Skip to content

T
TokenVaultManagement
Commit 8c30004c authored by Jason's avatar Jason
Browse files
Options

1.fix 權限登入問題 

2.修改密碼邏輯
parent 8f51b435
Hide whitespace changes
Inline Side-by-side
Showing with 194 additions and 160 deletions
Merchant Token Vault Management/backstage/Controllers/KeyController.cs
View file @ 8c30004c
......@@ -173,12 +173,15 @@ namespace backstage.Controllers
{
// 下載圖檔位元組數據
byte[] imageBytes = await client.GetByteArrayAsync(imageUrl);
System.IO.File.Delete(imagePath);
// 將圖檔寫入目標路徑
System.IO.File.WriteAllBytes(imagePath, imageBytes);
// 添加下載路徑到集合中
string downloadPath = Path.Combine("/images", fileName);
downloadPaths.Add(downloadPath);
if (System.IO.File.Exists(imagePath))
{
string downloadPath = Path.Combine("/images", fileName);
downloadPaths.Add(downloadPath);
}
}
}
......@@ -216,7 +219,7 @@ namespace backstage.Controllers
}
result.IsSuccess = true;
result.Message = msg;
return result;
}
else
......
Merchant Token Vault Management/backstage/Controllers/TokenVaultController .cs
View file @ 8c30004c
......@@ -628,20 +628,20 @@ namespace backstage.Controllers
/// <returns></returns>
[Authorize(Policy = "AdminOnly")]
[HttpPost]
public async Task<ResultModel> AddUsers([FromBody] JsonElement requestData)
public async Task<ResultModel> AddUsers([FromBody] IFormCollection form)
{
string msg;
var result = new ResultModel();
int Merchant_id = requestData.GetProperty("Merchant_id").GetInt32();
int vault_id = requestData.GetProperty("vault_id").GetInt32();
int field_id = requestData.GetProperty("field_id").GetInt32();
int user_id = requestData.GetProperty("user_id").GetInt32();
int merchant_id = Convert.ToInt32( form["merchant_id"]);
int vault_id = Convert.ToInt32(form["vault_id"]);
int field_id = Convert.ToInt32(form["field_id"]);
int user_id = Convert.ToInt32(form["id"]);
// 構建包含參數的查詢字串
var queryString = new RouteValueDictionary {
{ "Merchant_id", Merchant_id },
{ "Merchant_id", merchant_id },
{ "vault_id", vault_id },
{ "field_id", field_id },
};
......@@ -749,7 +749,7 @@ namespace backstage.Controllers
var DepartmentsResponse = JsonConvert.DeserializeObject<DepartmentsResponse>(apiResult.Data.ToString());
if (DepartmentsResponse.count > 0)
{
var existDepartment = DepartmentsResponse.merchants.Where(m => m.merchant_id == Merchant_id).FirstOrDefault();
var existDepartment = DepartmentsResponse.merchants.Where(m => m.merchant_id == merchant_id).FirstOrDefault();
if (existDepartment == null)
{
switch (_currentLanguage)
......@@ -820,7 +820,7 @@ namespace backstage.Controllers
httpMethod = HttpMethod.Post;
parameters = new Dictionary<string, string>
{
{ "Merchant_id", Merchant_id.ToString() },
{ "Merchant_id", merchant_id.ToString() },
{ "id", vault_id.ToString() },
{ "info", "FIELDS" },
......@@ -904,7 +904,7 @@ namespace backstage.Controllers
{
new {
userId = user_id.ToString(),
merchantId = Merchant_id.ToString()
merchantId = merchant_id.ToString()
}
};
parameters = new Dictionary<string, string>
......@@ -949,7 +949,7 @@ namespace backstage.Controllers
{ "token", token},
{ "vault_id", vault_id.ToString()},
{ "access_code", "31"},
{ "merchant_id", Merchant_id.ToString()},
{ "merchant_id", merchant_id.ToString()},
{ "user_id", user_id.ToString()},
};
......@@ -999,7 +999,7 @@ namespace backstage.Controllers
{ "id", vault_id.ToString()},
{ "info", "USERS"},
{ "Merchant_id", Merchant_id.ToString()},
{ "Merchant_id", merchant_id.ToString()},
{ "data", JsonConvert.SerializeObject(addUserToField_data)},
};
......
