MemberCenter/Member/MemberWeb/Controllers/PermissionController.cs

using JCSoft.WX.Framework.Api;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Http;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Common.Wechat;
using Common;
using System.Data;
using Common.Model;
using ZcPeng.PublicLibrary;
using CoreEntity.Entity;
using CoreEntity.DAL;
using System.Collections.Concurrent;
using Newtonsoft.Json.Converters;
using Newtonsoft.Json;
using System.Data.SqlClient;
using Microsoft.Extensions.Primitives;
using Microsoft.Extensions.Caching.Memory;
using Jwt;
using PublicLibrary.Model;
using Newtonsoft.Json.Linq;
using SupplierWeb.Codes.mvc;
using SupplierWeb.Codes.Auth;
using Common.Config;
using SupplierWeb.Commonss;
using System.Web;
using System.Runtime.Serialization.Json;
using System.Text;
using System.IO;
using System.Runtime.Serialization;

namespace SupplierWeb.Controllers
{
    [Route("web/auth")]
    public class PermissionController : BaseController
    {
        public PermissionController(IMemoryCache cache, IApiClient client) : base(cache, client)
        {

        }
        private ConcurrentDictionary<int, Role> roleMap = new ConcurrentDictionary<int, Role>();


        /// 供应商，采购，供应商业务员挂靠，资料管理员，财务，仓库 等角色权限列表
        /// 权限列表
        //[HttpGet, Route("index")]
        //public ActionResult index(string[] filters, Int32 pageIndex, Int32 pageSize,
        //    string sortField, Int32 sortDirection, string[] sumFields, string callback)
        //{
        //    var r = this.indexp(filters, pageIndex, pageSize,
        //     sortField, sortDirection, sumFields, null);
        //    return Content(callback + "(" + JsonConvert.SerializeObject(r.Value)
        //       + ")");
        //}
        /// 供应商，采购，供应商业务员挂靠，资料管理员，财务，仓库 等角色权限列表
        /// 权限列表
        [HttpPost, Route("index")]
        public JsonResult indexp(QueryFilter[] filters, Int32 pageIndex, Int32 pageSize,
            string sortField, Int32 sortDirection, string[] sumFields, [FromBody]dynamic data)
        {
            if (data != null)
            {
                //Newtonsoft.Json.Linq.JArray
                filters = data.filters.ToObject<QueryFilter[]>();
                pageIndex = data.pageIndex;
                pageSize = data.pageSize;
                sortField = data.sortField;
                sortDirection = data.sortDirection;
                sumFields = data.sumFields.ToObject<string[]>();
            }
            #region 获取权限列表
            DataTable dt = new DataTable();
            string result;
            IList<Permission> permss = new List<Permission>(0);

            List<SqlParameter> parameters = new List<SqlParameter>();
            string filterstr = QueryFilter.getFilterSqlParam(filters, out parameters, new Permission(), "A.");

            string direct = " desc ";
            if (sortDirection != 1)
                direct = " asc";

            int start = (pageIndex - 1) * pageSize;
            int end = (start + 1 + pageSize);

            string commandText0 = "select * from ";
            string commandText1 = "(" +
                "select A.*,row_number() over" +
                "(  order by " + sortField + " " + direct + " )  as rownum from " +
                Config.TablePrefix + "Permission as A  " +
                " where  1=1 " +
                    //" and A.CreationPerson = '" + userids + "'" +
                    filterstr +
            ")AAA ";
            string commandText2 = " where AAA.rownum>" + start + " and AAA.rownum<" + end;
            string commandText3 = commandText0 + commandText1 + commandText2;//-tanyang
            bool success = DataAccess.GetValues(commandText3, ref dt, parameters.ToArray(), out result);

            #endregion
            if (dt != null && dt.Rows.Count > 0)
            {

                // 把DataTable转换为IList<Permission>  
                permss = ModelConvertHelper<Permission>.ConvertToModel(dt);

