/app/api/mobile/api_v1_signs.rb
Ruby | 379 lines | 342 code | 25 blank | 12 comment | 29 complexity | fa3437a8f56fa94bc45ba16d4802220d MD5 | raw file
- #encoding: utf-8
- require "helpers"
- require 'net/http'
- require 'digest/md5'
- module Mobile
- class API_v1_signs < Grape::API
- version 'v1', :using => :path, :vendor => 'sinoinfo', :format => :json
- resource :signs do
- before do
- authenticate!
- end
- post 'mobile_pw' do
- @account = Account.find_by_id(params[:id])
- if @account.nil?
- error!({"error" => "账户ID错误。" }, 400)
- end
- @token = @account.tokens.first
- #连接Token服务器,注册手机。
- token_header = "\x21\x01\x01sinoinfo00000001\x00\x1b"
- token_request_header = "\x00\x04\x00\x00\x02"
- token_item1 = "\x00\x00\x02\x0b" + @token.token_no
- token_item2 = "\x00\x01\x06\x03" + "999"
- #token报文格式
- token_packet = token_header + token_request_header + token_item1 + token_item2
- begin
- token_socket = TCPSocket.new '192.168.0.204', 8223
- rescue
- error!({"error" => "Token服务器异常。" }, 400)
- end
- token_socket.puts(token_packet)
- begin
- token_response = token_socket.read(36)
- rescue
- error!({"error" => "Token服务器异常。" }, 400)
- end
- token_socket.close
- content = "智票联激活码:" + token_response[30, 6]
- username = I18n.t('.smsbao.config.username')
- password = I18n.t('.smsbao.config.password')
- uri = URI('http://www.smsbao.com/sms')
- res = Net::HTTP.post_form(uri, 'u' => username, 'p' => password, 'm' => @token.token_no, 'c' => content )
- present "激活码发送成功。"
- end
- get 'all_signs' do
- if current_user.role == "主管"
- Sign.where("authorization IN (?) AND organization_id = ? AND deleted = ?", ["waiting", "refused", "manager_authorized"], current_user[:organization_id], false).paginate(:page => params[:page], :per_page => 5)
- else
- current_user.signs.where("authorization IN (?) AND organization_id = ? AND deleted = ?", ["waiting", "refused", "manager_authorized"], current_user[:organization_id], false).paginate(:page => params[:page], :per_page => 5)
- end
- end
-
- post 'previous_all_signs' do
- if current_user.role == "主管"
- Sign.where("authorization IN (?) AND organization_id = ? AND id < ? AND deleted = ?", ["waiting", "refused", "manager_authorized"], current_user[:organization_id], params[:sign_id], false).limit(5)
- else
- current_user.signs.where("authorization IN (?) AND organization_id = ? AND id < ? AND deleted = ?", ["waiting", "refused", "manager_authorized"], current_user[:organization_id], params[:sign_id], false).limit(5)
- end
- end
- get 'waiting_authorization' do
- current_user.signs.where("authorization = ? AND organization_id = ? AND deleted = ?", "waiting", current_user[:organization_id], false).paginate(:page => params[:page], :per_page => 5)
- end
- post 'previous_waiting_authorization' do
- current_user.signs.where("authorization = ? AND organization_id = ? AND id < ? AND deleted = ?", "waiting", current_user[:organization_id], params[:sign_id], false).limit(5)
- end
- get 'authorized_signs' do
- current_user.signs.where("authorization = ? AND organization_id = ? AND deleted = ?", "manager_authorized", current_user[:organization_id], false).paginate(:page => params[:page], :per_page => 5)
- end
- post 'previous_authorized_signs' do
- current_user.signs.where("authorization = ? AND organization_id = ? AND id < ? AND deleted = ?", "manager_authorized", current_user[:organization_id], params[:sign_id], false).limit(5)
- end
- get 'refused_signs' do
- current_user.signs.where("authorization = ? AND organization_id = ? AND deleted = ?", "refused", current_user[:organization_id], false).paginate(:page => params[:page], :per_page => 5)
- end
- post 'previous_refused_signs' do
- current_user.signs.where("authorization = ? AND organization_id = ? AND id < ? AND deleted = ?", "refused", current_user[:organization_id], params[:sign_id], false).limit(5)
- end
- get 'authorization_processing' do
- if current_user.role != "主管"
- error!({"error" => "只有主管才能执行该操作。" }, 400)
- end
- Sign.where("authorization = ? AND organization_id = ? AND deleted = ?", "waiting", current_user[:organization_id], false).paginate(:page => params[:page], :per_page => 5)
- end
- get ':id' do
- Sign.where("id = ? AND deleted = ?", params[:id], false).first
- end
- post 'delete' do
- @sign = current_user.signs.where("id = ? AND authorization IN (?) AND deleted = ?", params[:id], ["waiting", "refused", "manager_authorized"], false).first
- if @sign.nil?
