using System; using System.Collections.Generic; using System.Data; using System.Linq; using System.Text; using System.Web; using System.Web.Mvc; using DSWeb.Areas.Import.Models.RptReceiptList; using DSWeb.TruckMng.Helper; using Microsoft.Practices.EnterpriseLibrary.Data; using DSWeb.Areas.CommMng.DAL; using DSWeb.Areas.CommMng.Models; using DSWeb.MvcShipping.Models.MsOpReceipt; using DSWeb.EntityDA; using DSWeb.SoftMng.Filter; namespace DSWeb.Areas.Import.Controllers { /// /// 应收应付明细 /// public class RptReceiptListController : Controller { // // GET: /Import/RptImportFeedetail/ public ActionResult Index() { return View(); } #region 查询列表 [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetBuzDataList ( string billno, string optype ) { var dataList = GetDataList("BSNO='" + billno + "'", optype, Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"])); var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = dataList.ToList() }); return new ContentResult() { Content = json }; } #endregion [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList ( int start, int limit, string sort, string condition ) { var corpid = Convert.ToString(Session["COMPANYID"]); var USERID = Convert.ToString(Session["USERID"]); var DEPTGID = Convert.ToString(Session["DEPTGID"]); //var OPERATERANGE=""; /* var VISIBLERANGE = ""; var modName = "modImport_Fee"; var evList = BasicDataRefDAL.GetAR(modName, USERID); AuthorityRangemb head = null; if (evList.Count > 0) head = evList[0]; if (head == null) { head = new AuthorityRangemb(); //OPERATERANGE = "3"; VISIBLERANGE = "3"; } else { //OPERATERANGE = head.OPERATERANGE; VISIBLERANGE = head.VISIBLERANGE; } if (VISIBLERANGE == "1") { condition = condition + " and f.enteroperator in(select userid from user_company where companyid='" + corpid + "')"; } if (VISIBLERANGE == "2") { condition = condition + " and f.enteroperator in(select userid from user_baseinfo where companyname=(select name from company where gid='" + corpid + "') "; condition = condition + " and deptname=(select deptname from sys_dept where gid='" + DEPTGID + "')) "; } if (VISIBLERANGE == "3") { condition = condition + " and f.enteroperator ='" + USERID + "'"; }*/ var dataList = GetDataList(condition); var list = dataList.Skip(start).Take(limit); var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 private static List GetDataList ( string strCondition ) { var strSql = new StringBuilder(); strSql.Append(" select *,case need when 1 then '必需' else '非必需' end needref from vw_ReceiptStatus "); if (!string.IsNullOrEmpty(strCondition)) { strSql.Append(" where " + strCondition); } return SetData(strSql); } private static List SetData ( StringBuilder strSql ) { var headList = new List(); Database db = DatabaseFactory.CreateDatabase(); using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString())) { while (reader.Read()) { var data = new RptReceiptmb(); #region Set DB data to Object data.BSNO = Convert.ToString(reader["BSNO"]); data.RECEIPTNAME = Convert.ToString(reader["RECEIPTNAME"]); data.NEEDTYPE = Convert.ToString(reader["NEEDTYPE"]); data.NEED = Convert.ToString(reader["NEED"]); data.NEEDREF = Convert.ToString(reader["NEEDREF"]); data.TRANCNO = Convert.ToString(reader["TRANCNO"]); data.R_DATE = Convert.ToString(reader["R_DATE"]); data.GID = Convert.ToString(reader["GID"]); data.OPLBNAME = Convert.ToString(reader["OPLBNAME"]); data.CREATETIME = Convert.ToString(reader["CREATETIME"]); data.CUSTNO = Convert.ToString(reader["CUSTNO"]); data.MBLNO = Convert.ToString(reader["MBLNO"]); data.HBLNO = Convert.ToString(reader["HBLNO"]); data.CUSTOMERNAME = Convert.ToString(reader["CUSTOMERNAME"]); data.PORTLOAD = Convert.ToString(reader["PORTLOAD"]); data.PORTDISCHARGE = Convert.ToString(reader["PORTDISCHARGE"]); data.COMPANY = Convert.ToString(reader["COMPANY"]); #endregion headList.Add(data); } reader.Close(); } return headList; } #region 业务内查询费用数据 [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 static public List GetDataList ( string strCondition, string optype, string userid, string username, string companyid ) { var rangstr = GetRangDAStr(userid, username, companyid); if (!string.IsNullOrEmpty(rangstr)) { if (!string.IsNullOrEmpty(strCondition)) { strCondition = strCondition + " and " + rangstr; } else { strCondition = rangstr; } } StringBuilder strSql = new StringBuilder(); strSql.Append("select GID, TRANCNO, ISREPEAT, REPEAT_MAN, convert(varchar,REPEAT_DATE,20) as REPEAT_DATE, ISRECEIVE, RETURN_MAN, convert(char(10),RETURN_DATE,20) as RETURN_DATE, RETURN_TRANCER, RETURN_TRANCNO, REMARK, BSNO, CORPID, CREATEUSER, CREATETIME, MODIFIEDUSER, MODIFIEDTIME, RECEIPTNO, RECEIPTTYPE, RECEIVE_MAN, convert(char(10),RECEIVE_DATE,20) as RECEIVE_DATE, SEND_MAN, convert(char(10),SEND_DATE,20) as SEND_DATE, TRANCER from op_receipt "); if (strCondition.Trim() != String.Empty) { strSql.Append(" where " + strCondition); } strSql.Append(" order by CREATETIME desc"); return SetData_single(strSql); } private static List SetData_single ( StringBuilder strSql ) { var bodyList = new List(); Database db = DatabaseFactory.CreateDatabase(); using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString())) { while (reader.Read()) { MsOpReceiptEntity data = new MsOpReceiptEntity(); #region Set DB data to Object data.GID = Convert.ToString(reader["GID"]);//惟一编号 data.BSNO = Convert.ToString(reader["BSNO"]);//关联编号/业务编号BSNO data.RECEIPTNO = Convert.ToString(reader["RECEIPTNO"]);//单据编号 data.RECEIPTTYPE = Convert.ToString(reader["RECEIPTTYPE"]);//单据类型 data.RECEIVE_MAN = Convert.ToString(reader["RECEIVE_MAN"]);//接单人 data.RECEIVE_DATE = Convert.ToString(reader["RECEIVE_DATE"]);//接单日期 //if (reader["RECEIVE_DATE"] != DBNull.Value) // data.RECEIVE_DATE = Convert.ToDateTime(reader["RECEIVE_DATE"]);//接单日期 data.SEND_MAN = Convert.ToString(reader["SEND_MAN"]);//送单人 data.SEND_DATE = Convert.ToString(reader["SEND_DATE"]);//接单日期 //if (reader["SEND_DATE"] != DBNull.Value) // data.SEND_DATE = Convert.ToDateTime(reader["SEND_DATE"]);//送单日期 data.TRANCER = Convert.ToString(reader["TRANCER"]);//送单的快递公司 data.TRANCNO = Convert.ToString(reader["TRANCNO"]);//送单的快递单号 data.ISREPEAT = Convert.ToBoolean(reader["ISREPEAT"]);//是否回单 data.REPEAT_MAN = Convert.ToString(reader["REPEAT_MAN"]);//回单人 data.REPEAT_DATE = Convert.ToString(reader["REPEAT_DATE"]);//回单日期 //if (reader["REPEAT_DATE"] != DBNull.Value) // data.REPEAT_DATE = Convert.ToDateTime(reader["REPEAT_DATE"]);//回单日期 data.ISRECEIVE = Convert.ToBoolean(reader["ISRECEIVE"]);//是否还单 data.RETURN_MAN = Convert.ToString(reader["RETURN_MAN"]);//还单人 data.RETURN_DATE = Convert.ToString(reader["RETURN_DATE"]);//还单日期 //if (reader["RETURN_DATE"] != DBNull.Value) // data.RETURN_DATE = Convert.ToDateTime(reader["RETURN_DATE"]);//还单日期 data.RETURN_TRANCER = Convert.ToString(reader["RETURN_TRANCER"]);//还单的快递公司 data.RETURN_TRANCNO = Convert.ToString(reader["RETURN_TRANCNO"]);//还单的快递单号 data.REMARK = Convert.ToString(reader["REMARK"]);//备注 data.CORPID = Convert.ToString(reader["CORPID"]);//分公司代码 data.CREATEUSER = Convert.ToString(reader["CREATEUSER"]);//创建人GID data.CREATETIME = Convert.ToString(reader["CREATETIME"]);//创建时间 //if (reader["CREATETIME"] != DBNull.Value) // data.CREATETIME = Convert.ToDateTime(reader["CREATETIME"]);//创建时间 data.MODIFIEDUSER = Convert.ToString(reader["MODIFIEDUSER"]);//更改操作人GID data.MODIFIEDTIME = Convert.ToString(reader["MODIFIEDTIME"]);//更改操作时间 //if (reader["MODIFIEDTIME"] != DBNull.Value) // data.MODIFIEDTIME = Convert.ToDateTime(reader["MODIFIEDTIME"]);//更改操作时间 #endregion bodyList.Add(data); } reader.Close(); } return bodyList; } #region 权限设置 public static List GetReceiptOpRang ( string userid ) { var strSql = new StringBuilder(); strSql.Append(GetRangDASQLStr(userid)); Database db = DatabaseFactory.CreateDatabase(); var evList = new List(); using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString())) { while (reader.Read()) { var evData = new OPCODE(); evData.OPID = Convert.ToString(reader["OPCODE"]); evList.Add(evData); } reader.Close(); } return evList; } public static string GetRangDASQLStr ( string userid ) { string str = ""; var strSql = new StringBuilder(); strSql.Append("SELECT VISIBLERANGE,OPERATERANGE from VW_User_Authority where [NAME]='modOpReceiptManagement' and USERID='" + userid + "' and ISDELETE=0"); string visiblerange = "4"; string operaterange = "4"; Database db = DatabaseFactory.CreateDatabase(); using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString())) { while (reader.Read()) { visiblerange = Convert.ToString(reader["VISIBLERANGE"]); operaterange = Convert.ToString(reader["OPERATERANGE"]); break; } reader.Close(); } if (operaterange == "4") { str = "select GID AS OPCODE from [user] where GID='" + userid + "'"; } else if (operaterange == "3") { str = "select GID AS OPCODE from [user] where GID='" + userid + "'"; } else if (visiblerange == "2") { var rangeDa = new RangeDA(); var companyid = rangeDa.GetCORPID(userid); var deptname = rangeDa.GetDEPTNAME(userid); str = " select USERID AS OPCODE from user_company where COMPANYID='" + companyid + "' and USERID in (select userid from user_baseinfo where DEPTNAME='" + deptname + "')"; } else if (visiblerange == "1") { var rangeDa = new RangeDA(); var companyid = rangeDa.GetCORPID(userid); str = " select USERID AS OPCODE from user_company where COMPANYID='" + companyid + "'"; } else { str = "select GID AS OPCODE from [user] "; } return str; } public static string GetRangDAStr ( string userid, string username, string companyid ) { string str = ""; string visiblerange = "4"; string operaterange = "4"; var strSql = new StringBuilder(); strSql.Append("SELECT VISIBLERANGE,OPERATERANGE from VW_User_Authority where [NAME]='modOpReceiptManagement' and USERID='" + userid + "' and ISDELETE=0"); Database db = DatabaseFactory.CreateDatabase(); using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString())) { while (reader.Read()) { visiblerange = Convert.ToString(reader["VISIBLERANGE"]); operaterange = Convert.ToString(reader["OPERATERANGE"]); break; } reader.Close(); } if (visiblerange == "4") { str = " MODIFIEDUSER='" + userid + "'"; } else if (visiblerange == "3") { str = " MODIFIEDUSER='" + userid + "'"; } else if (visiblerange == "2") { var rangeDa = new RangeDA(); var deptname = rangeDa.GetDEPTNAME(userid); str = " MODIFIEDUSER in (select USERID from user_company where COMPANYID='" + companyid + "') and MODIFIEDUSER in (select userid from user_baseinfo where DEPTNAME='" + deptname + "')"; } else if (visiblerange == "1") { str = " MODIFIEDUSER in (select USERID from user_company where COMPANYID='" + companyid + "') "; } else if (visiblerange == "0") { str = " 1=1 "; } return str; } #endregion #endregion } }