using Longbow.Caching;
using Longbow.Caching.Configuration;
using Longbow.ExceptionManagement;
using Longbow.Security;
using System;
using System.Collections.Generic;
using System.Data;
using System.Data.Common;
using System.Data.SqlClient;
using System.Globalization;
using System.Linq;
namespace Bootstrap.DataAccess
{
///
/// 用户表相关操作类
///
public static class UserHelper
{
private const string UserDataKey = "UserData-CodeUserHelper";
private const string UserDisplayNameDataKey = "UserData-CodeUserHelper-";
private const string UserRoleIDDataKey = "UserData-CodeUserHelper-Role-";
///
/// 查询所有用户
///
///
///
public static IEnumerable RetrieveUsers(string tId = null)
{
string sql = "select ID, UserName, DisplayName from Users";
var ret = CacheManager.GetOrAdd(UserDataKey, CacheSection.RetrieveIntervalByKey(UserDataKey), key =>
{
List Users = new List();
DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql);
try
{
using (DbDataReader reader = DBAccessManager.SqlDBAccess.ExecuteReader(cmd))
{
while (reader.Read())
{
Users.Add(new User()
{
ID = (int)reader[0],
UserName = (string)reader[1],
DisplayName = (string)reader[2]
});
}
}
}
catch (Exception ex) { ExceptionManager.Publish(ex); }
return Users;
}, CacheSection.RetrieveDescByKey(UserDataKey));
return string.IsNullOrEmpty(tId) ? ret : ret.Where(t => tId.Equals(t.ID.ToString(), StringComparison.OrdinalIgnoreCase));
}
///
/// 根据用户名查询用户
///
///
///
public static User RetrieveUsersByName(string userName)
{
string key = string.Format("{0}{1}", UserDisplayNameDataKey, userName);
return CacheManager.GetOrAdd(key, CacheSection.RetrieveIntervalByKey(UserDisplayNameDataKey), k =>
{
User user = null;
string sql = "select ID, UserName, [Password], PassSalt, DisplayName from Users where UserName = @UserName";
DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql);
try
{
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@UserName", userName, ParameterDirection.Input));
using (DbDataReader reader = DBAccessManager.SqlDBAccess.ExecuteReader(cmd))
{
if (reader.Read())
{
user = new User()
{
ID = (int)reader[0],
UserName = (string)reader[1],
Password = (string)reader[2],
PassSalt = (string)reader[3],
DisplayName = (string)reader[4]
};
}
}
}
catch (Exception ex) { ExceptionManager.Publish(ex); }
return user;
}, CacheSection.RetrieveDescByKey(UserDisplayNameDataKey));
}
///
/// 删除用户
///
///
public static bool DeleteUser(string ids)
{
bool ret = false;
if (string.IsNullOrEmpty(ids) || ids.Contains("'")) return ret;
try
{
string sql = string.Format(CultureInfo.InvariantCulture, "Delete from Users where ID in ({0})", ids);
using (DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql))
{
DBAccessManager.SqlDBAccess.ExecuteNonQuery(cmd);
}
ClearCache();
ret = true;
}
catch (Exception ex)
{
ExceptionManager.Publish(ex);
}
return ret;
}
///
/// 保存新建/更新的用户信息
///
///
///
public static bool SaveUser(User p)
{
if (p == null) throw new ArgumentNullException("p");
bool ret = false;
if (p.UserName.Length > 50) p.UserName.Substring(0, 50);
p.PassSalt = LgbCryptography.GenerateSalt();
p.Password = LgbCryptography.ComputeHash(p.Password, p.PassSalt);
if (p.DisplayName.Length > 50) p.DisplayName.Substring(0, 50);
string sql = p.ID == 0 ?
"Insert Into Users (UserName, Password, PassSalt, DisplayName) Values (@UserName, @Password, @PassSalt, @DisplayName)" :
"Update Users set UserName = @UserName, Password = @Password, PassSalt = @PassSalt, DisplayName = @DisplayName where ID = @ID";
try
{
using (DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql))
{
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@ID", p.ID, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@UserName", p.UserName, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@Password", p.Password, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@PassSalt", p.PassSalt, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@DisplayName", p.DisplayName, ParameterDirection.Input));
DBAccessManager.SqlDBAccess.ExecuteNonQuery(cmd);
}
ret = true;
ClearCache();
}
catch (DbException ex)
{
ExceptionManager.Publish(ex);
}
return ret;
}
///
/// 验证用户登陆账号与密码正确
///
///
///
///
public static bool Authenticate(string userName, string password)
{
var user = RetrieveUsersByName(userName);
return user != null && user.Password == LgbCryptography.ComputeHash(password, user.PassSalt);
}
// 更新缓存
private static void ClearCache()
{
CacheManager.Clear(key => key == UserDataKey);
CacheManager.Clear(key => key.Contains(UserDisplayNameDataKey));
CacheManager.Clear(key => key.Contains(UserRoleIDDataKey));
}
///
/// 通过roleId获取所有用户
///
///
///
public static IEnumerable RetrieveUsersByRoleId(int roleId)
{
string key = string.Format("{0}{1}", UserRoleIDDataKey, roleId);
return CacheManager.GetOrAdd(key, CacheSection.RetrieveIntervalByKey(UserDisplayNameDataKey), k =>
{
List Users = new List();
string sql = "select u.ID,u.UserName,u.DisplayName,case ur.UserID when u.ID then 'checked' else '' end [status] from Users u left join UserRole ur on u.ID=ur.UserID and RoleID =@RoleID";
DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql);
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@RoleID", roleId, ParameterDirection.Input));
try
{
using (DbDataReader reader = DBAccessManager.SqlDBAccess.ExecuteReader(cmd))
{
while (reader.Read())
{
Users.Add(new User()
{
ID = (int)reader[0],
UserName = (string)reader[1],
DisplayName = (string)reader[2],
Checked = (string)reader[3]
});
}
}
}
catch (Exception ex) { ExceptionManager.Publish(ex); }
return Users;
}, CacheSection.RetrieveDescByKey(UserRoleIDDataKey));
}
///
/// 通过角色ID保存当前授权用户(插入)
///
/// 角色ID
/// 用户ID数组
///
public static bool SaveUsersByRoleId(int id, string value)
{
DataTable dt = new DataTable();
dt.Columns.Add("RoleID", typeof(int));
dt.Columns.Add("UserID", typeof(int));
if (!string.IsNullOrEmpty(value))
{
string[] userIds = value.Split(',');
foreach (string userId in userIds)
{
DataRow dr = dt.NewRow();
dr["RoleID"] = id;
dr["UserID"] = userId;
dt.Rows.Add(dr);
}
}
var trans = DBAccessManager.SqlDBAccess.BeginTransaction();
try
{
using (DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, string.Empty))
{
cmd.CommandText = "delete from UserRole where RoleId=@RoleId";
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@RoleId", id, ParameterDirection.Input));
DBAccessManager.SqlDBAccess.ExecuteNonQuery(cmd, trans);
using (SqlBulkCopy bulk = new SqlBulkCopy((SqlConnection)trans.Transaction.Connection, SqlBulkCopyOptions.Default, (SqlTransaction)trans.Transaction))
{
bulk.BatchSize = 1000;
bulk.DestinationTableName = "UserRole";
bulk.ColumnMappings.Add("RoleID", "RoleID");
bulk.ColumnMappings.Add("UserID", "UserID");
bulk.WriteToServer(dt);
}
trans.CommitTransaction();
ClearCache();
return true;
}
}
catch
{
trans.RollbackTransaction();
return false;
}
}
}
}