24.12.24
第5章 系统技术方案
5.1 业务流程管理
基于公司的管理制度,业务流程一般分为采购、批准、入库、库存四个环节。
比如采购管理,由采购部门内勤先开采购单,然后上级领导进行批准,如果批准通过则内勤根据采购单进行购买,购买完成后交给库管进行入库,并填写真正的入库数量。
销售流程,填写销售单后由上级领导进行批准,如果批准通过则通过库管进行商品销售出库。采购流程如图5-1所示。
图5-1 采购流程图
5.2 重要数据加密
为了方便软件分发并使软件更具有可读性,连接数据库等信息使用ini文件进行配置。其中用户名和密码进行了MD5加密。加密算法如下:
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
namespace PSI.Common.Encrypt
{
///
/// 不可逆加密,限于字母和数字
///
public class MD5Encrypt
{
#region MD5
///
/// MD5加密,和动网上的16/32位MD5加密结果相同
///
/// 待加密字串
/// 16或32值之一,其它则采用.net默认MD5加密算法
///
public static string Encrypt(string source, int length = 32)
{
HashAlgorithm provider = CryptoConfig.CreateFromName("MD5") as HashAlgorithm;
if (string.IsNullOrEmpty(source)) return string.Empty;
byte[] bytes = Encoding.ASCII.GetBytes(source);
byte[] hashValue = provider.ComputeHash(bytes);
StringBuilder sb = new StringBuilder();
switch (length)
{
case 16://16位密文是32位密文的9到24位字符
for (int i = 4; i < 12; i++)
sb.Append(hashValue[i].ToString("x2"));
break;
case 32:
for (int i = 0; i < 16; i++)
{
sb.Append(hashValue[i].ToString("x2"));
}
break;
default:
for (int i = 0; i < hashValue.Length; i++)
{
sb.Append(hashValue[i].ToString("x2"));
}
break;
}
return sb.ToString();
}
#endregion MD5
}
}
此外还有DES加密和RSA加密算法:
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
namespace PSI.Common.Encrypt
{
///
/// 可逆对称加密 密钥长度8
///
public class DesEncrypt
{
//8位长度
private static string KEY = "huadianjinxiaocun";
private static byte[] key = ASCIIEncoding.ASCII.GetBytes(KEY.Substring(0, 8));
private static byte[] iv = ASCIIEncoding.ASCII.GetBytes(KEY.Insert(0, "w").Substring(0, 8));
/// <summary>
/// DES 加密
/// </summary>
/// <param name="strValue"></param>
/// <returns></returns>
public static string Encrypt(string strValue)
{
DESCryptoServiceProvider dsp = new DESCryptoServiceProvider();
MemoryStream memStream = new MemoryStream();
using (memStream)
{
CryptoStream crypStream = new CryptoStream(memStream, dsp.CreateEncryptor(key, iv), CryptoStreamMode.Write);
StreamWriter sWriter = new StreamWriter(crypStream);
sWriter.Write(strValue);
sWriter.Flush();
crypStream.FlushFinalBlock();
memStream.Flush();
return Convert.ToBase64String(memStream.GetBuffer(), 0, (int)memStream.Length);
}
}
/// <summary>
/// DES解密
/// </summary>
/// <param name="EncValue"></param>
/// <returns></returns>
public static string Decrypt(string EncValue)
{
DESCryptoServiceProvider dsp = new DESCryptoServiceProvider();
byte[] buffer = Convert.FromBase64String(EncValue);
MemoryStream memStream = new MemoryStream();
using (memStream)
{
CryptoStream crypStream = new CryptoStream(memStream, dsp.CreateDecryptor(key, iv), CryptoStreamMode.Write);
crypStream.Write(buffer, 0, buffer.Length);
crypStream.FlushFinalBlock();
return ASCIIEncoding.UTF8.GetString(memStream.ToArray());
}
}
}
}
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
namespace PSI.Common.Encrypt
{
public class RsaEncrypt
{
