using Newtonsoft.Json; using Newtonsoft.Json.Linq; using Pub_Class; using System; using System.Collections; using System.Collections.Generic; using System.Data; using System.Data.SqlClient; using System.Web.Http; using WebAPI.Models; namespace WebAPI.Controllers { //委外订单Controller public class WW_EntrustOrderBillController : ApiController { public DBUtility.ClsPub.Enum_BillStatus BillStatus; private json objJsonResult = new json(); SQLHelper.ClsCN oCN = new SQLHelper.ClsCN(); DataSet ds; /// /// 返回委外订单列表 ///参数:string sql。 ///返回值:object。 /// [Route("WW_EntrustOrderBill/list")] [HttpGet] public object list(string sWhere, string user) { try { List columnNameList = new List(); //定义声明变量 ,把通过 new List()创建的 实例,赋值给变量 //判断是否有查询权限 //if (!DBUtility.ClsPub.Security_Log("WW_EntrustOrderBillQuery", 1, false, user)) //{ // objJsonResult.code = "0"; // objJsonResult.count = 0; // objJsonResult.Message = "无查询权限!"; // objJsonResult.data = null; // return objJsonResult; //} //string sql1 = "select * from h_v_IF_EntrustOrderBillList where 1 = 1 "; //if (sWhere == null || sWhere.Equals("")) //{ // ds = oCN.RunProcReturn(sql1+ " order by hmainid desc", "h_v_IF_EntrustOrderBillList"); //} //else //{ // ds = oCN.RunProcReturn(sql1+ sWhere+ " order by hmainid desc", "h_v_IF_EntrustOrderBillList"); //} //判断是否有采购经理权限(安瑞) bool isCgjl = Security_Log("WW_EntrustOrderBill_PurchasManager", 1, false, user); if (!isCgjl) { sWhere += $" and HEmpID in (select HEmpID from Gy_Czygl where Czymc='{user}' )"; } string sql = "select * from h_v_IF_EntrustOrderBillList where 1 = 1 " + sWhere; ds = oCN.RunProcReturn(sql, "h_v_IF_EntrustOrderBillList"); foreach (DataColumn col in ds.Tables[0].Columns)//遍历ds中第一个表(Tables[0])的所有列(Columns)每次循环中,col变量会持有当前列的引用 { Type dataType = col.DataType; //获取当前数据类型传入 自定义变量datadataType string ColmString = "{\"ColmCols\":\"" + col.ColumnName + "\",\"ColmType\":\"" + dataType.Name + "\"}"; //字符串拼接 // 将列名和数据类型信息拼接成一个JSON格式的字符串 columnNameList.Add(JsonConvert.DeserializeObject(ColmString));//获取到DataColumn列对象的列名 } //if (ds.Tables[0].Rows.Count != 0 || ds != null) //{ objJsonResult.code = "1"; objJsonResult.count = 1; objJsonResult.Message = "Sucess!"; objJsonResult.data = ds.Tables[0]; objJsonResult.list = columnNameList; return objJsonResult; //} //else //{ //objJsonResult.code = "0"; //objJsonResult.count = 0; //objJsonResult.Message = "无数据"; //objJsonResult.data = null; //return objJsonResult; //} } catch (Exception e) { objJsonResult.code = "0"; objJsonResult.count = 0; objJsonResult.Message = "Exception!" + e.ToString(); objJsonResult.data = null; return objJsonResult; } } /// /// 采购订单 分配 ///参数:string sql。 ///返回值:object。 /// [Route("WW_EntrustOrderBill/distribut")] [HttpGet] public object distribut(string Hmainid, string HSupplierId) { try { string sql = $"update WW_EntrustOrderBillMain  set HBusinessStatus = 2 ,HEmpID ={HSupplierId} where HInterID in ({Hmainid})"; oCN.RunProc(sql); objJsonResult.code = "1"; objJsonResult.count = 1; objJsonResult.Message = "操作成功!"; return objJsonResult; } catch (Exception e) { objJsonResult.code = "0"; objJsonResult.count = 0; objJsonResult.Message = "Exception!" + e.ToString(); objJsonResult.data = null; return objJsonResult; } } /// /// 采购订单 发布 ///参数:string sql。 ///返回值:object。 /// [Route("WW_EntrustOrderBill/release")] [HttpGet] public object release(string Hmainid) { try { string sql = $"update WW_EntrustOrderBillMain  set HBusinessStatus = 3 where HInterID in ({Hmainid})"; oCN.RunProc(sql); objJsonResult.code = "1"; objJsonResult.count = 1; objJsonResult.Message = "操作成功!"; return objJsonResult; } catch (Exception e) { objJsonResult.code = "0"; objJsonResult.count = 0; objJsonResult.Message = "Exception!" + e.ToString(); objJsonResult.data = null; return objJsonResult; } } /// /// 采购订单 撤销 ///参数:string sql。 ///返回值:object。 /// [Route("WW_EntrustOrderBill/Back")] [HttpGet] public object Back(string Hmainid) { try { string sql = $"update WW_EntrustOrderBillMain  set HBusinessStatus = 2 where HInterID in ({Hmainid})"; oCN.RunProc(sql); objJsonResult.code = "1"; objJsonResult.count = 1; objJsonResult.Message = "操作成功!"; return objJsonResult; } catch (Exception e) { objJsonResult.code = "0"; objJsonResult.count = 0; objJsonResult.Message = "Exception!" + e.ToString(); objJsonResult.data = null; return objJsonResult; } } /// /// 采购订单 优先级 ///参数:string sql。 ///返回值:object。 /// [Route("WW_EntrustOrderBill/yxj")] [HttpGet] public object yxj(string Hmainid, string HyxjId) { try { string sql = $"update WW_EntrustOrderBillMain  set HPriority ={HyxjId} where HInterID in ({Hmainid})"; oCN.RunProc(sql); objJsonResult.code = "1"; objJsonResult.count = 1; objJsonResult.Message = "操作成功!"; return objJsonResult; } catch (Exception e) { objJsonResult.code = "0"; objJsonResult.count = 0; objJsonResult.Message = "Exception!" + e.ToString(); objJsonResult.data = null; return objJsonResult; } } [Route("POOrderBack")] [HttpGet] /// /// 订单反馈状态 /// /// /// public object POOrderBack(string HmainidList, string OrderBackId) { try { string sql = ""; for (int i = 0; i < HmainidList.Split(',').Length; i++) { var Hmainid = HmainidList.Split(',')[i]; sql = string.Format(@" update WW_EntrustOrderBillSub set HFeedback ='{0}' where HInterID = '{1}' and HEntryID = '{2}' ", OrderBackId, Hmainid.Split('-')[0], Hmainid.Split('-')[1]); oCN.RunProc(sql); } objJsonResult.code = "0"; objJsonResult.count = 1; objJsonResult.Message = "操作成功!"; //objJsonResult.Message = string.Join(",", HmainidList.ToArray()); objJsonResult.data = 1; return objJsonResult; } catch (Exception e) { objJsonResult.code = "0"; objJsonResult.count = 0; objJsonResult.Message = "失败!" + e.ToString(); objJsonResult.data = null; return objJsonResult; } } //判断是否存在权限,并写入日志 public static bool Security_Log(string gnsy, int LogTF, bool Msg, string CurUserName) { //gnsy 功能索引,模块 //usercode 当前用户代码 //LogTF 1判断权限并写日志,2只写日志,3只判断权限 //Msg 没有权限时 是否提示框 string UserID = CurUserName; try { ClsSqlHelper oCn = new ClsSqlHelper(); DataSet Ds = new DataSet(); DataSet DsUser = new DataSet(); DataSet DsJS = new DataSet();//角色 long ModID = 0; bool HavRight = false; //找到模块权限 Ds = oCn.RunProcReturn("select * from xt_xtgnb where gnsy='" + gnsy.Trim() + "'", "xt_xtgnb"); if (Ds.Tables[0].Rows.Count == 0) { if (Msg == true) { //MessageBox.Show("没有找到该功能模块!", "提示"); } return false; } else { ModID = ClsPub.isLong(Ds.Tables[0].Rows[0]["ID"].ToString()); //返回模块 } if (LogTF == 1 || LogTF == 3)//需要判断权限 { //根据用户名称判断权限 DsUser = oCn.RunProcReturn("select * from gy_czygl where czymc='" + UserID.Trim() + "'", "gy_czygl"); if (DsUser.Tables[0].Rows.Count == 0) { if (Msg == true) { //MessageBox.Show("没有找到当前操作员!", "提示"); } return false; } //根据用户名称判断权限 if ((bool)DsUser.Tables[0].Rows[0]["ManagerFlag"]) //是否管理员 { HavRight = true; } else { if (DsUser.Tables[0].Rows[0]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1") { HavRight = true; } else { //获取用户组 并循环判断权限 //判断角色是否有权限 DsJS = oCn.RunProcReturn("select isnull(AuthorityID,'') AuthorityID from System_UserGroupinfo a inner join System_UserGroup b on a.GroupID=b.GroupID " + " Where a.USERID='" + UserID.Trim() + "'", "gy_czygl"); if (DsJS == null) { HavRight = false; } else { HavRight = false; for (int i = 0; i < DsJS.Tables[0].Rows.Count; i++) { if (ClsPub.isStrNull(DsJS.Tables[0].Rows[i]["AuthorityID"]).Length > ModID) { if (DsJS.Tables[0].Rows[i]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1") { HavRight = true; break; } } } } } } if (HavRight == false) { if (Msg == true) { //MessageBox.Show("您没有权限,请与管理员联系!", "提示"); } } } //需要写入日志 if ((LogTF == 1 && HavRight) || LogTF == 2) { //Add_Log(Ds.Tables[0].Rows[0]["id"].ToString().Trim(), gnsy + "," + Ds.Tables[0].Rows[0]["gnmc"].ToString().Trim(), CurUserName); } return HavRight; } catch (Exception e) { if (Msg == true) { //MessageBox.Show("判断权限时发现错误,请与管理员联系!", "提示"); } return false; } } } }