update:区域权限 相关的加入到UserManager
This commit is contained in:
@@ -33,8 +33,12 @@ namespace Ewide.Core
|
||||
Task<List<string>> GetRoleExtraDataScopeList(string roleId);
|
||||
//获取角色额外授权的区域信息
|
||||
Task<List<string>> GetRoleExtraAreaScopeList(string roleId);
|
||||
Task<List<string>> GetUserAllAreaList();
|
||||
Task<List<string>> GetUserAllAreaList(string userId);
|
||||
|
||||
//获取用户的授权范围
|
||||
Task<List<string>> GetUserAllDataScopeList();
|
||||
Task<List<string>> GetUserAllDataScopeList(string userId);
|
||||
|
||||
}
|
||||
}
|
||||
@@ -7,6 +7,8 @@ using System.Threading.Tasks;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using System.Collections.Generic;
|
||||
using Ewide.Core.Service;
|
||||
using System;
|
||||
using System.Data;
|
||||
|
||||
namespace Ewide.Core
|
||||
{
|
||||
@@ -26,6 +28,7 @@ namespace Ewide.Core
|
||||
private readonly IRepository<SysUserArea> _sysUserAreaRep;
|
||||
private readonly IRepository<SysRoleDataScope> _sysRoleDataRep;
|
||||
private readonly IRepository<SysRoleArea> _sysRoleAreaRep;
|
||||
private readonly IRepository<SysAreaCode> _sysAreaCodeRep;
|
||||
private readonly IHttpContextAccessor _httpContextAccessor;
|
||||
private readonly ISysCacheService _sysCacheService;
|
||||
|
||||
@@ -64,7 +67,7 @@ namespace Ewide.Core
|
||||
IRepository<SysOrg> sysOrgRep,
|
||||
IRepository<SysRoleMenu> sysRoleMenuRep,
|
||||
IRepository<SysMenu> sysMenuRep,
|
||||
IRepository<SysUserDataScope> sysUserDataScopeRep, IRepository<SysUserArea> sysUserAreaRep, IRepository<SysRoleDataScope> sysRoleDataRep, IRepository<SysRoleArea> sysRoleAreaRep)
|
||||
IRepository<SysUserDataScope> sysUserDataScopeRep, IRepository<SysUserArea> sysUserAreaRep, IRepository<SysRoleDataScope> sysRoleDataRep, IRepository<SysRoleArea> sysRoleAreaRep, IRepository<SysAreaCode> sysAreaCodeRep)
|
||||
{
|
||||
_sysUserRep = sysUserRep;
|
||||
_sysRoleRep = sysRoleRep;
|
||||
@@ -79,6 +82,7 @@ namespace Ewide.Core
|
||||
_sysUserAreaRep = sysUserAreaRep;
|
||||
_sysRoleDataRep = sysRoleDataRep;
|
||||
_sysRoleAreaRep = sysRoleAreaRep;
|
||||
_sysAreaCodeRep = sysAreaCodeRep;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
@@ -276,12 +280,12 @@ namespace Ewide.Core
|
||||
var orgId = await _sysEmpRep.DetachedEntities.Where(e => e.Id == userId).Select(u => u.OrgId).SingleAsync();
|
||||
var orgAreaCode = await _sysOrgRep.Where(o => o.Id == orgId).Select(o => o.AreaCode).SingleAsync();
|
||||
//获取用户额外授权数据
|
||||
var userExtraDataScope = await(from org in _sysOrgRep.DetachedEntities
|
||||
join ua in _sysUserAreaRep.DetachedEntities on org.AreaCode equals ua.AreaCode
|
||||
where ua.SysUserId == userId
|
||||
select org.Id).Concat(from ud in _sysUserDataScopeRep.DetachedEntities
|
||||
where ud.SysUserId == userId
|
||||
select ud.SysOrgId).ToListAsync();
|
||||
var userExtraDataScope = await (from org in _sysOrgRep.DetachedEntities
|
||||