- error!({"error" => "ID错误。" }, 400)
- else
- @sign.update_attribute("deleted", true)
- present @sign
- end
- end
- post 'authorize' do
- if current_user.role != "主管"
- error!({"error" => "只有主管才能执行该操作。" }, 400)
- end
- @sign = Sign.where("id = ? AND authorization = ? AND organization_id = ? AND deleted = ?", params[:id], "waiting", current_user[:organization_id], false).first
- if @sign.nil?
- error!({"error" => "ID错误。" }, 400)
- end
- @sign.update_attribute(:authorization, "manager_authorized")
- sendno = Time.now.to_i
- user = User.find_by_id(@sign.user_id)
- receiver_value = user.id.to_s
- input = sendno.to_s + I18n.t('.jpush.config.receiver_type').to_s + receiver_value.to_s + I18n.t('.jpush.config.master_secret').to_s
- md5 = Digest::MD5.hexdigest(input)
- send_description = "签发授权申请已批准。"
- n_content = "签发授权申请已批准。\n签发账号: #{@sign.account_no.slice(/\d+$/)}\n票据类型: #{@sign.bill_class.force_encoding("UTF-8")}\n签发日期: #{@sign.sign_date}\n收方帐号: #{@sign.receiver_account}\n支票号码: #{@sign.bill_no}\n签发金额: #{@sign.amount}"
- n_extras = Hash[:sign_id => @sign.id, :type => 3]
- msg_content = Hash[:n_content => n_content, :n_extras => n_extras].to_json
- output = Net::HTTP.post_form(URI.parse(I18n.t('.jpush.config.uri')),
- :sendno => sendno,
- :app_key => I18n.t('.jpush.config.app_key'),
- :receiver_type => I18n.t('.jpush.config.receiver_type'),
- :receiver_value => receiver_value,
- :verification_code => md5,
- :msg_type => I18n.t('.jpush.config.msg_type'),
- :msg_content => msg_content,
- :send_description => send_description,
- :time_to_live => I18n.t('.jpush.config.time_to_live'),
- :platform => I18n.t('.jpush.config.platform'))
- present @sign
- end
- post 'refuse_authorize' do
- if current_user.role != "主管"
- error!({"error" => "只有主管才能执行该操作。" }, 400)
- end
- @sign = Sign.where("id = ? AND authorization = ? AND organization_id = ?", params[:id], "waiting", current_user[:organization_id]).first
- if @sign.nil?
- error!({"error" => "ID错误。" }, 400)
- end
- @sign.update_attributes(:authorization => "refused", :reason => params[:reason])
- sendno = Time.now.to_i
- user = User.find_by_id(@sign.user_id)
- receiver_value = user.id.to_s
- input = sendno.to_s + I18n.t('.jpush.config.receiver_type').to_s + receiver_value.to_s + I18n.t('.jpush.config.master_secret').to_s
- md5 = Digest::MD5.hexdigest(input)
- send_description = "签发授权申请被拒绝。"
- n_content = "签发授权申请被拒绝。\n签发账号: #{@sign.account_no.slice(/\d+$/)}\n票据类型: #{@sign.bill_class.force_encoding("UTF-8")}\n签发日期: #{@sign.sign_date}\n收方帐号: #{@sign.receiver_account}\n支票号码: #{@sign.bill_no}\n签发金额: #{@sign.amount}"
- n_extras = Hash[:sign_id => @sign.id, :type => 4]
- msg_content = Hash[:n_content => n_content, :n_extras => n_extras].to_json
- output = Net::HTTP.post_form(URI.parse(I18n.t('.jpush.config.uri')),
- :sendno => sendno,
- :app_key => I18n.t('.jpush.config.app_key'),
- :receiver_type => I18n.t('.jpush.config.receiver_type'),
- :receiver_value => receiver_value,
- :verification_code => md5,
- :msg_type => I18n.t('.jpush.config.msg_type'),
- :msg_content => msg_content,
- :send_description => send_description,
- :time_to_live => I18n.t('.jpush.config.time_to_live'),
- :platform => I18n.t('.jpush.config.platform'))
- present @sign
- end
- post 'query_results' do
- if current_user.role == "主管" && params[:sign][:user_name].empty?
