QuotationMaker/Controllers/ApiController.cs

using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using static DbTableClass;
using static resultClass;
using System.Data.SqlClient;
using Dapper.Contrib.Extensions;
using Dapper;
using Newtonsoft.Json;
using Org.BouncyCastle.Bcpg.OpenPgp;
using NPOI.OpenXmlFormats.Shared;
using NPOI.SS.Formula.PTG;
using System.Data;

namespace QuotationMaker.Controllers
{
    [Route("Api")]
    public class ApiController : ControllerBase
    {
        private readonly IHttpContextAccessor _httpContextAccessor;

        DbConn dbConn = new DbConn();
        SqlConnection conn = new SqlConnection(GlobalClass.appsettings("ConnectionStrings:SQLConnectionString"));
        SqlConnection elabConn = new SqlConnection(GlobalClass.appsettings("ConnectionStrings:ElabConnectionString"));

        public ApiController(IHttpContextAccessor httpContextAccessor)
        {
            this._httpContextAccessor = httpContextAccessor;


        }

        [Route("addEditDelQuotation")]
        public ActionResult AddEditDelQuotation(IFormCollection obj) {
            quotationDetailResult ret = new quotationDetailResult();

            authToken token = new authToken(this._httpContextAccessor);
            if (token.user_isLogin == false)
            {
                HttpContext.Response.Cookies.Delete("token_key");
                ret.ret = "no";
                ret.err_code = "99999";
                ret.message = "非登入狀態!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }



            string method = obj["method"].ToString();
            string dept_uid = obj["dept_uid"].ToString();
            string project_uid = obj["project_uid"].ToString();
            string quotation_uid = obj["quotation_uid"].ToString();
            string quotation_version = obj["quotation_version"].ToString();
            string quotation_prodMethod = obj["quotation_prodMethod"].ToString();
            string quotation_date = obj["quotation_date"].ToString();
            string quotation_expStart = obj["quotation_expStart"].ToString();
            string quotation_expEnd = obj["quotation_expEnd"].ToString();
            string quotation_name = obj["quotation_name"].ToString();
            string contactPerson_uid = obj["contactPerson_uid"].ToString();
            string company_uid = obj["company_uid"].ToString();
            string quotation_log = obj["quotation_log"].ToString();
            string quotation_noTaxTotal = obj["quotation_noTaxTotal"].ToString();
            string quotation_specTotal = obj["quotation_specTotal"].ToString();
            string quotation_tax = obj["quotation_tax"].ToString();
            string quotation_grandTotal = obj["quotation_grandTotal"].ToString();
            string quotation_sa = obj["quotation_sa"].ToString();
            string mainItems_jsonstr = obj["mainItems"].ToString();
            string payments_jsonstr = obj["payments"].ToString();
            string invoices_jsonstr = obj["invoices"].ToString();
            string quotation_revoke = "N";
            string quotation_isdel = "N";

            if (quotation_specTotal == "") {
                quotation_specTotal = "0";
            };

            if (method == "del") {
                quotation objQuotation = conn.QueryFirstOrDefault<quotation>("select * from quotation where quotation_isdel = 'N' and quotation_revoke = 'N' and quotation_uid = @quotation_uid order by quotation_version desc", new { quotation_uid = quotation_uid });

                if (objQuotation == null)
                {
                    ret.ret = "no";
                    ret.err_code = "0009";
                    ret.message = "此筆資料不存在或已被刪除!";
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }

                objQuotation.quotation_isdel = "Y";
                objQuotation.quotation_modifydate = DateTime.Now;
                objQuotation.quotation_modify_uid = token.user_uid;
                objQuotation.quotation_log = token.user_name + " 刪除了此張報價單!";

                conn.Update(objQuotation);

                ret.ret = "yes";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (method == "edit")
            {
                quotation oldQuotation = conn.QueryFirstOrDefault<quotation>("select * from quotation where quotation_version = @quotation_version and quotation_uid = @quotation_uid ", new { quotation_version = quotation_version, quotation_uid = quotation_uid });

                if (oldQuotation == null)
                {
                    ret.ret = "no";
                    ret.err_code = "0002";
                    ret.message = "找不到此筆報價單資料!";
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }

                quotation lastVerQuotation = conn.QueryFirstOrDefault<quotation>("select * from quotation where quotation_isdel = 'N' and quotation_revoke = 'N' and quotation_uid = @quotation_uid order by quotation_version desc ", new { quotation_uid = quotation_uid });

                if (lastVerQuotation == null)
                {
                    ret.ret = "no";
                    ret.err_code = "0002";
                    ret.message = "找不到此筆報價單資料!";
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }

                int new_version = lastVerQuotation.quotation_version + 1;

                //--- start update
                quotation objQuotation = new quotation();

