using System ;
using System.Collections.Generic ;
using System.Data ;
using System.Linq ;
using System.Text ;
using System.Web ;
using System.Web.Mvc ;
using DSWeb.MvcShipping.Helper ;
using DSWeb.MvcShipping.Comm.Cookie ;
using DSWeb.Areas.CommMng.DAL ;
using DSWeb.Areas.RptMng.Comm ;
using HcUtility.Comm ;
using HcUtility.Core ;
using Microsoft.Practices.EnterpriseLibrary.Data ;
using DSWeb.EntityDA ;
using DSWeb.Areas.CommMng.Models ;
using DSWeb.SoftMng.Filter ;
namespace DSWeb.MvcShipping.Controllers
{
/// <summary>
/// 报表服务项目查询
/// </summary>
[JsonRequestBehavior]
public class MsRptApplyServiceController : Controller
{
/ /
// GET: /MvcShipping/MsRptFeeStatus
public ActionResult Index ( )
{
return View ( ) ;
}
[SqlKeyWordsFilter(Type = "Action")] //sql 防注入过滤器
public ContentResult BsListData ( int start , int limit , string condition , string sort , string printstr )
{
var strDa = GetRangDAStr ( "index" , Convert . ToString ( Session [ "USERID" ] ) , Convert . ToString ( Session [ "SHOWNAME" ] ) , Convert . ToString ( Session [ "COMPANYID" ] ) ) ;
if ( ! string . IsNullOrEmpty ( strDa ) )
{
if ( ! string . IsNullOrEmpty ( condition ) )
{
condition = condition + " and " + strDa ;
}
else
{
condition = strDa ;
}
}
var strSql = new StringBuilder ( ) ;
strSql . Append ( "SELECT S.WORK,S.STARTDATETIME,S.PLANENDTIME,S.ENDDATETIME,S.ENDOP,S.STATUS " ) ;
strSql . Append ( ",(SELECT top 1 ISNULL(workload,0) FROM code_op_service_work WHERE NAME=S.WORK) AS WORKLOAD" ) ;
strSql . Append ( ",A.BSNO,A.BSSTATUS,A.FEESTATUS,A.BSDATE,A.ACCDATE,A.OPDATE,A.MBLNO,A.HBLNO,A.CUSTNO" ) ;
strSql . Append ( ",A.CUSTOMERNAME,A.BSTYPE,A.VESSEL,A.VOYNO,A.ETD,A.ETA,A.PORTLOAD,A.PORTDISCHARGE" ) ;
strSql . Append ( ",A.INPUTBY,A.OP,A.SALE,A.CUSTOMSER,A.BSSOURCE,A.BSSOURCEDETAIL" ) ;
strSql . Append ( ",A.CORPID,A.SALEDEPT,A.PKGS,A.KGS,A.NETWEIGHT,A.CBM" ) ;
strSql . Append ( ",A.CUSTOMNO,A.CUSTOMDATE,A.INSPECTIONNO,A.INSPECTIONDATE,A.INVNO,A.CONTRACTNO,A.ARCOUNTRY,A.GOODSOURCE" ) ;
strSql . Append ( ",A.DOCNO,A.TRADETYPE,A.REMARK,A.BOOKNO,A.BYCUSTOM,A.ENTERPID,A.ENTERP" ) ;
strSql . Append ( ",A.ISSERVICE1,A.ISSERVICE2,A.ISSERVICE3,A.ISSERVICE4,A.ISSERVICE5,A.ISSERVICE6,A.ISSERVICE7,A.ISSERVICE8" ) ;
strSql . Append ( ",(select EnumValueName from tSysEnumValue where LangId=0 and EnumTypeID=96004 and EnumValueID=A.BsType) as BSTYPEREF" ) ;
strSql . Append ( ",(CASE A.BsStatus WHEN 1 THEN '锁定' else '未锁定' end) as BSSTATUSREF " ) ;
strSql . Append ( ",(CASE A.FeeStatus WHEN 1 THEN '锁定' else '未锁定' end) as FEESTATUSREF " ) ;
strSql . Append ( ",(Select STATUS from op_apply_service where BSNO=A.BSNO AND OPField='SERVICE1') as SERVICE1 " ) ;
strSql . Append ( ",(Select STATUS from op_apply_service where BSNO=A.BSNO AND OPField='SERVICE2') as SERVICE2 " ) ;
strSql . Append ( ",(Select STATUS from op_apply_service where BSNO=A.BSNO AND OPField='SERVICE3') as SERVICE3 " ) ;
strSql . Append ( ",(Select STATUS from op_apply_service where BSNO=A.BSNO AND OPField='SERVICE4') as SERVICE4 " ) ;
strSql . Append ( ",(Select STATUS from op_apply_service where BSNO=A.BSNO AND OPField='SERVICE5') as SERVICE5 " ) ;
strSql . Append ( ",(Select STATUS from op_apply_service where BSNO=A.BSNO AND OPField='SERVICE6') as SERVICE6 " ) ;
strSql . Append ( ",(Select STATUS from op_apply_service where BSNO=A.BSNO AND OPField='SERVICE7') as SERVICE7 " ) ;
