nugroho/agper-perubahan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Agen-user read-write

Browse Source
This commit is contained in:
nugroho 2025-06-20 09:44:44 +07:00
parent 717e026017
commit 2f0b32f09e
1 changed files with 29 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
APIHandler.cs
View File

@ -135,7 +135,7 @@ public static partial class APIHandler
string UName = InElement["uname"].GetString() ?? string.Empty; string UName = InElement["uname"].GetString() ?? string.Empty;
string PlainPass = InElement["pass"].GetString() ?? string.Empty; string PlainPass = InElement["pass"].GetString() ?? string.Empty;
byte Level = InElement["level"].GetByte(); byte Level = InElement["level"].GetByte();
Match PhotoMatch = Base64Regex().Match(Photo.ToLower()); Match PhotoMatch = Base64Regex().Match(Photo);
if (AgentID.Equals(string.Empty) || if (AgentID.Equals(string.Empty) ||
Name.Equals(string.Empty) || Name.Equals(string.Empty) ||
Jabatan.Equals(string.Empty) || Jabatan.Equals(string.Empty) ||
@ -159,7 +159,7 @@ public static partial class APIHandler
byte[] ImageBytes = Convert.FromBase64String(Data); byte[] ImageBytes = Convert.FromBase64String(Data);
uint CRC32Hash = Crc32.Compute(ImageBytes); uint CRC32Hash = Crc32.Compute(ImageBytes);
string PhotoFileName = $"{CRC32Hash:X8}.{(Format == "jpeg" ? "jpg" : Format)}"; string PhotoFileName = $"{CRC32Hash:X8}.{(Format == "jpeg" ? "jpg" : Format)}";
string PhotoPath = Path.Combine(AppContext.BaseDirectory, "/wwwroot/assets/images/uploads", PhotoFileName); string PhotoPath = Path.Combine(AppContext.BaseDirectory, "wwwroot/assets/images/uploads", PhotoFileName);
if (!File.Exists(PhotoPath)) await File.WriteAllBytesAsync(PhotoPath, ImageBytes, CTS.Token); if (!File.Exists(PhotoPath)) await File.WriteAllBytesAsync(PhotoPath, ImageBytes, CTS.Token);
PhotoURL = Path.Combine("/assets/images/uploads", PhotoFileName); PhotoURL = Path.Combine("/assets/images/uploads", PhotoFileName);
} }
@ -169,7 +169,7 @@ public static partial class APIHandler
using (SqlCommand CreateAgent = Conn.CreateCommand()) using (SqlCommand CreateAgent = Conn.CreateCommand())
{ {
CreateAgent.Transaction = Trans; CreateAgent.Transaction = Trans;
CreateAgent.CommandText = "INSERT INTO agents VALUES(@agid, @nama, @jabt, @deid, @skng, @tmt, @skpr, @tmpr, @visi, @misi, @poto)"; CreateAgent.CommandText = "INSERT INTO agents VALUES(@agid, @nama, @jabt, @deid, @skng, @tmt, @skpr, @tmpr, @visi, @misi, @poto, @sl, @np, @ev, @do)";
CreateAgent.Parameters.AddWithValue("@agid", AgentID); CreateAgent.Parameters.AddWithValue("@agid", AgentID);
CreateAgent.Parameters.AddWithValue("@nama", Name); CreateAgent.Parameters.AddWithValue("@nama", Name);
CreateAgent.Parameters.AddWithValue("@jabt", Jabatan); CreateAgent.Parameters.AddWithValue("@jabt", Jabatan);
@ -181,6 +181,10 @@ public static partial class APIHandler
CreateAgent.Parameters.AddWithValue("@visi", Vision); CreateAgent.Parameters.AddWithValue("@visi", Vision);
CreateAgent.Parameters.AddWithValue("@misi", Mission); CreateAgent.Parameters.AddWithValue("@misi", Mission);
CreateAgent.Parameters.AddWithValue("@poto", PhotoURL.Equals(string.Empty) ? DBNull.Value : PhotoURL); CreateAgent.Parameters.AddWithValue("@poto", PhotoURL.Equals(string.Empty) ? DBNull.Value : PhotoURL);
CreateAgent.Parameters.AddWithValue("@sl", string.IsNullOrEmpty(Seleksi) ? DBNull.Value : Seleksi);
CreateAgent.Parameters.AddWithValue("@np", NilaiPilih is null ? DBNull.Value : NilaiPilih);
CreateAgent.Parameters.AddWithValue("@ev", string.IsNullOrEmpty(Eviden) ? DBNull.Value : Eviden);
CreateAgent.Parameters.AddWithValue("@do", string.IsNullOrEmpty(Dokumentasi) ? DBNull.Value : Dokumentasi);
_ = await CreateAgent.ExecuteNonQueryAsync(); _ = await CreateAgent.ExecuteNonQueryAsync();
Agents.Add(NewAgent); Agents.Add(NewAgent);
} }
@ -212,10 +216,24 @@ public static partial class APIHandler
agent.Run(async runner => agent.Run(async runner =>
{ {
if (!await runner.RequestValidated(0, "POST", true)) return; if (!await runner.RequestValidated(0, "POST", true)) return;
if (await runner.TryGetBodyJsonAsync(["agentid", "updates"], CTS.Token) is Dictionary<string, JsonElement> InElement) if (await runner.TryGetBodyJsonAsync(["agentid","photo", "updates"], CTS.Token) is Dictionary<string, JsonElement> InElement)
{ {
if (InElement["updates"].ValueKind != JsonValueKind.Object) return; if (InElement["updates"].ValueKind != JsonValueKind.Object) return;
string AgentID = InElement["agentid"].GetString() ?? string.Empty; string AgentID = InElement["agentid"].GetString() ?? string.Empty;
string Photo = InElement["photo"].GetString() ?? string.Empty;
string PhotoURL = "";
Match PhotoMatch = Base64Regex().Match(Photo);
if (!Photo.Equals(string.Empty))
{
string Format = PhotoMatch.Groups["format"].Value.ToLowerInvariant();
string Data = PhotoMatch.Groups["data"].Value;
byte[] ImageBytes = Convert.FromBase64String(Data);
uint CRC32Hash = Crc32.Compute(ImageBytes);
string PhotoFileName = $"{CRC32Hash:X8}.{(Format == "jpeg" ? "jpg" : Format)}";
string PhotoPath = Path.Combine(AppContext.BaseDirectory, "wwwroot/assets/images/uploads", PhotoFileName);
if (!File.Exists(PhotoPath)) await File.WriteAllBytesAsync(PhotoPath, ImageBytes, CTS.Token);
PhotoURL = Path.Combine("/assets/images/uploads", PhotoFileName);
}
JsonElement UpdateFields = InElement["updates"]; JsonElement UpdateFields = InElement["updates"];
using SqlDataReader Updated = await RunReaderAsync(CS, "", Comm => using SqlDataReader Updated = await RunReaderAsync(CS, "", Comm =>
{ {
@ -227,6 +245,11 @@ public static partial class APIHandler
CommandBuilder.Append($" [{Prop.Name}] = @p{Prop.Name},"); CommandBuilder.Append($" [{Prop.Name}] = @p{Prop.Name},");
} }
Comm.Parameters.AddWithValue("@pagentid", AgentID); Comm.Parameters.AddWithValue("@pagentid", AgentID);
if (!string.IsNullOrEmpty(PhotoURL))
{
CommandBuilder.Append($" [photourl] = @purl,");
Comm.Parameters.AddWithValue("@purl", PhotoURL);
}
CommandBuilder.Remove(CommandBuilder.Length - 1, 1); CommandBuilder.Remove(CommandBuilder.Length - 1, 1);
CommandBuilder.Append(" OUTPUT INSERTED.* WHERE agentid = @pagentid"); CommandBuilder.Append(" OUTPUT INSERTED.* WHERE agentid = @pagentid");
Comm.CommandText = CommandBuilder.ToString(); Comm.CommandText = CommandBuilder.ToString();
@ -293,7 +316,7 @@ public static partial class APIHandler
!await runner.RequestValidated(0, "POST", true) //has to pass this before trying to get bodyjsonasync. !await runner.RequestValidated(0, "POST", true) //has to pass this before trying to get bodyjsonasync.
//Let it be for now, move the json check login into trygetjson for later projects. //Let it be for now, move the json check login into trygetjson for later projects.
|| await runner.TryGetBodyJsonAsync(["username", "password"], CTS.Token) is not Dictionary<string, JsonElement> InElement || await runner.TryGetBodyJsonAsync(["username", "password"], CTS.Token) is not Dictionary<string, JsonElement> InElement
|| !(await runner.RequestValidated(InElement["username"].GetString() ?? string.Empty, "POST") || await runner.RequestValidated(0, "POST")) // || !(await runner.RequestValidated(InElement["username"].GetString() ?? string.Empty, "POST") || await runner.RequestValidated(0, "POST"))
) return; ) return;
if (InElement["password"].GetString() is not string PlainPass || PlainPass.Equals(string.Empty) || InElement["username"].GetString() is not string Username || Username.Equals(string.Empty)) if (InElement["password"].GetString() is not string PlainPass || PlainPass.Equals(string.Empty) || InElement["username"].GetString() is not string Username || Username.Equals(string.Empty))
{ {
@ -319,7 +342,7 @@ public static partial class APIHandler
InElement["username"].GetString() is not string Username || InElement["username"].GetString() is not string Username ||
InElement["password"].GetString() is not string PlainPass || InElement["password"].GetString() is not string PlainPass ||
InElement["agentid"].GetString() is not string AgentID || InElement["agentid"].GetString() is not string AgentID ||
InElement["level"].GetByte() is byte Level && Level == 0 //REMEMBER TO FLIT THIS to prevent superuser creation InElement["level"].GetByte() is byte Level && Level == 0
) )
{ {
await runner.WriteJsonResponse(StatusCodes.Status400BadRequest, "String fields should not be empty and level should not be zero or less."); await runner.WriteJsonResponse(StatusCodes.Status400BadRequest, "String fields should not be empty and level should not be zero or less.");