                #region 获取权限的角色列表，角色列表
                //角色列表
                IList<Role> roles = RoleDAL.GetRoles();
                // 把DataTable转换为IList<Role>  
                if (roleMap.Count < roles.Count)
                {
                    foreach (Role role in roles)
                    {
                        roleMap.TryAdd(role.Id, role);
                    }
                }

                foreach (Permission perms in permss)
                {
                    string direct1 = " desc ";
                    dt = DataAccess.GetDataTable(Config.TablePrefix + "RoleRelatePermission", "Id", "*", "PermissionId=" + perms.Id + " and IsDelete = 0 ", "", "Id" + direct1, 1, 100, out var msg);
                    // 把DataTable转换为IList<RoleRelatePermission>  
                    if (dt != null && dt.Rows.Count > 0)
                    {
                        IList<RoleRelatePermission> permRelates = ModelConvertHelper<RoleRelatePermission>.ConvertToModel(dt);

                        //List<Role> listRoles = new List<Role>();
                        List<int> superior_list = new List<int>(0);
                        foreach (RoleRelatePermission permsr in permRelates)
                        {
                            //Role role;
                            //if (roleMap.TryGetValue(permsr.RoleId, out role))
                            //{
                            //    listRoles.Add(role);
                            //}
                            superior_list.Add(permsr.RoleId);
                        }
                        //perms.RoleList = listRoles;
                        perms.Roleids = string.Join(",", superior_list.ToArray());
                    }
                }
                #endregion
            }
            string result1;
            long totalcount = DataAccess.GetRowCountDefine("select count(Id) from " + commandText1, parameters.ToArray(), out result1);
            IsoDateTimeConverter timejson = new IsoDateTimeConverter
            {
                DateTimeFormat = "yyyy'-'MM'-'dd' 'HH':'mm':'ss"
            };
            //IList<Menu> menus = Permission.Convert(permss);
            var jsonData = JsonConvert.SerializeObject(permss, timejson);

            return Json(new
            {
                items = JsonConvert.DeserializeObject(jsonData),
                sum = new { },
                totalCount = totalcount
            });
        }

        [AuthPermission]
        [HttpPost, Route("add")]
        public JsonResult addp(
            string PermissionName, string PermissionUrl,
            string AuthType, Int32 ActionType,
            string Icon
            , string ParentId, string Roleids, [FromBody]dynamic data
            , Int32 IsDelete = 0
        )
        {
            if (data != null)
            {
                //Newtonsoft.Json.Linq.JArray
                PermissionName = data.PermissionName;
                PermissionUrl = data.PermissionUrl;
                AuthType = data.AuthType;
                if (ActionType != 0)
                {
                    ActionType = data.ActionType;
                }
                Icon = data.Icon;
                ParentId = data.ParentId;
                Roleids = data.Roleids;
                IsDelete = (data.IsDelete == null) ? 0 : data.IsDelete;
            }
            string[] RoleIdss = Roleids.Split(",");
            int[] RoleIdis = Array.ConvertAll(RoleIdss, s => Convert.ToInt32(s));

            #region 添加权限节点
            string commandText = "INSERT INTO " + Config.TablePrefix + "Permission (permissionname,permissionurl," +
                "AuthType,ActionType," +
                "Icon,ParentId," +
                "isdelete)"
                + " VALUES (@permissionname,@permissionurl,@AuthType,@ActionType,@Icon,@ParentId,@isdelete)";
            string result;
            //准备参数
            List<List<Object>> parameters = new List<List<Object>>();
            parameters.Add(new List<Object>() { "permissionname", PermissionName });
            parameters.Add(new List<Object>() { "permissionurl", PermissionUrl });
            parameters.Add(new List<Object>() { "AuthType", AuthType });
            parameters.Add(new List<Object>() { "ActionType", ActionType });
            parameters.Add(new List<Object>() { "Icon", Icon });
            parameters.Add(new List<Object>() { "ParentId", ParentId != null ? Convert.ToInt32(ParentId) : 0 });
            parameters.Add(new List<Object>() { "isdelete", IsDelete });

