update: UserManager用户权限

2021-07-01 11:20:49 +08:00
parent 7c65681cb2
commit f183913e6c
2 changed files with 148 additions and 2 deletions
--- a/Api/Ewide.Core/Manager/IUserManager.cs
+++ b/Api/Ewide.Core/Manager/IUserManager.cs
@@ -23,5 +23,18 @@ namespace Ewide.Core
        Task<List<SysRole>> GetUserRoleList(string userId);
        Task<List<SysRole>> GetUserRoleList();
        Task<List<string>> GetLoginPermissionList();
+        //获取用户额外授权的组织信息
+        Task<List<string>> GetUserExtraDataScopeList();
+        Task<List<string>> GetUserExtraDataScopeList(string userId);
+        //获取用户额外授权的区域信息
+        Task<List<string>> GetUserExtraAreaScopeList();
+        Task<List<string>> GetUserExtraAreaScopeList(string userId);
+        //获取角色额外授权的组织信息
+        Task<List<string>> GetRoleExtraDataScopeList(string roleId);
+        //获取角色额外授权的区域信息
+        Task<List<string>> GetRoleExtraAreaScopeList(string roleId);
+        //获取用户的授权范围
+        Task<List<string>> GetUserAllDataScopeList();
+        Task<List<string>> GetUserAllDataScopeList(string userId);
    }
 }
--- a/Api/Ewide.Core/Manager/UserManager.cs
+++ b/Api/Ewide.Core/Manager/UserManager.cs
@@ -22,6 +22,10 @@ namespace Ewide.Core
        private readonly IRepository<SysOrg> _sysOrgRep;
        private readonly IRepository<SysRoleMenu> _sysRoleMenuRep;
        private readonly IRepository<SysMenu> _sysMenuRep;
+        private readonly IRepository<SysUserDataScope> _sysUserDataScopeRep;
+        private readonly IRepository<SysUserArea> _sysUserAreaRep;
+        private readonly IRepository<SysRoleDataScope> _sysRoleDataRep;
+        private readonly IRepository<SysRoleArea> _sysRoleAreaRep;
        private readonly IHttpContextAccessor _httpContextAccessor;
        private readonly ISysCacheService _sysCacheService;

@@ -51,12 +55,16 @@ namespace Ewide.Core
        }

        public UserManager(
+            IHttpContextAccessor httpContextAccessor,
+            ISysCacheService sysCacheService,
            IRepository<SysUser> sysUserRep,
            IRepository<SysRole> sysRoleRep,
            IRepository<SysUserRole> sysUserRoleRep,
            IRepository<SysEmp> sysEmpRep,
            IRepository<SysOrg> sysOrgRep,
-            IHttpContextAccessor httpContextAccessor, ISysCacheService sysCacheService, IRepository<SysRoleMenu> sysRoleMenuRep, IRepository<SysMenu> sysMenuRep)
+            IRepository<SysRoleMenu> sysRoleMenuRep,
+            IRepository<SysMenu> sysMenuRep,
+            IRepository<SysUserDataScope> sysUserDataScopeRep, IRepository<SysUserArea> sysUserAreaRep, IRepository<SysRoleDataScope> sysRoleDataRep, IRepository<SysRoleArea> sysRoleAreaRep)
        {
            _sysUserRep = sysUserRep;
            _sysRoleRep = sysRoleRep;
@@ -67,6 +75,10 @@ namespace Ewide.Core
            _sysCacheService = sysCacheService;
            _sysRoleMenuRep = sysRoleMenuRep;
            _sysMenuRep = sysMenuRep;
+            _sysUserDataScopeRep = sysUserDataScopeRep;
+            _sysUserAreaRep = sysUserAreaRep;
+            _sysRoleDataRep = sysRoleDataRep;
+            _sysRoleAreaRep = sysRoleAreaRep;
        }

