/// <summary>
/// 判断用户是否可以进入后台
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public static bool IsAllowEntryControlPannel(this IUser user)
{
if (user.IsInRoles(RoleNames.Instance().SuperAdministrator(), RoleNames.Instance().ContentAdministrator()))
{
return(true);
}
return(user.IsInRoles(ApplicationAdministratorRoleNames.GetAll().ToArray()));
}
/// <summary>
/// 内容隐私验证
/// </summary>
/// <param name="privacyable">可隐私接口</param>
/// <param name="toUserId">被验证用户Id</param>
/// <returns>true-验证通过,false-验证失败</returns>
public bool Validate(IPrivacyable privacyable, long toUserId)
{
if (privacyable.PrivacyStatus == PrivacyStatus.Public)
{
return(true);
}
if (privacyable.PrivacyStatus == PrivacyStatus.Private)
{
return(false);
}
if (toUserId == privacyable.UserId)
{
return(true);
}
//被验证用户为超级管理员
IUserService userService = DIContainer.Resolve <IUserService>();
IUser toUser = userService.GetUser(toUserId);
if (toUser.IsInRoles(RoleNames.Instance().SuperAdministrator()))
{
return(true);
}
//被验证用户为黑名单用户
PrivacyService privacyService = new PrivacyService();
if (privacyService.IsStopedUser(privacyable.UserId, toUserId))
{
return(false);
}
//判断指定对象可见
Dictionary <int, IEnumerable <ContentPrivacySpecifyObject> > dictionary = GetPrivacySpecifyObjects(privacyable.TenantTypeId, privacyable.ContentId);
if (dictionary == null || dictionary.Count() == 0)
{
return(false);
}
foreach (var pair in dictionary)
{
IPrivacySpecifyObjectValidator privacySpecifyUserGetter = DIContainer.ResolveNamed <IPrivacySpecifyObjectValidator>(pair.Key.ToString());
foreach (var specifyObject in pair.Value)
{
if (privacySpecifyUserGetter.Validate(privacyable.UserId, toUserId, specifyObject.SpecifyObjectId))
{
return(true);
}
}
}
return(false);
}
/// <summary>
/// 解析用户的权限规则用于权限验证
/// </summary>
/// <param name="userId">用户Id</param>
/// <returns></returns>
public ResolvedUserPermission ResolveUserPermission(long userId)
{
string cacheKey = "ResolvedUserPermission:" + userId;
ICacheService cacheService = DIContainer.Resolve <ICacheService>();
ResolvedUserPermission resolvedUserPermission = cacheService.Get <ResolvedUserPermission>(cacheKey);
if (resolvedUserPermission == null)
{
resolvedUserPermission = new ResolvedUserPermission();
var user = DIContainer.Resolve <IUserService>().GetUser(userId);
//匿名用户
if (user == null)
{
return(resolvedUserPermission);
}
RoleService roleService = DIContainer.Resolve <RoleService>();
IEnumerable <Role> userRoles = roleService.GetRolesOfUser(userId);
IList <string> roleNamesOfUser = userRoles.Select(n => n.RoleName).ToList();
roleNamesOfUser.Add(RoleNames.Instance().RegisteredUsers());
if (user.IsModerated)
{
roleNamesOfUser.Add(RoleNames.Instance().ModeratedUser());
}
foreach (var roleName in roleNamesOfUser)
{
IEnumerable <PermissionItemInUserRole> permissionItemsInUserRole = GetPermissionItemsInUserRole(roleName);
foreach (var permissionItemInUserRole in permissionItemsInUserRole)
{
PermissionItem permissionItem = GetPermissionItem(permissionItemInUserRole.ItemKey);
if (permissionItem == null)
{
continue;
}
resolvedUserPermission.Merge(permissionItem, permissionItemInUserRole.PermissionType, permissionItemInUserRole.PermissionScope, permissionItemInUserRole.PermissionQuota);
}
}
