/// <summary>
/// 获取指定查询条件组的查询表达式,并综合数据权限
/// </summary>
/// <typeparam name="T">实体类型</typeparam>
/// <param name="group">传入的查询条件组,为空时则只返回数据权限过滤器</param>
/// <param name="operation">数据权限操作</param>
/// <returns>综合之后的表达式</returns>
public virtual Expression <Func <T, bool> > GetDataFilterExpression <T>(FilterGroup group = null,
DataAuthOperation operation = DataAuthOperation.Read)
{
Expression <Func <T, bool> > exp = m => true;
if (group != null)
{
exp = GetExpression <T>(group);
}
//从缓存中查找当前用户的角色与实体T的过滤条件
ClaimsPrincipal user = _serviceProvider.GetCurrentUser();
if (user == null)
{
return(exp);
}
IDataAuthCache dataAuthCache = _serviceProvider.GetService <IDataAuthCache>();
if (dataAuthCache == null)
{
return(exp);
}
// 要判断数据权限功能,先要排除没有执行当前功能权限的角色,判断剩余角色的数据权限
string[] roleNames = user.Identity.GetRoles();
ScopedDictionary scopedDict = _serviceProvider.GetService <ScopedDictionary>();
if (scopedDict?.Function != null)
{
roleNames = scopedDict.DataAuthValidRoleNames;
}
string typeName = typeof(T).GetFullNameWithModule();
Expression <Func <T, bool> > subExp = null;
foreach (string roleName in roleNames)
{
FilterGroup subGroup = dataAuthCache.GetFilterGroup(roleName, typeName, operation);
if (subGroup == null)
{
continue;
}
subExp = subExp == null?GetExpression <T>(subGroup) : subExp.Or(GetExpression <T>(subGroup));
}
if (subExp != null)
{
if (group == null)
{
return(subExp);
}
exp = subExp.And(exp);
}
return(exp);
}
/// <summary>
/// 获取指定查询条件组的查询表达式,并综合数据权限
/// </summary>
/// <typeparam name="T">实体类型</typeparam>
/// <param name="group">传入的查询条件组,为空时则只返回数据权限过滤器</param>
/// <returns></returns>
public static Expression <Func <T, bool> > GetDataFilterExpression <T>(FilterGroup group = null)
{
Expression <Func <T, bool> > exp = m => true;
if (group != null)
{
exp = GetExpression <T>(group);
}
//从缓存中查找当前用户的角色与实体T的过滤条件
ClaimsPrincipal user = ServiceLocator.Instance.GetCurrentUser();
if (user == null)
{
return(exp);
}
IDataAuthCache cache = ServiceLocator.Instance.GetService <IDataAuthCache>();
if (cache == null)
{
return(exp);
}
string[] roleNames = user.Identity.GetRoles();
string typeName = typeof(T).FullName;
Expression <Func <T, bool> > subExp = null;
foreach (string roleName in roleNames)
{
FilterGroup subGroup = cache.GetFilterGroup(roleName, typeName);
if (subGroup == null)
{
continue;
}
subExp = subExp == null?GetExpression <T>(subGroup) : subExp.Or(GetExpression <T>(subGroup));
}
if (subExp != null)
{
if (group == null)
{
return(subExp);
}
exp = subExp.And(exp);
}
return(exp);
}