using System;
using System.Net;
using System.Net.Http;
using System.Text;
using System.Web.Http;
using WcfControlMonitorLib;
namespace WcfControlMonitorWebLib.Controllers
{
///
/// 账户资源
///
[RoutePrefix("api/users")]
public class UsersController : ControllerBase
{
#region 对于当前用户操作
///
/// 获取当前用户
///
[HttpGet]
[Route("current")]
public IHttpActionResult GetProfile(HttpRequestMessage request)
{
return Ok(new
{
name = CStaticClass.dbo.ExceSQL($"SELECT F_USERNAME FROM T_BASE_USERS WHERE F_USERID='{Identity}'").Tables[0].DefaultView.Table.Rows[0]["F_USERNAME"]
});
}
///
/// 修改当前用户的密码
///
[HttpPut]
[Route("current/password")]
public IHttpActionResult ModifyPassword(HttpRequestMessage request)
{
dynamic data = request.Data();
string current = data.current;
string replacement = data.replacement;
var password = Convert.ToString(CStaticClass.dbo.ExceSQL($"SELECT F_PASSWORD FROM T_BASE_USERS WHERE F_USERID='{Identity}'").Tables[0].DefaultView.Table.Rows[0]["F_PASSWORD"]);
if (password != current)
{
return BadRequest("current");
}
CStaticClass.dbo.ExceSQL($"UPDATE T_BASE_USERS SET F_PASSWORD='{replacement}' WHERE F_USERID='{Identity}'");
return Ok();
}
///
/// 获取当前用户菜单
///
[HttpGet]
[Route("current/routes")]
public IHttpActionResult GetMenu(HttpRequestMessage request)
{
// 可以结合用户权限,从数据库中取,格式如下:
var menu = new dynamic[]
{
new { id = 1, parent = 0, header = "系统管理", url = "", icon = "settings" },
new { id = 11, parent = 1, header = "用户管理", url = "/basic/user", icon = "" }
};
return Ok(menu);
}
///
/// 当前用户对指定路由的访问权限
///
[HttpGet,Anonymous]
[Route("current/routes/{url}")]
public IHttpActionResult CheckPermission(HttpRequestMessage request)
{
dynamic data = request.Data();
string url = data.url;
url = Encoding.ASCII.GetString(Convert.FromBase64String(url));
// 可以将用户权限存储在数据库中,检查是否有数据匹配
// 用户账号:this.Identity
// 当前访问的界面路由: url,就是上面那个方法的 url 参数
if (true)
{
// 有权限
return Ok();
}
else
{
// 没权限
return StatusCode(HttpStatusCode.Forbidden);
}
}
#endregion
#region 对于用户管理操作
///
/// 获取角色列表
///
/// 成功
[HttpGet]
public IHttpActionResult GetList(HttpRequestMessage request)
{
dynamic data = request.Data();
string name = data.name; // 用户名
string account = data.account; // 账号
string sort = data.sort; // 排序属性
int? offset = data.offset; // 分页相关:跳过多少条记录
int? limit = data.limit; // 分页相关:取多少条记录
// 根据条件从数据库中查询,VO 如下:
return Ok(new
{
total = 1,
items = new dynamic[]
{
new{ id = 1, name = "管理员", account = "admin" }
}
});
}
///
/// 创建用户
///
[HttpPost]
public IHttpActionResult Create(HttpRequestMessage request)
{
dynamic data = request.Data();
string name = data.name; // 用户名
string account = data.account; // 账号
// 写入数据库
return Ok();
}
///
/// 修改用户
///
[HttpPut]
[Route("{id}")]
public IHttpActionResult Modify(HttpRequestMessage request)
{
dynamic data = request.Data();
int id = data.id; // ID
string name = data.name; // 用户名
string account = data.account; // 账号
// 写入数据库
return Ok();
}
///
/// 批量处理用户
///
[HttpPost]
[Route("batch")]
public IHttpActionResult Batch(HttpRequestMessage request)
{
dynamic data = request.Data();
string method = data.method;
int[] id = data.data.ToObject();
// 写入数据库
return Ok();
}
///
/// 重置密码
///
[HttpDelete]
[Route("{id}/password")]
public IHttpActionResult ResetPassword(HttpRequestMessage request)
{
dynamic data = request.Data();
int id = data.id;
// 写入数据库
return Ok();
}
#endregion
}
}