join ua in _sysUserAreaRep.DetachedEntities on org.AreaCode equals ua.AreaCode
|
||||
where ua.SysUserId == userId
|
||||
select org.Id).Concat(from ud in _sysUserDataScopeRep.DetachedEntities
|
||||
where ud.SysUserId == userId
|
||||
select ud.SysOrgId).ToListAsync();
|
||||
//获取用户所有角色
|
||||
//获取其他类型中最大的角色
|
||||
var areaScopeTypes = new[] { DataScopeType.AREA, DataScopeType.AREA_WITH_CHILD }.Cast<int>();
|
||||
@@ -324,5 +328,52 @@ namespace Ewide.Core
|
||||
#endif
|
||||
return scope;
|
||||
}
|
||||
/// <summary>
|
||||
/// 获取用户可以访问的区域权限
|
||||
/// </summary>
|
||||
/// <returns></returns>
|
||||
public Task<List<string>> GetUserAllAreaList()
|
||||
{
|
||||
return GetUserAllAreaList(UserId);
|
||||
}
|
||||
|
||||
public async Task<List<string>> GetUserAllAreaList(string userId)
|
||||
{
|
||||
var orgId = await _sysEmpRep.DetachedEntities.Where(e => e.Id == userId).Select(u => u.OrgId).SingleAsync();
|
||||
var orgAreaCode = await _sysOrgRep.Where(o => o.Id == orgId).Select(o => o.AreaCode).SingleAsync();
|
||||
//本部门 或者 本部门区域 树结构只显示本级区域
|
||||
//本部门及以下 或者 本部门区域及以下 树结构显示本级和以下所有区域
|
||||
var extraUserArea = await GetUserExtraAreaScopeList(userId);
|
||||
var roles = await _sysUserRoleRep.DetachedEntities.Include(ur => ur.SysRole).Where(ur => ur.SysUserId == userId).Select(ur => ur.SysRole).ToListAsync();
|
||||
var extraRoleArea = await _sysRoleAreaRep.DetachedEntities.Where(ra => roles.Where(r => r.DataScopeType == (int)DataScopeType.DEFINE).Select(r => r.Id).Contains(ra.SysRoleId)).Select(ra => ra.AreaCode).ToListAsync();
|
||||
var roleTypeArea = await GetUserDataScopeTypeAreaList(orgAreaCode, roles.Select(r => r.DataScopeType).ToList());
|
||||
return extraRoleArea.Concat(extraUserArea).Concat(roleTypeArea).Distinct().ToList();
|
||||
}
|
||||
private async Task<List<string>> GetUserDataScopeTypeAreaList(string orgAreaCode, List<int> roleDataTypeList)
|
||||
{
|
||||
var areaCode = await GetCachedAreaCode();
|
||||
if (roleDataTypeList.Any(r => r == (int)DataScopeType.ALL))
|
||||
{
|
||||
return areaCode.Select(a => a.Code).ToList();
|
||||
}
|
||||
if (roleDataTypeList.Any(r => new[] { DataScopeType.DEPT_WITH_CHILD, DataScopeType.AREA_WITH_CHILD }.Cast<int>().Contains(r)))
|
||||
{
|
||||
return areaCode.Where(a => a.Code.StartsWith(orgAreaCode)).Select(a => a.Code).ToList();
|
||||
}
|
||||
if (roleDataTypeList.Any(r => new[] { DataScopeType.DEPT, DataScopeType.AREA }.Cast<int>().Contains(r)))
|
||||
{
|
||||
return areaCode.Where(a => a.Code == orgAreaCode).Select(a => a.Code).ToList();
|
||||
}
|
||||
return new List<string>();
|
||||
}
|
||||
private async Task<List<SysAreaCode>> GetCachedAreaCode()
|
||||
{
|
||||
var areaCodeList = await _sysCacheService.GetAreaCode();
|
||||
if (areaCodeList == null || areaCodeList.Count < 1)
|
||||
{
|
||||
areaCodeList = await _sysAreaCodeRep.DetachedEntities.ToListAsync();
|
||||
}
|
||||
return areaCodeList;
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user