Skip to content
GitLab
Commit 5a6d07c1 authored by Koolapong Kongpitak's avatar Koolapong Kongpitak
Browse files

Merge branch 'dev' into 'master' 

Dev

See merge request smgo/pms-server!36
parents 677d705f a6f3a3c6
dev Account K9 MA Release master v2.02 v2.0.1 v2.00 v1.13 v1.0
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 240 additions and 44 deletions
+240 -44
SYSCore/Controllers/AccountApiController.cs
+ 106
- 6
View file @ 5a6d07c1
......@@ -1333,9 +1333,9 @@ namespace SYS_Core.Controllers
#region SNPE040
[HttpGet, Route("SNPE040_GetDoc/{DocType}/{DocNo=null}/{noofshowrec=null}")]
[HttpGet, Route("SNPE040_GetDoc/{DocNo=null}/{NoOfShowRecords=null}")]
[Authorize]
public IHttpActionResult SNPE040_GetDoc(string DocType, string DocNo = null, string noofshowrec = null)
public IHttpActionResult SNPE040_GetDoc(string DocNo = null, string NoOfShowRecords = null)
{
DataSet ds = new DataSet();
DocNo = ismoUtil.escapeCharacter(DocNo);
......@@ -1343,7 +1343,7 @@ namespace SYS_Core.Controllers
cmd.CommandText = "SP_NP_SNPE040M_GET_DOC";
cmd.Parameters.Add("P_COMPANY_CODE", OracleDbType.Varchar2).Value = DataService.GetIdentity(User, Cons.SS_COMPANY_CODE);
cmd.Parameters.Add("P_DOCUMEN_NO", OracleDbType.Varchar2).Value = DocNo != "null" ? DocNo : "";
cmd.Parameters.Add("P_DOCUMEN_TYPE", OracleDbType.Varchar2).Value = DocType;
cmd.Parameters.Add("P_DOCUMEN_TYPE", OracleDbType.Varchar2).Value = "RC,RI";
cmd.Parameters.Add("P_REF_DOC_TYPE", OracleDbType.Varchar2).Value =DBNull.Value;
cmd.Parameters.Add("C_RETURN", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
ds = oOracledb.SqlQueryDS_CMD(cmd);
......@@ -1498,9 +1498,9 @@ namespace SYS_Core.Controllers
#region SNPE035
// Some code Use same code with SNPE040M,SNPE037M. Different only DOCUMENT_TYPE and Pass from Front Side.
[HttpGet, Route("SNPE035_GetDoc/{DocType}/{DocNo=null}/{noofshowrec=null}")]
[HttpGet, Route("SNPE035_GetDoc/{DocNo=null}/{NoOfShowRecords=null}")]
[Authorize]
public IHttpActionResult SNPE035_GetDoc(string DocType, string DocNo = null, string noofshowrec = null)
public IHttpActionResult SNPE035_GetDoc(string DocNo, string noofshowrec = null)
{
DataSet ds = new DataSet();
DocNo = ismoUtil.escapeCharacter(DocNo);
......@@ -1508,7 +1508,7 @@ namespace SYS_Core.Controllers
cmd.CommandText = "SP_NP_SNPE035M_GET_DOC";
cmd.Parameters.Add("P_COMPANY_CODE", OracleDbType.Varchar2).Value = DataService.GetIdentity(User, Cons.SS_COMPANY_CODE);
cmd.Parameters.Add("P_DOCUMEN_NO", OracleDbType.Varchar2).Value = DocNo != "null" ? DocNo : "";
cmd.Parameters.Add("P_DOCUMEN_TYPE", OracleDbType.Varchar2).Value = DocType;
cmd.Parameters.Add("P_DOCUMEN_TYPE", OracleDbType.Varchar2).Value = "RD";
cmd.Parameters.Add("P_REF_DOC_TYPE", OracleDbType.Varchar2).Value = "W";
cmd.Parameters.Add("C_RETURN", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
ds = oOracledb.SqlQueryDS_CMD(cmd);
......@@ -1536,6 +1536,22 @@ namespace SYS_Core.Controllers
#region SNPE037
// Some code Use same code with SNPE040M ,Different only DOCUMENT_TYPE and Pass from Front Side.
