1.fix 權限登入問題

2.修改密碼邏輯

Merchant Token Vault Management/backstage/Controllers/KeyController.cs

@@ -173,12 +173,15 @@ namespace backstage.Controllers
                             {
                                 // 下載圖檔位元組數據
                                 byte[] imageBytes = await client.GetByteArrayAsync(imageUrl);
-
+                                System.IO.File.Delete(imagePath);
                                 // 將圖檔寫入目標路徑
                                 System.IO.File.WriteAllBytes(imagePath, imageBytes);
                                 // 添加下載路徑到集合中
-                                string downloadPath = Path.Combine("/images", fileName);
-                                downloadPaths.Add(downloadPath);
+                                if (System.IO.File.Exists(imagePath))
+                                {
+                                    string downloadPath = Path.Combine("/images", fileName);
+                                    downloadPaths.Add(downloadPath);
+                                }
                             }
                         }
 
@@ -216,7 +219,7 @@ namespace backstage.Controllers
                                     }
                                     result.IsSuccess = true;
                                     result.Message = msg;
-                                
+
                                     return result;
                                 }
                                 else

Merchant Token Vault Management/backstage/Controllers/TokenVaultController .cs

@@ -628,20 +628,20 @@ namespace backstage.Controllers
         /// <returns></returns>
         [Authorize(Policy = "AdminOnly")]
         [HttpPost]
-        public async Task<ResultModel> AddUsers([FromBody] JsonElement requestData)
+        public async Task<ResultModel> AddUsers([FromBody] IFormCollection form)
         {
             string msg;
             var result = new ResultModel();
-            int Merchant_id = requestData.GetProperty("Merchant_id").GetInt32();
-            int vault_id = requestData.GetProperty("vault_id").GetInt32();
-            int field_id = requestData.GetProperty("field_id").GetInt32();
-            int user_id = requestData.GetProperty("user_id").GetInt32();
+            int merchant_id = Convert.ToInt32( form["merchant_id"]);
+            int vault_id = Convert.ToInt32(form["vault_id"]);
+            int field_id = Convert.ToInt32(form["field_id"]);
+            int user_id = Convert.ToInt32(form["id"]);
 
 
 
             // 構建包含參數的查詢字串
             var queryString = new RouteValueDictionary {
-                { "Merchant_id", Merchant_id },
+                { "Merchant_id", merchant_id },
                 { "vault_id", vault_id },
                 { "field_id", field_id },
             };
@@ -749,7 +749,7 @@ namespace backstage.Controllers
                 var DepartmentsResponse = JsonConvert.DeserializeObject<DepartmentsResponse>(apiResult.Data.ToString());
                 if (DepartmentsResponse.count > 0)
                 {
-                    var existDepartment = DepartmentsResponse.merchants.Where(m => m.merchant_id == Merchant_id).FirstOrDefault();
+                    var existDepartment = DepartmentsResponse.merchants.Where(m => m.merchant_id == merchant_id).FirstOrDefault();
                     if (existDepartment == null)
                     {
                         switch (_currentLanguage)
@@ -820,7 +820,7 @@ namespace backstage.Controllers
             httpMethod = HttpMethod.Post;
             parameters = new Dictionary<string, string>
                       {
-                            { "Merchant_id", Merchant_id.ToString() },
+                            { "Merchant_id", merchant_id.ToString() },
                             { "id", vault_id.ToString() },
                             { "info", "FIELDS" },
 
@@ -904,7 +904,7 @@ namespace backstage.Controllers
              {
                 new {
                     userId = user_id.ToString(),
-                    merchantId = Merchant_id.ToString()
+                    merchantId = merchant_id.ToString()
                 }
             };
             parameters = new Dictionary<string, string>
@@ -949,7 +949,7 @@ namespace backstage.Controllers
                     { "token", token},
                     { "vault_id", vault_id.ToString()},
                     { "access_code", "31"},
-                    { "merchant_id", Merchant_id.ToString()},
+                    { "merchant_id", merchant_id.ToString()},
                     { "user_id", user_id.ToString()},
                 };
 