            List<SqlParameter> parameters1 = DataAccess.ToParameters(parameters);
            int success = DataAccess.ExecuteCommand(commandText, parameters1, out result);
            #endregion
            #region 添加角色
            int id = BaseDAL.GetId(Config.TablePrefix + "Permission");
            RoleDAL.SaveRolesRelatePermission(id, RoleIdis);
            #endregion

            return Json(new
            {
                success = success
            });
        }

        ////编辑权限
        //[HttpGet, Route("edit")]
        //public ActionResult edit(Int32 Id,
        //     string PermissionName, string PermissionUrl, string Icon
        //    , string ParentId, string Roleids
        //    , string callback, Int32 IsDelete
        //    )
        //{

        //    var r = this.editp(Id, PermissionName, PermissionUrl, Icon
        //    , ParentId, Roleids, null
        //    , IsDelete);

        //    return Content(callback + "(" + JsonConvert.SerializeObject(r.Value)
        //        + ")");
        //}

        [AuthPermission]
        [HttpPost, Route("edit")]
        public JsonResult editp(Int32 Id,
             string PermissionName, string PermissionUrl,
             string AuthType,
             string Icon,
             string ParentId, string Roleids,
             [FromBody]dynamic data
            , Int32 IsDelete
            )
        {
            if (data != null)
            {
                //Newtonsoft.Json.Linq.JArray
                Id = data.Id;
                PermissionName = data.PermissionName;
                PermissionUrl = data.PermissionUrl;
                AuthType = data.AuthType;
                Icon = data.Icon;
                ParentId = data.ParentId;
                Roleids = data.Roleids;
                IsDelete = data.IsDelete == null ? 0 : data.IsDelete;
            }
            string[] RoleIdss = Roleids.Split(",");
            int[] RoleIdis = Array.ConvertAll(RoleIdss, s => Convert.ToInt32(s));
            #region 编辑用户
            string commandText = "UPDATE " + Config.TablePrefix + "Permission " +
                " SET permissionname = @permissionname,";
            if (PermissionUrl != null)
                commandText += "permissionurl = @permissionurl,";
            commandText += " ParentId = @ParentId" +
                ",Icon = @Icon" +
               " ,isdelete = @isdelete" +
                ",AuthType = @AuthType" +
                " WHERE id= @Id";
            string result;
            //准备参数
            List<List<Object>> parameters = new List<List<Object>>();
            parameters.Add(new List<Object>() { "permissionname", PermissionName });
            parameters.Add(new List<Object>() { "permissionurl", PermissionUrl });
            parameters.Add(new List<Object>() { "AuthType", AuthType });
            parameters.Add(new List<Object>() { "ParentId", ParentId });
            parameters.Add(new List<Object>() { "Icon", Icon });

            parameters.Add(new List<Object>() { "isdelete", IsDelete });
            parameters.Add(new List<Object>() { "Id", Id });

            List<SqlParameter> parameters1 = DataAccess.ToParameters(parameters);
            int success = DataAccess.ExecuteCommand(commandText, parameters1, out result);
            #endregion

            #region 角色
            RoleDAL.SaveRolesRelatePermission(Id, RoleIdis);
            #endregion

            return Json(new
            {
                success = success
            });
        }


        ////删除权限
        [AuthPermission]
        [HttpGet, Route("delete/{0}")]
        public ActionResult Delete(Int32 Id, string callback)
        {
            string commandText = "DELETE FROM " + Config.TablePrefix + "Permission WHERE Id = @Id";

            //准备参数
            List<List<Object>> parameters = new List<List<Object>>();
            parameters.Add(new List<Object>() { "Id", Id });

            string result = "";
            List<SqlParameter> parameters1 = DataAccess.ToParameters(parameters);
            int success = DataAccess.ExecuteCommand(commandText, parameters1, out result);
            return Content(callback + "({"
                + success
                + "})");
        }


