Skip to content

C
code
Commit 8544537f authored by solho's avatar solho
Browse files
Options

取得權限資料邏輯調整

parent 96045529
Hide whitespace changes
Inline Side-by-side
Showing with 37 additions and 31 deletions
WebAPI/Controllers/Esn_Subitem/Esn_todos_SettleController.cs
View file @ 8544537f
...@@ -62,7 +62,19 @@ namespace WebAPI.Controllers ...@@ -62,7 +62,19 @@ namespace WebAPI.Controllers
left join [evw_qResult_EmpItem] d on a.ItemNum=d.Emp_ItemNum left join [evw_qResult_EmpItem] d on a.ItemNum=d.Emp_ItemNum
where 1=1 @wherecase2 where 1=1 @wherecase2
"; ";
JObject objPermission_furtherSql = JObject.Parse(obj_input["Permission_furtherSql"].ToString()); if (obj_input["Permission_furtherSql"] != null)
{
JObject objPermission_furtherSql = JObject.Parse(obj_input["Permission_furtherSql"].ToString());
if (objPermission_furtherSql["firmID"] != null && !String.IsNullOrEmpty(objPermission_furtherSql["firmID"].ToString()))
{
@wherecase1 += " and b.ID in(@DSid)";
@wherecase2 += " and b.ID in(@DSid)";
@wherecase1 = @wherecase1.Replace("@DSid", objPermission_furtherSql["firmID"].ToString());
@wherecase2 = @wherecase2.Replace("@DSid", objPermission_furtherSql["firmID"].ToString());
//cmd.Parameters.Add("@DSid", objPermission_furtherSql["firmID"].ToString());
}
}
if (obj_input["Settle_Date"] != null) if (obj_input["Settle_Date"] != null)
{ {
@wherecase2 += " and Settle_Date between @Settle_Date and @Settle_Date "; @wherecase2 += " and Settle_Date between @Settle_Date and @Settle_Date ";
...@@ -74,21 +86,13 @@ namespace WebAPI.Controllers ...@@ -74,21 +86,13 @@ namespace WebAPI.Controllers
@wherecase2 += " and isClosed=@isClosed "; @wherecase2 += " and isClosed=@isClosed ";
cmd.Parameters.AddWithValue("@isClosed", (obj_input["isClosed"].ToString() == "1" ? true : false)); cmd.Parameters.AddWithValue("@isClosed", (obj_input["isClosed"].ToString() == "1" ? true : false));
} }
if (objPermission_furtherSql["firmID"] != null && !String.IsNullOrEmpty(objPermission_furtherSql["firmID"].ToString()))
{
@wherecase1 += " and b.ID in(@DSid)";
@wherecase2 += " and b.ID in(@DSid)";
@wherecase1 = @wherecase1.Replace("@DSid", objPermission_furtherSql["firmID"].ToString());
@wherecase2 = @wherecase2.Replace("@DSid", objPermission_furtherSql["firmID"].ToString());
//cmd.Parameters.Add("@DSid", objPermission_furtherSql["firmID"].ToString());
}
strsql = strsql.Replace("@wherecase1", @wherecase1).Replace("@wherecase2", @wherecase2); strsql = strsql.Replace("@wherecase1", @wherecase1).Replace("@wherecase2", @wherecase2);
strsql += " order by a.Settle_Date"; strsql += " order by a.Settle_Date";
response.Code = "1"; response.Code = "1";
cmd.CommandText = strsql; cmd.CommandText = strsql;
DataTable dt = SqlToDt(cmd); DataTable dt = SqlToDt(cmd);
response.Msg = JsonConvert.SerializeObject(dt); response.Msg = JsonConvert.SerializeObject(dt);
result.Content = new StringContent(JsonConvert.SerializeObject(response), System.Text.Encoding.UTF8, "application/json"); result.Content = new StringContent(JsonConvert.SerializeObject(response), System.Text.Encoding.UTF8, "application/json");
} }
...@@ -127,14 +131,32 @@ namespace WebAPI.Controllers ...@@ -127,14 +131,32 @@ namespace WebAPI.Controllers
using (SqlConnection Conn = new SqlConnection(connString)) using (SqlConnection Conn = new SqlConnection(connString))
{ {
SqlCommand cmd = new SqlCommand("", Conn); SqlCommand cmd = new SqlCommand("", Conn);
String strsql = "", Permission_furtherSql = obj_input["Permission_furtherSql"].ToString(); String strsql = "" ;