        /// <summary>
@@ -177,7 +189,7 @@ namespace Ewide.Core
            if (permissions == null || permissions.Count < 1)
            {
                var roleIdList = await GetUserRoleIdList();
-                var menuIdList = await  _sysRoleMenuRep.DetachedEntities
+                var menuIdList = await _sysRoleMenuRep.DetachedEntities
                                        .Where(u => roleIdList.Contains(u.SysRoleId))
                                        .Select(u => u.SysMenuId).ToListAsync();
                permissions = await _sysMenuRep.DetachedEntities.Where(u => menuIdList.Contains(u.Id))
@@ -191,5 +203,126 @@ namespace Ewide.Core
            }
            return permissions;
        }
+
+        public Task<List<string>> GetUserExtraDataScopeList()
+        {
+            return GetUserExtraDataScopeList(UserId);
+        }
+
+        public async Task<List<string>> GetUserExtraDataScopeList(string userId)
+        {
+            return await _sysUserDataScopeRep.DetachedEntities
+                                 .Where(u => u.SysUserId == userId)
+                                 .Select(u => u.SysOrgId).ToListAsync();
+        }
+
+        public Task<List<string>> GetUserExtraAreaScopeList()
+        {
+            return GetUserExtraAreaScopeList(UserId);
+        }
+
+        public async Task<List<string>> GetUserExtraAreaScopeList(string userId)
+        {
+            return await _sysUserAreaRep.DetachedEntities.Where(u => u.SysUserId == userId).Select(u => u.AreaCode).ToListAsync();
+        }
+
+        public Task<List<string>> GetRoleExtraDataScopeList(string roleId)
+        {
+            return _sysRoleDataRep.DetachedEntities.Where(u => u.SysRoleId == roleId).Select(u => u.SysOrgId).ToListAsync();
+        }
+
+        public Task<List<string>> GetRoleExtraAreaScopeList(string roleId)
+        {
+            return _sysRoleAreaRep.DetachedEntities.Where(u => u.SysRoleId == roleId).Select(u => u.AreaCode).ToListAsync();
+        }
+        public Task<List<string>> GetUserAllDataScopeList()
+        {
+            return GetUserAllDataScopeList(UserId);
+        }
+        public async Task<List<string>> GetDataScopeListByDataScopeType(int dataScopeType, string orgId)
+        {
+            var orgIdList = new List<string>();
+            if (string.IsNullOrEmpty(orgId))
+                return orgIdList;
+
+            // 如果是范围类型是全部数据，则获取当前所有的组织架构Id
+            if (dataScopeType == (int)DataScopeType.ALL)
+            {
+                orgIdList = await _sysOrgRep.DetachedEntities.Where(u => u.Status == (int)CommonStatus.ENABLE).Select(u => u.Id).ToListAsync();
+            }
+            // 如果范围类型是本部门及以下部门，则查询本节点和子节点集合，包含本节点
+            else if (dataScopeType == (int)DataScopeType.DEPT_WITH_CHILD)
+            {
+                orgIdList = await _sysOrgRep.DetachedEntities
+                                  .Where(u => u.Pids.Contains(orgId))
+                                  .Select(u => u.Id).ToListAsync();
+                orgIdList.Add(orgId);
+            }
+            // 如果数据范围是本部门，不含子节点，则直接返回本部门
+            else if (dataScopeType == (int)DataScopeType.DEPT)
+            {
+                orgIdList.Add(orgId);
+            }
+            return orgIdList;
+        }
+
+        public async Task<List<string>> GetUserAllDataScopeList(string userId)
+        {
+            var dataScopes = await _sysCacheService.GetDataScope(userId); // 先从缓存里面读取
+            if (dataScopes != null && dataScopes.Count > 0)
+            {
+                return dataScopes;
+            }
+            var orgId = await _sysEmpRep.DetachedEntities.Where(e => e.Id == userId).Select(u => u.OrgId).SingleAsync();
+            var orgAreaCode = await _sysOrgRep.Where(o => o.Id == orgId).Select(o => o.AreaCode).SingleAsync();
+            //获取用户额外授权数据
+            var userExtraDataScope = await(from org in _sysOrgRep.DetachedEntities
+                                           join ua in _sysUserAreaRep.DetachedEntities on org.AreaCode equals ua.AreaCode
+                                           where ua.SysUserId == userId
+                                           select org.Id).Concat(from ud in _sysUserDataScopeRep.DetachedEntities
+                                                                 where ud.SysUserId == userId
+                                                                 select ud.SysOrgId).ToListAsync();
+            //获取用户所有角色
+            //获取其他类型中最大的角色
+            var areaScopeTypes = new[] { DataScopeType.AREA, DataScopeType.AREA_WITH_CHILD }.Cast<int>();
+            var strongerDataScopeType = (int)DataScopeType.SELF;
+            var strongerAreaType = (int)DataScopeType.SELF;
+
+            //获取区域相关的角色类型中最大的区域角色
+            var customDataScopeRoleIdList = new List<string>();
+            var roleList = from role in _sysRoleRep.DetachedEntities
+                           join ur in _sysUserRoleRep.DetachedEntities on role.Id equals ur.SysRoleId
+                           where ur.SysUserId == userId
+                           select role;
+            foreach (var role in await roleList.ToListAsync())
+            {
+                if (role.DataScopeType == (int)DataScopeType.DEFINE)
+                    customDataScopeRoleIdList.Add(role.Id);
+                if ((role.DataScopeType == (int)DataScopeType.AREA || role.DataScopeType == (int)DataScopeType.AREA_WITH_CHILD) && strongerAreaType < role.DataScopeType)
+                {
+                    strongerAreaType = role.DataScopeType;
+                }
+                else if (role.DataScopeType <= strongerDataScopeType)
+                    strongerDataScopeType = role.DataScopeType;
+            }
+            // 自定义数据范围的角色对应的数据范围
+            var roleDataScopeIdList = await _sysRoleDataRep.DetachedEntities.Where(rd => customDataScopeRoleIdList.Contains(rd.SysRoleId)).Select(rd => orgId).ToListAsync();
+
+            // 角色中拥有最大数据范围类型的数据范围
+            var dataScopeIdList = await GetDataScopeListByDataScopeType(strongerDataScopeType, orgId);
+            //角色区域数据范围
+            var areaOrgIdList = new List<string>();
+            if (strongerAreaType == (int)DataScopeType.AREA_WITH_CHILD)
+                areaOrgIdList = await _sysOrgRep.DetachedEntities.Where(p => p.AreaCode.StartsWith(orgAreaCode)).Select(p => p.Id).ToListAsync();
+            if (strongerAreaType == (int)DataScopeType.AREA)
+                areaOrgIdList = await _sysOrgRep.DetachedEntities.Where(p => p.AreaCode == orgAreaCode).Select(p => p.Id).ToListAsync();
+            //获取
+            var scope = userExtraDataScope.Concat(roleDataScopeIdList).Concat(dataScopeIdList).Concat(areaOrgIdList).Distinct().ToList();
+#if DEBUG
+#else
+            await _sysCacheService.SetDataScope(userId, scope);
+#endif
+            return scope;
+        }
    }
 }