        ////删除权限
        [AuthPermission]
        [HttpPost, Route("delete")]
        public ActionResult Delete(Int32 Id)
        {
            string commandText = "DELETE FROM " + Config.TablePrefix + "Permission WHERE Id = @Id";

            //准备参数
            List<List<Object>> parameters = new List<List<Object>>();
            parameters.Add(new List<Object>() { "Id", Id });

            string result = "";
            List<SqlParameter> parameters1 = DataAccess.ToParameters(parameters);
            int success = DataAccess.ExecuteCommand(commandText, parameters1, out result);
            return Content("{success:"
                + success
                + "}");
        }


        [HttpPost]
        [Route("Esserch")]
        public ActionResult Esserch([FromBody]dynamic data)
        {
            //data={"query":"select a.AppreciationPrice  from product a limit 2"};
            //data = "{"+"query"+":"+"select a.AppreciationPrice from product a limit 2"+"}";
            data = new { query = "select a.AppreciationPrice from product a limit 20" };
            var json = JsonConvert.SerializeObject(data);
            var str = Util.ElasticQuery("_sql?format=json", "POST", json);
            //long totalcount = DataAccess.GetRowCountDefine("select count(Id) from " + commandText1, parameters.ToArray(), out result1);
            Root es = new Root();
            List<ES> aa = new List<ES>();
            Root stobj = (Root)PermissionController.FromJSON<Root>(str);
            for (int i = 0; i < stobj.rows.Count; i++)
            {
                ES bb = new ES();
                bb.name = "AA"+i;
                bb.price = stobj.rows[i][0].ToString();
                aa.Add(bb);
            }
            var jsonData = JsonConvert.SerializeObject(aa);
            //return new JSONNetResult(JsonConvert.DeserializeObject(str)); 
            return Json(new
            {
                items = JsonConvert.DeserializeObject(jsonData)
            });
        }

        public class ES
        {
            public string name { get; set; }

            public string price { get; set; }
        }

        public class ColumnsItem
        {
            public string name { get; set; }

            public string type { get; set; }
        }
        public class Root
        {
            /// <summary>
            /// 
            /// </summary>
            public List<ColumnsItem> columns { get; set; }
            /// <summary>
            /// 
            /// </summary>
            public List<List<int>> rows { get; set; }
        }
        public static T FromJSON<T>(string input)
        {
            try
            {
                return JsonConvert.DeserializeObject<T>(input);
            }
            catch (Exception ex)
            {
                string a = ex.Message;
                return default(T);
            }
        }


        ////权限列表
        [HttpGet, Route("menus")]
        public JsonResult menus(string type,string ParentId)
        {
            HttpRequest request = HttpContext.Request;
            StringValues oo;
            string staffid = "";
            request.Headers.TryGetValue("Sso-Token", out oo);
            if (oo.Count > 0 && oo.ToArray()[0] != "")
            {
                staffid = oo.ToArray()[0];
            }

            //取token
            var token = (string)_cache.Get(staffid);
            var secret = TokenConfig.SecretKey;
            Dictionary<string, object> data;
            Object roleid;
            Int64 roleid1;
            IList<Menu> jsonData = new List<Menu>();
            if (token != null)
            {

                try
                {
                    data = JsonWebToken.DecodeToObject<Dictionary<string, object>>(token, secret);

                    data.TryGetValue("roleid", out roleid);
                    roleid1 = (Int64)roleid;

                    var permissions = RoleDAL.GetPermissions(roleid1, " and A.AuthType in('"+ type + "')", ParentId);
                    var options = Permission.Convert(permissions);