[HttpGet, Route("SNPE037_GetDoc/{DocNo=null}/{NoOfShowRecords=null}")]
[Authorize]
public IHttpActionResult SNPE037_GetDoc(string DocNo, string noofshowrec = null)
{
DataSet ds = new DataSet();
DocNo = ismoUtil.escapeCharacter(DocNo);
OracleCommand cmd = new OracleCommand();
cmd.CommandText = "SP_NP_SNPE035M_GET_DOC";
cmd.Parameters.Add("P_COMPANY_CODE", OracleDbType.Varchar2).Value = DataService.GetIdentity(User, Cons.SS_COMPANY_CODE);
cmd.Parameters.Add("P_DOCUMEN_NO", OracleDbType.Varchar2).Value = DocNo != "null" ? DocNo : "";
cmd.Parameters.Add("P_DOCUMEN_TYPE", OracleDbType.Varchar2).Value = "RD";
cmd.Parameters.Add("C_RETURN", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
ds = oOracledb.SqlQueryDS_CMD(cmd);
return Json(DTFM.convertToList(ds));
}
[HttpGet, Route("SNPE037_GetDocDesc/{DocType}/{DocNo}")]
[Authorize]
public IHttpActionResult SNPE037_GetDocDesc(string DocType, string DocNo)
......@@ -1554,6 +1570,90 @@ namespace SYS_Core.Controllers
#endregion
#region SNPE041_M2
// Some code Use same code with SNPE040M ,Different only DOCUMENT_TYPE and Pass from Front Side.
// Some code Use same code with SNPE035 on GRID.
[HttpGet, Route("SNPE041_GetDoc/{DocNo=null}/{NoOfShowRecords=null}")]
[Authorize]
public IHttpActionResult SNPE041_GetDoc(string DocNo, string noofshowrec = null)
{
DataSet ds = new DataSet();
DocNo = ismoUtil.escapeCharacter(DocNo);
OracleCommand cmd = new OracleCommand();
cmd.CommandText = "SP_NP_SNPE035M_GET_DOC";
cmd.Parameters.Add("P_COMPANY_CODE", OracleDbType.Varchar2).Value = DataService.GetIdentity(User, Cons.SS_COMPANY_CODE);
cmd.Parameters.Add("P_DOCUMEN_NO", OracleDbType.Varchar2).Value = DocNo != "null" ? DocNo : "";
cmd.Parameters.Add("P_DOCUMEN_TYPE", OracleDbType.Varchar2).Value = "RI";
cmd.Parameters.Add("C_RETURN", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
ds = oOracledb.SqlQueryDS_CMD(cmd);
return Json(DTFM.convertToList(ds));
}
[HttpGet, Route("SNPE041M2_GetDocDesc/{DocType}/{DocNo}")]
[Authorize]
public IHttpActionResult SNPE041M2_GetDocDesc(string DocType, string DocNo)
{
DataSet ds = new DataSet();
DocNo = ismoUtil.escapeCharacter(DocNo);
OracleCommand cmd = new OracleCommand();
cmd.CommandText = "SP_NP_SNPE037M_GET_HEADER_DESC";
cmd.Parameters.Add("P_COMPANY_CODE", OracleDbType.Varchar2).Value = DataService.GetIdentity(User, Cons.SS_COMPANY_CODE);
cmd.Parameters.Add("P_DOCUMEN_NO", OracleDbType.Varchar2).Value = DocNo;
cmd.Parameters.Add("P_DOCUMEN_TYPE", OracleDbType.Varchar2).Value = DocType;
cmd.Parameters.Add("C_RETURN", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
ds = oOracledb.SqlQueryDS_CMD(cmd);
return Json(DTFM.convertToList(ds));
}
#endregion
#region SNPE015
[HttpGet, Route("SNPE015_GetDoc/{DocNo=null}/{noofshowrec=null}")]
[Authorize]
public IHttpActionResult SNPE015_GetDoc(string DocNo = null, string noofshowrec = null)
{
DataSet ds = new DataSet();
DocNo = ismoUtil.escapeCharacter(DocNo);
OracleCommand cmd = new OracleCommand();
cmd.CommandText = "SP_NP_SNSR015_SEARCH_DOC";
cmd.Parameters.Add("P_COMPANY_CODE", OracleDbType.Varchar2).Value = DataService.GetIdentity(User, Cons.SS_COMPANY_CODE);
cmd.Parameters.Add("P_DOCUMENT_NO", OracleDbType.Varchar2).Value = DocNo!="null"?DocNo:"";