                //quotation_log = quotation_log;
                //quotation_uid = quotation_uid;
                quotation_version = new_version.ToString();
                objQuotation.quotation_uid = quotation_uid;
                objQuotation.quotation_version = int.Parse(quotation_version);
                objQuotation.dept_uid = dept_uid;
                objQuotation.quotation_prodMethod = lastVerQuotation.quotation_prodMethod;
                objQuotation.quotation_date = quotation_date;
                objQuotation.quotation_expStart = quotation_expStart;
                objQuotation.quotation_expEnd = quotation_expEnd;
                objQuotation.quotation_name = quotation_name;
                objQuotation.project_uid = project_uid;
                objQuotation.contactPerson_uid = contactPerson_uid;
                objQuotation.company_uid = company_uid;
                objQuotation.quotation_log = quotation_log;
                objQuotation.quotation_create_uid = oldQuotation.quotation_create_uid;
                objQuotation.quotation_modify_uid = token.user_uid;
                objQuotation.quotation_noTaxTotal = double.Parse(quotation_noTaxTotal);
                objQuotation.quotation_specTotal = double.Parse(quotation_specTotal);
                objQuotation.quotation_tax = double.Parse(quotation_tax);
                objQuotation.quotation_grandTotal = double.Parse(quotation_grandTotal);
                objQuotation.quotation_sa = quotation_sa;
                objQuotation.quotation_isdel = quotation_isdel;
                objQuotation.quotation_revoke = quotation_revoke;
                objQuotation.quotation_createdate = DateTime.Now;
                objQuotation.quotation_modifydate = DateTime.Now;

                dynamic mainItems_Json;
                dynamic payments_Json;
                dynamic invoices_Json;

                try
                {
                    mainItems_Json = JsonConvert.DeserializeObject(mainItems_jsonstr);
                    payments_Json = JsonConvert.DeserializeObject(payments_jsonstr);
                    invoices_Json = JsonConvert.DeserializeObject(invoices_jsonstr);

                }
                catch (Exception ex)
                {
                    ret.ret = "no";
                    ret.err_code = "0003";
                    ret.message = "mainItems or payments or invoices json error," + ex.Message;
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }

                List<quotationMainItem> quotationMainItems = new List<quotationMainItem>();
                List<quotationSubItem> quotationSubItems = new List<quotationSubItem>();

                foreach (dynamic item in mainItems_Json)
                {
                    string quotationMainItem_uid = "qm_" + GlobalClass.CreateRandomCode(24);

                    quotationMainItem newItem = new quotationMainItem();
                    newItem.quotation_uid = quotation_uid;
                    newItem.mainItem_uid = item.mainItem_uid;
                    newItem.quotationMainItem_uid = quotationMainItem_uid;
                    newItem.quotationMainItem_name = item.quotationMainItem_name;
                    newItem.quotationMainItem_ac = double.Parse((string)item.quotationMainItem_ac);
                    newItem.quotationMainItem_subTotal = double.Parse((string)item.quotationMainItem_subTotal);
                    newItem.quotationMainItem_revoke = "N";
                    newItem.quotationMainItem_version = int.Parse((string)quotation_version);

                    quotationMainItems.Add(newItem);

                    foreach (dynamic subItem in item.subitems)
                    {
                        quotationSubItem newSubItem = new quotationSubItem();
                        newSubItem.quotationSubItem_uid = "qs" + GlobalClass.CreateRandomCode(24);
                        newSubItem.quotationMainItem_uid = quotationMainItem_uid;
                        newSubItem.quotation_uid = quotation_uid;
                        newSubItem.subItem_uid = subItem.subItem_uid;
                        newSubItem.quotationSubItem_name = subItem.quotationSubItem_name;
                        newSubItem.quotationSubItem_descript = subItem.quotationSubItem_descript;
                        newSubItem.quotationSubItem_price = double.Parse((string)subItem.quotationSubItem_price);
                        newSubItem.quotationSubItem_unitType = subItem.quotationSubItem_unitType;
                        newSubItem.quotationSubItem_number = double.Parse((string)subItem.quotationSubItem_number);
                        newSubItem.quotationSubItem_subTotal = double.Parse((string)subItem.quotationSubItem_subTotal);
                        newSubItem.quotationSubItem_hasAC = subItem.quotationSubItem_hasAC;
                        newSubItem.quotationSubItem_revoke = "N";
                        newSubItem.quotationSubItem_version = int.Parse((string)quotation_version);

                        quotationSubItems.Add(newSubItem);
                    }
                }

                List<payment> payments = new List<payment>();

                foreach (dynamic item in payments_Json)
                {
                    payment newItem = new payment();

                    newItem.payment_uid = "pay_" + GlobalClass.CreateRandomCode(20);
                    newItem.quotation_uid = quotation_uid;
                    newItem.payment_method = item.payment_method;
                    newItem.payment_methodname = item.payment_methodname;
                    newItem.payment_descript = item.payment_descript;
                    newItem.payment_revoke = "N";
                    newItem.payment_version = int.Parse((string)quotation_version);

                    payments.Add(newItem);
                }

                List<invoice> invoices = new List<invoice>();

                foreach (dynamic item in invoices_Json)
                {
                    invoice newItem = new invoice();

                    newItem.invoice_uid = "inv_" + GlobalClass.CreateRandomCode(20);
                    newItem.quotation_uid = quotation_uid;
                    newItem.invoice_name = item.invoice_name;

                    string yearmonth = item.invoice_date;
                    string strYear = yearmonth.Split('/')[0];
                    string strMonth = yearmonth.Split("/")[1];