                    //jsonData = JsonConvert.SerializeObject(options);
                    jsonData = options;
                }
                catch (SignatureVerificationException)
                {
                    // Given token is either expired or hashed with an unsupported algorithm.
                }
            }

            return Json(jsonData
                );
        }

        [HttpGet, Route("menusTree")]
        public JsonResult menusTree(string type)
        {
            string roleIdstr = getStaff("roleid");

            var sql = $"select A.PermissionName as label,cast(ParentId as varchar) as parentValue,Id as value  " +
                "  from " + Config.TablePrefix + "Permission A" +
                " where  A.Id in (select B.PermissionId from mem_RoleRelatePermission B" +
                "           where  B.roleid = @roleid and B.permissionId = A.Id and isdelete <> 1 )" +
                " and A.AuthType in('" + type + "') " +
                " and A.isdelete = 0 ";
                
            DataTable dt = new DataTable();
            var param = new List<SqlParameter>();
            param.Add(new SqlParameter("roleId", long.Parse(roleIdstr)));

            DataAccess.GetValues(sql, ref dt, param.ToArray(), out var msg);
            IList<TreeNode> result = new List<TreeNode>();
            if (dt != null && dt.Rows.Count > 0)
            {
                result = ModelConvertHelper<TreeNode>.ConvertToModel(dt);
            }
            return Json(new
            {
                result,
                msg
            });
        }

        ////父权限列表
        //[HttpGet, Route("parents/{0}")]
        //public ActionResult parents(string callback)
        //{

        //    var permss = RoleDAL.GetTopPermissions();
        //    IList<Option> options = new List<Option>();
        //    foreach (Permission perms in permss)
        //    {
        //        var option = new Option() { label = perms.PermissionName, value = perms.Id.ToString(), disabled = perms.IsDelete };
        //        options.Add(option);
        //    }
        //    var jsonData = JsonConvert.SerializeObject(options);

        //    return Content(callback + "(" + jsonData
        //        + ")");
        //}

        [HttpGet, Route("parents")]
        public ActionResult parents()
        {

            var permss = RoleDAL.GetTopPermissions();
            IList<Option> options = new List<Option>();
            foreach (Permission perms in permss)
            {
                var option = new Option() { label = perms.PermissionName, value = perms.Id.ToString(), disabled = perms.IsDelete };
                options.Add(option);
            }
            var jsonData = JsonConvert.SerializeObject(options);

            return Content(jsonData
                );
        }
        
        [HttpGet]
        [Route("getrole")]
        public JsonResult getrole()
        {
            var sql = $"select RoleRemark as label,'1' as parentValue,id+1 as value from "+Config.TablePrefix+"Role";

            DataTable dt = new DataTable();
            var param = new List<SqlParameter>();

            DataAccess.GetValues(sql, ref dt, param.ToArray(), out _);
            IList<TreeNode> result = new List<TreeNode>();
            if (dt != null && dt.Rows.Count > 0)
            {
                result = ModelConvertHelper<TreeNode>.ConvertToModel(dt);
            }
            result.Add(new TreeNode { parentValue = "0", label = "系统角色", value = 1 });
            return Json(new
            {
                //httpCode = 200,
                //message = "获取成功",
                result
            });
        }


        /// <summary>
        /// 获取组织机构
        /// </summary>
        /// <returns></returns>
        [HttpGet]
        [Route("getOrg")]
        public JsonResult getOrg()
        {
            var sql = $"select OrgName as label,'1' as parentValue,(ROW_NUMBER() over(order by OrgId))+1 as value from CM_Org";

            DataTable dt = new DataTable();
            var param = new List<SqlParameter>();

            DataAccess.GetValues(sql, ref dt, param.ToArray(), out _);
            IList<TreeNode> result = new List<TreeNode>();
            if (dt != null && dt.Rows.Count > 0)
            {
                result = ModelConvertHelper<TreeNode>.ConvertToModel(dt);
            }
            result.Add(new TreeNode { parentValue = "0", label = "亮健好医药有限公司", value = 1 });
            return Json(new
            {
                //httpCode = 200,
                //message = "获取成功",
                result
            });
        }