Merchant Token Vault Management/backstage/Controllers/UserController.cs
View file @ 8c30004c
......@@ -277,7 +277,7 @@ namespace backstage.Controllers
}
[Authorize]
[Authorize(Policy = "AdminOnly")]
[HttpGet]
public async Task<IActionResult> ListUsers()
{
......@@ -458,7 +458,7 @@ namespace backstage.Controllers
/// 修改密碼
/// </summary>
/// <returns></returns>
[Authorize(Policy = "AdminOnly")]
[Authorize]
[HttpGet]
public async Task<IActionResult> ChangePassword(string username, string returnUrl)
{
......@@ -495,7 +495,7 @@ namespace backstage.Controllers
var existUser = UserResponse.Users.Where(u => u.username == username).FirstOrDefault();
if (existUser == null)
{
switch (_currentLanguage)
{
......@@ -657,7 +657,7 @@ namespace backstage.Controllers
{
TempData["IsSuccess"] = false;
TempData["msg"] = JsonConvert.SerializeObject(userAddResponse.m);
return View(user);
return RedirectToAction("GetUser", new { uid = user.uid });
}
......@@ -960,77 +960,90 @@ namespace backstage.Controllers
//修改密碼
if (!string.IsNullOrEmpty(user.newPassword))
{
existUser.password = user.newPassword;
url = _config["IP"] + "/user/changepassword";
var u = new UserLogin();
string user_token = "";
url = _config["IP"];
parameters = new Dictionary<string, string>
{
{ "token", token },
{ "oldpwd",user.password},
{ "newpwd",user.newPassword}
};
{
{ "username", user.username },
{ "pwd", user.password },
{ "reqPermFlag[0]","merchant-login"}
};
apiResult = await _callApi.CallAPI(url, parameters, httpMethod);
if (apiResult.IsSuccess)
{
var response = JsonConvert.DeserializeObject<Response>(apiResult.Data.ToString());
if (response.r == 0)
// API 呼叫成功,進行相應的處理
u = JsonConvert.DeserializeObject<UserLogin>(apiResult.Data.ToString());
if (u.r == 0 && !string.IsNullOrEmpty(u.token))
{
user_token = u.token;
existUser.password = user.newPassword;
url = _config["IP"] + "/user/changepassword";
switch (_currentLanguage)
parameters = new Dictionary<string, string>
{
{ "token", user_token },
{ "oldpwd",user.password},
{ "newpwd",user.newPassword}
case "en":
msg = "Edit success.";
break;
case "zh":
msg = "編輯成功";
break;
default:
msg = "編輯成功";
break;
};
}
TempData["IsSuccess"] = true;
TempData["msg"] = msg;
apiResult = await _callApi.CallAPI(url, parameters, httpMethod);
if (apiResult.IsSuccess)
{
var response = JsonConvert.DeserializeObject<Response>(apiResult.Data.ToString());
if (response.r == 0)
{
}
else
{
TempData["IsSuccess"] = false;
TempData["msg"] = response.m;
return View();
}
return RedirectToAction("ListUsers");
}
}
switch (_currentLanguage)
{
case "en":
msg = "Edit success.";
break;
case "zh":
msg = "編輯成功";
break;
default:
msg = "編輯成功";
break;
}
TempData["IsSuccess"] = true;
TempData["msg"] = msg;
return RedirectToAction("ListUsers");
}
}
else
{
TempData["IsSuccess"] = false;
TempData["msg"] = response.r + "," + response.m;
return RedirectToAction("GetUser", new { uid = user.uid });
}
return RedirectToAction("ListUsers");
}
TempData["IsSuccess"] = false;
TempData["msg"] = apiResult.Message;
return RedirectToAction("GetUser", new { uid = user.uid });
