using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using static DbTableClass; using static resultClass; using System.Data.SqlClient; using Dapper.Contrib.Extensions; using Dapper; using Newtonsoft.Json; using Org.BouncyCastle.Bcpg.OpenPgp; using NPOI.OpenXmlFormats.Shared; using NPOI.SS.Formula.PTG; namespace QuotationMaker.Controllers { [Route("Api")] public class ApiController : ControllerBase { private readonly IHttpContextAccessor _httpContextAccessor; DbConn dbConn = new DbConn(); SqlConnection conn = new SqlConnection(GlobalClass.appsettings("ConnectionStrings:SQLConnectionString")); SqlConnection elabConn = new SqlConnection(GlobalClass.appsettings("ConnectionStrings:ElabConnectionString")); public ApiController(IHttpContextAccessor httpContextAccessor) { this._httpContextAccessor = httpContextAccessor; } [Route("modalQuotationList")] public ActionResult ModalQuotationList(IFormCollection obj) { modelQuotationListResult ret = new modelQuotationListResult(); authToken token = new authToken(this._httpContextAccessor); if (token.user_isLogin == false) { HttpContext.Response.Cookies.Delete("token_key"); ret.ret = "no"; ret.err_code = "99999"; ret.message = "非登入狀態!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } string dept_uid = obj["dept_uid"].ToString(); string modelProj_uid = obj["modelProj_uid"].ToString(); ret.modelQuotations = conn.Query("select * from modelQuotation where modelProj_uid = @modelProj_uid and dept_uid = @dept_uid", new { modelProj_uid = modelProj_uid, dept_uid = dept_uid }).ToList(); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } [Route("modalProjList")] public ActionResult ModalProjList(IFormCollection obj) { modelProjListResult ret = new modelProjListResult(); authToken token = new authToken(this._httpContextAccessor); if (token.user_isLogin == false) { HttpContext.Response.Cookies.Delete("token_key"); ret.ret = "no"; ret.err_code = "99999"; ret.message = "非登入狀態!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } string dept_uid = obj["dept_uid"].ToString(); ret.modelProjs = conn.Query("select * from modelProj where modelProj_isdel = 'N' and dept_uid = @dept_uid", new { dept_uid = dept_uid }).ToList(); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } [Route("quotationList")] public ActionResult QuotationList(IFormCollection obj) { quotationViewListResult ret = new quotationViewListResult(); authToken token = new authToken(this._httpContextAccessor); if (token.user_isLogin == false) { HttpContext.Response.Cookies.Delete("token_key"); ret.ret = "no"; ret.err_code = "99999"; ret.message = "非登入狀態!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } string user_uid = token.user_uid; string user_perm = token.user_perm; string project_uid = obj["project_uid"].ToString(); string dept_uid = obj["dept_uid"].ToString(); string user_uid_list = "'" + user_uid + "'"; if (user_perm == "system" && token.user_id != GlobalClass.appsettings("Admin:id")) { groupUser gpUser = conn.QueryFirstOrDefault("select * from groupUser where dept_uid = @dept_uid and user_uid = @user_uid ", new { dept_uid = dept_uid, user_uid = user_uid }); if (gpUser != null) { List groupUsers = conn.Query("select * from groupUser where group_uid = @group_uid", new { group_uid = gpUser.group_uid }).ToList(); foreach (groupUser groupUser in groupUsers) { user_uid_list += ", '" + groupUser.user_uid + "'"; } } } if (token.user_id != GlobalClass.appsettings("Admin:id")) { ret.quotationViews = conn.Query("select * from quotationView where quotationView_isdel = 'N' and quotationView_revoke = 'N' and project_uid = @project_uid and quotation_create_uid in (@user_list) order by quotation_modifydate desc", new { project_uid = project_uid, user_list = user_uid_list }).ToList(); } else { ret.quotationViews = conn.Query("select * from quotationView where quotation_isdel = 'N' and quotation_revoke = 'N' and project_uid = @project_uid order by quotation_modifydate desc", new { project_uid = project_uid }).ToList(); } ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } [Route("deptList")] public ActionResult DeptList(IFormCollection obj) { deptListResult ret = new deptListResult(); authToken token = new authToken(this._httpContextAccessor); if (token.user_isLogin == false) { HttpContext.Response.Cookies.Delete("token_key"); ret.ret = "no"; ret.err_code = "99999"; ret.message = "非登入狀態!