update:区域权限 相关的加入到UserManager
This commit is contained in:
@@ -33,8 +33,12 @@ namespace Ewide.Core
|
|||||||
Task<List<string>> GetRoleExtraDataScopeList(string roleId);
|
Task<List<string>> GetRoleExtraDataScopeList(string roleId);
|
||||||
//获取角色额外授权的区域信息
|
//获取角色额外授权的区域信息
|
||||||
Task<List<string>> GetRoleExtraAreaScopeList(string roleId);
|
Task<List<string>> GetRoleExtraAreaScopeList(string roleId);
|
||||||
|
Task<List<string>> GetUserAllAreaList();
|
||||||
|
Task<List<string>> GetUserAllAreaList(string userId);
|
||||||
|
|
||||||
//获取用户的授权范围
|
//获取用户的授权范围
|
||||||
Task<List<string>> GetUserAllDataScopeList();
|
Task<List<string>> GetUserAllDataScopeList();
|
||||||
Task<List<string>> GetUserAllDataScopeList(string userId);
|
Task<List<string>> GetUserAllDataScopeList(string userId);
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -7,6 +7,8 @@ using System.Threading.Tasks;
|
|||||||
using Microsoft.EntityFrameworkCore;
|
using Microsoft.EntityFrameworkCore;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using Ewide.Core.Service;
|
using Ewide.Core.Service;
|
||||||
|
using System;
|
||||||
|
using System.Data;
|
||||||
|
|
||||||
namespace Ewide.Core
|
namespace Ewide.Core
|
||||||
{
|
{
|
||||||
@@ -26,6 +28,7 @@ namespace Ewide.Core
|
|||||||
private readonly IRepository<SysUserArea> _sysUserAreaRep;
|
private readonly IRepository<SysUserArea> _sysUserAreaRep;
|
||||||
private readonly IRepository<SysRoleDataScope> _sysRoleDataRep;
|
private readonly IRepository<SysRoleDataScope> _sysRoleDataRep;
|
||||||
private readonly IRepository<SysRoleArea> _sysRoleAreaRep;
|
private readonly IRepository<SysRoleArea> _sysRoleAreaRep;
|
||||||
|
private readonly IRepository<SysAreaCode> _sysAreaCodeRep;
|
||||||
private readonly IHttpContextAccessor _httpContextAccessor;
|
private readonly IHttpContextAccessor _httpContextAccessor;
|
||||||
private readonly ISysCacheService _sysCacheService;
|
private readonly ISysCacheService _sysCacheService;
|
||||||
|
|
||||||
@@ -64,7 +67,7 @@ namespace Ewide.Core
|
|||||||
IRepository<SysOrg> sysOrgRep,
|
IRepository<SysOrg> sysOrgRep,
|
||||||
IRepository<SysRoleMenu> sysRoleMenuRep,
|
IRepository<SysRoleMenu> sysRoleMenuRep,
|
||||||
IRepository<SysMenu> sysMenuRep,
|
IRepository<SysMenu> sysMenuRep,
|
||||||
IRepository<SysUserDataScope> sysUserDataScopeRep, IRepository<SysUserArea> sysUserAreaRep, IRepository<SysRoleDataScope> sysRoleDataRep, IRepository<SysRoleArea> sysRoleAreaRep)
|
IRepository<SysUserDataScope> sysUserDataScopeRep, IRepository<SysUserArea> sysUserAreaRep, IRepository<SysRoleDataScope> sysRoleDataRep, IRepository<SysRoleArea> sysRoleAreaRep, IRepository<SysAreaCode> sysAreaCodeRep)
|
||||||
{
|
{
|
||||||
_sysUserRep = sysUserRep;
|
_sysUserRep = sysUserRep;
|
||||||
_sysRoleRep = sysRoleRep;
|
_sysRoleRep = sysRoleRep;
|
||||||
@@ -79,6 +82,7 @@ namespace Ewide.Core
|
|||||||
_sysUserAreaRep = sysUserAreaRep;
|
_sysUserAreaRep = sysUserAreaRep;
|
||||||
_sysRoleDataRep = sysRoleDataRep;
|
_sysRoleDataRep = sysRoleDataRep;
|
||||||
_sysRoleAreaRep = sysRoleAreaRep;
|
_sysRoleAreaRep = sysRoleAreaRep;
|
||||||
|
_sysAreaCodeRep = sysAreaCodeRep;
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
@@ -276,12 +280,12 @@ namespace Ewide.Core
|
|||||||
var orgId = await _sysEmpRep.DetachedEntities.Where(e => e.Id == userId).Select(u => u.OrgId).SingleAsync();
|
var orgId = await _sysEmpRep.DetachedEntities.Where(e => e.Id == userId).Select(u => u.OrgId).SingleAsync();
|
||||||
var orgAreaCode = await _sysOrgRep.Where(o => o.Id == orgId).Select(o => o.AreaCode).SingleAsync();
|
var orgAreaCode = await _sysOrgRep.Where(o => o.Id == orgId).Select(o => o.AreaCode).SingleAsync();
|
||||||
//获取用户额外授权数据
|
//获取用户额外授权数据
|
||||||
