/// <summary> /// 管理用户查询对象 /// </summary> /// <param name="adminUserFilter">管理用户筛选对象</param> /// <returns></returns> public IQuery CreateAdminQueryObject(AdminUserFilterDto adminUserFilter) { if (adminUserFilter == null) { return(null); } IQuery userQuery = CreateQueryObject(adminUserFilter, true) ?? QueryFactory.Create <UserQuery>(); #region 角色筛选 if (adminUserFilter.RoleFilter != null) { IQuery roleQuery = this.Instance <IRoleBusiness>().CreateQueryObject(adminUserFilter.RoleFilter); if (roleQuery != null && roleQuery.Criterias.Count > 0) { roleQuery.AddQueryFields <RoleQuery>(c => c.SysNo); IQuery userRoleQuery = QueryFactory.Create <UserRoleQuery>(); userRoleQuery.And <UserRoleQuery>(u => u.RoleSysNo, CriteriaOperator.In, roleQuery); userRoleQuery.AddQueryFields <UserRoleQuery>(u => u.UserSysNo); userQuery.And <UserQuery>(c => c.SysNo, CriteriaOperator.In, userRoleQuery); } } #endregion return(userQuery); }
/// <summary> /// 设置上级分组 /// </summary> /// <param name="parentGroup">上级分组</param> public void SetParentGroup(JobGroup parentGroup, bool init = true) { int parentLevel = 0; string parentCode = string.Empty; if (parentGroup != null) { parentLevel = parentGroup.Level; parentCode = parentGroup.Code; } if (parentCode == code && !IdentityValueIsNone()) { throw new Exception("不能将分组本身设置为自己的上级分组"); } //排序 IQuery sortQuery = QueryFactory.Create <JobGroupQuery>(r => r.Parent == parentCode); sortQuery.AddQueryFields <JobGroupQuery>(c => c.Sort); int maxSortIndex = repository.Max <int>(sortQuery); sort = maxSortIndex + 1; parent.SetValue(parentGroup, true); //等级 int newLevel = parentLevel + 1; bool modifyChild = newLevel != level; level = newLevel; if (modifyChild) { //修改所有子集信息 ModifyChildGroup(); } }
/// <summary> /// 批量删除权限分组 /// </summary> /// <param name="groupIds">分组编号</param> /// <returns></returns> public static Result RemoveAuthorityGroup(IEnumerable <long> groupIds) { #region 参数判断 if (groupIds.IsNullOrEmpty()) { return(Result.FailedResult("没有指定任何要删除的权限分组")); } #endregion //删除分组信息 IQuery parentRemoveCondition = QueryFactory.Create(); parentRemoveCondition.In <AuthorityGroupQuery>(r => r.SysNo, groupIds); authorityGroupRepository.Remove(parentRemoveCondition); //删除下级 IQuery childQuery = QueryFactory.Create(); childQuery.In <AuthorityGroupQuery>(r => r.Parent, groupIds); childQuery.AddQueryFields <AuthorityGroupQuery>(r => r.SysNo); List <AuthorityGroup> authorityGroupList = authorityGroupRepository.GetList(childQuery); if (authorityGroupList.IsNullOrEmpty()) { return(Result.SuccessResult("没有需要删除的下级分组")); } RemoveAuthorityGroup(authorityGroupList.Select(r => r.SysNo)); return(Result.SuccessResult("删除成功")); }
/// <summary> /// 授权操作绑定权限筛选 /// </summary> /// <param name="filter">筛选对象</param> /// <returns></returns> IQuery CreateAuthorityQueryObject(AuthorityOperationBindAuthorityFilterDto filter) { if (filter == null) { return(null); } IQuery query = CreateAuthorityQueryObject(filter, true) ?? QueryFactory.Create <AuthorityQuery>(); #region 授权操作筛选 if (filter.AuthorityOperationFilter != null) { IQuery operationQuery = CreateAuthorityOperationQueryObject(filter.AuthorityOperationFilter); if (operationQuery != null) { operationQuery.AddQueryFields <AuthorityOperationQuery>(c => c.SysNo); IQuery authBindOperationQuery = QueryFactory.Create <AuthorityBindOperationQuery>(); authBindOperationQuery.And <AuthorityBindOperationQuery>(c => c.AuthorithOperation, CriteriaOperator.In, operationQuery); authBindOperationQuery.AddQueryFields <AuthorityBindOperationQuery>(c => c.AuthorityCode); query.And <AuthorityQuery>(c => c.Code, CriteriaOperator.In, authBindOperationQuery); } } #endregion return(query); }
/// <summary> /// 设置上级分组 /// </summary> /// <param name="parentGroup">上级分组</param> public void SetParentGroup(AuthorityGroup parentGroup) { int parentLevel = 0; long parentSysNo = 0; if (parentGroup != null) { parentLevel = parentGroup.Level; parentSysNo = parentGroup.SysNo; } if (parentSysNo == SysNo && !IdentityValueIsNone()) { throw new Exception("不能将分组本身设置为上级分组"); } //排序 IQuery sortQuery = QueryManager.Create <AuthorityGroupQuery>(r => r.Parent == parentSysNo); sortQuery.AddQueryFields <AuthorityGroupQuery>(c => c.Sort); int maxSortIndex = repository.Max <int>(sortQuery); Sort = maxSortIndex + 1; parent.SetValue(parentGroup, true); //等级 int newLevel = parentLevel + 1; bool modifyChild = newLevel != Level; Level = newLevel; if (modifyChild) { //修改所有子集信息 ModifyChildAuthorityGroupParentGroup(); } }
/// <summary> /// 批量删除角色 /// </summary> /// <param name="roleIds">角色编号</param> /// <returns></returns> public static void RemoveRole(IEnumerable <long> roleIds) { #region 参数判断 if (roleIds.IsNullOrEmpty()) { return; } #endregion //删除角色信息 IQuery parentRemoveCondition = QueryFactory.Create(); parentRemoveCondition.In <RoleQuery>(r => r.SysNo, roleIds); roleRepository.Remove(parentRemoveCondition); //删除子类 IQuery childQuery = QueryFactory.Create(); childQuery.In <RoleQuery>(r => r.Parent, roleIds); childQuery.AddQueryFields <RoleQuery>(r => r.SysNo); List <Role> roleList = roleRepository.GetList(childQuery); if (roleList.IsNullOrEmpty()) { return; } RemoveRole(roleList.Select(r => r.SysNo)); }
/// <summary> /// 角色权限筛选 /// </summary> /// <param name="filter">筛选信息</param> /// <returns></returns> IQuery CreateAuthorityQueryObject(RoleAuthorityFilterDto filter) { if (filter == null) { return(null); } IQuery query = CreateAuthorityQueryObject(filter, true) ?? QueryFactory.Create <AuthorityQuery>(); #region 角色授权筛选 if (filter.RoleFilter != null) { IQuery roleFilter = this.Instance <IRoleBusiness>().CreateQueryObject(filter.RoleFilter); if (roleFilter != null) { roleFilter.AddQueryFields <RoleQuery>(c => c.SysNo); IQuery roleBindAuthQuery = QueryFactory.Create <RoleAuthorizeQuery>(); roleBindAuthQuery.And <RoleAuthorizeQuery>(c => c.Role, CriteriaOperator.In, roleFilter); roleBindAuthQuery.AddQueryFields <RoleAuthorizeQuery>(c => c.Authority); query.And <AuthorityQuery>(c => c.Code, CriteriaOperator.In, roleBindAuthQuery); } } #endregion return(query); }
/// <summary> /// 设置上级角色 /// </summary> /// <param name="role">上级角色</param> public void SetParentRole(Role parentRole) { int parentLevel = 0; long parentSysNo = 0; if (parentRole != null) { parentLevel = parentRole.Level; parentSysNo = parentRole.SysNo; } if (parentSysNo == _sysNo && !PrimaryValueIsNone()) { throw new AppException("不能将角色本身设置为自己的上级角色"); } //排序 IQuery sortQuery = QueryFactory.Create <RoleQuery>(r => r.Parent == parentSysNo); sortQuery.AddQueryFields <RoleQuery>(c => c.SortIndex); int maxSortIndex = roleRepository.Max <int>(sortQuery); _sortIndex = maxSortIndex + 1; _parent.SetValue(parentRole, true); //等级 int newLevel = parentLevel + 1; bool modifyChild = newLevel != _level; _level = newLevel; if (modifyChild) { //修改所有子集信息 ModifyChildRole(); } }
/// <summary> /// 初始化排序 /// </summary> void InitSort() { var parentId = parent.CurrentValue?.Id ?? 0; IQuery sortQuery = QueryManager.Create <OperationGroupEntity>(r => r.Parent == parentId && r.Id != Id); sortQuery.AddQueryFields <OperationGroupEntity>(c => c.Sort); int maxSort = repository.Max <int>(sortQuery); Sort = maxSort + 1; }
/// <summary> /// 用户授权筛选 /// </summary> /// <param name="filter">筛选信息</param> /// <returns></returns> IQuery CreateAuthorityQueryObject(UserAuthorityFilterDto filter) { if (filter == null) { return(null); } IQuery query = CreateAuthorityQueryObject(filter, true) ?? QueryFactory.Create <AuthorityQuery>(); #region 用户授权筛选 if (filter.UserFilter != null) { IQuery userQuery = this.Instance <IUserBusiness>().CreateQueryObject(filter.UserFilter); if (userQuery != null) { userQuery.AddQueryFields <UserQuery>(c => c.SysNo); #region 用户或者角色绑定的授权 IQuery userOrRoleBindAuthQuery = QueryFactory.Create(); //用户授权 IQuery userAuthBindQuery = QueryFactory.Create <UserAuthorizeQuery>(c => c.Disable == false); userAuthBindQuery.And <UserAuthorizeQuery>(c => c.User, CriteriaOperator.In, userQuery); userAuthBindQuery.AddQueryFields <UserAuthorizeQuery>(c => c.Authority); IQuery userAuthQuery = QueryFactory.Create <AuthorityQuery>(); userAuthQuery.And <AuthorityQuery>(c => c.Code, CriteriaOperator.In, userAuthBindQuery); userOrRoleBindAuthQuery.And(userAuthQuery); //角色授权 IQuery userRoleBindQuery = QueryFactory.Create <UserRoleQuery>(); userRoleBindQuery.And <UserRoleQuery>(c => c.UserSysNo, CriteriaOperator.In, userQuery); userRoleBindQuery.AddQueryFields <UserRoleQuery>(c => c.RoleSysNo); IQuery roleAuthBindQuery = QueryFactory.Create <RoleAuthorizeQuery>(); roleAuthBindQuery.And <RoleAuthorizeQuery>(c => c.Role, CriteriaOperator.In, userRoleBindQuery); roleAuthBindQuery.AddQueryFields <RoleAuthorizeQuery>(c => c.Authority); IQuery roleAuthQuery = QueryFactory.Create <AuthorityQuery>(); roleAuthQuery.And <AuthorityQuery>(c => c.Code, CriteriaOperator.In, roleAuthBindQuery); userOrRoleBindAuthQuery.Or(roleAuthQuery); query.And(userOrRoleBindAuthQuery); #endregion //排除用户禁用的授权 IQuery userDisableAuthQuery = QueryFactory.Create <UserAuthorizeQuery>(c => c.Disable == true); userDisableAuthQuery.And <UserAuthorizeQuery>(c => c.User, CriteriaOperator.In, userQuery); userDisableAuthQuery.AddQueryFields <UserAuthorizeQuery>(c => c.Authority); query.And <AuthorityQuery>(c => c.Code, CriteriaOperator.NotIn, userDisableAuthQuery); } } #endregion return(query); }