                    newItem.invoice_year = int.Parse(strYear);
                    newItem.invoice_month = int.Parse(strMonth);
                    newItem.invoice_noTaxMoney = int.Parse((string)item.invoice_noTaxMoney);
                    newItem.invoice_revoke = "N";
                    newItem.invoice_version = int.Parse((string)quotation_version);

                    invoices.Add(newItem);
                }

                string old_version = lastVerQuotation.quotation_version.ToString();

                conn.Execute("update invoice set invoice_revoke = 'Y', invoice_modifydate = @invoice_modifydate where quotation_uid = @quotation_uid and invoice_version = @quotation_version ", new { invoice_modifydate = DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss"), quotation_uid = quotation_uid, quotation_version = old_version });
                conn.Execute("update payment set payment_revoke = 'Y', payment_modifydate = @payment_modifydate where quotation_uid = @quotation_uid and payment_version = @quotation_version ", new { payment_modifydate = DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss"), quotation_uid = quotation_uid, quotation_version = old_version });
                conn.Execute("update quotationSubItem set quotationSubItem_revoke = 'Y', quotationSubItem_modifydate = @quotationSubItem_modifydate where quotation_uid = @quotation_uid and quotationSubItem_version = @quotation_version ", new { quotationSubItem_modifydate = DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss"), quotation_uid = quotation_uid, quotation_version = old_version });
                conn.Execute("update quotationMainItem set quotationMainItem_revoke = 'Y', quotationMainItem_modifydate = @quotationMainItem_modifydate where quotation_uid = @quotation_uid and quotationMainItem_version = @quotation_version ", new { quotationMainItem_modifydate = DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss"), quotation_uid = quotation_uid, quotation_version = old_version });
                conn.Execute("update quotation set quotation_modify_uid = @quotation_modify_uid, quotation_revoke = 'Y', quotation_modifydate = @quotation_modifydate where quotation_uid = @quotation_uid and quotation_version = @quotation_version ", new { quotation_modify_uid = token.user_uid, quotation_modifydate = DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss"), quotation_uid = quotation_uid, quotation_version = old_version });



                conn.Insert(invoices);
                conn.Insert(payments);
                conn.Insert(quotationSubItems);
                conn.Insert(quotationMainItems);
                conn.Insert<quotation>(objQuotation);

                //--- end update
                ret.quotationView = conn.QueryFirstOrDefault<quotationView>("select * from quotationView where quotation_uid = @quotation_uid and quotation_isdel = 'N' and quotation_revoke = 'N' ", new { quotation_uid = quotation_uid });
                ret.ret = "yes";

                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (method == "get") {
                quotation objQuotation = conn.QueryFirstOrDefault<quotation>("select * from quotation where quotation_isdel = 'N' and quotation_revoke = 'N' and quotation_uid = @quotation_uid order by quotation_version desc", new { quotation_uid = quotation_uid  });

                if (objQuotation == null) {
                    ret.ret = "no";
                    ret.err_code = "0009";
                    ret.message = "此筆資料不存在或已被刪除!";
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }

                ret.quotationDetail = new quotationDetail(objQuotation);
                ret.quotationView = conn.QueryFirstOrDefault<quotationView>("select * from quotationView where quotation_isdel = 'N' and quotation_revoke = 'N' and quotation_uid = @quotation_uid ", new { quotation_uid = quotation_uid });
                ret.ret = "yes";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (method == "add") {
                quotation objQuotation = new quotation();

                quotation_log = "報價單資料成立";
                quotation_uid = "q_" + GlobalClass.CreateRandomCode(24);
                quotation_version = "1";
                objQuotation.quotation_uid = quotation_uid;
                objQuotation.quotation_version = int.Parse(quotation_version);
                objQuotation.dept_uid = dept_uid;
                objQuotation.quotation_prodMethod = quotation_prodMethod;
                objQuotation.quotation_date = quotation_date;
                objQuotation.quotation_expStart = quotation_expStart;
                objQuotation.quotation_expEnd= quotation_expEnd;
                objQuotation.quotation_name = quotation_name;
                objQuotation.project_uid = project_uid;
                objQuotation.contactPerson_uid = contactPerson_uid;
                objQuotation.company_uid = company_uid;
                objQuotation.quotation_log = quotation_log;
                objQuotation.quotation_create_uid = token.user_uid;
                objQuotation.quotation_modify_uid = token.user_uid;
                objQuotation.quotation_noTaxTotal = double.Parse(quotation_noTaxTotal);
                objQuotation.quotation_specTotal = double.Parse(quotation_specTotal);
                objQuotation.quotation_tax = double.Parse(quotation_tax);
                objQuotation.quotation_grandTotal = double.Parse(quotation_grandTotal);
                objQuotation.quotation_sa = quotation_sa;
                objQuotation.quotation_isdel = quotation_isdel;
                objQuotation.quotation_revoke = quotation_revoke;
                objQuotation.quotation_createdate = DateTime.Now;
                objQuotation.quotation_modifydate = DateTime.Now;

                dynamic mainItems_Json;
                dynamic payments_Json;
                dynamic invoices_Json;

                try
                {
                    mainItems_Json = JsonConvert.DeserializeObject(mainItems_jsonstr);
                    payments_Json = JsonConvert.DeserializeObject(payments_jsonstr);
                    invoices_Json = JsonConvert.DeserializeObject(invoices_jsonstr);