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } string sqlString = "select * from depts order by dept_order"; if (token.user_id != GlobalClass.appsettings("Admin:id")) { sqlString = "select * from depts where dept_uid in (select dept_uid from userDept where user_uid = '" + token.user_uid + "' ) order by dept_order "; } ret.depts = conn.Query(sqlString).ToList(); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } [Route("addEditDelGetProject")] public ActionResult AddEditDelGetProject(IFormCollection obj) { projectViewResult ret = new projectViewResult(); authToken token = new authToken(this._httpContextAccessor); if (token.user_isLogin == false) { HttpContext.Response.Cookies.Delete("token_key"); ret.ret = "no"; ret.err_code = "99999"; ret.message = "非登入狀態!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } string user_uid = token.user_uid; string user_perm = token.user_perm; string dept_uid = obj["dept_uid"].ToString(); string method = obj["method"].ToString(); string project_uid = obj["project_uid"].ToString(); string project_name = obj["project_name"].ToString(); string company_uid = obj["company_uid"].ToString(); string project_ps = obj["project_ps"].ToString(); if (token.user_id != GlobalClass.appsettings("Admin:id")) { groupUser gpUser = conn.QueryFirstOrDefault("select * from groupUser where dept_uid = @dept_uid and user_uid = @user_uid ", new { dept_uid = dept_uid, user_uid = user_uid }); if (gpUser == null) { ret.ret = "no"; ret.err_code = "99991"; ret.message = "新增的專案資料其部門不屬於目前登入的使用者!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } } if (method == "") { ret.ret = "no"; ret.err_code = "0001"; ret.message = "沒有method!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (method == "add") { string errmsg = ""; if (project_name == "") { errmsg += "無專案名稱!\n"; } if (company_uid == "") { errmsg += "請選擇客戶公司!\n"; } if (errmsg != "") { ret.ret = "no"; ret.err_code = "0002"; ret.message = errmsg; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } project_uid = GlobalClass.CreateRandomCode(24); project newProject = new project(); newProject.project_uid = project_uid; newProject.dept_uid = dept_uid; newProject.company_uid = company_uid; newProject.project_ps = project_ps; newProject.project_creative_uid = token.user_uid; newProject.project_lastmodify_uid = token.user_uid; newProject.project_name = project_name; newProject.project_datetime = DateTime.Now.ToString("yyyy/MM/dd"); conn.Insert(newProject); projectView objView = conn.QueryFirstOrDefault("select * from projectView where project_isdel = 'N' and project_uid = @project_uid", new { project_uid = project_uid}); if (objView != null) { ret.projectViews.Add(objView); } ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } project editProject = conn.QueryFirstOrDefault("select * from project where project_isdel = 'N' and project_uid = @project_uid ", new { project_uid = project_uid }); if (editProject == null) { ret.ret = "no"; ret.err_code = "0004"; ret.message = "無此project_uid資料!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (method == "get") { projectView objView = conn.QueryFirstOrDefault("select * from projectView where project_isdel = 'N' and project_uid = @project_uid", new { project_uid = project_uid }); if (objView != null) { ret.projectViews.Add(objView); } ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (method == "edit") { string errmsg = ""; if (project_name == "") { errmsg += "無專案名稱!\n"; } if (company_uid == "") { errmsg += "請選擇客戶公司!\n"; } if (errmsg != "") { ret.ret = "no"; ret.err_code = "0002"; ret.message = errmsg; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } editProject.dept_uid = dept_uid; editProject.company_uid = company_uid; editProject.project_ps = project_ps; editProject.project_lastmodify_uid = token.user_uid; editProject.project_name = project_name; editProject.project_modifydate = DateTime.Now; conn.Update(editProject); projectView objView = conn.QueryFirstOrDefault("select * from projectView where project_isdel = 'N' and project_uid = @project_uid", new { project_uid = project_uid }); if (objView != null) { ret.projectViews.Add(objView); } ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (method == "del") { editProject.project_lastmodify_uid = token.user_uid; editProject.project_isdel = "Y"; editProject.project_modifydate = DateTime.Now; conn.Update(editProject); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } [Route("projectViewList")] public ActionResult ProjectViewList(IFormCollection obj) { projectViewResult ret = new projectViewResult(); authToken token = new authToken(this._httpContextAccessor); if (token.user_isLogin == false) { HttpContext.Response.Cookies.Delete("token_key"); ret.ret = "no"; ret.err_code = "99999"; ret.message = "非登入狀態!