strsql += String.Format(@"select a.id, Settle_Date ,isClosed ,Emp_DS ,a.update_time,b.id as DStargetid from [esn_todos_Settle] a strsql += String.Format(@"select a.id, Settle_Date ,isClosed ,Emp_DS ,a.update_time,b.id as DStargetid,b.Emp_DSNum from [esn_todos_Settle] a
inner join [evw_qResult_EmpDS] b on a.DSNum=b.Emp_DSNum inner join [evw_qResult_EmpDS] b on a.DSNum=b.Emp_DSNum
left join [evw_qResult_Dept] c on a.DeptNum=c.targetID left join [evw_qResult_Dept] c on a.DeptNum=c.targetID
left join [evw_qResult_EmpItem] d on a.ItemNum=d.Emp_ItemNum left join [evw_qResult_EmpItem] d on a.ItemNum=d.Emp_ItemNum
where 1=1 "); where 1=1 ");
if (obj_input["Permission_furtherSql"] != null)
JObject objPermission_furtherSql = JObject.Parse(obj_input["Permission_furtherSql"].ToString()); {
JObject objPermission_furtherSql = JObject.Parse(obj_input["Permission_furtherSql"].ToString());
if (objPermission_furtherSql["firmID"] != null && !String.IsNullOrEmpty(objPermission_furtherSql["firmID"].ToString()))
{
strsql += " and b.ID in(@DSid)";
strsql = strsql.Replace("@DSid", objPermission_furtherSql["firmID"].ToString());
//cmd.Parameters.Add("@DSid", objPermission_furtherSql["firmID"].ToString());
}
if (objPermission_furtherSql["deptID"] != null && !String.IsNullOrEmpty(objPermission_furtherSql["deptID"].ToString()))
{
//strsql += " and DeptNum in(@DeptNum)";
//cmd.Parameters.Add("@DeptNum", objPermission_furtherSql["deptID"].ToString());
}
if (objPermission_furtherSql["workGroupID"] != null && !String.IsNullOrEmpty(objPermission_furtherSql["workGroupID"].ToString()))
{
//strsql += " and ItemNum in(@ItemNum)";
//cmd.Parameters.Add("@ItemNum", objPermission_furtherSql["workGroupID"].ToString());
}
}
if (obj_input["Settle_Date"]!=null && !String.IsNullOrEmpty(obj_input["Settle_Date"].ToString()) ) if (obj_input["Settle_Date"]!=null && !String.IsNullOrEmpty(obj_input["Settle_Date"].ToString()) )
{ {
strsql += " and Settle_Date between @Settle_Date_begin and @Settle_Date_end "; strsql += " and Settle_Date between @Settle_Date_begin and @Settle_Date_end ";
...@@ -147,22 +169,6 @@ namespace WebAPI.Controllers ...@@ -147,22 +169,6 @@ namespace WebAPI.Controllers
strsql += " and isClosed=@isClosed "; strsql += " and isClosed=@isClosed ";
cmd.Parameters.AddWithValue("@isClosed", (obj_input["isClosed"].ToString()=="1"?true:false)); cmd.Parameters.AddWithValue("@isClosed", (obj_input["isClosed"].ToString()=="1"?true:false));
} }
if (objPermission_furtherSql["firmID"] != null && !String.IsNullOrEmpty(objPermission_furtherSql["firmID"].ToString()))
{
strsql += " and b.ID in(@DSid)";
strsql= strsql.Replace("@DSid", objPermission_furtherSql["firmID"].ToString());
//cmd.Parameters.Add("@DSid", objPermission_furtherSql["firmID"].ToString());
}
if (objPermission_furtherSql["deptID"] != null && !String.IsNullOrEmpty(objPermission_furtherSql["deptID"].ToString()))
{
//strsql += " and DeptNum in(@DeptNum)";
//cmd.Parameters.Add("@DeptNum", objPermission_furtherSql["deptID"].ToString());
}
if (objPermission_furtherSql["workGroupID"] != null && !String.IsNullOrEmpty(objPermission_furtherSql["workGroupID"].ToString()))
{
//strsql += " and ItemNum in(@ItemNum)";
//cmd.Parameters.Add("@ItemNum", objPermission_furtherSql["workGroupID"].ToString());
}
cmd.CommandText = strsql; cmd.CommandText = strsql;
DataTable dt = SqlToDt(cmd); DataTable dt = SqlToDt(cmd);
response.Msg = JsonConvert.SerializeObject(dt); response.Msg = JsonConvert.SerializeObject(dt);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment