update:删除原先获取角色权限得代码
This commit is contained in:
@@ -50,7 +50,7 @@ namespace Ewide.Application.Service
|
||||
[HttpPost("/houseMember/page")]
|
||||
public async Task<dynamic> QueryMemberPageList([FromBody] UserInput input)
|
||||
{
|
||||
var dataScopes = await _sysUserService.GetUserDataScopeIdList();
|
||||
var dataScopes = await _userManager.GetUserAllDataScopeList();
|
||||
|
||||
var sql = @"SELECT
|
||||
SU.*,
|
||||
|
||||
@@ -72,7 +72,7 @@ namespace Ewide.Application.Service
|
||||
[HttpPost("/houseZone/page")]
|
||||
public async Task<dynamic> QueryZonePageList([FromBody] PageOrgInput input)
|
||||
{
|
||||
var dataScopeList = _sysOrgService.GetDataScopeList(await _sysOrgService.GetUserDataScopeIdList());
|
||||
var dataScopeList = _sysOrgService.GetDataScopeList(await _userManager.GetUserAllDataScopeList());
|
||||
|
||||
var name = !string.IsNullOrEmpty(input.Name?.Trim());
|
||||
var id = !string.IsNullOrEmpty(input.Id?.Trim());
|
||||
|
||||
@@ -88,8 +88,7 @@ namespace Ewide.Core.Controller
|
||||
List<string> areaCodeList = null;
|
||||
if (!_userManager.SuperAdmin)
|
||||
{
|
||||
var orgIdList = await _sysUserService.GetUserDataScopeIdList();
|
||||
areaCodeList = await _areaCodeService.GetAreaCodeListByOrgId(orgIdList);
|
||||
areaCodeList = await _userManager.GetUserAllAreaList();
|
||||
}
|
||||
return await _areaCodeService.GetAreaCodeTree(level, areaCodeList);
|
||||
}
|
||||
|
||||
@@ -2834,6 +2834,12 @@
|
||||
</summary>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:Ewide.Core.UserManager.GetUserAllAreaList">
|
||||
<summary>
|
||||
获取用户可以访问的区域权限
|
||||
</summary>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="T:Ewide.Core.OAuth.OAuthConfig">
|
||||
<summary>
|
||||
OAuth配置---此结构方便拓展
|
||||
@@ -5829,12 +5835,6 @@
|
||||
<param name="orgId"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:Ewide.Core.Service.SysOrgService.GetUserDataScopeIdList">
|
||||
<summary>
|
||||
获取用户数据范围(机构Id集合)
|
||||
</summary>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="T:Ewide.Core.Service.PosInput">
|
||||
<summary>
|
||||
职位参数
|
||||
@@ -6156,14 +6156,6 @@
|
||||
<param name="input"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:Ewide.Core.Service.SysRoleService.GetUserDataScopeIdList(System.Collections.Generic.List{System.String},System.String)">
|
||||
<summary>
|
||||
根据角色Id集合获取数据范围Id集合
|
||||
</summary>
|
||||
<param name="roleIdList"></param>
|
||||
<param name="orgId"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:Ewide.Core.Service.SysRoleService.GetNameByRoleId(System.String)">
|
||||
<summary>
|
||||
根据角色Id获取角色名称
|
||||
@@ -6185,6 +6177,13 @@
|
||||
<param name="input"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:Ewide.Core.Service.SysRoleService.OwnArea(Ewide.Core.Service.QueryRoleInput)">
|
||||
<summary>
|
||||
获取角色拥有区域Id集合
|
||||
</summary>
|
||||
<param name="input"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="T:Ewide.Core.Service.TenantInput">
|
||||
<summary>
|
||||
租户参数
|
||||
@@ -6946,13 +6945,6 @@
|
||||
<param name="input"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:Ewide.Core.Service.SysUserDataScopeService.GetUserDataScopeIdList(System.String)">
|
||||
<summary>
|
||||
获取用户的数据范围Id集合
|
||||
</summary>
|
||||
<param name="userId"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:Ewide.Core.Service.SysUserDataScopeService.DeleteUserDataScopeListByOrgIdList(System.Collections.Generic.List{System.String})">
