight) \|\| LogTF == 2)
			{
			//Add_Log(Ds.Tables[0].Rows[0]["id"].ToString().Trim(), gnsy + "," + Ds.Tables[0].Rows[0]["gnmc"].ToString().Trim(), CurUserName);
			}
			return HavRight;
			}
			catch (Exception e)
			{
			if (Msg == true)
			{
			//MessageBox.Show("判断权限时发现错误,请与管理员联系！", "提示");
			}
			return false;
			}
			}



			}
			}