using Newtonsoft.Json.Linq; using Pub_Class; using System; using System.Collections; using System.Collections.Generic; using System.Data; using System.Data.SqlClient; using System.Web.Http; using WebAPI.Models; namespace WebAPI.Controllers { //采购订单Controller public class Cg_POOrderBillController : ApiController { public DBUtility.ClsPub.Enum_BillStatus BillStatus; private json objJsonResult = new json(); SQLHelper.ClsCN oCN = new SQLHelper.ClsCN(); DataSet ds; ///

/// 返回采购订单列表 ///参数：string sql。 ///返回值：object。 ///

[Route("Cg_POOrderBill/list")] [HttpGet] public object list(string sWhere, string user) { try { //判断是否有采购经理权限 bool isCgjl = Security_Log("Cg_POOrderBill_PurchasManager", 1, true, user); if (!isCgjl) { sWhere += " and HEmpID in (select HEmpID from Gy_Czygl where Czymc='Admin' )"; } string sql = "select * from h_v_IF_POOrderBillList where 1 = 1 " + sWhere; ds = oCN.RunProcReturn(sql, "h_v_IF_POOrderBillList"); objJsonResult.code = "1"; objJsonResult.count = 1; objJsonResult.Message = "Sucess！"; objJsonResult.data = ds.Tables[0]; return objJsonResult; } catch (Exception e) { objJsonResult.code = "0"; objJsonResult.count = 0; objJsonResult.Message = "Exception！" + e.ToString(); objJsonResult.data = null; return objJsonResult; } } ///

/// 采购订单分配 ///参数：string sql。 ///返回值：object。 ///

[Route("Cg_POOrderBill/distribut")] [HttpGet] public object distribut(string Hmainid, string HSupplierId) { try { string sql = $"update　Cg_POOrderBillMain　 set HBusinessStatus = 2 ,HEmpID ={HSupplierId} where HInterID in ({Hmainid})"; oCN.RunProc(sql); objJsonResult.code = "1"; objJsonResult.count = 1; objJsonResult.Message = "操作成功！"; return objJsonResult; } catch (Exception e) { objJsonResult.code = "0"; objJsonResult.count = 0; objJsonResult.Message = "Exception！" + e.ToString(); objJsonResult.data = null; return objJsonResult; } } ///

/// 采购订单发布 ///参数：string sql。 ///返回值：object。 ///

[Route("Cg_POOrderBill/release")] [HttpGet] public object release(string Hmainid) { try { string sql = $"update　Cg_POOrderBillMain　 set HBusinessStatus = 3 where HInterID in ({Hmainid})"; oCN.RunProc(sql); objJsonResult.code = "1"; objJsonResult.count = 1; objJsonResult.Message = "操作成功！"; return objJsonResult; } catch (Exception e) { objJsonResult.code = "0"; objJsonResult.count = 0; objJsonResult.Message = "Exception！" + e.ToString(); objJsonResult.data = null; return objJsonResult; } } ///

/// 采购订单优先级 ///参数：string sql。 ///返回值：object。 ///

[Route("Cg_POOrderBill/yxj")] [HttpGet] public object yxj(string Hmainid, string HyxjId) { try { string sql = $"update　Cg_POOrderBillMain　 set HPriority ={HyxjId} where HInterID in ({Hmainid})"; oCN.RunProc(sql); objJsonResult.code = "1"; objJsonResult.count = 1; objJsonResult.Message = "操作成功！"; return objJsonResult; } catch (Exception e) { objJsonResult.code = "0"; objJsonResult.count = 0; objJsonResult.Message = "Exception！" + e.ToString(); objJsonResult.data = null; return objJsonResult; } } [Route("POOrderBack")] [HttpGet] ///

/// 订单反馈状态 ///

/// /// public object POOrderBack(string HmainidList, string OrderBackId) { try { string sql = ""; for (int i = 0; i < HmainidList.Split(',').Length; i++) { var Hmainid = HmainidList.Split(',')[i]; sql = string.Format(@" update Cg_POOrderBillSub set HFeedback ='{0}' where HInterID = '{1}' and HEntryID = '{2}' ", OrderBackId, Hmainid.Split('-')[0], Hmainid.Split('-')[1]); oCN.RunProc(sql); } objJsonResult.code = "0"; objJsonResult.count = 1; objJsonResult.Message = "操作成功！"; //objJsonResult.Message = string.Join(",", HmainidList.ToArray()); objJsonResult.data = 1; return objJsonResult; } catch (Exception e) { objJsonResult.code = "0"; objJsonResult.count = 0; objJsonResult.Message = "失败！" + e.ToString(); objJsonResult.data = null; return objJsonResult; } } //判断是否存在权限,并写入日志 public static bool Security_Log(string gnsy, int LogTF, bool Msg, string CurUserName) { //gnsy 功能索引,模块 //usercode 当前用户代码 //LogTF 1判断权限并写日志，2只写日志，3只判断权限 //Msg 没有权限时是否提示框 string UserID = CurUserName; try { ClsSqlHelper oCn = new ClsSqlHelper(); DataSet Ds = new DataSet(); DataSet DsUser = new DataSet(); DataSet DsJS = new DataSet();//角色 long ModID = 0; bool HavRight = false; //找到模块权限 Ds = oCn.RunProcReturn("select * from xt_xtgnb where gnsy='" + gnsy.Trim() + "'", "xt_xtgnb"); if (Ds.Tables[0].Rows.Count == 0) { if (Msg == true) { //MessageBox.Show("没有找到该功能模块！", "提示"); } return false; } else { ModID = ClsPub.isLong(Ds.Tables[0].Rows[0]["ID"].ToString()); //返回模块 } if (LogTF == 1 || LogTF == 3)//需要判断权限 { //根据用户名称判断权限 DsUser = oCn.RunProcReturn("select * from gy_czygl where czymc='" + UserID.Trim() + "'", "gy_czygl"); if (DsUser.Tables[0].Rows.Count == 0) { if (Msg == true) { //MessageBox.Show("没有找到当前操作员！", "提示"); } return false; } //根据用户名称判断权限 if ((bool)DsUser.Tables[0].Rows[0]["ManagerFlag"]) //是否管理员 { HavRight = true; } else { if (DsUser.Tables[0].Rows[0]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1") { HavRight = true; } else { //获取用户组并循环判断权限 //判断角色是否有权限 DsJS = oCn.RunProcReturn("select isnull(AuthorityID,'') AuthorityID from System_UserGroupinfo a inner join System_UserGroup b on a.GroupID=b.GroupID " + " Where a.USERID='" + UserID.Trim() + "'", "gy_czygl"); if (DsJS == null) { HavRight = false; } else { HavRight = false; for (int i = 0; i < DsJS.Tables[0].Rows.Count; i++) { if (ClsPub.isStrNull(DsJS.Tables[0].Rows[i]["AuthorityID"]).Length > ModID) { if (DsJS.Tables[0].Rows[i]["AuthorityID"].ToString().Trim().Substring((int)ModID - 1, 1) == "1") { HavRight = true; break; } } } } } } if (HavRight == false) { if (Msg == true) { //MessageBox.Show("您没有权限,请与管理员联系！", "提示"); } } } //需要写入日志 if ((LogTF == 1 && HavRight) || LogTF == 2) { //Add_Log(Ds.Tables[0].Rows[0]["id"].ToString().Trim(), gnsy + "," + Ds.Tables[0].Rows[0]["gnmc"].ToString().Trim(), CurUserName); } return HavRight; } catch (Exception e) { if (Msg == true) { //MessageBox.Show("判断权限时发现错误,请与管理员联系！", "提示"); } return false; } } // } }