                }
                catch (Exception ex)
                {
                    ret.ret = "no";
                    ret.err_code = "0003";
                    ret.message = "mainItems or payments or invoices json error," + ex.Message;
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }
                 
                List<quotationMainItem> quotationMainItems = new List<quotationMainItem>();
                List<quotationSubItem> quotationSubItems = new List<quotationSubItem>();

                foreach (dynamic item in mainItems_Json) {
                    string quotationMainItem_uid = "qm_" + GlobalClass.CreateRandomCode(24);
                    
                    quotationMainItem newItem = new quotationMainItem();
                    newItem.quotation_uid = quotation_uid;
                    newItem.mainItem_uid = item.mainItem_uid;
                    newItem.quotationMainItem_uid = quotationMainItem_uid;
                    newItem.quotationMainItem_name = item.quotationMainItem_name;
                    newItem.quotationMainItem_ac = double.Parse((string)item.quotationMainItem_ac);
                    newItem.quotationMainItem_subTotal = double.Parse((string)item.quotationMainItem_subTotal);
                    newItem.quotationMainItem_revoke = "N";
                    newItem.quotationMainItem_version = int.Parse((string)quotation_version);

                    quotationMainItems.Add(newItem);

                    foreach (dynamic subItem in item.subitems) { 
                        quotationSubItem newSubItem = new quotationSubItem();
                        newSubItem.quotationSubItem_uid = "qs" +GlobalClass.CreateRandomCode(24);
                        newSubItem.quotationMainItem_uid = quotationMainItem_uid;
                        newSubItem.quotation_uid = quotation_uid;
                        newSubItem.subItem_uid = subItem.subItem_uid;
                        newSubItem.quotationSubItem_name = subItem.quotationSubItem_name;
                        newSubItem.quotationSubItem_descript = subItem.quotationSubItem_descript;
                        newSubItem.quotationSubItem_price = double.Parse((string)subItem.quotationSubItem_price);
                        newSubItem.quotationSubItem_unitType = subItem.quotationSubItem_unitType;
                        newSubItem.quotationSubItem_number = double.Parse((string)subItem.quotationSubItem_number);
                        newSubItem.quotationSubItem_subTotal = double.Parse((string)subItem.quotationSubItem_subTotal);
                        newSubItem.quotationSubItem_hasAC = subItem.quotationSubItem_hasAC;
                        newSubItem.quotationSubItem_revoke = "N";
                        newSubItem.quotationSubItem_version = int.Parse((string)quotation_version);

                        quotationSubItems.Add(newSubItem);
                    }
                }

                List<payment> payments = new List<payment>();

                foreach (dynamic item in payments_Json) { 
                    payment newItem = new payment();

                    newItem.payment_uid = "pay_" + GlobalClass.CreateRandomCode(20);
                    newItem.quotation_uid = quotation_uid;
                    newItem.payment_method = item.payment_method;
                    newItem.payment_methodname = item.payment_methodname;
                    newItem.payment_descript = item.payment_descript;
                    newItem.payment_revoke = "N";
                    newItem.payment_version = int.Parse((string)quotation_version);
                    
                    payments.Add(newItem);
                }

                List<invoice> invoices = new List<invoice>();

                foreach (dynamic item in invoices_Json) { 
                    invoice newItem = new invoice();

                    newItem.invoice_uid = "inv_" + GlobalClass.CreateRandomCode(20);
                    newItem.quotation_uid = quotation_uid;
                    newItem.invoice_name = item.invoice_name;

                    string yearmonth = item.invoice_date;
                    string strYear = yearmonth.Split('/')[0];
                    string strMonth = yearmonth.Split("/")[1];

                    newItem.invoice_year = int.Parse(strYear);
                    newItem.invoice_month = int.Parse(strMonth);
                    newItem.invoice_noTaxMoney = int.Parse((string)item.invoice_noTaxMoney);
                    newItem.invoice_revoke = "N";
                    newItem.invoice_version = int.Parse((string)quotation_version);

                    invoices.Add(newItem);
                }

                conn.Insert(invoices);
                conn.Insert(payments);
                conn.Insert(quotationSubItems);
                conn.Insert(quotationMainItems);
                conn.Insert<quotation>(objQuotation);

                ret.quotationView = conn.QueryFirstOrDefault<quotationView>("select * from quotationView where quotation_uid = @quotation_uid and quotation_version = 1", new {quotation_uid = quotation_uid});
                ret.ret = "yes";

