update: UserManager用户权限
This commit is contained in:
@@ -22,6 +22,10 @@ namespace Ewide.Core
|
||||
private readonly IRepository<SysOrg> _sysOrgRep;
|
||||
private readonly IRepository<SysRoleMenu> _sysRoleMenuRep;
|
||||
private readonly IRepository<SysMenu> _sysMenuRep;
|
||||
private readonly IRepository<SysUserDataScope> _sysUserDataScopeRep;
|
||||
private readonly IRepository<SysUserArea> _sysUserAreaRep;
|
||||
private readonly IRepository<SysRoleDataScope> _sysRoleDataRep;
|
||||
private readonly IRepository<SysRoleArea> _sysRoleAreaRep;
|
||||
private readonly IHttpContextAccessor _httpContextAccessor;
|
||||
private readonly ISysCacheService _sysCacheService;
|
||||
|
||||
@@ -51,12 +55,16 @@ namespace Ewide.Core
|
||||
}
|
||||
|
||||
public UserManager(
|
||||
IHttpContextAccessor httpContextAccessor,
|
||||
ISysCacheService sysCacheService,
|
||||
IRepository<SysUser> sysUserRep,
|
||||
IRepository<SysRole> sysRoleRep,
|
||||
IRepository<SysUserRole> sysUserRoleRep,
|
||||
IRepository<SysEmp> sysEmpRep,
|
||||
IRepository<SysOrg> sysOrgRep,
|
||||
IHttpContextAccessor httpContextAccessor, ISysCacheService sysCacheService, IRepository<SysRoleMenu> sysRoleMenuRep, IRepository<SysMenu> sysMenuRep)
|
||||
IRepository<SysRoleMenu> sysRoleMenuRep,
|
||||
IRepository<SysMenu> sysMenuRep,
|
||||
IRepository<SysUserDataScope> sysUserDataScopeRep, IRepository<SysUserArea> sysUserAreaRep, IRepository<SysRoleDataScope> sysRoleDataRep, IRepository<SysRoleArea> sysRoleAreaRep)
|
||||
{
|
||||
_sysUserRep = sysUserRep;
|
||||
_sysRoleRep = sysRoleRep;
|
||||
@@ -67,6 +75,10 @@ namespace Ewide.Core
|
||||
_sysCacheService = sysCacheService;
|
||||
_sysRoleMenuRep = sysRoleMenuRep;
|
||||
_sysMenuRep = sysMenuRep;
|
||||
_sysUserDataScopeRep = sysUserDataScopeRep;
|
||||
_sysUserAreaRep = sysUserAreaRep;
|
||||
_sysRoleDataRep = sysRoleDataRep;
|
||||
_sysRoleAreaRep = sysRoleAreaRep;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
@@ -177,7 +189,7 @@ namespace Ewide.Core
|
||||
if (permissions == null || permissions.Count < 1)
|
||||
{
|
||||
var roleIdList = await GetUserRoleIdList();
|
||||
var menuIdList = await _sysRoleMenuRep.DetachedEntities
|
||||
var menuIdList = await _sysRoleMenuRep.DetachedEntities
|
||||
.Where(u => roleIdList.Contains(u.SysRoleId))
|
||||
.Select(u => u.SysMenuId).ToListAsync();
|
||||
permissions = await _sysMenuRep.DetachedEntities.Where(u => menuIdList.Contains(u.Id))
|
||||
@@ -191,5 +203,126 @@ namespace Ewide.Core
|
||||
}
|
||||
return permissions;
|
||||
}
|
||||
|
||||
public Task<List<string>> GetUserExtraDataScopeList()
|
||||
{
|
||||
return GetUserExtraDataScopeList(UserId);
|
||||
}
|
||||
|
||||
public async Task<List<string>> GetUserExtraDataScopeList(string userId)
|
||||
{
|
||||
return await _sysUserDataScopeRep.DetachedEntities
|
||||
.Where(u => u.SysUserId == userId)
|
||||
.Select(u => u.SysOrgId).ToListAsync();
|
||||
}
|
||||
|
||||
public Task<List<string>> GetUserExtraAreaScopeList()
|
||||
{
|
||||
return GetUserExtraAreaScopeList(UserId);
|
||||
}
|
||||
|
||||
public async Task<List<string>> GetUserExtraAreaScopeList(string userId)
|
||||
{
|
||||
return await _sysUserAreaRep.DetachedEntities.Where(u => u.SysUserId == userId).Select(u => u.AreaCode).ToListAsync();
|
||||
}
|
||||
|
||||
public Task<List<string>> GetRoleExtraDataScopeList(string roleId)
|
||||
{
|
||||
return _sysRoleDataRep.DetachedEntities.Where(u => u.SysRoleId == roleId).Select(u => u.SysOrgId).ToListAsync();
|
||||
}
|
||||
|
||||
public Task<List<string>> GetRoleExtraAreaScopeList(string roleId)
|
||||
{
|
||||
return _sysRoleAreaRep.DetachedEntities.Where(u => u.SysRoleId == roleId).Select(u => u.AreaCode).ToListAsync();
|
||||
}
|
||||
public Task<List<string>> GetUserAllDataScopeList()
|
||||
{
|
||||
return GetUserAllDataScopeList(UserId);
|
||||
}
|
||||
public async Task<List<string>> GetDataScopeListByDataScopeType(int dataScopeType, string orgId)
