You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
DS7/DSWeb/Areas/MvcShipping/Controllers/MsRptFeeStatusController.cs

289 lines
11 KiB
C#

using System;
using System.Collections.Generic;
using System.Data;
using System.Linq;
using System.Text;
using System.Web;
using System.Web.Mvc;
using DSWeb.MvcShipping.Helper;
using DSWeb.MvcShipping.Comm.Cookie;
using DSWeb.Areas.CommMng.DAL;
using DSWeb.Areas.RptMng.Comm;
using HcUtility.Comm;
using HcUtility.Core;
using Microsoft.Practices.EnterpriseLibrary.Data;
using DSWeb.EntityDA;
using DSWeb.Areas.CommMng.Models;
using DSWeb.MvcShipping.DAL.MsSysParamSet;
using DSWeb.SoftMng.Filter;
namespace DSWeb.MvcShipping.Controllers
{
/// <summary>
/// 费用状态查询
/// </summary>
[JsonRequestBehavior]
public class MsRptFeeStatusController : Controller
{
//
// GET: /MvcShipping/MsRptFeeStatus
public ActionResult Index()
{
return View();
}
[SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器
public ContentResult BsListData(int start, int limit, string condition, string sort, string printstr)
{
var strDa = GetRangDAStr("index", Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"]));
if (!string.IsNullOrEmpty(strDa))
{
if (!string.IsNullOrEmpty(condition))
{
condition = condition + " and " + strDa;
}
else
{
condition = strDa;
}
}
var RPTPRNOCANCEL = MsSysParamSetDAL.GetData("PARAMNAME='RPTPRNOCANCEL'");
if (RPTPRNOCANCEL.PARAMVALUE == "1")
{
if (!string.IsNullOrEmpty(condition))
{
condition = condition + " and B.ISCANCEL<>'1' ";
}
else
{
condition = " B.ISCANCEL<>'1' ";
}
}
var strSql = new StringBuilder();
strSql.Append("SELECT B.BSNO, B.OPLB, B.OPLBNAME, B.BSTYPE,B.CUSTOMERNAME, B.CUSTNO, B.MBLNO, B.HBLNO,B.VESSEL, B.VOYNO, B.INPUTBY, B.CREATETIME, B.BSSTATUS, B.SALE, B.OP, B.DOC,");
strSql.Append("case B.ETD when '1900-01-01 00:00:00.000' then '' else CONVERT(varchar(100), B.ETD,23) end as ETD");
strSql.Append(",case B.OPDATE when '1900-01-01 00:00:00.000' then '' else CONVERT(varchar(100), B.OPDATE,23) end as OPDATE,B.ENTERP");
strSql.Append(",case B.CUSTOMDATE when '1900-01-01 00:00:00.000' then '' else CONVERT(varchar(100), B.CUSTOMDATE,23) end as CUSTOMDATE");
strSql.Append(",B.CUSTSERVICE, B.PORTLOAD, B.PORTDISCHARGE, B.CUSTOMNO, B.ACCDATE,B.CARRIER, B.BSSOURCE, B.LANE, B.FORWARDER,B.NETWEIGHT,B.KGS,B.TEU,B.CNTRTOTAL,B.CORPID");
strSql.Append(",B.CNTR1,B.CNTR2,B.CNTR3,B.CNTR4,B.CNTR5,B.CNTR6,B.CNTR7,B.CNTR8,B.CNTR9,B.CNTR10,B.OTCNTR,B.TRADETYPE,B.GOODSNAME,B.FEESTATUS");
strSql.Append(",(select[NAME] from[company] where GID = B.SALECORPID) as SALECORP");
strSql.Append(",G.RMBDR,G.RMBCR,G.STLRMBDR,G.STLRMBCR,G.USDDR,G.USDCR,G.STLUSDDR,G.STLUSDCR,G.OTDR,G.OTCR,G.STLOTDR,G.STLOTCR,G.TTLDR,G.TTLCR,G.STLTTLDR,G.STLTTLCR");
strSql.Append(",G.USDDR-G.USDCR AS USDPROFIT,G.RMBDR-G.RMBCR AS RMBPROFIT,G.OTDR-G.OTCR AS OTPROFIT,G.TTLDR-G.TTLCR AS TTLPROFIT ");
strSql.Append(", (CASE WHEN (G.TTLCR)= 0 THEN '无法计算' ELSE ltrim(str((G.TTLDR-G.TTLCR) / (G.TTLCR) * 100, 10, 2)) + '%' END) AS PROFITRATE");
strSql.Append(" FROM V_OP_BILL B ");
strSql.Append("LEFT JOIN v_op_gain_sum G ON (G.BSNO=B.BSNO) ");
if (!string.IsNullOrEmpty(condition))
{
strSql.Append(" Where " + condition);
}
var sortstring = DatasetSort.Getsortstring(sort);
if (!string.IsNullOrEmpty(sortstring))
{
strSql.Append(" order by " + sortstring);
}
else
{
strSql.Append(" order by B.CUSTOMERNAME,B.OPLB,B.CREATETIME DESC");
}
if ((!string.IsNullOrEmpty(printstr)) && (printstr == "true"))
{
var jsonRespose = new JsonResponse
{
Success = true,
Message = "完成",
Data = strSql.ToString()
};
return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) };
}
else
{
var dbparams = new List<CustomDbParamter>();
var paramps_sSQL = new CustomDbParamter();
paramps_sSQL.ParameterName = "@sSQL";
paramps_sSQL.DbType = DbType.String;
paramps_sSQL.Direction = ParameterDirection.Input;
paramps_sSQL.Value = strSql.ToString();
dbparams.Add(paramps_sSQL);
var dbRptResult = PubSysDAL.GetMsSqlPrcDataSet("sMsExesqlQry", dbparams, "Result_Set");