/// <summary> /// 加载操作对应的权限信息 /// </summary> /// <returns></returns> List<Authority> LoadAuthority() { if (!AllowLazyLoad(r => r.Authoritys)) { return _authoritys.CurrentValue; } IQuery query = QueryFactory.Create(); IQuery bindQuery = QueryFactory.Create(AuthorityBindOperationQuery.ObjectName); bindQuery.AddQueryFields<AuthorityBindOperationQuery>(a => a.AuthorityCode); bindQuery.And<AuthorityBindOperationQuery>(a => a.AuthorithOperation == _sysNo); query.And<AuthorityQuery>(a => a.Code, CriteriaOperator.In, bindQuery); return this.Instance<IAuthorityRepository>().GetList(query); }
/// <summary> /// 加载操作对应的权限信息 /// </summary> /// <returns></returns> List <Authority> LoadAuthority() { if (!AllowLazyLoad(r => r.Authoritys)) { return(authoritys.CurrentValue); } IQuery query = QueryManager.Create(); IQuery bindQuery = QueryManager.Create <AuthorityBindOperationQuery>(); bindQuery.AddQueryFields <AuthorityBindOperationQuery>(a => a.AuthoritySysNo); bindQuery.And <AuthorityBindOperationQuery>(a => a.AuthorityOperationSysNo == SysNo); query.And <AuthorityQuery>(a => a.Code, CriteriaOperator.In, bindQuery); return(this.Instance <IAuthorityRepository>().GetList(query)); }
/// <summary> /// 生成服务调度计划查询对象 /// </summary> /// <param name="filter">查询信息</param> /// <returns></returns> IQuery CreateQueryObject(ServerScheduleTriggerFilterDto filter) { if (filter == null) { return(null); } IQuery triggerQuery = CreateQueryObject(filter, true) ?? QueryFactory.Create <TriggerQuery>(); #region 任务筛选 IQuery jobQuery = this.Instance <IJobBusiness>().CreateQueryObject(filter.JobFilter); if (jobQuery != null && jobQuery.Criterias.Count > 0) { jobQuery.AddQueryFields <JobQuery>(c => c.Id); triggerQuery.And <TriggerQuery>(c => c.Job, CriteriaOperator.In, jobQuery); } #endregion #region 务筛选 IQuery serverQuery = this.Instance <IServerNodeBusiness>().CreateQueryObject(filter.ServerFilter); if (serverQuery != null && serverQuery.Criterias.Count > 0) { IQuery triggerServerFilterQuery = QueryFactory.Create(); serverQuery.AddQueryFields <ServerNodeQuery>(c => c.Id); IQuery triggerServerQuery = QueryFactory.Create <TriggerServerQuery>(); triggerServerQuery.And <TriggerServerQuery>(c => c.Server, CriteriaOperator.In, serverQuery); triggerServerQuery.AddQueryFields <TriggerServerQuery>(c => c.Trigger); triggerServerFilterQuery.And <TriggerQuery>(c => c.Id, CriteriaOperator.In, triggerServerQuery); //服务承载任务针对所有的执行计划 IQuery serverJobHostQuery = QueryFactory.Create <JobServerHostQuery>(); serverJobHostQuery.And <JobServerHostQuery>(c => c.Server, CriteriaOperator.In, serverQuery); serverJobHostQuery.AddQueryFields <JobServerHostQuery>(c => c.Job); IQuery applyToAllServerQuery = QueryFactory.Create(); applyToAllServerQuery.And <TriggerQuery>(c => c.Job, CriteriaOperator.In, serverJobHostQuery); applyToAllServerQuery.And <TriggerQuery>(c => c.ApplyTo == TaskTriggerApplyTo.所有); triggerServerFilterQuery.Or(applyToAllServerQuery); triggerQuery.And(triggerServerFilterQuery); } #endregion return(triggerQuery); }
/// <summary> /// 管理用户查询对象 /// </summary> /// <param name="adminUserFilter">管理用户筛选对象</param> /// <returns></returns> public IQuery CreateAdminQueryObject(AdminUserFilterDto adminUserFilter) { if (adminUserFilter == null) { return(null); } IQuery userQuery = CreateQueryObject(adminUserFilter, true) ?? QueryFactory.Create <UserQuery>(); #region 角色筛选 if (adminUserFilter.RoleFilter != null) { IQuery roleQuery = this.Instance <IRoleBusiness>().CreateQueryObject(adminUserFilter.RoleFilter); if (roleQuery != null && roleQuery.Criterias.Count > 0) { roleQuery.AddQueryFields <RoleQuery>(c => c.SysNo); IQuery userRoleQuery = QueryFactory.Create <UserRoleQuery>(); userRoleQuery.And <UserRoleQuery>(u => u.RoleSysNo, CriteriaOperator.In, roleQuery); userRoleQuery.AddQueryFields <UserRoleQuery>(u => u.UserSysNo); userQuery.And <UserQuery>(c => c.SysNo, CriteriaOperator.In, userRoleQuery); } } if (!adminUserFilter.WithoutRoles.IsNullOrEmpty()) { IQuery withRoleQuery = QueryFactory.Create <UserRoleQuery>(); withRoleQuery.In <UserRoleQuery>(r => r.RoleSysNo, adminUserFilter.WithoutRoles); withRoleQuery.AddQueryFields <UserRoleQuery>(r => r.UserSysNo); userQuery.And <UserQuery>(u => u.SysNo, CriteriaOperator.NotIn, withRoleQuery); } #endregion #region 加载数据 if (adminUserFilter.LoadRole) { userQuery.SetLoadPropertys <AdminUser>(true, c => c.Roles); } #endregion return(userQuery); }
/// <summary> /// 设置上级分组 /// </summary> /// <param name="parentGroup">上级分组</param> public void SetParentGroup(AuthorityOperationGroup parentGroup) { int parentLevel = 0; long parentSysNo = 0; if (parentGroup != null) { if (sysNo == parentGroup.SysNo && !IdentityValueIsNone()) { throw new Exception("不能将分组数据设置为自己的上级分组"); } if (parentGroup.Root != null && parentGroup.Root.SysNo == sysNo) { throw new Exception("不能将当前分组的下级设置为上级分组"); } parentLevel = parentGroup.Level; parentSysNo = parentGroup.SysNo; root.SetValue(parentGroup.Root, false); } else { root.SetValue(null, false); } //排序 IQuery sortQuery = QueryFactory.Create <AuthorityOperationGroupQuery>(r => r.Parent == parentSysNo); sortQuery.AddQueryFields <AuthorityOperationGroupQuery>(c => c.Sort); int maxSortIndex = repository.Max <int>(sortQuery); sort = maxSortIndex + 1; parent.SetValue(parentGroup, true); //等级 int newLevel = parentLevel + 1; bool modifyChild = newLevel != level; level = newLevel; if (modifyChild) { //修改所有子集信息 ModifyChildAuthorityGroupParentGroup(); } }
/// <summary> /// 修改用户授权 /// </summary> /// <param name="userAuthorizes">用户授权信息</param> /// <returns></returns> public static Result ModifyUserAuthorize(IEnumerable <UserAuthorize> userAuthorizes) { if (userAuthorizes.IsNullOrEmpty()) { return(Result.FailedResult("没有指定任何要修改的用户授权信息")); } #region 角色授权 List <long> userIds = userAuthorizes.Select(c => c.User?.SysNo ?? 0).Distinct().ToList(); IQuery userRoleBindQuery = QueryFactory.Create <UserRoleQuery>(c => userIds.Contains(c.UserSysNo)); userRoleBindQuery.AddQueryFields <UserRoleQuery>(c => c.RoleSysNo); IQuery roleAuthBindQuery = QueryFactory.Create <RoleAuthorizeQuery>(); roleAuthBindQuery.And <RoleAuthorizeQuery>(c => c.Role, CriteriaOperator.In, userRoleBindQuery); roleAuthBindQuery.AddQueryFields <RoleAuthorizeQuery>(c => c.Authority); IQuery authQuery = QueryFactory.Create <AuthorityQuery>(); authQuery.And <AuthorityQuery>(c => c.Code, CriteriaOperator.In, roleAuthBindQuery); authQuery.AddQueryFields <AuthorityQuery>(c => c.Code); IEnumerable <Authority> roleAuthoritys = AuthorityService.GetAuthorityList(authQuery); List <string> roleAuthorityCodes = roleAuthoritys.Select(c => c.Code).ToList(); #endregion List <UserAuthorize> saveUserAuthorizes = new List <UserAuthorize>(); userAuthRepository.Remove(userAuthorizes.ToArray()); //移除授权数据 List <UserAuthorize> disableAuthorizes = userAuthorizes.Where(c => c.Disable && roleAuthorityCodes.Contains(c.Authority?.Code)).ToList(); //角色拥有但是用户显示禁用掉的授权 if (!disableAuthorizes.IsNullOrEmpty()) { saveUserAuthorizes.AddRange(disableAuthorizes); } List <UserAuthorize> enableAuthorizes = userAuthorizes.Where(c => !c.Disable && !roleAuthorityCodes.Contains(c.Authority?.Code)).ToList();//用户单独授权的权限 if (!enableAuthorizes.IsNullOrEmpty()) { saveUserAuthorizes.AddRange(enableAuthorizes); } if (!saveUserAuthorizes.IsNullOrEmpty()) { userAuthRepository.Save(saveUserAuthorizes.ToArray()); } return(Result.SuccessResult("修改成功")); }
/// <summary> /// 根据查询条件生成查询对象 /// </summary> /// <param name="filter">查询条件</param> /// <returns></returns> IQuery CreateQueryObject(JobServerHostFilterDto filter) { if (filter == null) { return(null); } IQuery query = QueryFactory.Create(filter); if (!filter.Servers.IsNullOrEmpty()) { query.In <JobServerHostQuery>(c => c.Server, filter.Servers); } if (!filter.Jobs.IsNullOrEmpty()) { query.In <JobServerHostQuery>(c => c.Job, filter.Jobs); } if (filter.RunStatus.HasValue) { query.Equal <JobServerHostQuery>(c => c.RunStatus, filter.RunStatus.Value); } if (!filter.ServerKey.IsNullOrEmpty()) { IQuery serverQuery = QueryFactory.Create <ServerNodeQuery>(); serverQuery.And <ServerNodeQuery>(QueryOperator.OR, CriteriaOperator.Like, filter.ServerKey, null, c => c.Name, c => c.Host); serverQuery.AddQueryFields <ServerNodeQuery>(c => c.Id); query.And <JobServerHostQuery>(c => c.Server, CriteriaOperator.In, serverQuery); } if (!filter.JobKey.IsNullOrEmpty()) { IQuery jobQuery = QueryFactory.Create <JobQuery>(); jobQuery.And <JobQuery>(QueryOperator.OR, CriteriaOperator.Like, filter.JobKey, null, c => c.Name); jobQuery.AddQueryFields <JobQuery>(c => c.Id); query.And <JobServerHostQuery>(c => c.Job, CriteriaOperator.In, jobQuery); } return(query); }
/// <summary> /// 创建查询对象 /// </summary> /// <returns>返回查询对象</returns> public override IQuery CreateQuery() { IQuery query = base.CreateQuery() ?? QueryManager.Create <PermissionEntity>(this); #region 用户授权筛选 if (UserFilter != null) { IQuery userQuery = UserFilter.CreateQuery(); if (userQuery != null) { userQuery.AddQueryFields <UserEntity>(c => c.Id); //用户或者用户绑定角色的授权权限 IQuery userOrRolePermissionQuery = QueryManager.Create(); #region 用户授权 IQuery userBindingPermissionQuery = QueryManager.Create <UserPermissionEntity>(c => c.Disable == false); userBindingPermissionQuery.EqualInnerJoin(userQuery); userBindingPermissionQuery.AddQueryFields <UserPermissionEntity>(c => c.PermissionId); IQuery userPermissionQuery = QueryManager.Create <PermissionEntity>(); userPermissionQuery.In <PermissionEntity>(c => c.Id, userBindingPermissionQuery); userOrRolePermissionQuery.And(userPermissionQuery); #endregion #region 角色授权 //用户绑定的角色 IQuery userRoleQuery = QueryManager.Create <UserRoleEntity>(); userRoleQuery.EqualInnerJoin(userQuery); var roleQuery = QueryManager.Create <RoleEntity>(r => r.Status == RoleStatus.Enable); roleQuery.EqualInnerJoin(userRoleQuery); //角色授权 var roleBindingPermissionQuery = QueryManager.Create <RolePermissionEntity>(); roleBindingPermissionQuery.EqualInnerJoin(roleQuery); roleBindingPermissionQuery.AddQueryFields <RolePermissionEntity>(rp => rp.PermissionId); var rolePermissionQuery = QueryManager.Create <PermissionEntity>(); rolePermissionQuery.In <PermissionEntity>(c => c.Id, roleBindingPermissionQuery); userOrRolePermissionQuery.Or(rolePermissionQuery); #endregion query.And(userOrRolePermissionQuery); #region 用户禁用授权 IQuery userDisablePermissionQuery = QueryManager.Create <UserPermissionEntity>(c => c.Disable == true); userDisablePermissionQuery.EqualInnerJoin(userQuery); userDisablePermissionQuery.AddQueryFields <UserPermissionEntity>(c => c.PermissionId); query.NotIn <PermissionEntity>(c => c.Id, userDisablePermissionQuery); #endregion } } #endregion return(query); }
/// <summary> /// 用户授权筛选 /// </summary> /// <param name="filter">筛选信息</param> /// <returns></returns> IQuery CreateUserAuthorityQueryObject(UserAuthorityFilterDto filter) { if (filter == null) { return(null); } IQuery query = CreateAuthorityQueryObject(filter, true) ?? QueryManager.Create <AuthorityQuery>(); #region 用户授权筛选 if (filter.UserFilter != null) { IQuery userQuery = this.Instance <IUserBusiness>().CreateQueryObject(filter.UserFilter); if (userQuery != null) { userQuery.AddQueryFields <UserQuery>(c => c.SysNo); IQuery userOrRoleBindAuthQuery = QueryManager.Create();//用户和角色授权权限 #region 用户授权 IQuery userBindAuthQuery = QueryManager.Create <UserAuthorizeQuery>(c => c.Disable == false); userBindAuthQuery.In <UserAuthorizeQuery>(c => c.UserSysNo, userQuery); userBindAuthQuery.AddQueryFields <UserAuthorizeQuery>(c => c.AuthoritySysNo); IQuery userAuthQuery = QueryManager.Create <AuthorityQuery>(); userAuthQuery.In <AuthorityQuery>(c => c.SysNo, userBindAuthQuery); userOrRoleBindAuthQuery.And(userAuthQuery); #endregion #region 角色授权 //用户绑定的角色 var userRoleBindQuery = QueryManager.Create <UserRoleQuery>(); userRoleBindQuery.In <UserRoleQuery>(c => c.UserSysNo, userQuery); userRoleBindQuery.AddQueryFields <UserRoleQuery>(c => c.RoleSysNo); //包括所有上级角色 var roleQuery = QueryManager.Create <RoleQuery>(r => r.Status == RoleStatus.正常); roleQuery.In <RoleQuery>(r => r.SysNo, userRoleBindQuery); roleQuery.SetRecurve <RoleQuery>(r => r.SysNo, r => r.Parent, RecurveDirection.Up); roleQuery.AddQueryFields <RoleQuery>(r => r.SysNo); //角色授权 var roleAuthBindQuery = QueryManager.Create <RoleAuthorizeQuery>(); roleAuthBindQuery.In <RoleAuthorizeQuery>(c => c.RoleSysNo, roleQuery); roleAuthBindQuery.AddQueryFields <RoleAuthorizeQuery>(c => c.AuthoritySysNo); var roleAuthQuery = QueryManager.Create <AuthorityQuery>(); roleAuthQuery.In <AuthorityQuery>(c => c.SysNo, roleAuthBindQuery); userOrRoleBindAuthQuery.Or(roleAuthQuery); #endregion query.And(userOrRoleBindAuthQuery); #region 用户禁用授权 IQuery userDisableAuthQuery = QueryManager.Create <UserAuthorizeQuery>(c => c.Disable == true); userDisableAuthQuery.In <UserAuthorizeQuery>(c => c.UserSysNo, userQuery); userDisableAuthQuery.AddQueryFields <UserAuthorizeQuery>(c => c.AuthoritySysNo); query.NotIn <AuthorityQuery>(c => c.SysNo, userDisableAuthQuery); #endregion } } #endregion return(query); }