}
TempData["IsSuccess"] = false;
TempData["msg"] = u.r + "," + u.m.ToString();
return RedirectToAction("GetUser", new { uid = user.uid });
}
TempData["IsSuccess"] = false;
TempData["msg"] = apiResult.Message;
return RedirectToAction("GetUser", new { uid = user.uid });
}
switch (_currentLanguage)
{
case "en":
msg = "user_id is not exist.";
break;
case "zh":
msg = "user_id不存在";
break;
default:
msg = "user_id不存在";
break;
return RedirectToAction("ListUsers");
}
TempData["IsSuccess"] = false;
TempData["msg"] = msg;
return View(existUser);
}
......@@ -1251,10 +1264,10 @@ namespace backstage.Controllers
address = "null",
countryid = "Taiwan",
postcode = "123",
phone="null",
name_en="null",
VATID_verify="1",
enabled=1
phone = "null",
name_en = "null",
VATID_verify = "1",
enabled = 1
};
......@@ -1285,7 +1298,7 @@ namespace backstage.Controllers
break;
}
TempData["IsSuccess"] = true;
TempData["msg"] = msg;
......@@ -1367,10 +1380,8 @@ namespace backstage.Controllers
var parameters = new Dictionary<string, string>
{
{ "token", token },
{ "types", JsonConvert.SerializeObject(types_data)},
{ "email","1"},
{ "phone","1"}
//{ "types", "{\"inc\":[\"all\"]}"}
{ "types", JsonConvert.SerializeObject(types_data)}
};
......@@ -1457,7 +1468,6 @@ namespace backstage.Controllers
result.IsSuccess = false;
result.Message = msg;
return result;
return result;
}
}
else
......@@ -1465,11 +1475,16 @@ namespace backstage.Controllers
url = _config["IP"] + "/admin/mod";
httpMethod = HttpMethod.Post;
existAdmin.enabled = isAdmin;
var data = new {
uid= existAdmin.uid,
admin_role_id= "1",
enabled=isAdmin
};
parameters = new Dictionary<string, string>
{
{ "token", token },
{ "data", JsonConvert.SerializeObject(existAdmin)}
{ "data", JsonConvert.SerializeObject(data)}
};
apiResult = await _callApi.CallAPI(url, parameters, httpMethod);
......@@ -1496,7 +1511,7 @@ namespace backstage.Controllers
result.IsSuccess = true;
result.Message = msg;
return result;
}
else
......@@ -1592,7 +1607,7 @@ namespace backstage.Controllers
result.Message = msg;
return result;
}
......
Merchant Token Vault Management/backstage/Models/Users/User.cs
View file @ 8c30004c
......@@ -34,6 +34,7 @@ namespace backstage.Models.Users
public string lang { get; set; } = "zhg";
//判斷是否為admin
public bool isAdmin { get; set; } = false;
public int[] admin_rold_id { get; set; } = new int [1];//最高權限
//=========Fields=========
public List<int> masks{get;set;}
......
Merchant Token Vault Management/backstage/Views/Key/ListKeys.cshtml
View file @ 8c30004c
......@@ -399,6 +399,8 @@
document.getElementById("recoverKeyForm").classList.remove("show");
// 页面加载完成后,隐藏 maskSettingsAdvID
//刪除鑰匙
$("#confirmBtn").on("click", function (e) {
......@@ -455,7 +457,8 @@
$('#image2').attr('src', imageUrls[1]);
$('#downloadBtn1').attr('href', imageUrls[0]);
$('#downloadBtn2').attr('href', imageUrls[1]);
$('#imageModal').modal();
$('#imageModal').modal({ backdrop: 'static', keyboard: false });
//setTimeout(function () {
// location.reload();
//}, 2000);
......
