##

Author: liaozb

APIJSON.NET/APIJSON.NET/APIJSON.NET.csproj

@@ -5,6 +5,7 @@
   </PropertyGroup>
 
   <ItemGroup>
+    <PackageReference Include="AspectCore.Extensions.Reflection" Version="0.7.0" />
     <PackageReference Include="Microsoft.AspNetCore.App" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="2.1.0" />
     <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="2.1.0" />

APIJSON.NET/APIJSON.NET/Controllers/JsonController.cs

@@ -200,7 +200,7 @@ public ActionResult Add([FromBody]string json)
                     var dt = new Dictionary<string, object>();
                     foreach (var f in JObject.Parse(item.Value.ToString()))
                     {
-                        if (f.Key.ToLower() != "id" && role.Insert.Column.Contains(f.Key, StringComparer.CurrentCultureIgnoreCase))
+                        if (f.Key.ToLower() != "id" && selectTable.IsCol(key, f.Key) && (role.Insert.Column.Contains("*") || role.Insert.Column.Contains(f.Key, StringComparer.CurrentCultureIgnoreCase)))
                             dt.Add(f.Key, f.Value);
                     }
                     int id = db.Db.Insertable(dt).AS(key).ExecuteReturnIdentity();
@@ -252,7 +252,7 @@ public ActionResult Edit([FromBody]string json)
                     dt.Add("id", value["id"]);
                     foreach (var f in value)
                     {
-                        if (f.Key.ToLower() != "id"&& role.Update.Column.Contains(f.Key, StringComparer.CurrentCultureIgnoreCase))
+                        if (f.Key.ToLower() != "id"&& selectTable.IsCol(key,f.Key) && (role.Update.Column.Contains ("*")||role.Update.Column.Contains(f.Key, StringComparer.CurrentCultureIgnoreCase)))
                         {
                             dt.Add(f.Key, f.Value);
                         }
@@ -290,7 +290,7 @@ public ActionResult Remove([FromBody]string json)
                     string key = item.Key.Trim();
                     var value = JObject.Parse(item.Value.ToString());
                     var sb = new System.Text.StringBuilder(100);
-                    sb.Append($"delete [{key}] where");
+                    sb.Append($"delete FROM {key} where");
                     if (role.Delete==null||role.Delete.Table==null)
                     {
                         ht["code"] = "500";

APIJSON.NET/APIJSON.NET/Controllers/TokenController.cs

@@ -74,7 +74,7 @@ public IActionResult Create([FromBody]TokenInput input)
         [HttpGet] 
         public IActionResult GetRole()
         {
-            return Ok(User.Identity.Name);
+            return Ok(User.FindFirstValue(ClaimTypes.Role));
         }
         private string CreateAccessToken(IEnumerable<Claim> claims, TimeSpan? expiration = null)
         {

APIJSON.NET/APIJSON.NET/SelectTable.cs

@@ -8,7 +8,7 @@
     using System.Collections.Generic;
     using System.Dynamic;
     using System.Linq;
-    using System.Reflection;
+    using AspectCore.Extensions.Reflection;
     using System.Text.RegularExpressions;
 
     public class SelectTable
@@ -50,14 +50,19 @@ public bool IsCol(string table, string col)
         /// <returns></returns>
         public object ExecFunc(string funcname,object[] param, Type[] types)
         {
-            Type type = typeof(FuncList);
-            Object obj = Activator.CreateInstance(type);
-            MethodInfo mt = type.GetMethod(funcname,types);
-            if (mt==null)
-            {
-                throw new Exception($"{funcname}没有获取到相应的函数");
-            }
-            return mt.Invoke(obj, param);
+            var method = typeof(FuncList).GetMethod(funcname);
+     
+            var reflector = method.GetReflector();
+            var result = reflector.Invoke(new FuncList(), param);
+            //Type type = typeof(FuncList);
+            //Object obj = Activator.CreateInstance(type);
+            //MethodInfo mt = type.GetMethod(funcname,types);
+            //if (mt==null)
+            //{
+            //    throw new Exception($"{funcname}没有获取到相应的函数");
+            //}
+            //return mt.Invoke(obj, param);
+            return result;
         }
 
         public (dynamic,int) GetTableData(string subtable, int page, int count, string json, JObject dd)

APIJSON.NET/APIJSON.NET/Startup.cs

@@ -60,6 +60,7 @@ public void ConfigureServices(IServiceCollection services)
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
         public void Configure(IApplicationBuilder app, IHostingEnvironment env)
         {
+            app.UseAuthentication();
             app.UseMvc(routes =>
             {
                 routes.MapRoute(
@@ -74,7 +75,7 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env)
                 c.SwaggerEndpoint("/swagger/v1/swagger.json", "My API V1");
 
             });
-            app.UseAuthentication();
+      
             app.UseJwtTokenMiddleware();
             DbInit.Initialize(app);
         }