                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
        }

        [Route("getModelQuotation")]
        public ActionResult AddEditDelGetModelQuotation(IFormCollection obj)
        {
            modelQuotationResult ret = new modelQuotationResult();

            authToken token = new authToken(this._httpContextAccessor);
            if (token.user_isLogin == false)
            {
                HttpContext.Response.Cookies.Delete("token_key");
                ret.ret = "no";
                ret.err_code = "99999";
                ret.message = "非登入狀態!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            

            string method = obj["method"].ToString();
            string dept_uid = obj["dept_uid"].ToString();
            string modelProj_uid = obj["modelProj_uid"].ToString();
            string modelQuotation_uid = obj["modelQuotation_uid"].ToString();
            

            if (method == "")
            {
                ret.ret = "no";
                ret.err_code = "0001";
                ret.message = "沒有method!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }



            if (dept_uid.Trim() == "")
            {
                ret.ret = "no";
                ret.err_code = "0003";
                ret.message = "沒有dept_uid!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (modelProj_uid.Trim() == "")
            {
                ret.ret = "no";
                ret.err_code = "0003";
                ret.message = "沒有modelProj_uid!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            

            if (modelQuotation_uid.Trim() == "")
            {
                ret.ret = "no";
                ret.err_code = "0002";
                ret.message = "沒有modelQuotation_uid!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            modelQuotation modelQuotation = conn.QueryFirstOrDefault<modelQuotation>("select * from modelQuotation where modelQuotation_uid = @modelQuotation_uid ", new { modelQuotation_uid = modelQuotation_uid });

            if (method == "get")
            {
                if (modelQuotation == null)
                {
                    ret.ret = "no";
                    ret.err_code = "0009";
                    ret.message = "沒有此modelQuotation_uid資料!";
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }

                ret.modelQuotationDetails.Add(new modelQuotationDetail(modelQuotation));
                ret.ret = "yes";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            

            return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
        }

        [Route("modalQuotationList")]
        public ActionResult ModalQuotationList(IFormCollection obj)
        {
            modelQuotationListResult ret = new modelQuotationListResult();

            authToken token = new authToken(this._httpContextAccessor);
            if (token.user_isLogin == false)
            {
                HttpContext.Response.Cookies.Delete("token_key");
                ret.ret = "no";
                ret.err_code = "99999";
                ret.message = "非登入狀態!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            

            string dept_uid = obj["dept_uid"].ToString();
            string modelProj_uid = obj["modelProj_uid"].ToString();

            ret.modelQuotations = conn.Query<modelQuotation>("select * from modelQuotation where modelProj_uid = @modelProj_uid and dept_uid = @dept_uid", new { modelProj_uid = modelProj_uid, dept_uid = dept_uid }).ToList();
            ret.ret = "yes";

            return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
        }

        [Route("modalProjList")]
        public ActionResult ModalProjList(IFormCollection obj)
        {
            modelProjListResult ret = new modelProjListResult();

            authToken token = new authToken(this._httpContextAccessor);
            if (token.user_isLogin == false)
            {
                HttpContext.Response.Cookies.Delete("token_key");
                ret.ret = "no";
                ret.err_code = "99999";
                ret.message = "非登入狀態!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            

            string dept_uid = obj["dept_uid"].ToString();

            ret.modelProjs = conn.Query<modelProj>("select * from modelProj where modelProj_isdel = 'N' and dept_uid = @dept_uid", new { dept_uid = dept_uid }).ToList();
            ret.ret = "yes";

            return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
        }

        [Route("quotationList")]
        public ActionResult QuotationList(IFormCollection obj)
        {
            quotationViewListResult ret = new quotationViewListResult();
            authToken token = new authToken(this._httpContextAccessor);
            if (token.user_isLogin == false)
            {
                HttpContext.Response.Cookies.Delete("token_key");
                ret.ret = "no";
                ret.err_code = "99999";
                ret.message = "非登入狀態!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            string user_uid = token.user_uid;
            string user_perm = token.user_perm;
            string project_uid = obj["project_uid"].ToString();
            string dept_uid = obj["dept_uid"].ToString();

            string user_uid_list = "'" + user_uid + "'";

            if (user_perm == "system" && token.user_id != GlobalClass.appsettings("Admin:id"))
            {
                groupUser gpUser = conn.QueryFirstOrDefault<groupUser>("select * from groupUser where dept_uid = @dept_uid and user_uid = @user_uid ", new { dept_uid = dept_uid, user_uid = user_uid });

                if (gpUser != null)
                {
                    List<groupUser> groupUsers = conn.Query<groupUser>("select * from groupUser where group_uid = @group_uid", new { group_uid = gpUser.group_uid }).ToList();

                    foreach (groupUser groupUser in groupUsers)
                    {
                        user_uid_list += ", '" + groupUser.user_uid + "'";
                    }
                }
            }

            if (token.user_id != GlobalClass.appsettings("Admin:id"))
            {
                ret.quotationViews = conn.Query<quotationView>("select * from quotationView where quotationView_isdel = 'N' and quotationView_revoke = 'N' and project_uid = @project_uid and quotation_create_uid in (@user_list) order by quotation_modifydate desc", new { project_uid = project_uid, user_list = user_uid_list }).ToList();

            }
            else {
                ret.quotationViews = conn.Query<quotationView>("select * from quotationView where quotation_isdel = 'N' and quotation_revoke = 'N' and project_uid = @project_uid order by quotation_modifydate desc", new { project_uid = project_uid }).ToList();
            }

            ret.ret = "yes";

            return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
        }

        [Route("deptList")]
        public ActionResult DeptList(IFormCollection obj)
        {
            deptListResult ret = new deptListResult();

            authToken token = new authToken(this._httpContextAccessor);
            if (token.user_isLogin == false)
            {
                HttpContext.Response.Cookies.Delete("token_key");
                ret.ret = "no";
                ret.err_code = "99999";
                ret.message = "非登入狀態!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