var json = RptHelper.GetRptJsonResult(start, limit, dbRptResult, "Result_Set", true);
return new ContentResult() { Content = json };
}
}
public static string GetRangDAStr(string tb, string userid, string usercode, string companyid)
{
string str = "";
var strSql = new StringBuilder();
strSql.Append("SELECT ");
strSql.Append(" VISIBLERANGE,OPERATERANGE,AUTHORITYID,VSSQL ");
strSql.Append(" from VW_User_Authority ");
strSql.Append(" where [NAME]='modFeeStatusreportRange' and USERID='" + userid + "' and ISDELETE=0");
string visiblerange = "4";
string operaterange = "4";
string AUTHORITYID = "";
string VSSQL = "";
Database db = DatabaseFactory.CreateDatabase();
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
{
while (reader.Read())
{
visiblerange = Convert.ToString(reader["VISIBLERANGE"]);
operaterange = Convert.ToString(reader["OPERATERANGE"]);
AUTHORITYID = Convert.ToString(reader["AUTHORITYID"]);
VSSQL = Convert.ToString(reader["VSSQL"]);
break;
}
reader.Close();
}
if (visiblerange == "4")
{
str = "1=2";
}
else if (visiblerange == "3")
{
str = " (B.OP='" + usercode + "' OR B.SALE='" + usercode + "')";
}
else if (visiblerange == "2")
{
if (tb == "index")
{
var rangeDa = new RangeDA();
var deptname = rangeDa.GetDEPTNAME(userid);
var userstr = new StringBuilder();
userstr.Append(" select SHOWNAME from [user] where GID in (select USERID from user_company where COMPANYID='" + companyid + "') and GID in (select userid from user_baseinfo where DEPTNAME='" + deptname + "')");
Database userdb = DatabaseFactory.CreateDatabase();
using (IDataReader reader = userdb.ExecuteReader(CommandType.Text, userstr.ToString()))
{
str = "";
while (reader.Read())
{
if (str == "")
{
str = " (B.OP='" + Convert.ToString(reader["SHOWNAME"]) + "' OR B.SALE='" + Convert.ToString(reader["SHOWNAME"]) + "'";
}
else
{
str = str + " or B.OP='" + Convert.ToString(reader["SHOWNAME"]) + "' OR B.SALE='" + Convert.ToString(reader["SHOWNAME"]) + "'";
};
}
str = str + ")";
reader.Close();
}
}
else
{
str = " UPPER(B.Corpid)='" + companyid + "'";
}
}
else if (visiblerange == "5")
{
var userstr = new StringBuilder();
userstr.Append(" select COMPANYID from user_authority_range_company where userid='" + userid + "' and AUTHORITYID='" + AUTHORITYID + "' and VISIBLERANGE=1");
Database userdb = DatabaseFactory.CreateDatabase();
using (IDataReader reader = userdb.ExecuteReader(CommandType.Text, userstr.ToString()))
{
str = "";
while (reader.Read())
{
if (str == "")
{
str = " (b.Corpid='" + Convert.ToString(reader["COMPANYID"]) + "'";
}
else
{
str = str + " or b.Corpid='" + Convert.ToString(reader["COMPANYID"]) + "'";
};
}
str = str + ")";
reader.Close();
}
}
else if (visiblerange == "6")
{
var userstr = new StringBuilder();
userstr.Append(" select OPID,(select SHOWNAME from [user] where GID=user_authority_range_op.OPID) SHOWNAME from user_authority_range_op where userid='" + userid + "' and AUTHORITYID='" + AUTHORITYID + "' and VISIBLERANGE=1");
Database userdb = DatabaseFactory.CreateDatabase();
using (IDataReader reader = userdb.ExecuteReader(CommandType.Text, userstr.ToString()))
{
str = "";
while (reader.Read())
{
if (str == "")
{
str = " (b.OP='" + Convert.ToString(reader["SHOWNAME"]) + "' OR b.SALE='" + Convert.ToString(reader["SHOWNAME"]) + "' OR b.CUSTSERVICE='" + Convert.ToString(reader["SHOWNAME"]) + "' OR b.INPUTBY='" + Convert.ToString(reader["SHOWNAME"]) + "' ";
}
else
{
str = str + " or b.OP='" + Convert.ToString(reader["SHOWNAME"]) + "' OR b.SALE='" + Convert.ToString(reader["SHOWNAME"]) + "' OR b.CUSTSERVICE='" + Convert.ToString(reader["SHOWNAME"]) + "' OR b.INPUTBY='" + Convert.ToString(reader["SHOWNAME"]) + "' ";
};
}
str = str + ")";
reader.Close();
}
}
else if (visiblerange == "1")
{
str = " UPPER(B.Corpid)='" + companyid + "'";
}
VSSQL = VSSQL.Trim();
if (!string.IsNullOrEmpty(VSSQL))
{
if (!string.IsNullOrEmpty(str))
{
str = str + " and (" + VSSQL + ") ";
}
else
{
str = " (" + VSSQL + ") ";
}
}
return str;
}
#region 参照部分
#endregion
}
}