|
||||
<summary>
|
||||
根据机构Id集合删除对应的用户-数据范围关联信息
|
||||
@@ -6986,14 +6978,6 @@
|
||||
<param name="input"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:Ewide.Core.Service.SysUserRoleService.GetUserRoleDataScopeIdList(System.String,System.String)">
|
||||
<summary>
|
||||
获取用户所有角色的数据范围(组织机构Id集合)
|
||||
</summary>
|
||||
<param name="userId"></param>
|
||||
<param name="orgId"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:Ewide.Core.Service.SysUserRoleService.DeleteUserRoleListByRoleId(System.String)">
|
||||
<summary>
|
||||
根据角色Id删除对应的用户-角色表关联信息
|
||||
@@ -7147,19 +7131,6 @@
|
||||
<param name="sysUser"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:Ewide.Core.Service.SysUserService.GetUserDataScopeIdList(System.String)">
|
||||
<summary>
|
||||
获取用户数据范围(机构Id集合)并缓存
|
||||
</summary>
|
||||
<param name="userId"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:Ewide.Core.Service.SysUserService.GetUserDataScopeIdList">
|
||||
<summary>
|
||||
获取用户数据范围(机构Id集合)
|
||||
</summary>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:Ewide.Core.Service.SysUserService.CheckDataScope(Ewide.Core.Service.UserInput)">
|
||||
<summary>
|
||||
检查普通用户数据范围
|
||||
|
||||
@@ -169,7 +169,7 @@ namespace Ewide.Core.Service
|
||||
loginOutput.Permissions = await _sysMenuService.GetLoginPermissionList(userId);
|
||||
|
||||
// 数据范围信息(机构Id集合)
|
||||
loginOutput.DataScopes = await _sysUserService.GetUserDataScopeIdList(userId);
|
||||
loginOutput.DataScopes = await _userManager.GetUserAllDataScopeList();
|
||||
|
||||
// 具备应用信息(多系统,默认激活一个,可根据系统切换菜单),返回的结果中第一个为激活的系统
|
||||
loginOutput.Apps = await _sysAppService.GetLoginApps(userId);
|
||||
|
||||
@@ -15,7 +15,6 @@ namespace Ewide.Core.Service
|
||||
Task<dynamic> GetOrgTree([FromQuery] OrgInput input);
|
||||
Task<dynamic> QueryOrgPageList([FromQuery] PageOrgInput input);
|
||||
Task UpdateOrg(UpdateOrgInput input);
|
||||
Task<List<string>> GetUserDataScopeIdList();
|
||||
/// <summary>
|
||||
/// 根据区域信息获取单位id
|
||||
/// </summary>
|
||||
|
||||
@@ -51,7 +51,7 @@ namespace Ewide.Core.Service
|
||||
[HttpPost("/sysOrg/page")]
|
||||
public async Task<dynamic> QueryOrgPageList([FromBody] PageOrgInput input)
|
||||
{
|
||||
var dataScopeList = GetDataScopeList(await GetUserDataScopeIdList());
|
||||
var dataScopeList = GetDataScopeList(await _userManager.GetUserAllDataScopeList());
|
||||
|
||||
var name = !string.IsNullOrEmpty(input.Name?.Trim());
|
||||
var id = !string.IsNullOrEmpty(input.Id?.Trim());
|
||||
@@ -107,7 +107,7 @@ namespace Ewide.Core.Service
|
||||
[HttpGet("/sysOrg/list")]
|
||||
public async Task<List<OrgOutput>> GetOrgList([FromQuery] OrgInput input)
|
||||
{
|
||||
var dataScopeList = GetDataScopeList(await GetUserDataScopeIdList());
|
||||
var dataScopeList = GetDataScopeList(await _userManager.GetUserAllDataScopeList());
|
||||
|
||||
var pId = !string.IsNullOrEmpty(input.Pid?.Trim());
|
||||
var orgs = await _sysOrgRep.DetachedEntities
|
||||
@@ -136,7 +136,7 @@ namespace Ewide.Core.Service
|
||||
if (input.Pid != "0" && !string.IsNullOrEmpty(input.Pid))
|
||||
{
|
||||
// 新增组织机构的父机构不在自己的数据范围内
|
||||
var dataScopes = await GetUserDataScopeIdList();
|
||||
var dataScopes = await _userManager.GetUserAllDataScopeList();
|
||||
if (dataScopes.Count < 1 || !dataScopes.Contains(input.Pid))
|
||||
throw Oops.Oh(ErrorCode.D2003);
|
||||
}
|
||||
@@ -179,7 +179,7 @@ namespace Ewide.Core.Service
|
||||
