public IActionResult Login(string userName, string password) { if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(password)) { return(base.FailedMsg("用户名/密码不能为空")); } var msg = string.Empty; if (!_accountService.SingIn(userName.Trim(), password, out SysUser user, out msg)) { Log4NetHelper.WriteInfo(typeof(AccountController), $"Failed to log in {userName}"); return(base.FailedMsg(msg)); } // 身份认证 LoginInfoSession UserSession = new LoginInfoSession { UserId = user.UserId, RealName = user.RealName, DepartmentId = user.DepartmentId.ToString(), RoleId = user.RoleId.ToString(), }; UserInfoSession = UserSession; Log4NetHelper.WriteInfo(typeof(AccountController), $"Logged in {userName}"); return(SuccessMsg(msg)); }
/// <summary> /// 获得当前用户的所有claims /// </summary> /// <param name="loginInfo"></param> /// <returns></returns> private List <SysClaim> GetAllClaims(LoginInfoSession loginInfo) { var id = _userRepository.Get(x => x.UserId == loginInfo.UserId).Select(x => x.Id).FirstOrDefault(); var userClaims = GetUserPermission(id.ToString()).Select(x => x.SysClaim).ToList(); var roleClaims = GetUserRolePermission(id.ToString()).Select(x => x.SysClaim).ToList(); var deptClaims = GetDeptPermission(loginInfo.DepartmentId).Select(x => x.SysClaim).ToList(); userClaims.AddRange(roleClaims); userClaims.AddRange(deptClaims); return(userClaims); }
/// <summary> /// 获取用户按钮权限并集 /// </summary> /// <param name="loginInfo"></param> /// <returns></returns> public string GetUnionBtnPermission(LoginInfoSession loginInfo, string url) { if (loginInfo.UserId.ToUpper() == _admin.ToUpper()) { return(BtnPermission.AllBtnPms); } else { var claim = _claimRepository.Entities.Where(x => x.Url.ToUpper() == url.ToUpper()).FirstOrDefault(); if (claim != null) { //用户 var uid = (from x in _userRepository.Entities where x.UserId == loginInfo.UserId && x.State == StateEnum.Normal select x.Id).FirstOrDefault(); string userBtn = string.Empty; string deptBtn = string.Empty; string roleBtn = string.Empty; var userEntity = _userclaimRepository.Get(x => x.ClaimId == claim.Id && x.UserId == uid).FirstOrDefault(); if (userEntity != null) { userBtn = userEntity.BtnPermission; } //部门 var deptEntity = _deptclaimRepository.Get(x => x.ClaimId == claim.Id && x.DepartmentId.ToString() == loginInfo.DepartmentId).FirstOrDefault(); if (deptEntity != null) { deptBtn = deptEntity.BtnPermission; } //角色 //var roleEntity = _roleclaimRepository.Get(x => x.ClaimId == claim.Id // && x.RoleId.ToString() == loginInfo.RoleId).FirstOrDefault(); var roleEntity = (from x in _userRoleRepository.Entities join y in _roleclaimRepository.Entities on x.RoleId equals y.RoleId into temp1 from a in temp1.DefaultIfEmpty() where x.UserId == uid && a.ClaimId == claim.Id select a).FirstOrDefault(); if (roleEntity != null) { roleBtn = roleEntity.BtnPermission; } return(userBtn + deptBtn + roleBtn); } return(string.Empty); } }
/// <summary> /// 获取人员页面权限并集(用户登陆时加载页面时的判断) /// </summary> /// <param name="loginInfo"></param> /// <returns></returns> public List <SysClaim> GetUnionPermission(LoginInfoSession loginInfo) { // 管理员拥有所有权限 if (loginInfo.UserId.ToUpper() == _admin.ToUpper()) { return(GetAllPermission()); } else { List <SysClaim> userClaims = GetAllClaims(loginInfo); return(userClaims.Distinct(new ClaimCompare()).OrderBy(x => x.Sort).ToList()); } }