@@ -999,7 +999,7 @@ namespace backstage.Controllers
 
                     { "id", vault_id.ToString()},
                     { "info", "USERS"},
-                    { "Merchant_id", Merchant_id.ToString()},
+                    { "Merchant_id", merchant_id.ToString()},
                     { "data", JsonConvert.SerializeObject(addUserToField_data)},
                 };
 

Merchant Token Vault Management/backstage/Controllers/UserController.cs

@@ -277,7 +277,7 @@ namespace backstage.Controllers
         }
 
 
-        [Authorize]
+        [Authorize(Policy = "AdminOnly")]
         [HttpGet]
         public async Task<IActionResult> ListUsers()
         {
@@ -458,7 +458,7 @@ namespace backstage.Controllers
         /// 修改密碼
         /// </summary>
         /// <returns></returns>
-        [Authorize(Policy = "AdminOnly")]
+        [Authorize]
         [HttpGet]
         public async Task<IActionResult> ChangePassword(string username, string returnUrl)
         {
@@ -495,7 +495,7 @@ namespace backstage.Controllers
                             var existUser = UserResponse.Users.Where(u => u.username == username).FirstOrDefault();
                             if (existUser == null)
                             {
-                                
+
                                 switch (_currentLanguage)
                                 {
 
@@ -657,7 +657,7 @@ namespace backstage.Controllers
                 {
                     TempData["IsSuccess"] = false;
                     TempData["msg"] = JsonConvert.SerializeObject(userAddResponse.m);
-                    return View(user);
+                    return RedirectToAction("GetUser", new { uid = user.uid });
                 }
 
 
@@ -960,77 +960,90 @@ namespace backstage.Controllers
                         //修改密碼
                         if (!string.IsNullOrEmpty(user.newPassword))
                         {
-                            existUser.password = user.newPassword;
-                            url = _config["IP"] + "/user/changepassword";
+                            var u = new UserLogin();
+                            string user_token = "";
 
+                            url = _config["IP"];
                             parameters = new Dictionary<string, string>
-                             {
-                                    { "token", token },
-                                { "oldpwd",user.password},
-                                { "newpwd",user.newPassword}
-
-
-                                };
-
+                              {
+                                    { "username", user.username },
+                                    { "pwd", user.password },
+                                    { "reqPermFlag[0]","merchant-login"}
+                              };
                             apiResult = await _callApi.CallAPI(url, parameters, httpMethod);
+
                             if (apiResult.IsSuccess)
                             {
-                                var response = JsonConvert.DeserializeObject<Response>(apiResult.Data.ToString());
-                                if (response.r == 0)
+                                // API 呼叫成功，進行相應的處理
+
+                                u = JsonConvert.DeserializeObject<UserLogin>(apiResult.Data.ToString());
+                                if (u.r == 0 && !string.IsNullOrEmpty(u.token))
                                 {
+                                    user_token = u.token;
+                                    existUser.password = user.newPassword;
+                                    url = _config["IP"] + "/user/changepassword";
 
-                                    switch (_currentLanguage)
+                                    parameters = new Dictionary<string, string>
                                     {
+                                            { "token", user_token },
+                                        { "oldpwd",user.password},
+                                        { "newpwd",user.newPassword}
 
-                                        case "en":
-                                            msg = "Edit success.";
-                                            break;
-                                        case "zh":
-                                            msg = "編輯成功";
-                                            break;
-                                        default:
-                                            msg = "編輯成功";
-                                            break;
+                                      };
 
-                                    }
-                                    TempData["IsSuccess"] = true;
-                                    TempData["msg"] = msg;
+                                    apiResult = await _callApi.CallAPI(url, parameters, httpMethod);
+                                    if (apiResult.IsSuccess)
+                                    {
+                                        var response = JsonConvert.DeserializeObject<Response>(apiResult.Data.ToString());
+                                        if (response.r == 0)
+                                        {
 