var userExtraDataScope = await(from org in _sysOrgRep.DetachedEntities
|
var userExtraDataScope = await (from org in _sysOrgRep.DetachedEntities
|
||||||
join ua in _sysUserAreaRep.DetachedEntities on org.AreaCode equals ua.AreaCode
|
join ua in _sysUserAreaRep.DetachedEntities on org.AreaCode equals ua.AreaCode
|
||||||
where ua.SysUserId == userId
|
where ua.SysUserId == userId
|
||||||
select org.Id).Concat(from ud in _sysUserDataScopeRep.DetachedEntities
|
select org.Id).Concat(from ud in _sysUserDataScopeRep.DetachedEntities
|
||||||
where ud.SysUserId == userId
|
where ud.SysUserId == userId
|
||||||
select ud.SysOrgId).ToListAsync();
|
select ud.SysOrgId).ToListAsync();
|
||||||
//获取用户所有角色
|
//获取用户所有角色
|
||||||
//获取其他类型中最大的角色
|
//获取其他类型中最大的角色
|
||||||
var areaScopeTypes = new[] { DataScopeType.AREA, DataScopeType.AREA_WITH_CHILD }.Cast<int>();
|
var areaScopeTypes = new[] { DataScopeType.AREA, DataScopeType.AREA_WITH_CHILD }.Cast<int>();
|
||||||
@@ -324,5 +328,52 @@ namespace Ewide.Core
|
|||||||
#endif
|
#endif
|
||||||
return scope;
|
return scope;
|
||||||
}
|
}
|
||||||
|
/// <summary>
|
||||||
|
/// 获取用户可以访问的区域权限
|
||||||
|
/// </summary>
|
||||||
|
/// <returns></returns>
|
||||||
|
public Task<List<string>> GetUserAllAreaList()
|
||||||
|
{
|
||||||
|
return GetUserAllAreaList(UserId);
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task<List<string>> GetUserAllAreaList(string userId)
|
||||||
|
{
|
||||||
|
var orgId = await _sysEmpRep.DetachedEntities.Where(e => e.Id == userId).Select(u => u.OrgId).SingleAsync();
|
||||||
|
var orgAreaCode = await _sysOrgRep.Where(o => o.Id == orgId).Select(o => o.AreaCode).SingleAsync();
|
||||||
|
//本部门 或者 本部门区域 树结构只显示本级区域
|
||||||
|
//本部门及以下 或者 本部门区域及以下 树结构显示本级和以下所有区域
|
||||||
|
var extraUserArea = await GetUserExtraAreaScopeList(userId);
|
||||||
|
var roles = await _sysUserRoleRep.DetachedEntities.Include(ur => ur.SysRole).Where(ur => ur.SysUserId == userId).Select(ur => ur.SysRole).ToListAsync();
|
||||||
|
var extraRoleArea = await _sysRoleAreaRep.DetachedEntities.Where(ra => roles.Where(r => r.DataScopeType == (int)DataScopeType.DEFINE).Select(r => r.Id).Contains(ra.SysRoleId)).Select(ra => ra.AreaCode).ToListAsync();
|
||||||
|
var roleTypeArea = await GetUserDataScopeTypeAreaList(orgAreaCode, roles.Select(r => r.DataScopeType).ToList());
|
||||||
|
return extraRoleArea.Concat(extraUserArea).Concat(roleTypeArea).Distinct().ToList();
|
||||||
|
}
|
||||||
|
private async Task<List<string>> GetUserDataScopeTypeAreaList(string orgAreaCode, List<int> roleDataTypeList)
|
||||||
|
{
|
||||||
|
var areaCode = await GetCachedAreaCode();
|
||||||
|
if (roleDataTypeList.Any(r => r == (int)DataScopeType.ALL))
|
||||||
|
{
|
||||||
|
return areaCode.Select(a => a.Code).ToList();
|
||||||
|
}
|
||||||
|
if (roleDataTypeList.Any(r => new[] { DataScopeType.DEPT_WITH_CHILD, DataScopeType.AREA_WITH_CHILD }.Cast<int>().Contains(r)))
|
||||||
|
{
|
||||||
|
return areaCode.Where(a => a.Code.StartsWith(orgAreaCode)).Select(a => a.Code).ToList();
|
||||||
|
}
|
||||||
|
if (roleDataTypeList.Any(r => new[] { DataScopeType.DEPT, DataScopeType.AREA }.Cast<int>().Contains(r)))
|
||||||
|
{
|
||||||
|
return areaCode.Where(a => a.Code == orgAreaCode).Select(a => a.Code).ToList();
|
||||||
|
}
|
||||||
|
return new List<string>();
|
||||||
|
}
|
||||||
|
private async Task<List<SysAreaCode>> GetCachedAreaCode()
|
||||||
|
{
|
||||||
|
var areaCodeList = await _sysCacheService.GetAreaCode();
|
||||||
|
if (areaCodeList == null || areaCodeList.Count < 1)
|
||||||
|
{
|
||||||
|
areaCodeList = await _sysAreaCodeRep.DetachedEntities.ToListAsync();
|
||||||
|
}
|
||||||
|
return areaCodeList;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Reference in New Issue
Block a user