private static string PublicKey = @"BgIAAACkAABSU0ExAAQAAAEAAQDlrlvIesvhOZxK8dVyVMC+HUoB7FchNRkrUgJSK6FlfPpnoEPGq7bbO2FxebuFE331gNugopwq+82cylsQycSwFBBFbQTh+X9hmW2fOReRoCxDsGdlscm06BX/26fHqO09RoCpbTE+NDpe6PmNMoIopcvrLU5WeLD/EIsjFyvNvg==";
private static string PrivateKey = @"BwIAAACkAABSU0EyAAQAAAEAAQDlrlvIesvhOZxK8dVyVMC+HUoB7FchNRkrUgJSK6FlfPpnoEPGq7bbO2FxebuFE331gNugopwq+82cylsQycSwFBBFbQTh+X9hmW2fOReRoCxDsGdlscm06BX/26fHqO09RoCpbTE+NDpe6PmNMoIopcvrLU5WeLD/EIsjFyvNvv28ikuyuQa95UBe5VNy/1HDrTo7BZYClfLULVVS/tAt/tqVMXS6p9JlFWR6SbrJUeR0PGFmLOdpj1NvkCVNrOMJUlrrFcGTnf+G8dKFxsqWZ9cmKffYMfIHVt1xqK6fkou4l1nA5z0gs/IAFvvmWyT3QQV1kQhWl21b7sCfdIrWZWlyB92wtMbGGbwJiwRDnCJ7gdt37wW3XSjSMDQqyGuNfnTM1XgCWzMTHNnFUqT35OUj5twmSSrqkbaZLxfElbm8TjBwudQDpgivvil396QH4dzo6r6NTU+/LDqzjtIv1DN31bhZhq9+Yezoxd8BSKiKMDwUZYFN/ztmtNDnO7gisZPy1ZGvltWuVCkpavWB6fNrZmqg5LcFH46vGmE4GR5CXg5PLMrlC0+97lpGLlU9XaB3kbXOQ1n9XfPkvJh+gdyXXcfymN3DAHRk352VlyexKkN+CBHzGEmzvVLqPG3DAvJnmHx0D+leLlxg8xp04CjkAL+rPk1+yhB6WMlU9I4sTyBPkmpOv188NC52JO/fSLd/ZuIf1NsceO4vLywbPskoQiVKn6PDzX0R6ztPvYvCON45GZ+NykzATXnczgM=";
/// <summary>
/// 获取密钥对 key公钥 value私鈅
/// </summary>
/// <returns></returns>
public static KeyValuePair<string, string> GetKeyPair()
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
string publicKey = Convert.ToBase64String(rsa.ExportCspBlob(false));
string privateKey = Convert.ToBase64String(rsa.ExportCspBlob(true));
return new KeyValuePair<string, string>(publicKey, privateKey);
}
/// <summary>
/// 加密
/// </summary>
/// <param name="content"></param>
/// <param name="publicKey">为空使用默认公钥</param>
/// <returns></returns>
public static string Encrypt(string content, string publicKey = "")
{
UnicodeEncoding ByteConverter = new UnicodeEncoding();
byte[] DataToEncrypt = ByteConverter.GetBytes(content);
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
publicKey = string.IsNullOrEmpty(publicKey) ? PublicKey : publicKey;
byte[] publicKeyBytes = Convert.FromBase64String(publicKey);
rsa.ImportCspBlob(publicKeyBytes);//公钥加密
byte[] resultBytes = rsa.Encrypt(DataToEncrypt, false);
return Convert.ToBase64String(resultBytes);
}
/// <summary>
/// 解密
/// </summary>
/// <param name="content"></param>
/// <param name="privateKey">为空使用默认私鈅</param>
/// <returns></returns>
public static string Decrypt(string content, string privateKey = "")
{
byte[] dataToDecrypt = Convert.FromBase64String(content);
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
privateKey = string.IsNullOrEmpty(privateKey) ? PrivateKey : privateKey;
byte[] privateKeyBytes = Convert.FromBase64String(privateKey);
RSA.ImportCspBlob(privateKeyBytes);
byte[] resultBytes = RSA.Decrypt(dataToDecrypt, false);
UnicodeEncoding ByteConverter = new UnicodeEncoding();
return ByteConverter.GetString(resultBytes);
}
}
}
5.3 初始化功能列表
系统通过用户表、角色表、功能表3张表实现了权限管理。其中用户表中有角色字段,一个用户可以有多个角色,角色表中有功能字段,一个角色可以包含多个功能。3张表连接起来可以得到用户的功能列表。
用户登录系统后,根据用户的角色信息,查询数据库得到用户拥有的功能项,然后利用用户拥有的功能实例化系统的工具菜单列表。
5.4 本章小结
本章主要描述了本套系统的实现方案,包括使用的第三发工具,系统开发中使用到的一些算法,系统的主要工作流程分析。对于权限管理也进行了详细的介绍和方案可行性分析。
浙公网安备 33010602011771号