-                                }
-                                else
-                                {
-                                    TempData["IsSuccess"] = false;
-                                    TempData["msg"] = response.m;
-                                    return View();
-                                }
-                                return RedirectToAction("ListUsers");
-                            }
-                        }
+                                            switch (_currentLanguage)
+                                            {
 
+                                                case "en":
+                                                    msg = "Edit success.";
+                                                    break;
+                                                case "zh":
+                                                    msg = "編輯成功";
+                                                    break;
+                                                default:
+                                                    msg = "編輯成功";
+                                                    break;
 
+                                            }
+                                            TempData["IsSuccess"] = true;
+                                            TempData["msg"] = msg;
 
-                        return RedirectToAction("ListUsers");
-                    }
+                                        }
+                                        else
+                                        {
 
 
+                                            TempData["IsSuccess"] = false;
+                                            TempData["msg"] = response.r + "," + response.m;
+                                            return RedirectToAction("GetUser", new { uid = user.uid });
+                                        }
+                                        return RedirectToAction("ListUsers");
+                                    }
+                                    TempData["IsSuccess"] = false;
+                                    TempData["msg"] = apiResult.Message;
+                                    return RedirectToAction("GetUser", new { uid = user.uid });
+                                }
+                                TempData["IsSuccess"] = false;
+                                TempData["msg"] = u.r + "," + u.m.ToString();
+                                return RedirectToAction("GetUser", new { uid = user.uid });
+                            }
+                            TempData["IsSuccess"] = false;
+                            TempData["msg"] = apiResult.Message;
+                            return RedirectToAction("GetUser", new { uid = user.uid });
+
+                        }
 
-                    switch (_currentLanguage)
-                    {
 
-                        case "en":
-                            msg = "user_id is not exist.";
-                            break;
-                        case "zh":
-                            msg = "user_id不存在";
-                            break;
-                        default:
-                            msg = "user_id不存在";
-                            break;
 
+                        return RedirectToAction("ListUsers");
                     }
-                    TempData["IsSuccess"] = false;
-                    TempData["msg"] = msg;
-                    return View(existUser);
 
                 }
 
@@ -1251,10 +1264,10 @@ namespace backstage.Controllers
                 address = "null",
                 countryid = "Taiwan",
                 postcode = "123",
-                phone="null",
-                name_en="null",
-                VATID_verify="1",
-                enabled=1
+                phone = "null",
+                name_en = "null",
+                VATID_verify = "1",
+                enabled = 1
             };
 
 
@@ -1285,7 +1298,7 @@ namespace backstage.Controllers
                             break;
 
                     }
-                
+
 
                     TempData["IsSuccess"] = true;
                     TempData["msg"] = msg;
@@ -1367,10 +1380,8 @@ namespace backstage.Controllers
             var parameters = new Dictionary<string, string>
               {
                     { "token", token },
-                    { "types", JsonConvert.SerializeObject(types_data)},
-                { "email","1"},
-                { "phone","1"}
-                    //{ "types", "{\"inc\":[\"all\"]}"}
+                    { "types", JsonConvert.SerializeObject(types_data)}
+
 
                 };
 
@@ -1457,7 +1468,6 @@ namespace backstage.Controllers
                     result.IsSuccess = false;
                     result.Message = msg;
                     return result;
-                    return result;
                 }
             }
             else
@@ -1465,11 +1475,16 @@ namespace backstage.Controllers
                 url = _config["IP"] + "/admin/mod";
                 httpMethod = HttpMethod.Post;
                 existAdmin.enabled = isAdmin;
-
+           
+                var data = new { 
+                uid= existAdmin.uid,
+                admin_role_id= "1",
+                enabled=isAdmin
+                };
                 parameters = new Dictionary<string, string>
                 {
                     { "token", token },
-                    { "data", JsonConvert.SerializeObject(existAdmin)}
+                    { "data", JsonConvert.SerializeObject(data)}
 
