public async Task <IActionResult> Index()
{
List <IdentityRole> identityList = new List <IdentityRole>();
identityList.AddRange(await _roleRepo.GetAllAsync());
ViewBag.RoleList = new SelectList(identityList, "Id", "Name");
var users = await _userRepo.GetAllAsync();
var roles = await _roleRepo.GetAllAsync();
var userManagerVMs = new UserManagerVM()
{
Roles = roles,
UserVMS = new List <UserVM>()
};
foreach (var user in users)
{
var uservm = new UserVM
{
Id = user.Id,
Email = user.Email,
UserRoles = await _userManager.GetRolesAsync(user)
};
userManagerVMs.UserVMS.Add(uservm);
}
return(View(userManagerVMs));
}
public async Task RemoveAsync(IEnumerable <string> targetIds, IEnumerable <string> allowedClientIds = null)
{
if (targetIds == null || !targetIds.Any())
{
return;
}
var existed = await _roleRepo.GetAllAsync(roleIds : targetIds, allowedClientIds : allowedClientIds, pageSize : 0);
if (existed.Data != null)
{
foreach (var itm in existed.Data)
{
await _roleMgr.DeleteAsync(itm);
}
}
}
public async Task <IEnumerable <OrganizationRoleDto> > GetRolesAsync(string id, bool getAllRoles = false, IEnumerable <string> allowedClientIds = null)
{
var org = await _orgRepo.GetAsync(id);
if (org == null)
{
throw new IamException(System.Net.HttpStatusCode.BadRequest, "机构不存在");
}
if (!getAllRoles)
{
return(org.OrganizationRoles.Select(itm => new OrganizationRoleDto
{
Id = itm.RoleId,
Name = itm.Role.Name,
Desc = itm.Role.Description,
IsAdmin = itm.Role.IsAdmin,
IsSuperAdmin = itm.Role.IsSuperAdmin,
IsOwned = true,
}));
}
var roles = await _roleRepo.GetAllAsync(allowedClientIds : allowedClientIds, pageSize : 0);
var orgRoles = org.OrganizationRoles.Select(itm => itm.RoleId);
return(roles.Data?.Select(itm => new OrganizationRoleDto
{
Id = itm.Id,
Name = itm.Name,
Desc = itm.Description,
IsAdmin = itm.IsAdmin,
IsSuperAdmin = itm.IsSuperAdmin,
IsOwned = orgRoles.Any(roleId => itm.Id == roleId)
}));
}
public async Task <IEnumerable <UserRoleDto> > GetRolesAsync(string id, bool getAllRoles = false, IEnumerable <string> allowedClientIds = null)
{
var user = await _userRepo.GetAsync(id);
if (user == null)
{
throw new IamException(System.Net.HttpStatusCode.BadRequest, "用户不存在");
}
var roleNames = await _userMgr.GetRolesAsync(user);
var userRoles = await _roleRepo.GetAllByNamesAsync(roleNames, allowedClientIds);
var orgRoles = user.UserOrganizations.SelectMany(itm => itm.Organization.OrganizationRoles.Select(itm => itm.Role));
if (allowedClientIds != null)
{
// 普通管理员只能看到有权限的 clientId
orgRoles = orgRoles.Where(itm => allowedClientIds.Contains(itm.ClientId));
}
List <UserRoleDto> results = null;
if (!getAllRoles)
{
results = userRoles.Select(itm => new UserRoleDto
{
Id = itm.Id,
Name = itm.Name,
Desc = itm.Description,
IsAdmin = itm.IsAdmin,
IsSuperAdmin = itm.IsSuperAdmin,
IsOwned = true,
}).ToList();
// 增加组织中包含的角色
results.AddRange(orgRoles.Select(itm => new UserRoleDto
{
Id = itm.Id,
Name = itm.Name,
Desc = itm.Description,
IsAdmin = itm.IsAdmin,
IsSuperAdmin = itm.IsSuperAdmin,
IsOwned = true,
IsBelongToOrg = true
}));
return(results.Distinct());
}
var allRoles = await _roleRepo.GetAllAsync(allowedClientIds : allowedClientIds, pageSize : 0);
results = allRoles.Data?.Select(itm => new UserRoleDto
{
Id = itm.Id,
Name = itm.Name,
Desc = itm.Description,
IsAdmin = itm.IsAdmin,
IsSuperAdmin = itm.IsSuperAdmin,
IsOwned = userRoles.Any(role => itm.Id == role.Id) || orgRoles.Any(role => itm.Id == role.Id),
IsBelongToOrg = orgRoles.Any(role => itm.Id == role.Id)
}).ToList();
return(results.Distinct());
}