Merchant Token Vault Management/backstage/Views/Shared/_Layout.cshtml
View file @ 8c30004c
......@@ -79,12 +79,12 @@
<a class="dropdown-item" asp-controller="User" asp-action="ChangePassword" asp-route-username="@Context.User.Claims.FirstOrDefault(m => m.Type == "username").Value" asp-route-returnUrl="@Context.Request.Path.Value">
<i class="mdi mdi-lock-open mr-2"></i>@Localizer["Change Password"]
</a>
<a class="dropdown-item" asp-controller="User" asp-action="Register">
@*<a class="dropdown-item" asp-controller="User" asp-action="Register">
<i class="mdi mdi-account-plus mr-2"></i>@Localizer["Setting Backup"]
</a>
<a class="dropdown-item" asp-controller="" asp-action="">
<i class="mdi mdi-account-details mr-2"></i>@Localizer["Vault Backup"]
</a>
</a>*@
<div class="dropdown-divider"></div>
<a class="dropdown-item" asp-controller="User" asp-action="Logout">
......
Merchant Token Vault Management/backstage/Views/TokenVault/ListUsers.cshtml
View file @ 8c30004c
......@@ -21,7 +21,7 @@
<input id="msg" hidden value="@TempData["msg"]" />
@if (TempData["isSuccess"] != null)
{
<input id="isSuccess" hidden value="@TempData["isSuccess"].ToString()" />
<input id="isSuccess" hidden value="@TempData["isSuccess"].ToString()" />
}
<div class="floating-msg" id="msgDiv"></div>
</div>
......@@ -64,38 +64,38 @@
<tbody id="tbody">
@if (Model.Count > 0)
{
@foreach (var i in Model)
@foreach (var i in Model)
{
<tr id="@i.id" class="">
<td>@i.id</td>
<td>@i.name</td>
<td>@i.username</td>
<td class="custom-tooltip" data-tooltip="@i.masksSettingText">@i.masksText</td>
<tr id="@i.id" class="">
<td>@i.id</td>
<td>@i.name</td>
<td>@i.username</td>
<td class="custom-tooltip" data-tooltip="@i.masksSettingText">@i.masksText</td>
<td>
@if (i.allow_decrypt == 1)
<td>
@if (i.allow_decrypt == 1)
{<span>&#x2714;</span>}
</td>
<td>
@if (i.allow_new == 1)
</td>
<td>
@if (i.allow_new == 1)
{<span>&#x2714;</span>}
</td>
<td>
@if (i.allow_update == 1)
</td>
<td>
@if (i.allow_update == 1)
{<span>&#x2714;</span>}
</td>
<td>
@if (i.allow_del == 1)
</td>
<td>
@if (i.allow_del == 1)
{<span>&#x2714;</span>}
</td>
</td>
<td>@i.default_mask_id</td>
<td>
<td>@i.default_mask_id</td>
<td>
<a data-id="@i.id" class="btn btnPermission btn-sm" data-toggle="modal" data-target="#delete-field-user">@Localizer["Remove User"]</a>
</td>
</tr>
<a data-id="@i.id" class="btn btnPermission btn-sm" data-toggle="modal" data-target="#delete-field-user">@Localizer["Remove User"]</a>
</td>
</tr>
}
}
......@@ -135,8 +135,6 @@
</div>
</div>
</div>-->
<!--新增使用者 Popup Form-->
<div class="modal fade modal-full" id="new-field-user" tabindex="-1" style="display: none;" aria-hidden="true">
<div class="modal-dialog modalforMemberGo">
......@@ -155,7 +153,7 @@
</div> <!--END of div "modal-header"-->
<div class="modal-body" style="padding-top:35px">
<form class="form-horizontal0">
<form id="addUserForm" class="form-horizontal0">
<!-- <div class="form-group">
<label class="control-labe" for="name">姓名:</label>
......@@ -169,23 +167,26 @@
<input type="text" class="form-control form-control-sm0">
</div>
</div> -->
<input hidden name="merchant_id" value="@ViewBag.Merchant_id" />
<input hidden name="vault_id" value="@ViewBag.vault_id" />
<input hidden name="field_id" value="@ViewBag.field_id" />
<input hidden name="id" />
<div class="form-group">
<label class="control-labe" for="userName">使用者名稱:</label>
<div class="form-group">
<div class="dropdown bootstrap-select selecter form-control -tokenization">
<select title="請選使用者名稱(單選)" class="selectpicker selecter form-control selectpicker-tokenization" asp-items="ViewBag.users" tabindex="null">