cmd.Parameters.Add("C_RETURN", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
ds = oOracledb.SqlQueryDS_CMD(cmd);
return Json(DTFM.convertToList(ds));
}
[HttpGet, Route("SNPE015_GetPart/{PartNo=null}/{noofshowrec=null}")]
[Authorize]
public IHttpActionResult SNPE015_GetPart(string PartNo = null, string noofshowrec = null)
{
DataSet ds = new DataSet();
PartNo = ismoUtil.escapeCharacter(PartNo);
OracleCommand cmd = new OracleCommand();
cmd.CommandText = "SP_NP_SNSR015_SEARCH_PART";
cmd.Parameters.Add("P_COMPANY_CODE", OracleDbType.Varchar2).Value = DataService.GetIdentity(User, Cons.SS_COMPANY_CODE);
cmd.Parameters.Add("P_PART_NO", OracleDbType.Varchar2).Value = PartNo!="null"?PartNo:"";
cmd.Parameters.Add("C_RETURN", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
ds = oOracledb.SqlQueryDS_CMD(cmd);
return Json(DTFM.convertToList(ds));
}
[HttpGet, Route("SNPE015_GetCus/{CusNo=null}/{noofshowrec=null}")]
[Authorize]
public IHttpActionResult SNPE015_GetCus(string CusNo =null, string noofshowrec = null)
{
DataSet ds = new DataSet();
CusNo = ismoUtil.escapeCharacter(CusNo);
OracleCommand cmd = new OracleCommand();
cmd.CommandText = "SP_NP_SNSR015_SEARCH_CUS";
cmd.Parameters.Add("P_COMPANY_CODE", OracleDbType.Varchar2).Value = DataService.GetIdentity(User, Cons.SS_COMPANY_CODE);
cmd.Parameters.Add("P_DOCUMENT_NO", OracleDbType.Varchar2).Value = CusNo!="null"?CusNo:"";
cmd.Parameters.Add("C_RETURN", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
ds = oOracledb.SqlQueryDS_CMD(cmd);
return Json(DTFM.convertToList(ds));
}
#endregion
}
}
SYSCore/Controllers/InventoryControlApiController.cs
+ 36
- 36
View file @ 5a6d07c1
......@@ -3509,24 +3509,24 @@ namespace SYS_Core.Controllers
}
[HttpGet, Route("SNSQ005_GetOrderInfo/{partNo}")]
[Authorize]
public IHttpActionResult SNSQ005_GetOrderInfo(string partNo)
{
DataSet ds = new DataSet();
OracleCommand cmd = new OracleCommand();
cmd.CommandText = "SP_NP_SNSQ005_GET_ORDER_INFO";
cmd.Parameters.Add("P_COMPANY_CODE", OracleDbType.Varchar2).Value = DataService.GetIdentity(User, Cons.SS_COMPANY_CODE);
cmd.Parameters.Add("P_PART_NO", OracleDbType.Varchar2).Value = partNo;
cmd.Parameters.Add("C_RETRUN1", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
cmd.Parameters.Add("C_RETRUN2", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
cmd.Parameters.Add("C_RETRUN3", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
cmd.Parameters.Add("C_RETRUN4", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
ds = oOracledb.SqlQueryDS_CMD(cmd);
return Json(DTFM.convertToList(ds));
}
// [HttpGet, Route("SNSQ005_GetOrderInfo/{partNo}")]
// [Authorize]
// public IHttpActionResult SNSQ005_GetOrderInfo(string partNo)
// {
// DataSet ds = new DataSet();
// OracleCommand cmd = new OracleCommand();
// cmd.CommandText = "SP_NP_SNSQ005_GET_ORDER_INFO";
// cmd.Parameters.Add("P_COMPANY_CODE", OracleDbType.Varchar2).Value = DataService.GetIdentity(User, Cons.SS_COMPANY_CODE);
// cmd.Parameters.Add("P_PART_NO", OracleDbType.Varchar2).Value = partNo;
// cmd.Parameters.Add("C_RETRUN1", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
// cmd.Parameters.Add("C_RETRUN2", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
// cmd.Parameters.Add("C_RETRUN3", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
// cmd.Parameters.Add("C_RETRUN4", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
// ds = oOracledb.SqlQueryDS_CMD(cmd);
// return Json(DTFM.convertToList(ds));
// }
[HttpGet, Route("SNSQ005_GetGroupPartInfo/{partNo}")]
[Authorize]
......@@ -3547,24 +3547,24 @@ namespace SYS_Core.Controllers
return Json(DTFM.convertToList(ds));
}
[HttpGet, Route("SNSQ005_GetConsoleStockInfo/{partNo}")]
[Authorize]
public IHttpActionResult SNSQ005_GetConsoleStockInfo(string partNo)
{
DataSet ds = new DataSet();
OracleCommand cmd = new OracleCommand();
cmd.CommandText = "SP_NP_SNSQ005_GET_CONSOLE_STOCK_INFO";
cmd.Parameters.Add("P_COMPANY_CODE", OracleDbType.Varchar2).Value = DataService.GetIdentity(User, Cons.SS_COMPANY_CODE);
cmd.Parameters.Add("P_PART_NO", OracleDbType.Varchar2).Value = partNo;
cmd.Parameters.Add("C_RETURN1", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
cmd.Parameters.Add("C_RETURN2", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
cmd.Parameters.Add("C_RETURN3", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
cmd.Parameters.Add("C_RETURN4", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
ds = oOracledb.SqlQueryDS_CMD(cmd);
return Json(DTFM.convertToList(ds));
}
// [HttpGet, Route("SNSQ005_GetConsoleStockInfo/{partNo}")]
// [Authorize]
// public IHttpActionResult SNSQ005_GetConsoleStockInfo(string partNo)
// {
// DataSet ds = new DataSet();
// OracleCommand cmd = new OracleCommand();
// cmd.CommandText = "SP_NP_SNSQ005_GET_CONSOLE_STOCK_INFO";
// cmd.Parameters.Add("P_COMPANY_CODE", OracleDbType.Varchar2).Value = DataService.GetIdentity(User, Cons.SS_COMPANY_CODE);
// cmd.Parameters.Add("P_PART_NO", OracleDbType.Varchar2).Value = partNo;
// cmd.Parameters.Add("C_RETURN1", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
// cmd.Parameters.Add("C_RETURN2", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
// cmd.Parameters.Add("C_RETURN3", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
// cmd.Parameters.Add("C_RETURN4", OracleDbType.RefCursor).Direction = ParameterDirection.Output;
// ds = oOracledb.SqlQueryDS_CMD(cmd);
// return Json(DTFM.convertToList(ds));
// }
......
SYSCore/Controllers/SystemApiController.cs
+ 53
- 1
View file @ 5a6d07c1
......@@ -155,6 +155,47 @@ namespace SYS_Core.Controllers
#endregion
#region changePwd
[HttpPost, Route("ChangePwd")]
public IHttpActionResult ChangePwd([FromBody] ChangePwdModel pCPwd)
{
if(pCPwd.newpassword != pCPwd.confirmpassword)
{
return ResponseMessage(Request.CreateResponse(HttpStatusCode.NotAcceptable, "Please check new password and confirm new password."));
}
OracleCommand cmd = new OracleCommand();
//check username & password
cmd.CommandText = "SP_NP_CH_PWD_CHK";
cmd.Parameters.Add("P_SK_USER_ID", OracleDbType.Varchar2).Value = pCPwd.username;
cmd.Parameters.Add("P_PASSWORD", OracleDbType.Varchar2).Value = pCPwd.oldpassword;
cmd.Parameters.Add("P_NEW_PASSWORD", OracleDbType.Varchar2).Value = pCPwd.newpassword;
cmd.Parameters.Add("R_STATUS", OracleDbType.Varchar2, 10).Direction = ParameterDirection.Output;
cmd = oOracledb.SqlQueryReturnValue(cmd);
if(cmd.Parameters["R_STATUS"].Value.ToString() == "Pass")
{
cmd = new OracleCommand();
cmd.CommandText = "SP_NP_CH_PWD";
cmd.Parameters.Add("P_SK_USER_ID", OracleDbType.Varchar2).Value = pCPwd.username;
cmd.Parameters.Add("P_NEW_PASSWORD", OracleDbType.Varchar2).Value = pCPwd.newpassword;
cmd = oOracledb.SqlQueryReturnValue(cmd);
}
else if (cmd.Parameters["R_STATUS"].Value.ToString() == "Fail")
{
return ResponseMessage(Request.CreateResponse(HttpStatusCode.NotAcceptable, "Incorrect current password."));
}
else if (cmd.Parameters["R_STATUS"].Value.ToString() == "Used")
{
return ResponseMessage(Request.CreateResponse(HttpStatusCode.NotAcceptable, "Password should not same with used password."));
}
return Ok();
}
#endregion
[HttpGet, Route("GetSystemMenu")]
[Authorize]
public IHttpActionResult GetSystemMenu()
......@@ -1057,9 +1098,12 @@ namespace SYS_Core.Controllers
[Authorize]
public IHttpActionResult GetFormUserRole(string formId)
{
string userName = DataService.GetIdentity(User, Cons.SS_USER_NAME);
odb.WriteMenuLog(formId, userName);
OracleCommand cmd = new OracleCommand();
cmd.CommandText = "SP_NP_FORM_ROLE_BYUSER";
cmd.Parameters.Add("P_USER_ID", OracleDbType.Varchar2).Value = DataService.GetIdentity(User, Cons.SS_USER_NAME);
cmd.Parameters.Add("P_USER_ID", OracleDbType.Varchar2).Value = userName;
cmd.Parameters.Add("P_FORM_ID", OracleDbType.Varchar2).Value = formId;
cmd.Parameters.Add("R_INS", OracleDbType.Varchar2, 5).Direction = ParameterDirection.Output;
cmd.Parameters.Add("R_CHG", OracleDbType.Varchar2, 5).Direction = ParameterDirection.Output;
......@@ -1104,5 +1148,13 @@ namespace SYS_Core.Controllers
public string FILE_NAME { get; set; }
public string FILE_LOCATION { get; set; }
}
public class ChangePwdModel
{
public string username { get; set; }
public string oldpassword { get; set; }
public string newpassword { get; set; }
public string confirmpassword { get; set; }
}
}
SYSCore/aControl/DBManager.cs
+ 45
- 0
View file @ 5a6d07c1
......@@ -191,6 +191,51 @@ namespace SYS_Core.aControl
return rowEffect;
}
}
public int WriteMenuLog(String pFormID, String pUserName)
{
int rowEffect = 0;
string mDBConnection;
mDBConnection = "server=" + ConfigurationManager.AppSettings["DBServer"]
+ ";database=" + ConfigurationManager.AppSettings["SysDBName"]
+ ";UID=" + ConfigurationManager.AppSettings["DBUser"]
+ ";password=" + ConfigurationManager.AppSettings["DBPassword"];
using (SqlConnection conn = new SqlConnection(mDBConnection))
{
try
{
string gSQL;
string gUserID = DataService.GetIdentity(HttpContext.Current.User, Cons.SS_USER_ID);
gSQL = "EXEC sp_Menu_Log '{0}','{1}'";
gSQL = String.Format(gSQL, pFormID, pUserName);
SqlCommand command = new SqlCommand(gSQL, conn);
command.Connection.Open();
command.CommandTimeout = 0;
command.ExecuteNonQuery();
}
catch (SqlException ex)
{
// handle error
throw (ex);
}
catch (Exception ex)
{
// handle error
throw (ex);
}
finally
{
conn.Close();
}
return rowEffect;
}
}
public Boolean CheckToken (string Username, string Token, string RefreshToken)
{
......
SYSCore/aControl/DBOracle.cs
+ 0
- 1
View file @ 5a6d07c1
......@@ -3,7 +3,6 @@ using System;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
//using Oracle.DataAccess.Client;
using Oracle.ManagedDataAccess.Client;
using System.Web;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment