diff --git a/Api/Ewide.Core/Manager/IUserManager.cs b/Api/Ewide.Core/Manager/IUserManager.cs index 5a2e66e..e213bf9 100644 --- a/Api/Ewide.Core/Manager/IUserManager.cs +++ b/Api/Ewide.Core/Manager/IUserManager.cs @@ -33,8 +33,12 @@ namespace Ewide.Core Task> GetRoleExtraDataScopeList(string roleId); //获取角色额外授权的区域信息 Task> GetRoleExtraAreaScopeList(string roleId); + Task> GetUserAllAreaList(); + Task> GetUserAllAreaList(string userId); + //获取用户的授权范围 Task> GetUserAllDataScopeList(); Task> GetUserAllDataScopeList(string userId); + } } \ No newline at end of file diff --git a/Api/Ewide.Core/Manager/UserManager.cs b/Api/Ewide.Core/Manager/UserManager.cs index 0cd02ea..a2ec008 100644 --- a/Api/Ewide.Core/Manager/UserManager.cs +++ b/Api/Ewide.Core/Manager/UserManager.cs @@ -7,6 +7,8 @@ using System.Threading.Tasks; using Microsoft.EntityFrameworkCore; using System.Collections.Generic; using Ewide.Core.Service; +using System; +using System.Data; namespace Ewide.Core { @@ -26,6 +28,7 @@ namespace Ewide.Core private readonly IRepository _sysUserAreaRep; private readonly IRepository _sysRoleDataRep; private readonly IRepository _sysRoleAreaRep; + private readonly IRepository _sysAreaCodeRep; private readonly IHttpContextAccessor _httpContextAccessor; private readonly ISysCacheService _sysCacheService; @@ -64,7 +67,7 @@ namespace Ewide.Core IRepository sysOrgRep, IRepository sysRoleMenuRep, IRepository sysMenuRep, - IRepository sysUserDataScopeRep, IRepository sysUserAreaRep, IRepository sysRoleDataRep, IRepository sysRoleAreaRep) + IRepository sysUserDataScopeRep, IRepository sysUserAreaRep, IRepository sysRoleDataRep, IRepository sysRoleAreaRep, IRepository sysAreaCodeRep) { _sysUserRep = sysUserRep; _sysRoleRep = sysRoleRep; @@ -79,6 +82,7 @@ namespace Ewide.Core _sysUserAreaRep = sysUserAreaRep; _sysRoleDataRep = sysRoleDataRep; _sysRoleAreaRep = sysRoleAreaRep; + _sysAreaCodeRep = sysAreaCodeRep; } /// @@ -276,12 +280,12 @@ namespace Ewide.Core var orgId = await _sysEmpRep.DetachedEntities.Where(e => e.Id == userId).Select(u => u.OrgId).SingleAsync(); var orgAreaCode = await _sysOrgRep.Where(o => o.Id == orgId).Select(o => o.AreaCode).SingleAsync(); //获取用户额外授权数据 - var userExtraDataScope = await(from org in _sysOrgRep.DetachedEntities - join ua in _sysUserAreaRep.DetachedEntities on org.AreaCode equals ua.AreaCode - where ua.SysUserId == userId - select org.Id).Concat(from ud in _sysUserDataScopeRep.DetachedEntities - where ud.SysUserId == userId - select ud.SysOrgId).ToListAsync(); + var userExtraDataScope = await (from org in _sysOrgRep.DetachedEntities + join ua in _sysUserAreaRep.DetachedEntities on org.AreaCode equals ua.AreaCode + where ua.SysUserId == userId + select org.Id).Concat(from ud in _sysUserDataScopeRep.DetachedEntities + where ud.SysUserId == userId + select ud.SysOrgId).ToListAsync(); //获取用户所有角色 //获取其他类型中最大的角色 var areaScopeTypes = new[] { DataScopeType.AREA, DataScopeType.AREA_WITH_CHILD }.Cast(); @@ -324,5 +328,52 @@ namespace Ewide.Core #endif return scope; } + /// + /// 获取用户可以访问的区域权限 + /// + /// + public Task> GetUserAllAreaList() + { + return GetUserAllAreaList(UserId); + } + + public async Task> GetUserAllAreaList(string userId) + { + var orgId = await _sysEmpRep.DetachedEntities.Where(e => e.Id == userId).Select(u => u.OrgId).SingleAsync(); + var orgAreaCode = await _sysOrgRep.Where(o => o.Id == orgId).Select(o => o.AreaCode).SingleAsync(); + //本部门 或者 本部门区域 树结构只显示本级区域 + //本部门及以下 或者 本部门区域及以下 树结构显示本级和以下所有区域 + var extraUserArea = await GetUserExtraAreaScopeList(userId); + var roles = await _sysUserRoleRep.DetachedEntities.Include(ur => ur.SysRole).Where(ur => ur.SysUserId == userId).Select(ur => ur.SysRole).ToListAsync(); + var extraRoleArea = await _sysRoleAreaRep.DetachedEntities.Where(ra => roles.Where(r => r.DataScopeType == (int)DataScopeType.DEFINE).Select(r => r.Id).Contains(ra.SysRoleId)).Select(ra => ra.AreaCode).ToListAsync(); + var roleTypeArea = await GetUserDataScopeTypeAreaList(orgAreaCode, roles.Select(r => r.DataScopeType).ToList()); + return extraRoleArea.Concat(extraUserArea).Concat(roleTypeArea).Distinct().ToList(); + } + private async Task> GetUserDataScopeTypeAreaList(string orgAreaCode, List roleDataTypeList) + { + var areaCode = await GetCachedAreaCode(); + if (roleDataTypeList.Any(r => r == (int)DataScopeType.ALL)) + { + return areaCode.Select(a => a.Code).ToList(); + } + if (roleDataTypeList.Any(r => new[] { DataScopeType.DEPT_WITH_CHILD, DataScopeType.AREA_WITH_CHILD }.Cast().Contains(r))) + { + return areaCode.Where(a => a.Code.StartsWith(orgAreaCode)).Select(a => a.Code).ToList(); + } + if (roleDataTypeList.Any(r => new[] { DataScopeType.DEPT, DataScopeType.AREA }.Cast().Contains(r))) + { + return areaCode.Where(a => a.Code == orgAreaCode).Select(a => a.Code).ToList(); + } + return new List(); + } + private async Task> GetCachedAreaCode() + { + var areaCodeList = await _sysCacheService.GetAreaCode(); + if (areaCodeList == null || areaCodeList.Count < 1) + { + areaCodeList = await _sysAreaCodeRep.DetachedEntities.ToListAsync(); + } + return areaCodeList; + } } } \ No newline at end of file