                 };
                 apiResult = await _callApi.CallAPI(url, parameters, httpMethod);
@@ -1496,7 +1511,7 @@ namespace backstage.Controllers
                         result.IsSuccess = true;
                         result.Message = msg;
                         return result;
-                    
+
 
                     }
                     else
@@ -1592,7 +1607,7 @@ namespace backstage.Controllers
                         result.Message = msg;
                         return result;
 
-                       
+
                     }
 
 

Merchant Token Vault Management/backstage/Models/Users/User.cs

@@ -34,6 +34,7 @@ namespace backstage.Models.Users
         public string lang { get; set; } = "zhg";
         //判斷是否為admin
         public bool isAdmin { get; set; } = false;
+        public int[] admin_rold_id { get; set; } = new int [1];//最高權限
 
         //=========Fields=========
         public List<int> masks{get;set;}

Merchant Token Vault Management/backstage/Views/Key/ListKeys.cshtml

@@ -399,6 +399,8 @@
 			document.getElementById("recoverKeyForm").classList.remove("show");
 			// 页面加载完成后，隐藏 maskSettingsAdvID
 
+		
+
 
 			//刪除鑰匙
 			$("#confirmBtn").on("click", function (e) {
@@ -455,7 +457,8 @@
 							$('#image2').attr('src', imageUrls[1]);
 							$('#downloadBtn1').attr('href', imageUrls[0]);
 							$('#downloadBtn2').attr('href', imageUrls[1]);
-							$('#imageModal').modal();
+							$('#imageModal').modal({ backdrop: 'static', keyboard: false });
+							
 							//setTimeout(function () {
 							//	location.reload();
 							//}, 2000);

Merchant Token Vault Management/backstage/Views/Shared/_Layout.cshtml

@@ -79,12 +79,12 @@
 							<a class="dropdown-item" asp-controller="User" asp-action="ChangePassword" asp-route-username="@Context.User.Claims.FirstOrDefault(m => m.Type == "username").Value" asp-route-returnUrl="@Context.Request.Path.Value">
 								<i class="mdi mdi-lock-open mr-2"></i>@Localizer["Change Password"]
 							</a>
-							<a class="dropdown-item" asp-controller="User" asp-action="Register">
+							@*<a class="dropdown-item" asp-controller="User" asp-action="Register">
 								<i class="mdi mdi-account-plus mr-2"></i>@Localizer["Setting Backup"]
 							</a>
 							<a class="dropdown-item" asp-controller="" asp-action="">
 								<i class="mdi mdi-account-details mr-2"></i>@Localizer["Vault Backup"]
-							</a>
+							</a>*@
 
 							<div class="dropdown-divider"></div>
 							<a class="dropdown-item" asp-controller="User" asp-action="Logout">

Merchant Token Vault Management/backstage/Views/TokenVault/ListUsers.cshtml

@@ -21,7 +21,7 @@
 	<input id="msg" hidden value="@TempData["msg"]" />
 	@if (TempData["isSuccess"] != null)
 	{
-	<input id="isSuccess" hidden value="@TempData["isSuccess"].ToString()" />
+		<input id="isSuccess" hidden value="@TempData["isSuccess"].ToString()" />
 	}
 	<div class="floating-msg" id="msgDiv"></div>
 </div>
@@ -64,38 +64,38 @@
 								<tbody id="tbody">
 									@if (Model.Count > 0)
 									{
-									@foreach (var i in Model)
+										@foreach (var i in Model)
 										{
-									<tr id="@i.id" class="">
-										<td>@i.id</td>
-										<td>@i.name</td>
-										<td>@i.username</td>
-										<td class="custom-tooltip" data-tooltip="@i.masksSettingText">@i.masksText</td>
+											<tr id="@i.id" class="">
+												<td>@i.id</td>
+												<td>@i.name</td>
+												<td>@i.username</td>
+												<td class="custom-tooltip" data-tooltip="@i.masksSettingText">@i.masksText</td>
 