- if params[:sign][:date].empty?
- @signs = Sign.where("account_no like ?
- AND receiver_account like ?
- AND bill_class like ?
- AND bill_no like ?
- AND authorization like ?
- AND organization_id = ?",
- "%#{params[:sign][:account_no]}%",
- "%#{params[:sign][:receiver_account]}%",
- "%#{params[:sign][:bill_class]}%",
- "%#{params[:sign][:bill_no]}%",
- "signed",
- current_user[:organization_id]).paginate(:page => params[:page], :per_page => params[:per_page])
- present @signs
- else
- @signs = Sign.where("account_no like ?
- AND sign_date = ?
- AND receiver_account like ?
- AND bill_class like ?
- AND bill_no like ?
- AND authorization like ?
- AND organization_id = ?",
- "%#{params[:sign][:account_no]}%",
- params[:sign][:date],
- "%#{params[:sign][:receiver_account]}%",
- "%#{params[:sign][:bill_class]}%",
- "%#{params[:sign][:bill_no]}%",
- "signed",
- current_user[:organization_id]).paginate(:page => params[:page], :per_page => params[:per_page])
- present @signs
- end
- elsif current_user.role == "主管" && !params[:sign][:user_name].empty?
- @user = User.find_by_name(params[:sign][:user_name])
- if params[:sign][:date].empty?
- @signs = @user.signs.where("account_no like ?
- AND receiver_account like ?
- AND bill_class like ?
- AND bill_no like ?
- AND authorization like ?
- AND organization_id = ?",
- "%#{params[:sign][:account_no]}%",
- "%#{params[:sign][:receiver_account]}%",
- "%#{params[:sign][:bill_class]}%",
- "%#{params[:sign][:bill_no]}%",
- "signed",
- current_user[:organization_id]).paginate(:page => params[:page], :per_page => params[:per_page])
- present @signs
- else
- @signs = @user.signs.where("account_no like ?
- AND sign_date = ?
- AND receiver_account like ?
- AND bill_class like ?
- AND bill_no like ?
- AND authorization like ?
- AND organization_id = ?",
- "%#{params[:sign][:account_no]}%",
- params[:sign][:date],
- "%#{params[:sign][:receiver_account]}%",
- "%#{params[:sign][:bill_class]}%",
- "%#{params[:sign][:bill_no]}%",
- "signed",
- current_user[:organization_id]).paginate(:page => params[:page], :per_page => params[:per_page])
- present @signs
- end
- elsif current_user.role == "出纳员"
- if params[:sign][:date].empty?
- @signs = current_user.signs.where("account_no like ?
- AND receiver_account like ?
- AND bill_class like ?
- AND bill_no like ?
- AND authorization like ?
- AND organization_id = ?",
- "%#{params[:sign][:account_no]}%",
- "%#{params[:sign][:receiver_account]}%",
- "%#{params[:sign][:bill_class]}%",
- "%#{params[:sign][:bill_no]}%",
- "signed",
- current_user[:organization_id]).paginate(:page => params[:page], :per_page => params[:per_page])
- present @signs
- else
- @signs = current_user.signs.where("account_no like ?
- AND sign_date = ?
- AND receiver_account like ?
- AND bill_class like ?
- AND bill_no like ?
- AND authorization like ?
- AND organization_id = ?",
- "%#{params[:sign][:account_no]}%",
- params[:sign][:date],
- "%#{params[:sign][:receiver_account]}%",
- "%#{params[:sign][:bill_class]}%",
- "%#{params[:sign][:bill_no]}%",
- "signed",
- current_user[:organization_id]).paginate(:page => params[:page], :per_page => params[:per_page])
- present @signs
- end
- else
- error!({"error" => "操作权限不足。" }, 400)
- end
- end
- post 'issue_authorized_sign' do
- @sign = current_user.signs.where("id = ? AND authorization = ? AND organization_id = ?", params[:id], "manager_authorized", current_user[:organization_id]).first
- if @sign.nil?
- error!({"error" => "ID错误。" }, 400)
- elsif params[:sign][:token_pw].empty?