        /// <summary>
        /// 获取机构权限列表
        /// </summary>
        /// <param name="data"></param>
        /// <returns></returns>
        [AuthPermission]
        [HttpPost]
        [Route("table")]
        public JsonResult Table([FromBody] dynamic data)
        {
            QueryFilter[] jArray = JsonConvert.DeserializeObject<QueryFilter[]>(data.filters.ToString());
            var a = "";
            List<QueryFilter> filterList = new List<QueryFilter> ();
            var i = 0;
            foreach (QueryFilter filter in jArray) {
                if (filter.field == "roleId")
                    a = filter.value.ToString();
                else { 
                    filterList.Add(filter);
                    i++;
                }
            }
            var roleID = int.Parse(a) - 1;

            var param = new List<SqlParameter>();
            var filterstr = QueryFilter.getFilterSqlParam(filterList.ToArray(), out param,new TempTableResult(),"A.");
            filterstr = filterstr.Replace("A.permissionRule", "B.PermissionRule");
            filterstr = filterstr.Replace("A.permissionRuleType", "B.PermissionRuleType");

            var sql = $"select case when B.Id is null then 0 else A.id end as checkedValue," +
                $"A.*,B.PermissionRule,B.PermissionRuleType,B.Id as relateId from {Config.TablePrefix}Permission A " +
                $" left join {Config.TablePrefix}RoleRelatePermission B on B.PermissionId = A.Id and B.RoleId=@roleId and B.IsDelete <> 1 " +
                $" where A.IsDelete <> 1 " +
                $"" + filterstr;
            DataTable dt = new DataTable();
            param.Add(new SqlParameter("roleId", roleID));
            DataAccess.GetValues(sql, ref dt, param.ToArray(), out var msg);
            IList<TempTableResult> result = new List<TempTableResult>();
            if (dt != null && dt.Rows.Count > 0)
            {
                result = ModelConvertHelper<TempTableResult>.ConvertToModel(dt);
            }
            var countSql =
              $"select count(1) from "+Config.TablePrefix+"Permission  where IsDelete <> 1";

            var count = DataAccess.GetRowCountDefine(countSql, param.ToArray(), out var msg1);
            return Json(new
            {
                items = result,
                sum = new { },
                totalCount = count,
                msg
            });
        }

        /// <summary>
        /// 设置机构权限
        /// </summary>
        /// <param name="data"></param>
        /// <returns></returns>
        [AuthPermission]
        [HttpPost]
        [Route("setrole")]
        public JsonResult setrole([FromBody] TempQuery data)
        {
            var param = new List<SqlParameter>();
            param.Add(new SqlParameter("RoleId", data.roleId));
            var sql = "update sup_RoleRelatePermission set IsDelete =1 where RoleId=@RoleId;  ";
            var index = 0;
            foreach (var item in data.data)
            {
                index++;
                param.Add(new SqlParameter($"{index}", item));
                sql += $" if (exists(select * from sup_RoleRelatePermission where RoleId = @RoleId and PermissionId = @{index} and IsDelete = 1)) " +
                    " begin " +
                      $" update sup_RoleRelatePermission set IsDelete = 0 where RoleId = @RoleId and PermissionId =  @{index} and IsDelete = 1 " +
                    " end " +
                    " else " +
                    " begin " +
                    $" insert into sup_RoleRelatePermission (PermissionId, RoleId) values (@{index},@RoleId) end ";
            }
            DataAccess.ExecuteCommand(sql, param.ToArray(), out var x);

            return Json(new
            {
                success = true
            });
        }

        public class TempTableResult
        {
            public int id { get; set; }
            public string permissionName { get; set; }
            public string permissionUrl { get; set; }
            public int roleId { get; set; }
            public int checkedValue { get; set; }
            public string permissionRule { get; set; }
            public string permissionRuleType { get; set; }
            public int relateId { get; set; }
            public string AuthType { get; set; }
        }
        

        public class TempQuery
        {
            public int[] data { get; set; }
            public int roleId { get; set; }
        }