strSql . Append ( ",(Select STATUS from op_apply_service where BSNO=A.BSNO AND OPField='SERVICE8') as SERVICE8 " ) ;
strSql . Append ( " from op_apply_service_detail S LEFT JOIN OP_APPLY A ON (A.BSNO=S.BSNO)" ) ;
if ( ! string . IsNullOrEmpty ( condition ) )
{
strSql . Append ( " Where " + condition ) ;
}
var sortstring = DatasetSort . Getsortstring ( sort ) ;
if ( ! string . IsNullOrEmpty ( sortstring ) )
{
strSql . Append ( " order by " + sortstring ) ;
}
else
{
strSql . Append ( " order by A.BSDATE,A.BSNO DESC" ) ;
}
if ( ( ! string . IsNullOrEmpty ( printstr ) ) & & ( printstr = = "true" ) )
{
var jsonRespose = new JsonResponse
{
Success = true ,
Message = "完成" ,
Data = strSql . ToString ( )
} ;
return new ContentResult ( ) { Content = JsonConvert . Serialize ( jsonRespose ) } ;
}
else
{
var dbparams = new List < CustomDbParamter > ( ) ;
var paramps_sSQL = new CustomDbParamter ( ) ;
paramps_sSQL . ParameterName = "@sSQL" ;
paramps_sSQL . DbType = DbType . String ;
paramps_sSQL . Direction = ParameterDirection . Input ;
paramps_sSQL . Value = strSql . ToString ( ) ;
dbparams . Add ( paramps_sSQL ) ;
var dbRptResult = PubSysDAL . GetMsSqlPrcDataSet ( "sMsExesqlQry" , dbparams , "Result_Set" ) ;
var json = RptHelper . GetRptJsonResult ( start , limit , dbRptResult , "Result_Set" , true ) ;
return new ContentResult ( ) { Content = json } ;
}
}
public static string GetRangDAStr ( string tb , string userid , string usercode , string companyid )
{
string str = "" ;
var strSql = new StringBuilder ( ) ;
strSql . Append ( "SELECT " ) ;
strSql . Append ( " VISIBLERANGE,OPERATERANGE " ) ;
strSql . Append ( " from VW_User_Authority " ) ;
strSql . Append ( " where [NAME]='modFeeModifyreportRange' and USERID='" + userid + "' and ISDELETE=0" ) ;
string visiblerange = "4" ;
string operaterange = "4" ;
Database db = DatabaseFactory . CreateDatabase ( ) ;
using ( IDataReader reader = db . ExecuteReader ( CommandType . Text , strSql . ToString ( ) ) )
{
while ( reader . Read ( ) )
{
visiblerange = Convert . ToString ( reader [ "VISIBLERANGE" ] ) ;
operaterange = Convert . ToString ( reader [ "OPERATERANGE" ] ) ;
break ;
}
reader . Close ( ) ;
}
if ( visiblerange = = "4" )
{
str = "1=2" ;
}
else if ( visiblerange = = "3" )
{
str = " (B.OP='" + usercode + "' OR B.SALE='" + usercode + "')" ;
}
else if ( visiblerange = = "2" )
{
if ( tb = = "index" )
{
var rangeDa = new RangeDA ( ) ;
var deptname = rangeDa . GetDEPTNAME ( userid ) ;
var userstr = new StringBuilder ( ) ;
userstr . Append ( " select SHOWNAME from [user] where GID in (select USERID from user_company where COMPANYID='" + companyid + "') and GID in (select userid from user_baseinfo where DEPTNAME='" + deptname + "')" ) ;
Database userdb = DatabaseFactory . CreateDatabase ( ) ;
using ( IDataReader reader = userdb . ExecuteReader ( CommandType . Text , userstr . ToString ( ) ) )
{
str = "" ;
while ( reader . Read ( ) )
{
if ( str = = "" )
{
str = " (B.OP='" + Convert . ToString ( reader [ "SHOWNAME" ] ) + "' OR B.SALE='" + Convert . ToString ( reader [ "SHOWNAME" ] ) + "'" ;
}
else
{
str = str + " or B.OP='" + Convert . ToString ( reader [ "SHOWNAME" ] ) + "' OR B.SALE='" + Convert . ToString ( reader [ "SHOWNAME" ] ) + "'" ;
} ;
}
str = str + ")" ;
reader . Close ( ) ;
}
}
else
{
str = " UPPER(B.Corpid)='" + companyid + "'" ;
}
}
else if ( visiblerange = = "1" )
{
str = " UPPER(B.Corpid)='" + companyid + "'" ;
}
return str ;
}
#region 参照部分
# endregion
}
}