cacheService.Add(cacheKey, resolvedUserPermission, CachingExpirationType.UsualObjectCollection);
}
return(resolvedUserPermission);
}
/// <summary>
/// 判断是否需要在一定的严格程度上需要审核
/// </summary>
/// <param name="userId">UserId</param>
/// <param name="auditable">可审核实体</param>
/// <param name="strictDegree">审核严格程度</param>
/// <returns></returns>
private bool NeedAudit(long userId, IAuditable auditable, AuditStrictDegree strictDegree)
{
var user = DIContainer.Resolve <IUserService>().GetUser(userId);
//匿名用户需要审核
if (user == null)
{
return(true);
}
UserSettings userSettings = DIContainer.Resolve <ISettingsManager <UserSettings> >().Get();
RoleService roleService = new RoleService();
//不启用审核
if (!userSettings.EnableAudit)
{
return(false);
}
//如果用户处于免审核角色,则直接通过
if (roleService.IsUserInRoles(userId, userSettings.NoAuditedRoleNames.ToArray()))
{
return(false);
}
//获取用户所属的角色,并附加上注册用户角色
IList <string> roleNamesOfUser = roleService.GetRoleNamesOfUser(userId).ToList();
roleNamesOfUser.Add(RoleNames.Instance().RegisteredUsers());
if (user.IsModerated)
{
roleNamesOfUser.Add(RoleNames.Instance().ModeratedUser());
}
//判断每个用户角色的设置是否可用
foreach (var roleName in roleNamesOfUser)
{
IEnumerable <AuditItemInUserRole> auditItemInUserRoles = GetAuditItemsInUserRole(roleName);
foreach (var auditItemInUserRole in auditItemInUserRoles)
{
if (auditItemInUserRole.ItemKey.Equals(auditable.AuditItemKey))
{
if (auditItemInUserRole.StrictDegree == AuditStrictDegree.None)
{
return(false);
}
else if (auditItemInUserRole.StrictDegree == AuditStrictDegree.NotSet)
{
break;
}
else if ((int)auditItemInUserRole.StrictDegree >= (int)strictDegree)
{
return(true);
}
}
}
}
//如果用户处于免审核用户等级,也直接通过
if (user.Rank >= userSettings.MinNoAuditedUserRank)
{
return(false);
}
return(false);
}
///<overloads>隐私验证</overloads>
/// <summary>
/// 隐私验证
/// </summary>
/// <param name="userId">用户Id</param>
/// <param name="toUserId">被验证用户Id</param>
/// <param name="itemKey">隐私项目Key</param>
/// <returns>true-验证通过,false-验证失败</returns>
public bool Validate(long userId, long toUserId, string itemKey)
{
if (toUserId == userId)
{
return(true);
}
//被验证用户为超级管理员
IUserService userService = DIContainer.Resolve <IUserService>();
IUser toUser = userService.GetUser(toUserId);
if (toUser != null)
{
if (toUser.IsInRoles(RoleNames.Instance().SuperAdministrator()))
{
return(true);
}
//被验证用户为黑名单用户
if (IsStopedUser(userId, toUserId))
{
return(false);
}
}
Dictionary <string, PrivacyStatus> userUserPrivacySettings = GetUserPrivacySettings(userId);
if (userUserPrivacySettings.ContainsKey(itemKey))
{
switch (userUserPrivacySettings[itemKey])
{
case PrivacyStatus.Public:
return(true);
case PrivacyStatus.Part:
return(toUser != null && ValidateUserPrivacySpecifyObject(userId, toUserId, itemKey));
case PrivacyStatus.Private:
return(false);
default:
return(false);
}
}
var privacyItem = GetPrivacyItem(itemKey);
if (privacyItem != null)
{
switch (privacyItem.PrivacyStatus)
{
case PrivacyStatus.Private:
return(false);
case PrivacyStatus.Part:
FollowService followService = new FollowService();
return(followService.IsFollowed(userId, toUserId));
case PrivacyStatus.Public:
return(true);
default:
return(true);
}
}
return(false);
}
/// <summary>
/// 用户获取所有提醒设置
/// </summary>
/// <param name="userId">用户Id</param>