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } string user_uid = token.user_uid; string user_perm = token.user_perm; string dept_uid = obj["dept_uid"].ToString(); string start_txt = obj["start_txt"].ToString(); string end_txt = obj["end_txt"].ToString(); DateTime startDateTime = DateTime.Parse(start_txt + "/1"); DateTime endDateTime = DateTime.Parse(end_txt + "/1").AddMonths(1).AddDays(-1); string user_uid_list = "'" + user_uid + "'"; if (user_perm == "system" && token.user_id != GlobalClass.appsettings("Admin:id")) { groupUser gpUser = conn.QueryFirstOrDefault("select * from groupUser where dept_uid = @dept_uid and user_uid = @user_uid ", new { dept_uid = dept_uid, user_uid = user_uid }); if (gpUser != null) { List groupUsers = conn.Query("select * from groupUser where group_uid = @group_uid", new { group_uid = gpUser.group_uid }).ToList(); foreach (groupUser groupUser in groupUsers) { user_uid_list += ", '" + groupUser.user_uid + "'"; } } } if (user_perm == "system" && token.user_id == GlobalClass.appsettings("Admin:id")) { List groupUsers = conn.Query("select * from groupUser where dept_uid = @dept_uid", new { dept_uid = dept_uid }).ToList(); foreach (groupUser groupUser in groupUsers) { user_uid_list += ", '" + groupUser.user_uid + "'"; } } string sqlString = "select * from projectView where project_isdel = 'N' and project_creative_uid in (" + user_uid_list + ") and project_createdate >= '" + startDateTime.ToString("yyyy/MM/dd") + "' and project_createdate <= '" + endDateTime.ToString("yyyy/MM/dd 23:59:59") + "'"; ret.projectViews = conn.Query(sqlString).ToList(); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } [Route("addEditDelGetContactPerson")] public ActionResult AddEditDelContactPerson(IFormCollection obj) { contactPersonListResult ret = new contactPersonListResult(); authToken token = new authToken(this._httpContextAccessor); if (token.user_isLogin == false) { HttpContext.Response.Cookies.Delete("token_key"); ret.ret = "no"; ret.err_code = "99999"; ret.message = "非登入狀態!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } string company_uid = obj["company_uid"].ToString(); string contactPerson_uid = obj["contactPerson_uid"].ToString(); string contactPerson_name = obj["contactPerson_name"].ToString(); string contactPerson_email = obj["contactPerson_email"].ToString(); string contactPerson_tel = obj["contactPerson_tel"].ToString(); string contactPerson_fax = obj["contactPerson_fax"].ToString(); string method = obj["method"].ToString(); if (method == "") { ret.ret = "no"; ret.err_code = "0001"; ret.message = "沒有method!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (method == "add") { if (contactPerson_name.Trim() == "") { ret.ret = "no"; ret.err_code = "0003"; ret.message = "沒有contactPerson_name!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } contactPerson_uid = GlobalClass.CreateRandomCode(24); contactPerson newItem = new contactPerson(); newItem.contactPerson_name = contactPerson_name; newItem.contactPerson_uid = contactPerson_uid; newItem.company_uid = company_uid; newItem.contactPerson_tel = contactPerson_tel; newItem.contactPerson_email = contactPerson_email; newItem.contactPerson_fax = contactPerson_fax; newItem.contactPerson_lastmodify_uid = token.user_uid; newItem.contactPerson_createdate = DateTime.Now; newItem.contactPerson_modifydate = DateTime.Now; conn.Insert(newItem); ret.contactPersons.Add(newItem); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (contactPerson_uid.Trim() == "") { ret.ret = "no"; ret.err_code = "0002"; ret.message = "沒有contactPerson_uid!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } contactPerson editItem = conn.QueryFirstOrDefault("select * from contactPerson where contactPerson_isdel = 'N' and contactPerson_uid = @contactPerson_uid ", new { contactPerson_uid = contactPerson_uid }); if (editItem == null) { ret.ret = "no"; ret.err_code = "0004"; ret.message = "沒有contactPerson_uid此筆資料!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (method == "edit") { if (contactPerson_name.Trim() == "") { ret.ret = "no"; ret.err_code = "0002"; ret.message = "沒有contactPerson_name!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } editItem.contactPerson_name = contactPerson_name; editItem.contactPerson_tel = contactPerson_tel; editItem.contactPerson_email = contactPerson_email; editItem.contactPerson_fax = contactPerson_fax; editItem.contactPerson_lastmodify_uid = token.user_uid; editItem.contactPerson_modifydate = DateTime.Now; conn.Update(editItem); ret.contactPersons.Add(editItem); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (method == "get") { ret.contactPersons.Add(editItem); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (method == "del") { editItem.contactPerson_isdel = "Y"; editItem.contactPerson_lastmodify_uid = token.user_uid; editItem.contactPerson_modifydate = DateTime.Now; conn.Execute("update contactPerson set contactPerson_isdel = 'Y' where contactPerson_uid = @contactPerson_uid ", new { contactPerson_uid = contactPerson_uid }); conn.Update(editItem); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } [Route("contactPersonList")] public ActionResult ContactPersonList(IFormCollection obj) { contactPersonListResult ret = new contactPersonListResult(); authToken token = new authToken(this._httpContextAccessor); if (token.user_isLogin == false) { HttpContext.Response.Cookies.Delete("token_key"); ret.ret = "no"; ret.err_code = "99999"; ret.message = "非登入狀態!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } string company_uid = obj["company_uid"].ToString(); ret.contactPersons = conn.Query("select * from contactPerson where contactPerson_isdel = 'N' and company_uid = @company_uid ", new { company_uid = company_uid }).ToList(); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } [Route("addEditDelGetCompany")] public ActionResult AddEditDelSubItem(IFormCollection obj) { companyListResult ret = new companyListResult(); authToken token = new authToken(this._httpContextAccessor); if (token.user_isLogin == false) { HttpContext.Response.Cookies.Delete("token_key"); ret.ret = "no"; ret.err_code = "99999"; ret.message = "非登入狀態!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } string company_uid = obj["company_uid"].ToString(); string company_name = obj["company_name"].ToString(); string company_serialNo = obj["company_serialNo"].ToString(); string company_address = obj["company_address"].ToString(); string company_tel = obj["company_tel"].ToString(); string company_fax = obj["company_fax"].ToString(); string method = obj["method"].ToString(); if (method == "") { ret.ret = "no"; ret.err_code = "0001"; ret.message = "沒有method!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (method == "add") { if (company_name.Trim() == "") { ret.ret = "no"; ret.err_code = "0003"; ret.message = "沒有company_name!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } company_uid = GlobalClass.CreateRandomCode(24); company newItem = new company(); newItem.company_name = company_name; newItem.company_uid = company_uid; newItem.company_serialNo = company_serialNo; newItem.company_address = company_address; newItem.company_tel = company_tel; newItem.company_fax = company_fax; newItem.company_lastmodify_uid = token.user_uid; newItem.company_createdate = DateTime.Now; newItem.company_modifydate = DateTime.Now; conn.Insert(newItem); ret.companys.Add(newItem); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (company_uid.Trim() == "") { ret.ret = "no"; ret.err_code = "0002"; ret.message = "沒有company_uid!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } company editItem = conn.QueryFirstOrDefault("select * from company where company_isdel = 'N' and company_uid = @company_uid ", new { company_uid = company_uid }); if (editItem == null) { ret.ret = "no"; ret.err_code = "0004"; ret.message = "沒有company_uid此筆資料!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (method == "edit") { if (company_name.Trim() == "") { ret.ret = "no"; ret.err_code = "0002"; ret.message = "沒有company_name!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } editItem.company_name = company_name; editItem.company_serialNo = company_serialNo; editItem.company_address = company_address; editItem.company_tel = company_tel; editItem.company_fax = company_fax; editItem.company_lastmodify_uid = token.user_uid; editItem.company_modifydate = DateTime.Now; conn.Update(editItem); ret.companys.Add(editItem); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (method == "get") { ret.companys.Add(editItem); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } if (method == "del") { editItem.company_isdel = "Y"; editItem.company_lastmodify_uid = token.user_uid; editItem.company_modifydate = DateTime.Now; conn.Execute("update contactPerson set contactPerson_isdel = 'Y' where company_uid = @company_uid ", new { company_uid = company_uid }); conn.Update(editItem); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } [Route("companyList")] public ActionResult AuthSubItemList(IFormCollection obj) { companyListResult ret = new companyListResult(); authToken token = new authToken(this._httpContextAccessor); if (token.user_isLogin == false) { HttpContext.Response.Cookies.Delete("token_key"); ret.ret = "no"; ret.err_code = "99999"; ret.message = "非登入狀態!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } ret.companys = conn.Query("select * from company where company_isdel = 'N' ").ToList(); ret.ret = "yes"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } } }