/// <summary>
/// 记录授权操作
/// </summary>
/// <param name="authorityOperation">授权操作</param>
static void RecordAuthOperation(AuthorityOperationDto authorityOperation)
{
if (authorityOperation == null)
{
return;
}
var operationValue = $"{authorityOperation.ControllerCode}/{authorityOperation.ActionCode}";
var operationCacheKey = CacheUtil.GetOperationCacheKey(operationValue);
CacheManager.SetData(operationCacheKey, authorityOperation);
}
/// <summary>
/// 授权验证
/// </summary>
/// <param name="operation">授权操作</param>
/// <returns></returns>
public static async Task <bool> AuthorizationAsync(AuthenticationUser <long> user, AuthorityOperationCmdDto operation)
{
if (operation == null || user == null)
{
return(false);
}
if (user.IsAdmin)
{
return(true);
}
operation.ControllerCode = operation.ControllerCode?.ToUpper() ?? string.Empty;
operation.ActionCode = operation.ActionCode?.ToUpper() ?? string.Empty;
#region 授权操作判断
string operationValue = $"{operation.ControllerCode}/{operation.ActionCode}";
var operationCacheKey = CacheUtil.GetOperationCacheKey(operationValue);
var nowOperation = CacheManager.GetData <AuthorityOperationDto>(operationCacheKey);
if (nowOperation == null || nowOperation.Status == AuthorityOperationStatus.关闭)
{
return(false);
}
if (nowOperation.AuthorizeType == AuthorityOperationAuthorizeType.无限制)
{
return(true);
}
#endregion
#region 授权操作分组判断
var groupKey = nowOperation.Group?.SysNo.ToString() ?? string.Empty;
if (groupKey.IsNullOrEmpty())
{
return(false);
}
var groupCacheKey = CacheUtil.GetOperationGroupCacheKey(groupKey);
var nowGroup = CacheManager.GetData <AuthorityOperationGroupDto>(groupCacheKey);
if (nowGroup == null || nowGroup.Status == AuthorityOperationGroupStatus.关闭)
{
return(false);
}
while (nowGroup.Level > 1)
{
var parentGroupKey = nowGroup.Parent?.SysNo.ToString() ?? string.Empty;
if (parentGroupKey.IsNullOrEmpty())
{
return(false);
}
var parentGroupCacheKey = CacheUtil.GetOperationGroupCacheKey(parentGroupKey);
var nowParentGroup = CacheManager.GetData <AuthorityOperationGroupDto>(parentGroupCacheKey);
nowGroup = nowParentGroup;
if (nowGroup == null || nowGroup.Status == AuthorityOperationGroupStatus.关闭)
{
return(false);
}
}
#endregion
var cacheKey = CacheUtil.GetUserAuthOperationCacheKey(user.Id.ToString());
var existResult = CacheManager.Set.Contains(new SetContainsOption()
{
Key = cacheKey,
Value = operationValue
})?.Responses ?? new List <SetContainsResponse>(0);
var hasOperation = existResult.IsNullOrEmpty() ? false : (existResult.FirstOrDefault()?.ContainsValue ?? false);
if (!hasOperation)
{
return(false);
}
return(await Task.FromResult(true));
}