public static int MaxLevel(IQuery query) { query.AddQueryFields <RoleQuery>(r => r.Level); return(roleRepository.Max <int>(query)); }
/// <summary> /// 用户授权验证 /// </summary> /// <param name="auth">授权验证信息</param> /// <returns></returns> public bool Authentication(Authentication auth) { if (auth == null || auth.User == null || auth.Operation == null) { return(false); } #region 用户信息验证 User nowUser = userService.GetUser(auth.User.SysNo);//当前用户 if (nowUser == null) { return(false); } if (nowUser.SuperUser) { return(true);//超级用户不受权限控制 } #endregion #region 授权操作信息验证 AuthorityOperation nowOperation = authorityOperationService.GetAuthorityOperation(auth.Operation.ControllerCode, auth.Operation.ActionCode);//授权操作信息 if (nowOperation == null || nowOperation.Status == AuthorityOperationStatus.关闭) { return(false); } if (nowOperation.AuthorizeType == AuthorityOperationAuthorizeType.无限制) { return(true); } #endregion #region 授权验证 //权限 IQuery authorityQuery = QueryManager.Create <AuthorityQuery>(a => a.Status == AuthorityStatus.启用); authorityQuery.AddQueryFields <AuthorityQuery>(a => a.Code); //操作绑定权限 IQuery operationBindQuery = QueryManager.Create <AuthorityBindOperationQuery>(a => a.AuthorityOperationSysNo == nowOperation.SysNo); operationBindQuery.AddQueryFields <AuthorityBindOperationQuery>(a => a.AuthoritySysNo); authorityQuery.And <AuthorityQuery>(a => a.Code, CriteriaOperator.In, operationBindQuery); //当前用户可以使用 IQuery userAuthorizeQuery = QueryManager.Create <UserAuthorizeQuery>(a => a.UserSysNo == auth.User.SysNo && a.Disable == false); userAuthorizeQuery.AddQueryFields <UserAuthorizeQuery>(a => a.AuthoritySysNo); //用户角色 IQuery userRoleQuery = QueryManager.Create <UserRoleQuery>(a => a.UserSysNo == auth.User.SysNo); userRoleQuery.AddQueryFields <UserRoleQuery>(r => r.RoleSysNo); //角色权限 IQuery roleAuthorizeQuery = QueryManager.Create <RoleAuthorizeQuery>(); roleAuthorizeQuery.AddQueryFields <RoleAuthorizeQuery>(a => a.AuthoritySysNo); roleAuthorizeQuery.And <RoleAuthorizeQuery>(a => a.RoleSysNo, CriteriaOperator.In, userRoleQuery); //用户或用户角色拥有权限 IQuery userAndRoleAuthorityQuery = QueryManager.Create(); userAndRoleAuthorityQuery.And <AuthorityQuery>(a => a.Code, CriteriaOperator.In, userAuthorizeQuery); //用户拥有权限 userAndRoleAuthorityQuery.Or <AuthorityQuery>(a => a.Code, CriteriaOperator.In, roleAuthorizeQuery); //或者角色拥有权限 authorityQuery.And(userAndRoleAuthorityQuery); //去除用户禁用的 IQuery userDisableAuthorizeQuery = QueryManager.Create <UserAuthorizeQuery>(a => a.UserSysNo == auth.User.SysNo && a.Disable == true); userDisableAuthorizeQuery.AddQueryFields <UserAuthorizeQuery>(a => a.AuthoritySysNo); authorityQuery.And <AuthorityQuery>(a => a.Code, CriteriaOperator.NotIn, userDisableAuthorizeQuery); return(authorityRepository.Exist(authorityQuery)); #endregion }