public IActionResult Login(string userName, string password)
{
if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(password))
{
return(base.FailedMsg("用户名/密码不能为空"));
}
var msg = string.Empty;
if (!_accountService.SingIn(userName.Trim(), password, out SysUser user, out msg))
{
Log4NetHelper.WriteInfo(typeof(AccountController), $"Failed to log in {userName}");
return(base.FailedMsg(msg));
}
// 身份认证
LoginInfoSession UserSession = new LoginInfoSession
{
UserId = user.UserId,
RealName = user.RealName,
DepartmentId = user.DepartmentId.ToString(),
RoleId = user.RoleId.ToString(),
};
UserInfoSession = UserSession;
Log4NetHelper.WriteInfo(typeof(AccountController), $"Logged in {userName}");
return(SuccessMsg(msg));
}
/// <summary>
/// 获得当前用户的所有claims
/// </summary>
/// <param name="loginInfo"></param>
/// <returns></returns>
private List <SysClaim> GetAllClaims(LoginInfoSession loginInfo)
{
var id = _userRepository.Get(x => x.UserId == loginInfo.UserId).Select(x => x.Id).FirstOrDefault();
var userClaims = GetUserPermission(id.ToString()).Select(x => x.SysClaim).ToList();
var roleClaims = GetUserRolePermission(id.ToString()).Select(x => x.SysClaim).ToList();
var deptClaims = GetDeptPermission(loginInfo.DepartmentId).Select(x => x.SysClaim).ToList();
userClaims.AddRange(roleClaims);
userClaims.AddRange(deptClaims);
return(userClaims);
}
/// <summary>
/// 获取用户按钮权限并集
/// </summary>
/// <param name="loginInfo"></param>
/// <returns></returns>
public string GetUnionBtnPermission(LoginInfoSession loginInfo, string url)
{
if (loginInfo.UserId.ToUpper() == _admin.ToUpper())
{
return(BtnPermission.AllBtnPms);
}
else
{
var claim = _claimRepository.Entities.Where(x => x.Url.ToUpper() == url.ToUpper()).FirstOrDefault();
if (claim != null)
{
//用户
var uid = (from x in _userRepository.Entities
where x.UserId == loginInfo.UserId && x.State == StateEnum.Normal
select x.Id).FirstOrDefault();
string userBtn = string.Empty;
string deptBtn = string.Empty;
string roleBtn = string.Empty;
var userEntity = _userclaimRepository.Get(x => x.ClaimId == claim.Id &&
x.UserId == uid).FirstOrDefault();
if (userEntity != null)
{
userBtn = userEntity.BtnPermission;
}
//部门
var deptEntity = _deptclaimRepository.Get(x => x.ClaimId == claim.Id &&
x.DepartmentId.ToString() == loginInfo.DepartmentId).FirstOrDefault();
if (deptEntity != null)
{
deptBtn = deptEntity.BtnPermission;
}
//角色
//var roleEntity = _roleclaimRepository.Get(x => x.ClaimId == claim.Id
// && x.RoleId.ToString() == loginInfo.RoleId).FirstOrDefault();
var roleEntity = (from x in _userRoleRepository.Entities
join y in _roleclaimRepository.Entities on x.RoleId equals y.RoleId into temp1
from a in temp1.DefaultIfEmpty()
where x.UserId == uid && a.ClaimId == claim.Id
select a).FirstOrDefault();
if (roleEntity != null)
{
roleBtn = roleEntity.BtnPermission;
}
return(userBtn + deptBtn + roleBtn);
}
return(string.Empty);
}
}
/// <summary>
/// 获取人员页面权限并集(用户登陆时加载页面时的判断)
/// </summary>
/// <param name="loginInfo"></param>
/// <returns></returns>
public List <SysClaim> GetUnionPermission(LoginInfoSession loginInfo)
{
// 管理员拥有所有权限
if (loginInfo.UserId.ToUpper() == _admin.ToUpper())
{
return(GetAllPermission());
}
else
{
List <SysClaim> userClaims = GetAllClaims(loginInfo);
return(userClaims.Distinct(new ClaimCompare()).OrderBy(x => x.Sort).ToList());
}
}