|
||||
{
|
||||
var orgIdList = new List<string>();
|
||||
if (string.IsNullOrEmpty(orgId))
|
||||
return orgIdList;
|
||||
|
||||
// 如果是范围类型是全部数据,则获取当前所有的组织架构Id
|
||||
if (dataScopeType == (int)DataScopeType.ALL)
|
||||
{
|
||||
orgIdList = await _sysOrgRep.DetachedEntities.Where(u => u.Status == (int)CommonStatus.ENABLE).Select(u => u.Id).ToListAsync();
|
||||
}
|
||||
// 如果范围类型是本部门及以下部门,则查询本节点和子节点集合,包含本节点
|
||||
else if (dataScopeType == (int)DataScopeType.DEPT_WITH_CHILD)
|
||||
{
|
||||
orgIdList = await _sysOrgRep.DetachedEntities
|
||||
.Where(u => u.Pids.Contains(orgId))
|
||||
.Select(u => u.Id).ToListAsync();
|
||||
orgIdList.Add(orgId);
|
||||
}
|
||||
// 如果数据范围是本部门,不含子节点,则直接返回本部门
|
||||
else if (dataScopeType == (int)DataScopeType.DEPT)
|
||||
{
|
||||
orgIdList.Add(orgId);
|
||||
}
|
||||
return orgIdList;
|
||||
}
|
||||
|
||||
public async Task<List<string>> GetUserAllDataScopeList(string userId)
|
||||
{
|
||||
var dataScopes = await _sysCacheService.GetDataScope(userId); // 先从缓存里面读取
|
||||
if (dataScopes != null && dataScopes.Count > 0)
|
||||
{
|
||||
return dataScopes;
|
||||
}
|
||||
var orgId = await _sysEmpRep.DetachedEntities.Where(e => e.Id == userId).Select(u => u.OrgId).SingleAsync();
|
||||
var orgAreaCode = await _sysOrgRep.Where(o => o.Id == orgId).Select(o => o.AreaCode).SingleAsync();
|
||||
//获取用户额外授权数据
|
||||
var userExtraDataScope = await(from org in _sysOrgRep.DetachedEntities
|
||||
join ua in _sysUserAreaRep.DetachedEntities on org.AreaCode equals ua.AreaCode
|
||||
where ua.SysUserId == userId
|
||||
select org.Id).Concat(from ud in _sysUserDataScopeRep.DetachedEntities
|
||||
where ud.SysUserId == userId
|
||||
select ud.SysOrgId).ToListAsync();
|
||||
//获取用户所有角色
|
||||
//获取其他类型中最大的角色
|
||||
var areaScopeTypes = new[] { DataScopeType.AREA, DataScopeType.AREA_WITH_CHILD }.Cast<int>();
|
||||
var strongerDataScopeType = (int)DataScopeType.SELF;
|
||||
var strongerAreaType = (int)DataScopeType.SELF;
|
||||
|
||||
//获取区域相关的角色类型中最大的区域角色
|
||||
var customDataScopeRoleIdList = new List<string>();
|
||||
var roleList = from role in _sysRoleRep.DetachedEntities
|
||||
join ur in _sysUserRoleRep.DetachedEntities on role.Id equals ur.SysRoleId
|
||||
where ur.SysUserId == userId
|
||||
select role;
|
||||
foreach (var role in await roleList.ToListAsync())
|
||||
{
|
||||
if (role.DataScopeType == (int)DataScopeType.DEFINE)
|
||||
customDataScopeRoleIdList.Add(role.Id);
|
||||
if ((role.DataScopeType == (int)DataScopeType.AREA || role.DataScopeType == (int)DataScopeType.AREA_WITH_CHILD) && strongerAreaType < role.DataScopeType)
|
||||
{
|
||||
strongerAreaType = role.DataScopeType;
|
||||
}
|
||||
else if (role.DataScopeType <= strongerDataScopeType)
|
||||
strongerDataScopeType = role.DataScopeType;
|
||||
}
|
||||
// 自定义数据范围的角色对应的数据范围
|
||||
var roleDataScopeIdList = await _sysRoleDataRep.DetachedEntities.Where(rd => customDataScopeRoleIdList.Contains(rd.SysRoleId)).Select(rd => orgId).ToListAsync();
|
||||
|
||||
// 角色中拥有最大数据范围类型的数据范围
|
||||
var dataScopeIdList = await GetDataScopeListByDataScopeType(strongerDataScopeType, orgId);
|
||||
//角色区域数据范围
|
||||
var areaOrgIdList = new List<string>();
|
||||
if (strongerAreaType == (int)DataScopeType.AREA_WITH_CHILD)
|
||||
areaOrgIdList = await _sysOrgRep.DetachedEntities.Where(p => p.AreaCode.StartsWith(orgAreaCode)).Select(p => p.Id).ToListAsync();
|
||||
if (strongerAreaType == (int)DataScopeType.AREA)
|
||||
areaOrgIdList = await _sysOrgRep.DetachedEntities.Where(p => p.AreaCode == orgAreaCode).Select(p => p.Id).ToListAsync();
|
||||
//获取
|
||||
var scope = userExtraDataScope.Concat(roleDataScopeIdList).Concat(dataScopeIdList).Concat(areaOrgIdList).Distinct().ToList();
|
||||
#if DEBUG
|
||||
#else
|
||||
await _sysCacheService.SetDataScope(userId, scope);
|
||||
#endif
|
||||
return scope;
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user