        
        [HttpGet, Route("authtype")]
        public ActionResult AuthType()
        {
            
            IList<Option> options = new List<Option>();
                var option = new Option() { label = "界面", value = "U" ,disabled = false };
                options.Add(option);
            var option1 = new Option() { label = "操作", value = "O", disabled = false };
            options.Add(option1);
            var option2 = new Option() { label = "按钮", value = "A", disabled = false };
            options.Add(option2);
            var option3 = new Option() { label = "顶部菜单", value = "M", disabled = false };
            options.Add(option3);
            var jsonData = JsonConvert.SerializeObject(options);

            return Content(jsonData
                );
        }

        [HttpGet, Route("permissions")]
        public ActionResult Permissions()
        {
            string roleid = getStaff("roleid");
            if(roleid == null || roleid == "")
            {
                return Json(new { success = false,msg="没有登陆" });
            }
            Dictionary<string, Permission> permission = PermissionHelper.Permissions(Convert.ToInt32(roleid));

            return Json(permission);
        }

        public class SortContent
        {
            public Object content { get; set; }//权限内容
            public string code { get; set; }//权限id
            public int sort { get; set; }//权限序号
        }

        [AuthPermission]
        [HttpPost]
        [Route("setSort")]
        public JsonResult setSort([FromBody]dynamic data)
        {
            SortContent[] dataItems = new SortContent[] { };
            if (data != null)
            {
                //Newtonsoft.Json.Linq.JArray
                dataItems = data.data.ToObject<SortContent[]>();
            }
            List<DataAccessCommand> list = new List<DataAccessCommand>();
            foreach (SortContent item in dataItems) { 
                var param = new List<SqlParameter>();
                param.Add(new SqlParameter("Id", item.code));
                param.Add(new SqlParameter("Sort", item.sort));
                var sql = "update "+Config.TablePrefix+"Permission set  Sort=@Sort where Id=@Id;  ";

                list.Add(new DataAccessCommand(sql, param,CommandType.Text,false));
            }
            var success = DataAccess.ExecuteBatchCommands(list, out var x);
            return Json(new
            {
                success,
                msg = x
            });
        }


        [AuthPermission]
        [HttpPost]
        [Route("editroleperm")]
        public JsonResult editRolePerm([FromBody] TempTableResult entity)
        {
            var sql = "update " + Config.TablePrefix + "RoleRelatePermission set " +
                " PermissionRule = a1,PermissionRuleType = a2 " +
                " from (select @PermissionRule as a1 ,@PermissionRuleType as a2 )A " +
                " where Id = @relateId";
            var param = new List<SqlParameter>();
            param.Add(new SqlParameter("@PermissionRule", entity.permissionRule));
            param.Add(new SqlParameter("@PermissionRuleType", entity.permissionRuleType));
            var ss = new SqlParameter("@relateId", SqlDbType.Int);
            ss.Value = entity.relateId;
            param.Add(ss);

            List<DataAccessCommand> list = new List<DataAccessCommand>(0);
            list.Add(new DataAccessCommand(sql, param, CommandType.Text, false));
            var success = DataAccess.ExecuteBatchCommands(list, out var msg);
            return Json(new
            {
                success,
                msg
            });
        }

        [AuthPermission]
        [HttpGet]
        [Route("getruletype")]
        public ActionResult getRuleType()
        {

            IList<Option> options = new List<Option>();
            var option = new Option() { label = "SQL", value = "S", disabled = false };
            options.Add(option);
            var option1 = new Option() { label = "JSON", value = "J", disabled = false };
            options.Add(option1);
            var jsonData = JsonConvert.SerializeObject(options);

            return Content(jsonData
                );
        }
    }

}