var sysOrg = await _sysOrgRep.DetachedEntities.FirstOrDefaultAsync(u => u.Id == input.Id);
|
||||
|
||||
// 检测数据范围能不能操作这个机构
|
||||
var dataScopes = await GetUserDataScopeIdList();
|
||||
var dataScopes = await _userManager.GetUserAllDataScopeList();
|
||||
if (!_userManager.SuperAdmin && (dataScopes.Count < 1 || !dataScopes.Contains(sysOrg.Id)))
|
||||
throw Oops.Oh(ErrorCode.D2003);
|
||||
|
||||
@@ -233,7 +233,7 @@ namespace Ewide.Core.Service
|
||||
var sysOrg = await _sysOrgRep.DetachedEntities.FirstOrDefaultAsync(u => u.Id == input.Id);
|
||||
|
||||
// 检测数据范围能不能操作这个机构
|
||||
var dataScopes = await GetUserDataScopeIdList();
|
||||
var dataScopes = await _userManager.GetUserAllDataScopeList();
|
||||
if (!_userManager.SuperAdmin && (dataScopes.Count < 1 || !dataScopes.Contains(sysOrg.Id)))
|
||||
throw Oops.Oh(ErrorCode.D2003);
|
||||
|
||||
@@ -293,7 +293,7 @@ namespace Ewide.Core.Service
|
||||
var dataScopeList = new List<string>();
|
||||
if (!_userManager.SuperAdmin)
|
||||
{
|
||||
var dataScopes = await GetUserDataScopeIdList();
|
||||
var dataScopes = await _userManager.GetUserAllDataScopeList();
|
||||
if (dataScopes.Count < 1)
|
||||
return dataScopeList;
|
||||
dataScopeList = GetDataScopeList(dataScopes);
|
||||
@@ -344,17 +344,6 @@ namespace Ewide.Core.Service
|
||||
}
|
||||
return orgIdList;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 获取用户数据范围(机构Id集合)
|
||||
/// </summary>
|
||||
/// <returns></returns>
|
||||
[NonAction]
|
||||
public async Task<List<string>> GetUserDataScopeIdList()
|
||||
{
|
||||
return await App.GetService<ISysUserService>().GetUserDataScopeIdList();
|
||||
}
|
||||
|
||||
public async Task<List<string>> GetAreaDataScopeIdList(int dataScopeType, string orgId)
|
||||
{
|
||||
var org = await _sysOrgRep.FirstOrDefaultAsync(o => o.Id == orgId);
|
||||
|
||||
@@ -12,7 +12,6 @@ namespace Ewide.Core.Service
|
||||
Task<dynamic> GetRoleDropDown();
|
||||
Task<SysRole> GetRoleInfo([FromQuery] QueryRoleInput input);
|
||||
Task<dynamic> GetRoleList([FromQuery] RoleInput input);
|
||||
Task<List<string>> GetUserDataScopeIdList(List<string> roleIdList, string orgId);
|
||||
Task<List<RoleOutput>> GetUserRoleList(string userId);
|
||||
Task GrantData(GrantRoleDataInput input);
|
||||
Task GrantMenu(GrantRoleMenuInput input);
|
||||
|
||||
@@ -218,7 +218,7 @@ namespace Ewide.Core.Service
|
||||
//如果授权的角色数据范围类型为自定义,则要判断授权的数据范围是否在自己的数据范围内
|
||||
if ((int)DataScopeType.DEFINE == dataScopeType)
|
||||
{
|
||||
var dataScopes = await _sysOrgService.GetUserDataScopeIdList();
|
||||
var dataScopes = await _userManager.GetUserAllDataScopeList();
|
||||
var grantOrgIdList = input.GrantOrgIdList; //要授权的数据范围列表
|
||||
if (grantOrgIdList.Count > 0)
|
||||
{
|
||||
@@ -233,46 +233,6 @@ namespace Ewide.Core.Service
|
||||
await _sysRoleDataScopeService.GrantDataScope(input);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 根据角色Id集合获取数据范围Id集合
|
||||
/// </summary>
|
||||
/// <param name="roleIdList"></param>
|
||||
/// <param name="orgId"></param>
|
||||
/// <returns></returns>
|
||||
[NonAction]
|
||||
public async Task<List<string>> GetUserDataScopeIdList(List<string> roleIdList, string orgId)
|
||||
{
|
||||
// 定义角色中最大数据范围的类型,目前按最大范围策略来,如果你同时拥有ALL和SELF的权限,最后按ALL返回
|
||||
int strongerDataScopeType = (int)DataScopeType.SELF;
|
||||
int strongerAreaType = (int)DataScopeType.SELF;
|
||||
|
||||
var customDataScopeRoleIdList = new List<string>();
|
||||
