/// <summary>
/// 检查用户是否有权限
/// </summary>
/// <param name="userId"></param>
/// <param name="permissionCore"></param>
/// <param name="cancellationToken"></param>
/// <returns></returns>
public async Task <ResponseMessage <bool> > CheckPermissionAsync(string userId, string permissionCore, CancellationToken cancellationToken = default(CancellationToken))
{
var response = new ResponseMessage <bool>()
{
Extension = false
};
var user = await _userStore.GetAsync(userId);
if (user is null)
{
response.Extension = false;
}
var permission = await _permissionStore.IQueryableListAsync().Where(y => y.Code == permissionCore).FirstOrDefaultAsync(cancellationToken);
if (permission is null)
{
response.Extension = false;
}
var have = _permissionStore.Permissionitem_Expansions().Where(item => item.UserId == userId && permissionCore == item.PermissionCode);
if (have.Any())
{
response.Extension = true;
}
return(response);
}
/// <summary>
/// 角色详情(查询所有拥有的权限)
/// </summary>
/// <param name="roleid"></param>
/// <param name="cancellationToken"></param>
/// <returns></returns>
public async Task <ResponseMessage <dynamic> > RoleDetailsAsync(string roleid, CancellationToken cancellationToken = default(CancellationToken))
{
var response = new ResponseMessage <dynamic>();
var details = from per in _permissionStore.IQueryableListAsync()
join role_permission in _rolePermissionStore.IQueryableListAsync()
on per.Id equals role_permission.PermissionId into s
from s1 in s.DefaultIfEmpty()
join role in _roleStore.IQueryableListAsync()
on s1.RoleId equals role.Id into t
from t1 in t.DefaultIfEmpty()
where t1.Id == roleid
select new
{
roleid = t1.Id,
rolename = t1.Name,
permissionid = per.Id,
permissionname = per.Name
};
response.Extension = await details.FirstOrDefaultAsync(cancellationToken);
return(response);
}
/// <summary>
/// 绑定用户角色
/// </summary>
/// <param name="request"></param>
/// <param name="cancellationToken"></param>
/// <returns></returns>
public async Task <ResponseMessage <bool> > BindUserRoleAsync(UserAndroleRequest request, CancellationToken cancellationToken = default(CancellationToken))
{
var response = new ResponseMessage <bool>()
{
Extension = false
};
using (var transaction = await _transaction.BeginTransaction())
{
try
{
var oldUserRole = _userRoleStore.IQueryableListAsync().Where(item => item.UserId == request.UserId);
//新增用户角色和原来的不一致时,就直接删除,在重新添加
if (request.RoleId.Count != await oldUserRole.CountAsync(cancellationToken))
{
var oldid = await oldUserRole.Select(y => y.Id).ToListAsync(cancellationToken);
await _userRoleStore.DeleteRangeAsync(oldid);
var permissionExpansions = await _permissionStore.Permissionitem_Expansions().Where(u => u.UserId == request.UserId).ToListAsync(cancellationToken);
if (permissionExpansions.Any())
{
await _permissionStore.DeleteRangeAsync(permissionExpansions); //删除权限扩展表数据
}
}
else
{
response.Code = ResponseCodeDefines.ObjectAlreadyExists;
response.Extension = false;
response.Message = "该用户还是原来的角色";
return(response);
}
if (request.RoleId.Any())
{
var userAndrole = new List <User_Role>()
{
};
foreach (var item in request.RoleId)
{
userAndrole.Add(new User_Role
{
CreateTime = DateTime.Now,
Id = Guid.NewGuid().ToString(),
RoleId = item,
UserId = request.UserId,
});
}
var info = await _rolePermissionStore.IQueryableListAsync().Where(c => request.RoleId.Contains(c.RoleId)).Select(u => u.PermissionId).ToListAsync();
if (info.Any())
{
var perExpansions = await _permissionStore.IQueryableListAsync().Where(j => info.Contains(j.Id)).Select(b => new Permissionitem_expansion
{
UserId = request.UserId,
CreateTime = DateTime.Now,
Id = Guid.NewGuid().ToString(),
PermissionCode = b.Code,
}).ToListAsync();
await _permissionStore.AddRangeAsync(perExpansions); // 新增权限扩展表数据
}
await _userRoleStore.AddRangeEntityAsync(userAndrole);
}
await transaction.CommitAsync();
response.Extension = true;
}
catch (Exception e)
{
await transaction.RollbackAsync();
_logger.LogError($"绑定用户角色失败,错误日志:{JsonHelper.ToJson(e.ToString())}");
throw new ZCustomizeException(ResponseCodeEnum.ServiceError, "绑定用户角色失败,请重试");
}
}
return(response);
}