- error!({"error" => "请先认证Token口令。" }, 400)
- end
- @account = Account.find_by_account_no(@sign[:account_no].slice(/\d+$/))
-
- #连接token服务器,认证动态口令。
- @token = @account.tokens.find_by_user_id(current_user[:id])
- #token报头
- token_header = "\x21\x01\x01sinoinfo00000001\x00\x1c"
- #token请求头
- token_request_header = "\x00\x01\x00\x00\x02"
- #token数据体
- token_item1 = "\x00\x00\x02\x09" + "#{@token[:token_no]}"
- token_item2 = "\x00\x00\x03\x06" + "#{params[:sign][:token_pw]}"
- #token报文格式
- token_packet = token_header + token_request_header + token_item1 + token_item2
- begin
- token_socket = TCPSocket.new I18n.t('.tcp_config.config.token'), 8223
- rescue
- error!({"error" => "Token服务器异常。" }, 400)
- end
- token_socket.puts(token_packet)
- token_response = token_socket.read(26)
- token_socket.close
- #验证token服务器口令认证返回码。
- if token_response[23, 2].unpack("C1C1").join("") != "01"
- error!({"error" => "Token口令认证失败。" }, 400)
- end
- case @sign[:bill_class]
- when "支票"
- bill_class = 1
- when "汇票申请书"
- bill_class = 2
- when "本票申请书"
- bill_class = 3
- when "汇总凭证"
- bill_class = 4
- when "其他票据"
- bill_class = 5
- end
- #组成生成支付密码请求数据包。
- sign_header = ["125", @account.bank_no, "2001"].pack("A6A12A4")
- sign_body = ["#{@sign[:account_no].slice(/\d+$/)}",
- "00",
- " ",
- "#{@sign[:sign_date].to_s.delete("-")}",
- "#{bill_class}",
- "#{@sign[:amount]}",
- "#{@sign[:bill_no]}",
- "#{@sign[:receiver_account]}"].pack("A32A2A10A8A1A16A8A32")
- sign_packet = sign_header + sign_body
- #连接签发服务器,生成支付密码。
- begin
- sign_socket = TCPSocket.new I18n.t('.tcp_config.config.sign'), 8213
- rescue
- error!({"error" => "签发服务器异常。" }, 400)
- end
- sign_socket.puts(sign_packet)
- sign_response = sign_socket.read(28)
- sign_socket.close
- #验证签发服务器生成支付密码返回码。
- if sign_response[6, 6] == "000000" && @sign.save
- @account.update_attribute(:amount, @account.amount.to_i + @sign.amount.to_i)
- @sign.update_attributes(:authorization => "signed",
- :pay_code => sign_response[12, 16])
- @account.signs << @sign
- sendno = Time.now.to_i
- manager = User.where("organization_id = ? AND role = ?", current_user[:organization_id], "主管").first
- receiver_value = manager.id.to_s
- input = sendno.to_s + I18n.t('.jpush.config.receiver_type').to_s + receiver_value.to_s + I18n.t('.jpush.config.master_secret').to_s
- md5 = Digest::MD5.hexdigest(input)
- send_description = "出纳员签发已授权签发申请。"
- n_content = "签发账号: #{@sign.account_no.slice(/\d+$/)}\n票据类型: #{@sign.bill_class.force_encoding("UTF-8")}\n签发日期: #{@sign.sign_date}\n收方帐号: #{@sign.receiver_account}\n支票号码: #{@sign.bill_no}\n签发金额: #{@sign.amount}\n支付密码: #{@sign.pay_code}"
- n_extras = Hash[:sign_id => @sign.id, :type => 6]
- msg_content = Hash[:n_content => n_content, :n_extras => n_extras].to_json
- output = Net::HTTP.post_form(URI.parse(I18n.t('.jpush.config.uri')),
- :sendno => sendno,
- :app_key => I18n.t('.jpush.config.app_key'),
- :receiver_type => I18n.t('.jpush.config.receiver_type'),
- :receiver_value => receiver_value,
- :verification_code => md5,
- :msg_type => I18n.t('.jpush.config.msg_type'),
- :msg_content => msg_content,
- :send_description => send_description,
- :time_to_live => I18n.t('.jpush.config.time_to_live'),
- :platform => I18n.t('.jpush.config.platform'))
- present @sign
- else
- error!({"error" => "签发失败。" }, 400)
- end
- end
- end
- end
- end