if (roleIdList != null && roleIdList.Count > 0)
|
||||
{
|
||||
var roles = await _sysRoleRep.DetachedEntities.Where(u => roleIdList.Contains(u.Id)).ToListAsync();
|
||||
roles.ForEach(u =>
|
||||
{
|
||||
if (u.DataScopeType == (int)DataScopeType.DEFINE)
|
||||
customDataScopeRoleIdList.Add(u.Id);
|
||||
if ((u.DataScopeType == (int)DataScopeType.AREA || u.DataScopeType == (int)DataScopeType.AREA_WITH_CHILD) && strongerAreaType < u.DataScopeType)
|
||||
{
|
||||
strongerAreaType = u.DataScopeType;
|
||||
}
|
||||
else if (u.DataScopeType <= strongerDataScopeType)
|
||||
strongerDataScopeType = u.DataScopeType;
|
||||
});
|
||||
}
|
||||
|
||||
// 自定义数据范围的角色对应的数据范围
|
||||
var roleDataScopeIdList = await _sysRoleDataScopeService.GetRoleDataScopeIdList(customDataScopeRoleIdList);
|
||||
|
||||
// 角色中拥有最大数据范围类型的数据范围
|
||||
var dataScopeIdList = await _sysOrgService.GetDataScopeListByDataScopeType(strongerDataScopeType, orgId);
|
||||
//角色区域数据范围
|
||||
var areaOrgIdList = await _sysOrgService.GetAreaDataScopeIdList(strongerAreaType, orgId);
|
||||
return roleDataScopeIdList.Concat(dataScopeIdList).Concat(areaOrgIdList).Distinct().ToList(); //并集
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 根据角色Id获取角色名称
|
||||
/// </summary>
|
||||
|
||||
@@ -7,7 +7,6 @@ namespace Ewide.Core.Service
|
||||
{
|
||||
Task DeleteUserDataScopeListByOrgIdList(List<string> orgIdList);
|
||||
Task DeleteUserDataScopeListByUserId(string userId);
|
||||
Task<List<string>> GetUserDataScopeIdList(string userId);
|
||||
Task GrantData(UpdateUserInput input);
|
||||
}
|
||||
}
|
||||
@@ -7,7 +7,6 @@ namespace Ewide.Core.Service
|
||||
{
|
||||
Task DeleteUserRoleListByRoleId(string roleId);
|
||||
Task DeleteUserRoleListByUserId(string userId);
|
||||
Task<List<string>> GetUserRoleDataScopeIdList(string userId, string orgId);
|
||||
Task<List<string>> GetUserRoleIdList(string userId);
|
||||
Task GrantRole(UpdateUserInput input);
|
||||
}
|
||||
|
||||
@@ -13,8 +13,6 @@ namespace Ewide.Core.Service
|
||||
Task ExportUser([FromQuery] UserInput input);
|
||||
Task<dynamic> GetUser([FromQuery] QueryUserInput input);
|
||||
Task<dynamic> GetUserById(string userId);
|
||||
Task<List<string>> GetUserDataScopeIdList();
|
||||
Task<List<string>> GetUserDataScopeIdList(string userId);
|
||||
Task<dynamic> GetUserOwnData([FromQuery] QueryUserInput input);
|
||||
Task<dynamic> GetUserOwnArea([FromQuery] QueryUserInput input);
|
||||
Task<dynamic> GetUserOwnRole([FromQuery] QueryUserInput input);
|
||||
|
||||
@@ -63,26 +63,6 @@ namespace Ewide.Core.Service
|
||||
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 获取用户的数据范围Id集合
|
||||
/// </summary>
|
||||
/// <param name="userId"></param>
|
||||
/// <returns></returns>
|
||||
public async Task<List<string>> GetUserDataScopeIdList(string userId)
|
||||
{
|
||||
var areaList = await _sysUserAreaRep.DetachedEntities.Where(u => u.SysUserId == userId).Select(u => u.AreaCode).ToListAsync();
|
||||
//用户自定义的区域权限所对应的全部组织机构id
|
||||
List<string> areaDataScopeIdList = new List<string>();
|
||||
foreach (var areaNumberCode in areaList)
|
||||
{
|
||||
areaDataScopeIdList.AddRange(await _sysOrgRep.DetachedEntities.Where(p => p.AreaCode.StartsWith(areaNumberCode)).Select(p => p.Id).ToListAsync());
|
||||
} //用户自定义的组织权限
|
||||
var orgIdList = await _sysUserDataScopeRep.DetachedEntities
|
||||
.Where(u => u.SysUserId == userId)
|
||||
.Select(u => u.SysOrgId).ToListAsync();
|
||||