 
-										<td>
-											@if (i.allow_decrypt == 1)
+												<td>
+													@if (i.allow_decrypt == 1)
 													{<span>&#x2714;</span>}
-										</td>
-										<td>
-											@if (i.allow_new == 1)
+												</td>
+												<td>
+													@if (i.allow_new == 1)
 													{<span>&#x2714;</span>}
-										</td>
-										<td>
-											@if (i.allow_update == 1)
+												</td>
+												<td>
+													@if (i.allow_update == 1)
 													{<span>&#x2714;</span>}
-										</td>
-										<td>
-											@if (i.allow_del == 1)
+												</td>
+												<td>
+													@if (i.allow_del == 1)
 													{<span>&#x2714;</span>}
-										</td>
+												</td>
 
-										<td>@i.default_mask_id</td>
-										<td>
+												<td>@i.default_mask_id</td>
+												<td>
 
-											<a data-id="@i.id" class="btn btnPermission btn-sm" data-toggle="modal" data-target="#delete-field-user">@Localizer["Remove User"]</a>
-										</td>
-									</tr>
+													<a data-id="@i.id" class="btn btnPermission btn-sm" data-toggle="modal" data-target="#delete-field-user">@Localizer["Remove User"]</a>
+												</td>
+											</tr>
 										}
 									}
 
@@ -135,8 +135,6 @@
 		</div>
 	</div>
 </div>-->
-
-
 <!--新增使用者 Popup Form-->
 <div class="modal fade modal-full" id="new-field-user" tabindex="-1" style="display: none;" aria-hidden="true">
 	<div class="modal-dialog modalforMemberGo">
@@ -155,7 +153,7 @@
 			</div> <!--END of div "modal-header"-->
 
 			<div class="modal-body" style="padding-top:35px">
-				<form class="form-horizontal0">
+				<form id="addUserForm" class="form-horizontal0">
 
 					<!-- <div class="form-group">
 	  <label class="control-labe" for="name">姓名：</label>
@@ -169,23 +167,26 @@
 		<input type="text" class="form-control form-control-sm0">
 	  </div>
 	</div> -->
-
+					<input hidden name="merchant_id" value="@ViewBag.Merchant_id" />
+					<input hidden name="vault_id" value="@ViewBag.vault_id" />
+					<input hidden name="field_id" value="@ViewBag.field_id" />
+					<input hidden name="id" />
 					<div class="form-group">
 						<label class="control-labe" for="userName">使用者名稱：</label>
 						<div class="form-group">
-							<div class="dropdown bootstrap-select selecter form-control -tokenization">
-								<select title="請選使用者名稱(單選)" class="selectpicker selecter form-control selectpicker-tokenization" asp-items="ViewBag.users" tabindex="null">
+							<div class="dropdown bootstrap-select selecter form-control ">
+								<select id="user_selectpicker" title="請選使用者名稱(單選)" class="selectpicker selecter form-control selectpicker-tokenization" asp-items="ViewBag.users" tabindex="null">
 								</select>
 