/// <returns>Key:提醒方式Id,Value:用户提醒设置集合</returns>
public Dictionary <string, IEnumerable <UserReminderSettings> > GetAllUserReminderSettings(long userId)
{
Dictionary <string, IEnumerable <UserReminderSettings> > userReminderSettingsesDictionary = userReminderSettingsRepository.GetAllUserReminderSettings(userId);
if (userReminderSettingsesDictionary == null)
{
userReminderSettingsesDictionary = new Dictionary <string, IEnumerable <UserReminderSettings> >();
}
foreach (var reminderMode in ReminderMode.GetAll())
{
int reminderModeId = reminderMode.ModeId;
IEnumerable <UserReminderSettings> userReminderSettingses = null;
userReminderSettingsesDictionary.TryGetValue(reminderModeId.ToString(), out userReminderSettingses);
ReminderSettings settings = reminderSettingsManager.Get();
if (settings == null || settings.ReminderModeSettingses == null)
{
return(new Dictionary <string, IEnumerable <UserReminderSettings> >());
}
var reminderModeSettings = settings.ReminderModeSettingses.FirstOrDefault(n => n.ModeId == reminderMode.ModeId);
if (reminderModeSettings == null)
{
continue;
}
IEnumerable <string> allowedUserRoleNames = reminderModeSettings.AllowedUserRoleNames;
//注册用户代表所有用户
if (!allowedUserRoleNames.Contains(RoleNames.Instance().RegisteredUsers()))
{
IUser user = DIContainer.Resolve <IUserService>().GetUser(userId);
if (!user.IsInRoles(allowedUserRoleNames.ToArray()))
{
userReminderSettingsesDictionary[reminderModeId.ToString()] = null;
continue;
}
}
IEnumerable <ReminderInfoTypeSettings> defaultUserReminderSettingses = reminderModeSettings.ReminderInfoTypeSettingses;
if (userReminderSettingses == null || userReminderSettingses.Count() == 0 || defaultUserReminderSettingses.Count() > userReminderSettingses.Count())
{
//合并
if (userReminderSettingses == null)
{
userReminderSettingses = new List <UserReminderSettings>();
}
//1.用户没有设置过
if (userReminderSettingses.Count() == 0)
{
userReminderSettingses = defaultUserReminderSettingses.Select(n =>
{
UserReminderSettings userReminderSettings = UserReminderSettings.New(n);
userReminderSettings.UserId = userId;
userReminderSettings.ReminderModeId = reminderModeId;
return(userReminderSettings);
}).ToList();
}
//2.站点新增过提醒类型,则历史用户需要新增这些类型
if (defaultUserReminderSettingses.Count() > userReminderSettingses.Count())
{
IList <UserReminderSettings> userReminderSettingsesList = new List <UserReminderSettings>(userReminderSettingses);
foreach (var setting in defaultUserReminderSettingses)
{
if (!userReminderSettingses.Any(n => n.ReminderInfoTypeId == setting.ReminderInfoTypeId))
{
UserReminderSettings userReminderSettings = UserReminderSettings.New(setting);
userReminderSettings.UserId = userId;
userReminderSettings.ReminderModeId = reminderModeId;
userReminderSettingsesList.Add(userReminderSettings);
}
}
userReminderSettingses = userReminderSettingsesList;
}
userReminderSettingsesDictionary[reminderModeId.ToString()] = userReminderSettingses;
}
}
return(userReminderSettingsesDictionary);
}
/// <summary>
/// 判断用户是否为超级管理员
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public static bool IsContentAdministrator(this IUser user)
{
RoleService roleService = DIContainer.Resolve <RoleService>();
return(roleService.IsUserInRoles(user.UserId, RoleNames.Instance().ContentAdministrator()));
}