/// <summary>
/// 获取用户无读取权限的字段
/// </summary>
/// <param name="userId"></param>
/// <param name="securityFields"></param>
/// <returns></returns>
public List <Guid> GetNoneReadFields(Guid userId, List <Guid> securityFields, int objectTypeCode)
{
if (securityFields.IsEmpty())
{
return(securityFields);
}
List <Guid> result;
Sql s = Sql.Builder.Append("select distinct b.AttributeId from RoleObjectAccess a")
.Append("inner join Attribute b on a.ObjectId = b.AttributeId")
.Append("inner join SystemUserRoles c on a.RoleId = c.RoleId")
.Append("where a.AccessRightsMask = 1 and c.SystemUserId=@0", userId)
.Append("and a.ObjectId in(@0)", securityFields.Select(x => (object)x).ToArray())
.Append("and a.ObjectTypeCode = @0", objectTypeCode);
var data = new DataRepositoryBase <dynamic>(_dbContext).ExecuteQuery(s);
if (data.NotEmpty())
{
result = securityFields.Where(x => !data.Select(f => f.AttributeId).Contains(x)).ToList();
}
else
{
result = securityFields;
}
return(result);
}
