/// <summary>
/// 删除实体角色信息信息
/// </summary>
/// <param name="ids">要删除的实体角色信息编号</param>
/// <returns>业务操作结果</returns>
public virtual async Task <OperationResult> DeleteEntityRoles(params Guid[] ids)
{
List <(string, string)> list = new List <(string, string)>();
OperationResult result = await _entityRoleRepository.DeleteAsync(ids,
async entity =>
{
TRole role = await _roleRepository.GetAsync(entity.RoleId);
TEntityInfo entityInfo = await _entityInfoRepository.GetAsync(entity.EntityId);
if (role != null && entityInfo != null)
{
list.Add((role.Name, entityInfo.TypeName));
}
});
if (result.Successed && list.Count > 0)
{
//移除数据权限缓存
IDataAuthCache cache = ServiceLocator.Instance.GetService <IDataAuthCache>();
foreach ((string roleName, string typeName) in list)
{
cache.RemoveCache(roleName, typeName, DataAuthOperation.Delete);
}
}
return(result);
}
/// <summary>
/// 应用模块服务
/// </summary>
/// <param name="provider">服务提供者</param>
public override void UsePack(IServiceProvider provider)
{
IModuleHandler moduleHandler = provider.GetService <IModuleHandler>();
moduleHandler.Initialize();
//初始化各种缓存
IFunctionHandler functionHandler = provider.GetService <IFunctionHandler>();
functionHandler.RefreshCache();
IEntityInfoHandler entityInfoHandler = provider.GetService <IEntityInfoHandler>();
entityInfoHandler.RefreshCache();
IFunctionAuthCache functionAuthCache = provider.GetService <IFunctionAuthCache>();
functionAuthCache.BuildRoleCaches();
IDataAuthCache dataAuthCache = provider.GetService <IDataAuthCache>();
dataAuthCache.BuildCaches();
IsEnabled = true;
}
/// <summary>
/// 事件处理
/// </summary>
/// <param name="eventData">事件源数据</param>
public override void Handle(DataAuthCacheRefreshEventData eventData)
{
IDataAuthCache cache = ServiceLocator.Instance.GetService <IDataAuthCache>();
foreach (DataAuthCacheItem cacheItem in eventData.CacheItems)
{
cache.SetCache(cacheItem);
}
}
/// <summary>
/// 获取指定查询条件组的查询表达式,并综合数据权限
/// </summary>
/// <typeparam name="T">实体类型</typeparam>
/// <param name="group">传入的查询条件组,为空时则只返回数据权限过滤器</param>
/// <param name="operation">数据权限操作</param>
/// <returns>综合之后的表达式</returns>
public virtual Expression <Func <T, bool> > GetDataFilterExpression <T>(FilterGroup group = null,
DataAuthOperation operation = DataAuthOperation.Read)
{
Expression <Func <T, bool> > exp = m => true;
if (group != null)
{
exp = GetExpression <T>(group);
}
//从缓存中查找当前用户的角色与实体T的过滤条件
ClaimsPrincipal user = _serviceProvider.GetCurrentUser();
if (user == null)
{
return(exp);
}
IDataAuthCache dataAuthCache = _serviceProvider.GetService <IDataAuthCache>();
if (dataAuthCache == null)
{
return(exp);
}
// 要判断数据权限功能,先要排除没有执行当前功能权限的角色,判断剩余角色的数据权限
string[] roleNames = user.Identity.GetRoles();
ScopedDictionary scopedDict = _serviceProvider.GetService <ScopedDictionary>();
if (scopedDict?.Function != null)
{
roleNames = scopedDict.DataAuthValidRoleNames;
}
string typeName = typeof(T).GetFullNameWithModule();
Expression <Func <T, bool> > subExp = null;
foreach (string roleName in roleNames)
{
FilterGroup subGroup = dataAuthCache.GetFilterGroup(roleName, typeName, operation);
if (subGroup == null)
{
continue;
}
subExp = subExp == null?GetExpression <T>(subGroup) : subExp.Or(GetExpression <T>(subGroup));
}
if (subExp != null)
{
if (group == null)
{
return(subExp);
}
exp = subExp.And(exp);
}
return(exp);
}
/// <summary>
/// 应用模块服务
/// </summary>
/// <param name="provider">服务提供者</param>
public override void UsePack(IServiceProvider provider)
{
IEntityInfoHandler entityInfoHandler = provider.GetService <IEntityInfoHandler>();
entityInfoHandler.RefreshCache();
IDataAuthCache dataAuthCache = provider.GetService <IDataAuthCache>();
dataAuthCache.BuildCaches();
IsEnabled = true;
}
/// <summary>
/// 获取指定查询条件组的查询表达式,并综合数据权限
/// </summary>
/// <typeparam name="T">实体类型</typeparam>
/// <param name="group">传入的查询条件组,为空时则只返回数据权限过滤器</param>
/// <returns></returns>
public static Expression <Func <T, bool> > GetDataFilterExpression <T>(FilterGroup group = null)
{
Expression <Func <T, bool> > exp = m => true;
if (group != null)
{
exp = GetExpression <T>(group);
}
//从缓存中查找当前用户的角色与实体T的过滤条件
ClaimsPrincipal user = ServiceLocator.Instance.GetCurrentUser();
if (user == null)
{
return(exp);
}
IDataAuthCache cache = ServiceLocator.Instance.GetService <IDataAuthCache>();
if (cache == null)
{
return(exp);
}
string[] roleNames = user.Identity.GetRoles();
string typeName = typeof(T).FullName;
Expression <Func <T, bool> > subExp = null;
foreach (string roleName in roleNames)
{
FilterGroup subGroup = cache.GetFilterGroup(roleName, typeName);
if (subGroup == null)
{
continue;
}
subExp = subExp == null?GetExpression <T>(subGroup) : subExp.Or(GetExpression <T>(subGroup));
}
if (subExp != null)
{
if (group == null)
{
return(subExp);
}
exp = subExp.And(exp);
}
return(exp);
}
/// <summary>
/// 初始化一个<see cref="DataAuthCacheRefreshEventHandler"/>类型的新实例
/// </summary>
public DataAuthCacheRefreshEventHandler(IDataAuthCache authCache)
{
_authCache = authCache;
}
