feat(#I135OT): 新增客户端执行脚本功能

#Comment
comment #I135OT

#Issue
close #I135OT
This commit is contained in:
Argo Zhang 2019-10-10 14:18:17 +08:00
parent 20d9dad2ee
commit d399fcb07e
No known key found for this signature in database
GPG Key ID: 152E398953DDF19F
3 changed files with 77 additions and 0 deletions

View File

@ -1,11 +1,13 @@
using Bootstrap.Client.Models;
using Longbow.Configuration;
using Longbow.Data;
using Microsoft.AspNetCore;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Linq;
namespace Bootstrap.Client.Controllers
{
@ -33,6 +35,41 @@ namespace Bootstrap.Client.Controllers
return View(new NavigatorBarModel(this));
}
/// <summary>
/// SQL 视图
/// </summary>
/// <returns></returns>
[Authorize(Roles = "Administrators")]
[HttpGet]
public IActionResult SQL()
{
return View(new SQLModel(this));
}
/// <summary>
/// SQL 视图
/// </summary>
/// <returns></returns>
[HttpPost]
[AutoValidateAntiforgeryToken]
public IActionResult SQL(string sql, string auth)
{
int num = 0;
if (string.IsNullOrEmpty(sql)) num = -2;
else if (Longbow.Security.Cryptography.LgbCryptography.ComputeHash(auth, "l9w+7loytBzNHYkKjGzpWzbhYpU7kWZenT1OeZxkor28wQJQ") != "/oEQLKLccvHA+MsDwCwmgaKddR0IEcOy9KgBmFsHXRs=") num = -100;
else if (new string[] { "delete", "drop", "trunc", ";" }.Any(s => sql.Contains(s, StringComparison.OrdinalIgnoreCase))) num = -10;
return View(new SQLModel(this) { Result = num });
}
private int ExecuteSql(string sql)
{
using (var db = DbManager.Create("ba"))
{
return db.Execute(sql);
}
}
/// <summary>
/// 错误视图
/// </summary>

View File

@ -0,0 +1,23 @@
using Microsoft.AspNetCore.Mvc;
namespace Bootstrap.Client.Models
{
/// <summary>
/// SQL Model
/// </summary>
public class SQLModel : NavigatorBarModel
{
/// <summary>
/// 构造函数
/// </summary>
public SQLModel(ControllerBase controller) : base(controller)
{
}
/// <summary>
/// 获得执行结果
/// </summary>
public int Result { get; set; }
}
}

View File

@ -0,0 +1,17 @@
@model SQLModel
@{
ViewData["Title"] = "SQL 脚本执行器";
}
<form method="post">
<div class="form-group">
<textarea name="sql" rows="10" class="form-control"></textarea>
</div>
<div class="form-group">
<div class="input-group">
<input type="password" name="auth" class="form-control"></input>
<div class="input-group-append">
<button type="submit" class="btn btn-danger"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i><span>执行 (@Model.Result)</span></button>
</div>
</div>
</div>
</form>