 							</div>
 						</div>
 					</div>
-				
+
 					<div class="form-group">
 						<label class="control-labe" for="mask">遮罩：</label>
 						<div class="form-group">
-							<div class="dropdown bootstrap-select show-tick selecter form-control -tokenization">
-								<select id="select_mask" multiple="" title="請選遮罩(複選)" class="selectpicker selecter form-control selectpicker-tokenization" tabindex="null" asp-items="ViewBag.masks">
+							<div class="dropdown bootstrap-select show-tick selecter form-control ">
+								<select name="allow_masks" id="select_mask" multiple="" title="請選遮罩(複選)" class="mask_selectpicker selectpicker selecter form-control selectpicker-tokenization" tabindex="null" asp-items="ViewBag.masks">
 								</select>
 							</div>
 						</div>
@@ -194,9 +195,8 @@
 					<div class="form-group">
 						<label class="control-labe" for="mask">預設遮罩：</label>
 						<div class="form-group">
-							<div class="dropdown bootstrap-select selecter form-control -tokenization">
-								<select id="default_mask" title="請選預設遮罩(單選)" class="selectpicker selecter form-control selectpicker-tokenization" tabindex="null">
-								
+							<div class="dropdown bootstrap-select selecter form-control ">
+								<select name="default_mask_id" id="default_mask" title="請選預設遮罩(單選)" class=" default_mask_selectpicker selectpicker selecter form-control selectpicker-tokenization" tabindex="null" asp-items="ViewBag.masks">
 								</select>
 							</div>
 						</div>
@@ -205,13 +205,13 @@
 					<div class="form-group">
 						<label class="control-labe" for="">允許解密：</label>
 						<div class="form-check form-check-inline">
-							<input class="form-check-input" type="radio" name="allowDecode" id="allowDecodeY" value="option1">
+							<input class="form-check-input" type="radio" name="allow_decrypt" id="allowDecodeY" value="option1">
 							<label class="form-check-label" for="allowDecodeY">
 								是
 							</label>
 						</div>
 						<div class="form-check form-check-inline">
-							<input class="form-check-input" type="radio" name="allowDecode" id="allowDecodeN" value="option2">
+							<input class="form-check-input" type="radio" name="allow_decrypt" id="allowDecodeN" value="option2">
 							<label class="form-check-label" for="allowDecodeN">
 								否
 							</label>
@@ -221,13 +221,13 @@
 					<div class="form-group">
 						<label class="control-labe" for="">允許新增：</label>
 						<div class="form-check form-check-inline">
-							<input class="form-check-input" type="radio" name="allowAdd" id="allowAddY" value="option1">
+							<input class="form-check-input" type="radio" name="allow_new" id="allowAddY" value="option1">
 							<label class="form-check-label" for="allowAddY">
 								是
 							</label>
 						</div>
 						<div class="form-check form-check-inline">
-							<input class="form-check-input" type="radio" name="allowAdd" id="allowAddN" value="option2">
+							<input class="form-check-input" type="radio" name="allow_new" id="allowAddN" value="option2">
 							<label class="form-check-label" for="allowAddN">
 								否
 							</label>
@@ -237,13 +237,13 @@
 					<div class="form-group">
 						<label class="control-labe" for="">允許更新：</label>
 						<div class="form-check form-check-inline">
-							<input class="form-check-input" type="radio" name="allowUpdate" id="allowUpdateY" value="option1">
+							<input class="form-check-input" type="radio" name="allow_update" id="allowUpdateY" value="option1">
 							<label class="form-check-label" for="allowUpdateY">
 								是
 							</label>
 						</div>
 						<div class="form-check form-check-inline">
-							<input class="form-check-input" type="radio" name="allowUpdate" id="allowUpdateN" value="option2">
+							<input class="form-check-input" type="radio" name="allow_update" id="allowUpdateN" value="option2">
 							<label class="form-check-label" for="allowUpdateN">
 								否
 							</label>
@@ -253,13 +253,13 @@
 					<div class="form-group">
 						<label class="control-labe" for="">允許刪除：</label>
 						<div class="form-check form-check-inline">
-							<input class="form-check-input" type="radio" name="allowDelete" id="allowDeleteY" value="option1">
+							<input class="form-check-input" type="radio" name="allow_del" id="allowDeleteY" value="option1">
 							<label class="form-check-label" for="allowDeleteY">
 								是
 							</label>
 						</div>
 						<div class="form-check form-check-inline">
-							<input class="form-check-input" type="radio" name="allowDelete" id="allowDeleteN" value="option2">
+							<input class="form-check-input" type="radio" name="allow_del" id="allowDeleteN" value="option2">
 							<label class="form-check-label" for="allowDeleteN">
 								否
 							</label>
@@ -267,7 +267,7 @@
 					</div>
 