           

            string sqlString = "select * from depts order by dept_order";

            if (token.user_id != GlobalClass.appsettings("Admin:id"))
            {
                sqlString = "select * from depts where dept_uid in (select dept_uid from userDept where user_uid = '" + token.user_uid + "' ) order by dept_order ";
            }

            ret.depts = conn.Query<depts>(sqlString).ToList();
            ret.ret = "yes";
            return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
        }

        [Route("addEditDelGetProject")]
        public ActionResult AddEditDelGetProject(IFormCollection obj) {
            projectViewResult ret = new projectViewResult();
            authToken token = new authToken(this._httpContextAccessor);
            if (token.user_isLogin == false)
            {
                HttpContext.Response.Cookies.Delete("token_key");
                ret.ret = "no";
                ret.err_code = "99999";
                ret.message = "非登入狀態!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            string user_uid = token.user_uid;
            string user_perm = token.user_perm;
            string dept_uid = obj["dept_uid"].ToString();
            string method = obj["method"].ToString();
            string project_uid = obj["project_uid"].ToString();
            string project_name = obj["project_name"].ToString();
            string company_uid = obj["company_uid"].ToString();
            string project_ps = obj["project_ps"].ToString();

            if (token.user_id != GlobalClass.appsettings("Admin:id")) {
                groupUser gpUser = conn.QueryFirstOrDefault<groupUser>("select * from groupUser where dept_uid = @dept_uid and user_uid = @user_uid ", new { dept_uid = dept_uid, user_uid = user_uid });

                if (gpUser == null) {
                    ret.ret = "no";
                    ret.err_code = "99991";
                    ret.message = "新增的專案資料其部門不屬於目前登入的使用者!";
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }
            }

            if (method == "")
            {
                ret.ret = "no";
                ret.err_code = "0001";
                ret.message = "沒有method!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (method == "add") {
                string errmsg = "";

                if (project_name == "")
                {
                    errmsg += "無專案名稱!\n";
                }

                if (company_uid == "")
                {
                    errmsg += "請選擇客戶公司!\n";
                }

                if (errmsg != "") {
                    ret.ret = "no";
                    ret.err_code = "0002";
                    ret.message = errmsg;
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }

                project_uid = GlobalClass.CreateRandomCode(24);

                project newProject = new project();
                newProject.project_uid = project_uid;
                newProject.dept_uid = dept_uid;
                newProject.company_uid = company_uid;
                newProject.project_ps = project_ps;
                newProject.project_creative_uid = token.user_uid;
                newProject.project_lastmodify_uid = token.user_uid;
                newProject.project_name = project_name;
                newProject.project_datetime = DateTime.Now.ToString("yyyy/MM/dd");
                
                conn.Insert<project>(newProject);

                projectView objView = conn.QueryFirstOrDefault<projectView>("select * from projectView where project_isdel = 'N' and project_uid = @project_uid", new { project_uid = project_uid});

                if (objView != null)
                {
                    ret.projectViews.Add(objView);
                }


                ret.ret = "yes";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");

            }

            project editProject = conn.QueryFirstOrDefault<project>("select * from project where project_isdel = 'N' and project_uid = @project_uid ", new { project_uid = project_uid });

            if (editProject == null) {
                ret.ret = "no";
                ret.err_code = "0004";
                ret.message = "無此project_uid資料!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (method == "get") {
                projectView objView = conn.QueryFirstOrDefault<projectView>("select * from projectView where project_isdel = 'N' and  project_uid = @project_uid", new { project_uid = project_uid });

                if (objView != null)
                {
                    ret.projectViews.Add(objView);
                }


                ret.ret = "yes";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (method == "edit") {
                string errmsg = "";

                if (project_name == "")
                {
                    errmsg += "無專案名稱!\n";
                }

                if (company_uid == "")
                {
                    errmsg += "請選擇客戶公司!\n";
                }

                if (errmsg != "")
                {
                    ret.ret = "no";
                    ret.err_code = "0002";
                    ret.message = errmsg;
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }

                editProject.dept_uid = dept_uid;
                editProject.company_uid = company_uid;
                editProject.project_ps = project_ps;
                editProject.project_lastmodify_uid = token.user_uid;
                editProject.project_name = project_name;
                editProject.project_modifydate = DateTime.Now;

                conn.Update(editProject);

                projectView objView = conn.QueryFirstOrDefault<projectView>("select * from projectView where project_isdel = 'N' and project_uid = @project_uid", new { project_uid = project_uid });

                if (objView != null)
                {
                    ret.projectViews.Add(objView);
                }


                ret.ret = "yes";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (method == "del") {
                editProject.project_lastmodify_uid = token.user_uid;
                editProject.project_isdel = "Y";
                editProject.project_modifydate = DateTime.Now;

                conn.Update(editProject);

                ret.ret = "yes";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
        }

        [Route("projectViewList")]
        public ActionResult ProjectViewList(IFormCollection obj) {
            projectViewResult ret = new projectViewResult();
            authToken token = new authToken(this._httpContextAccessor);
            if (token.user_isLogin == false)
            {
                HttpContext.Response.Cookies.Delete("token_key");
                ret.ret = "no";
                ret.err_code = "99999";
                ret.message = "非登入狀態!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            string user_uid = token.user_uid;
            string user_perm = token.user_perm;
            string dept_uid = obj["dept_uid"].ToString();
            string start_txt = obj["start_txt"].ToString();
            string end_txt = obj["end_txt"].ToString();

            DateTime startDateTime = DateTime.Parse(start_txt + "/1");
            DateTime endDateTime = DateTime.Parse(end_txt + "/1").AddMonths(1).AddDays(-1);

            string user_uid_list = "'" + user_uid + "'";

            if (user_perm == "system" && token.user_id != GlobalClass.appsettings("Admin:id")) {
                groupUser gpUser = conn.QueryFirstOrDefault<groupUser>("select * from groupUser where dept_uid = @dept_uid and user_uid = @user_uid ", new { dept_uid = dept_uid, user_uid = user_uid });

                if (gpUser != null) {
                    List<groupUser> groupUsers = conn.Query<groupUser>("select * from groupUser where group_uid = @group_uid", new { group_uid = gpUser.group_uid }).ToList();

                    foreach (groupUser groupUser in groupUsers)
                    {
                        user_uid_list += ", '" + groupUser.user_uid + "'";
                    }
                }

                
            }

            if (user_perm == "system" && token.user_id == GlobalClass.appsettings("Admin:id"))
            {
                List<groupUser> groupUsers = conn.Query<groupUser>("select * from groupUser where dept_uid = @dept_uid", new { dept_uid = dept_uid }).ToList();

                foreach (groupUser groupUser in groupUsers)
                {
                    user_uid_list += ", '" + groupUser.user_uid + "'";
                }
            }

            string sqlString = "select * from projectView where project_isdel = 'N' and project_creative_uid in (" + user_uid_list + ") and project_createdate >= '" + startDateTime.ToString("yyyy/MM/dd") + "' and project_createdate <= '" + endDateTime.ToString("yyyy/MM/dd 23:59:59")  +  "'";

            ret.projectViews = conn.Query<projectView>(sqlString).ToList();
            ret.ret = "yes";

            return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
        }

        [Route("addEditDelGetContactPerson")]
        public ActionResult AddEditDelContactPerson(IFormCollection obj)
        {
            contactPersonListResult ret = new contactPersonListResult();

            authToken token = new authToken(this._httpContextAccessor);
            if (token.user_isLogin == false)
            {
                HttpContext.Response.Cookies.Delete("token_key");
                ret.ret = "no";
                ret.err_code = "99999";
                ret.message = "非登入狀態!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }



            string company_uid = obj["company_uid"].ToString();
            string contactPerson_uid = obj["contactPerson_uid"].ToString();
            string contactPerson_name = obj["contactPerson_name"].ToString();
            string contactPerson_email = obj["contactPerson_email"].ToString();
            string contactPerson_tel = obj["contactPerson_tel"].ToString();
            string contactPerson_fax = obj["contactPerson_fax"].ToString();
            string method = obj["method"].ToString();




            if (method == "")
            {
                ret.ret = "no";
                ret.err_code = "0001";
                ret.message = "沒有method!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }





            if (method == "add")
            {
                if (contactPerson_name.Trim() == "")
                {
                    ret.ret = "no";
                    ret.err_code = "0003";
                    ret.message = "沒有contactPerson_name!";
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }

                contactPerson_uid = GlobalClass.CreateRandomCode(24);
                contactPerson newItem = new contactPerson();
                newItem.contactPerson_name = contactPerson_name;
                newItem.contactPerson_uid = contactPerson_uid;
                newItem.company_uid = company_uid;
        
                newItem.contactPerson_tel = contactPerson_tel;
                newItem.contactPerson_email = contactPerson_email;
                newItem.contactPerson_fax = contactPerson_fax;

                newItem.contactPerson_lastmodify_uid = token.user_uid;
                newItem.contactPerson_createdate = DateTime.Now;
                newItem.contactPerson_modifydate = DateTime.Now;

                conn.Insert(newItem);
                ret.contactPersons.Add(newItem);
                ret.ret = "yes";

                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (contactPerson_uid.Trim() == "")
            {
                ret.ret = "no";
                ret.err_code = "0002";
                ret.message = "沒有contactPerson_uid!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }



            contactPerson editItem = conn.QueryFirstOrDefault<contactPerson>("select * from contactPerson where contactPerson_isdel = 'N' and contactPerson_uid = @contactPerson_uid ", new { contactPerson_uid = contactPerson_uid });

            if (editItem == null)
            {
                ret.ret = "no";
                ret.err_code = "0004";
                ret.message = "沒有contactPerson_uid此筆資料!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (method == "edit")
            {


                if (contactPerson_name.Trim() == "")
                {
                    ret.ret = "no";
                    ret.err_code = "0002";
                    ret.message = "沒有contactPerson_name!";
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }

                editItem.contactPerson_name = contactPerson_name;

      
                editItem.contactPerson_tel = contactPerson_tel;
                editItem.contactPerson_email = contactPerson_email;
                editItem.contactPerson_fax = contactPerson_fax;

                editItem.contactPerson_lastmodify_uid = token.user_uid;
                editItem.contactPerson_modifydate = DateTime.Now;

                conn.Update(editItem);
                ret.contactPersons.Add(editItem);
                ret.ret = "yes";

                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (method == "get")
            {
                ret.contactPersons.Add(editItem);
                ret.ret = "yes";

                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (method == "del")
            {
                editItem.contactPerson_isdel = "Y";
                editItem.contactPerson_lastmodify_uid = token.user_uid;
                editItem.contactPerson_modifydate = DateTime.Now;

                conn.Execute("update contactPerson set contactPerson_isdel = 'Y' where contactPerson_uid = @contactPerson_uid ", new { contactPerson_uid = contactPerson_uid });

                conn.Update(editItem);
                ret.ret = "yes";

                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
        }

        [Route("contactPersonList")]
        public ActionResult ContactPersonList(IFormCollection obj)
        {
            contactPersonListResult ret = new contactPersonListResult();

            authToken token = new authToken(this._httpContextAccessor);
            if (token.user_isLogin == false)
            {
                HttpContext.Response.Cookies.Delete("token_key");
                ret.ret = "no";
                ret.err_code = "99999";
                ret.message = "非登入狀態!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            string company_uid = obj["company_uid"].ToString();

            ret.contactPersons = conn.Query<contactPerson>("select * from contactPerson where contactPerson_isdel = 'N' and company_uid = @company_uid ", new { company_uid = company_uid }).ToList();
            ret.ret = "yes";
            return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
        }

        [Route("addEditDelGetCompany")]
        public ActionResult AddEditDelSubItem(IFormCollection obj)
        {
            companyListResult ret = new companyListResult();

            authToken token = new authToken(this._httpContextAccessor);
            if (token.user_isLogin == false)
            {
                HttpContext.Response.Cookies.Delete("token_key");
                ret.ret = "no";
                ret.err_code = "99999";
                ret.message = "非登入狀態!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

           

            string company_uid = obj["company_uid"].ToString();
            string company_name = obj["company_name"].ToString();
            string company_serialNo = obj["company_serialNo"].ToString();
            string company_address = obj["company_address"].ToString();
            string company_tel = obj["company_tel"].ToString();
            string company_fax = obj["company_fax"].ToString();

            string method = obj["method"].ToString();




            if (method == "")
            {
                ret.ret = "no";
                ret.err_code = "0001";
                ret.message = "沒有method!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }



            

            if (method == "add")
            {
                if (company_name.Trim() == "")
                {
                    ret.ret = "no";
                    ret.err_code = "0003";
                    ret.message = "沒有company_name!";
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }

                company_uid = GlobalClass.CreateRandomCode(24);
                company newItem = new company();
                newItem.company_name = company_name;
                newItem.company_uid = company_uid;
                newItem.company_serialNo = company_serialNo;
                newItem.company_address = company_address;
                newItem.company_tel = company_tel;
                newItem.company_fax = company_fax;

                newItem.company_lastmodify_uid = token.user_uid;
                newItem.company_createdate = DateTime.Now;
                newItem.company_modifydate = DateTime.Now;

                conn.Insert(newItem);
                ret.companys.Add(newItem);
                ret.ret = "yes";

                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (company_uid.Trim() == "")
            {
                ret.ret = "no";
                ret.err_code = "0002";
                ret.message = "沒有company_uid!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }



            company editItem = conn.QueryFirstOrDefault<company>("select * from company where company_isdel = 'N' and company_uid = @company_uid ", new { company_uid = company_uid });

            if (editItem == null)
            {
                ret.ret = "no";
                ret.err_code = "0004";
                ret.message = "沒有company_uid此筆資料!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (method == "edit")
            {
                

                if (company_name.Trim() == "")
                {
                    ret.ret = "no";
                    ret.err_code = "0002";
                    ret.message = "沒有company_name!";
                    return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
                }

                editItem.company_name = company_name;

                editItem.company_serialNo = company_serialNo;
                editItem.company_address = company_address;
                editItem.company_tel = company_tel;
                editItem.company_fax = company_fax;

                editItem.company_lastmodify_uid = token.user_uid;
                editItem.company_modifydate = DateTime.Now;

                conn.Update(editItem);
                ret.companys.Add(editItem);
                ret.ret = "yes";

                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (method == "get")
            {
                ret.companys.Add(editItem);
                ret.ret = "yes";

                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            if (method == "del")
            {
                editItem.company_isdel = "Y";
                editItem.company_lastmodify_uid = token.user_uid;
                editItem.company_modifydate = DateTime.Now;

                conn.Execute("update contactPerson set contactPerson_isdel = 'Y' where company_uid = @company_uid ", new { company_uid = company_uid });

                conn.Update(editItem);
                ret.ret = "yes";

                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

            return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
        }

        [Route("companyList")]
        public ActionResult AuthSubItemList(IFormCollection obj)
        {
            companyListResult ret = new companyListResult();

            authToken token = new authToken(this._httpContextAccessor);
            if (token.user_isLogin == false)
            {
                HttpContext.Response.Cookies.Delete("token_key");
                ret.ret = "no";
                ret.err_code = "99999";
                ret.message = "非登入狀態!";
                return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
            }

  

            ret.companys = conn.Query<company>("select * from company where company_isdel = 'N' ").ToList();
            ret.ret = "yes";
            return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
        }
    }
}