return areaDataScopeIdList.Concat(orgIdList).Distinct().ToList();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 根据机构Id集合删除对应的用户-数据范围关联信息
|
||||
/// </summary>
|
||||
|
||||
@@ -57,23 +57,6 @@ namespace Ewide.Core.Service
|
||||
});
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 获取用户所有角色的数据范围(组织机构Id集合)
|
||||
/// </summary>
|
||||
/// <param name="userId"></param>
|
||||
/// <param name="orgId"></param>
|
||||
/// <returns></returns>
|
||||
public async Task<List<string>> GetUserRoleDataScopeIdList(string userId, string orgId)
|
||||
{
|
||||
var roleIdList = await GetUserRoleIdList(userId);
|
||||
|
||||
// 获取这些角色对应的数据范围
|
||||
if (roleIdList.Count > 0)
|
||||
return await _sysRoleService.GetUserDataScopeIdList(roleIdList, orgId);
|
||||
|
||||
return roleIdList;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 根据角色Id删除对应的用户-角色表关联信息
|
||||
/// </summary>
|
||||
|
||||
@@ -72,7 +72,7 @@ namespace Ewide.Core.Service
|
||||
var pid = input.SysEmpParam.OrgId;
|
||||
|
||||
var sysEmpRep = Db.GetRepository<SysEmp>();
|
||||
var dataScopes = await GetUserDataScopeIdList(_userManager.UserId);
|
||||
var dataScopes = await _userManager.GetUserAllDataScopeList();
|
||||
var users = await _sysUserRep.DetachedEntities
|
||||
.Join(sysEmpRep.DetachedEntities, u => u.Id, e => e.Id, (u, e) => new { u, e })
|
||||
.Join(_sysOrgRep.DetachedEntities, n => n.e.OrgId, o => o.Id, (n, o) => new { n, o })
|
||||
@@ -411,47 +411,6 @@ namespace Ewide.Core.Service
|
||||
await user.InsertAsync();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 获取用户数据范围(机构Id集合)并缓存
|
||||
/// </summary>
|
||||
/// <param name="userId"></param>
|
||||
/// <returns></returns>
|
||||
[NonAction]
|
||||
[UnitOfWork]
|
||||
public async Task<List<string>> GetUserDataScopeIdList(string userId)
|
||||
{
|
||||
var dataScopes = await _sysCacheService.GetDataScope(userId); // 先从缓存里面读取
|
||||
if (dataScopes == null || dataScopes.Count < 1)
|
||||
{
|
||||
var orgId = await _sysEmpService.GetEmpOrgId(userId);
|
||||
|
||||
// 获取该用户对应的数据范围集合
|
||||
var userDataScopeIdListForUser = await _sysUserDataScopeService.GetUserDataScopeIdList(userId);
|
||||
|
||||
// 获取该用户的角色对应的数据范围集合
|
||||
var userDataScopeIdListForRole = await _sysUserRoleService.GetUserRoleDataScopeIdList(userId, orgId);
|
||||
|
||||
dataScopes = userDataScopeIdListForUser.Concat(userDataScopeIdListForRole).Distinct().ToList(); // 并集
|
||||
|
||||
#if DEBUG
|
||||
#else
|
||||
await _sysCacheService.SetDataScope(userId, dataScopes); // 缓存结果
|
||||
#endif
|
||||
}
|
||||
return dataScopes;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 获取用户数据范围(机构Id集合)
|
||||
/// </summary>
|
||||
/// <returns></returns>
|
||||
[NonAction]
|
||||
public async Task<List<string>> GetUserDataScopeIdList()
|
||||
{
|
||||
var userId = _userManager.UserId;
|
||||
var dataScopes = await GetUserDataScopeIdList(userId);
|
||||
return dataScopes;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 检查普通用户数据范围
|
||||
@@ -463,7 +422,7 @@ namespace Ewide.Core.Service
|
||||
// 如果当前用户不是超级管理员,则进行数据范围校验
|
||||
if (!_userManager.SuperAdmin)
|
||||
{
|
||||
var dataScopes = await GetUserDataScopeIdList(_userManager.UserId);
|
||||
var dataScopes = await _userManager.GetUserAllDataScopeList();
|
||||
if (dataScopes == null || (userParam.SysEmpParam.OrgId != null && !dataScopes.Contains(userParam.SysEmpParam.OrgId)))
|
||||
throw Oops.Oh(ErrorCode.D1013);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user