<div class="dropdown bootstrap-select selecter form-control ">
<select id="user_selectpicker" title="請選使用者名稱(單選)" class="selectpicker selecter form-control selectpicker-tokenization" asp-items="ViewBag.users" tabindex="null">
</select>
</div>
</div>
</div>
<div class="form-group">
<label class="control-labe" for="mask">遮罩:</label>
<div class="form-group">
<div class="dropdown bootstrap-select show-tick selecter form-control -tokenization">
<select id="select_mask" multiple="" title="請選遮罩(複選)" class="selectpicker selecter form-control selectpicker-tokenization" tabindex="null" asp-items="ViewBag.masks">
<div class="dropdown bootstrap-select show-tick selecter form-control ">
<select name="allow_masks" id="select_mask" multiple="" title="請選遮罩(複選)" class="mask_selectpicker selectpicker selecter form-control selectpicker-tokenization" tabindex="null" asp-items="ViewBag.masks">
</select>
</div>
</div>
......@@ -194,9 +195,8 @@
<div class="form-group">
<label class="control-labe" for="mask">預設遮罩:</label>
<div class="form-group">
<div class="dropdown bootstrap-select selecter form-control -tokenization">
<select id="default_mask" title="請選預設遮罩(單選)" class="selectpicker selecter form-control selectpicker-tokenization" tabindex="null">
<div class="dropdown bootstrap-select selecter form-control ">
<select name="default_mask_id" id="default_mask" title="請選預設遮罩(單選)" class=" default_mask_selectpicker selectpicker selecter form-control selectpicker-tokenization" tabindex="null" asp-items="ViewBag.masks">
</select>
</div>
</div>
......@@ -205,13 +205,13 @@
<div class="form-group">
<label class="control-labe" for="">允許解密:</label>
<div class="form-check form-check-inline">
<input class="form-check-input" type="radio" name="allowDecode" id="allowDecodeY" value="option1">
<input class="form-check-input" type="radio" name="allow_decrypt" id="allowDecodeY" value="option1">
<label class="form-check-label" for="allowDecodeY">
</label>
</div>
<div class="form-check form-check-inline">
<input class="form-check-input" type="radio" name="allowDecode" id="allowDecodeN" value="option2">
<input class="form-check-input" type="radio" name="allow_decrypt" id="allowDecodeN" value="option2">
<label class="form-check-label" for="allowDecodeN">
</label>
......@@ -221,13 +221,13 @@
<div class="form-group">
<label class="control-labe" for="">允許新增:</label>
<div class="form-check form-check-inline">
<input class="form-check-input" type="radio" name="allowAdd" id="allowAddY" value="option1">
<input class="form-check-input" type="radio" name="allow_new" id="allowAddY" value="option1">
<label class="form-check-label" for="allowAddY">
</label>
</div>
<div class="form-check form-check-inline">
<input class="form-check-input" type="radio" name="allowAdd" id="allowAddN" value="option2">
<input class="form-check-input" type="radio" name="allow_new" id="allowAddN" value="option2">
<label class="form-check-label" for="allowAddN">
</label>
......@@ -237,13 +237,13 @@
<div class="form-group">
<label class="control-labe" for="">允許更新:</label>
<div class="form-check form-check-inline">
<input class="form-check-input" type="radio" name="allowUpdate" id="allowUpdateY" value="option1">
<input class="form-check-input" type="radio" name="allow_update" id="allowUpdateY" value="option1">
<label class="form-check-label" for="allowUpdateY">
</label>
</div>
<div class="form-check form-check-inline">
<input class="form-check-input" type="radio" name="allowUpdate" id="allowUpdateN" value="option2">
<input class="form-check-input" type="radio" name="allow_update" id="allowUpdateN" value="option2">