 					<div class="SubmitBlock">
-						<button type="submit" class="btn btn-mainblue-solid btnSubmit">新增</button>
+						<button id="createUserBtn" class="btn btn-mainblue-solid btnSubmit">新增</button>
 						<button type="button" class="btn btn-mainblue-hollow btnReset" data-dismiss="modal">取消</button>
 					</div>
 				</form>
@@ -334,6 +334,7 @@
 			var msg = '@TempData["msg"]';
 			var IsSuccess = '@TempData["IsSuccess"]';
 			console.log(IsSuccess + msg);
+
 			if (msg != '') {
 				showAlert(IsSuccess, msg);
 			}
@@ -345,19 +346,50 @@
 				tooltipClass: "custom-tooltip-width"
 			});
 
-			$("#confirmBtn").on("click", function () {
-				// 確認按鈕被點擊時的處理程式碼
-				// 在這裡呼叫您的 API
-				var merchant_id = parseInt('@ViewBag.Merchant_id');
-				var vault_id = parseInt('@ViewBag.vault_id');
-				var field_id = parseInt('@ViewBag.field_id');
-				var selectedUser = parseInt($("#selectUser").val()); // 替換為您實際使用的選取元素的 ID
+
+			var selectUserId = 0;
+
+
+
+
+			//選定使用者
+			$('#user_selectpicker').on('changed.bs.select', function (e, clickedIndex, isSelected, previousValue) {
+				$('input[name=id]').val( $('#user_selectpicker').val());
+
+			});
+			//addUserForm 選單連動
+			$('.mask_selectpicker').on('changed.bs.select', function (e, clickedIndex, isSelected, previousValue) {
+
+				// 先銷毀 selectpicker
+				$('#default_mask').selectpicker('destroy');
+				// 清空選擇器內的選項
+				$('#default_mask').empty();
+				// 重新初始化選擇器
+				$('#default_mask').selectpicker();
+
+				// 將 #select_mask 的所有選中選項加入到 #default_mask 中
+				$('#select_mask option:selected').each(function () {
+					var optionValue = $(this).val();
+					var optionText = $(this).text();
+					//console.log('optionText=' + optionText);
+					$('#default_mask').append(new Option(optionText, optionValue, false, false));
+				});
+
+				//// 刷新 #default_mask
+				$('#default_mask').selectpicker('refresh');
+			});
+
+				//送出新增使用者 
+			$("#createUserBtn").on("click", function () {
+				
+
+				$('#createMaskForm').serialize(),
 
 				$.ajax({
 					url: "/TokenVault/Addusers",
 					method: "POST",
 					contentType: "application/json",
-					data: JSON.stringify({ Merchant_id: merchant_id, vault_id: vault_id, field_id: field_id, user_id: selectedUser}),
+					data: $('#addUserForm').serialize(),
 					success: function (response) {
 						showAlert(response.isSuccess, response.message);
 						if (response.isSuccess) {
@@ -374,27 +406,7 @@
 				});
 			});
 
-
-			$('#select_mask').on('changed.bs.select', function (e, clickedIndex, isSelected, previousValue) {
-				// 清空 #default_mask 的選項
-				$('#default_mask').empty();
-				// 刷新 #default_mask
-				$('#default_mask').selectpicker('refresh');
-				console.log('select mask')
-				// 將 #select_mask 的所有選中選項加入到 #default_mask 中
-				$('#select_mask option:selected').each(function () {
-					var optionValue = $(this).val();
-					var optionText = $(this).text();
-					$('#default_mask').append(new Option(optionText, optionValue, false, false));
-				});
-
-				// 刷新 #default_mask
-				$('#default_mask').selectpicker('refresh');
-			});
-
-
 			//移除user
-			var selectUserId = 0;
 
 			$('.btnPermission').click(function () {