private ApiResult CheckPermission(User u, MembersFilterDto filter, string companyRegion, string prevRegion) { var regionResult = CheckRegion(u, companyRegion, prevRegion); if (filter == null || regionResult.Status != 0) { return(regionResult); } if (u == null) { return(ActionStatusMessage.UserMessage.NotExist); } var targetCompanies = filter.Companies; foreach (var targetCompany in targetCompanies) { var permit = userActionServices.Permission(u?.Application?.Permission, DictionaryAllPermission.Apply.AuditStream, Operation.Create, u.Id, targetCompany); var targetCompanyItem = companiesService.GetById(targetCompany); if (!targetCompany.StartsWith(companyRegion)) { return(new ApiResult(ActionStatusMessage.Account.Auth.Invalid.Default.Status, $"包含的单位{targetCompanyItem?.Name}({targetCompany})的越权")); } if (!permit) { return(new ApiResult(ActionStatusMessage.Account.Auth.Invalid.Default.Status, $"不具有{targetCompanyItem?.Name}({targetCompany})的权限")); } } return(ActionStatusMessage.Success); }
public static TResult ToModel <TResult>(this MembersFilterDto model) where TResult : IMembersFilter, new() { if (model == null) { return(default);