<label class="form-check-label" for="allowUpdateN">
</label>
......@@ -253,13 +253,13 @@
<div class="form-group">
<label class="control-labe" for="">允許刪除:</label>
<div class="form-check form-check-inline">
<input class="form-check-input" type="radio" name="allowDelete" id="allowDeleteY" value="option1">
<input class="form-check-input" type="radio" name="allow_del" id="allowDeleteY" value="option1">
<label class="form-check-label" for="allowDeleteY">
</label>
</div>
<div class="form-check form-check-inline">
<input class="form-check-input" type="radio" name="allowDelete" id="allowDeleteN" value="option2">
<input class="form-check-input" type="radio" name="allow_del" id="allowDeleteN" value="option2">
<label class="form-check-label" for="allowDeleteN">
</label>
......@@ -267,7 +267,7 @@
</div>
<div class="SubmitBlock">
<button type="submit" class="btn btn-mainblue-solid btnSubmit">新增</button>
<button id="createUserBtn" class="btn btn-mainblue-solid btnSubmit">新增</button>
<button type="button" class="btn btn-mainblue-hollow btnReset" data-dismiss="modal">取消</button>
</div>
</form>
......@@ -334,6 +334,7 @@
var msg = '@TempData["msg"]';
var IsSuccess = '@TempData["IsSuccess"]';
console.log(IsSuccess + msg);
if (msg != '') {
showAlert(IsSuccess, msg);
}
......@@ -345,19 +346,50 @@
tooltipClass: "custom-tooltip-width"
});
$("#confirmBtn").on("click", function () {
// 確認按鈕被點擊時的處理程式碼
// 在這裡呼叫您的 API
var merchant_id = parseInt('@ViewBag.Merchant_id');
var vault_id = parseInt('@ViewBag.vault_id');
var field_id = parseInt('@ViewBag.field_id');
var selectedUser = parseInt($("#selectUser").val()); // 替換為您實際使用的選取元素的 ID
var selectUserId = 0;
//選定使用者
$('#user_selectpicker').on('changed.bs.select', function (e, clickedIndex, isSelected, previousValue) {
$('input[name=id]').val( $('#user_selectpicker').val());
});
//addUserForm 選單連動
$('.mask_selectpicker').on('changed.bs.select', function (e, clickedIndex, isSelected, previousValue) {
// 先銷毀 selectpicker
$('#default_mask').selectpicker('destroy');
// 清空選擇器內的選項
$('#default_mask').empty();
// 重新初始化選擇器
$('#default_mask').selectpicker();
// 將 #select_mask 的所有選中選項加入到 #default_mask 中
$('#select_mask option:selected').each(function () {
var optionValue = $(this).val();
var optionText = $(this).text();
//console.log('optionText=' + optionText);
$('#default_mask').append(new Option(optionText, optionValue, false, false));
});
//// 刷新 #default_mask
$('#default_mask').selectpicker('refresh');
});
//送出新增使用者
$("#createUserBtn").on("click", function () {
$('#createMaskForm').serialize(),
$.ajax({
url: "/TokenVault/Addusers",
method: "POST",
contentType: "application/json",
data: JSON.stringify({ Merchant_id: merchant_id, vault_id: vault_id, field_id: field_id, user_id: selectedUser}),
data: $('#addUserForm').serialize(),
success: function (response) {
showAlert(response.isSuccess, response.message);
if (response.isSuccess) {
......@@ -374,27 +406,7 @@
});
});
$('#select_mask').on('changed.bs.select', function (e, clickedIndex, isSelected, previousValue) {
// 清空 #default_mask 的選項
$('#default_mask').empty();
// 刷新 #default_mask
$('#default_mask').selectpicker('refresh');
console.log('select mask')
// 將 #select_mask 的所有選中選項加入到 #default_mask 中
$('#select_mask option:selected').each(function () {
var optionValue = $(this).val();
var optionText = $(this).text();
$('#default_mask').append(new Option(optionText, optionValue, false, false));
});
// 刷新 #default_mask
$('#default_mask').selectpicker('refresh');
});
//移除user
var selectUserId = 0;
$('.btnPermission').click(function () {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment