Esempio n. 1
0
        /// <summary>
        /// 检查用户是否有权限进行某项操作
        /// </summary>
        /// <param name="currentUser">当前用户</param>
        /// <param name="permissionItemKey">权限项目标识</param>
        /// <returns>有权限操作返回true,否则返回false</returns>
        public bool Check(IUser currentUser, string permissionItemKey)
        {
            if (currentUser == null)
            {
                return(false);
            }

            if (IsSuperAdministrator(currentUser))
            {
                return(true);
            }

            ResolvedUserPermission resolvedUserPermission = permissionService.ResolveUserPermission(currentUser.UserId);

            return(resolvedUserPermission.Validate(permissionItemKey));
        }
Esempio n. 2
0
        /// <summary>
        /// 解析用户的权限规则用于权限验证
        /// </summary>
        /// <param name="userId">用户Id</param>
        /// <returns></returns>
        public ResolvedUserPermission ResolveUserPermission(long userId)
        {
            string cacheKey = "ResolvedUserPermission:" + userId;

            ICacheService          cacheService           = DIContainer.Resolve <ICacheService>();
            ResolvedUserPermission resolvedUserPermission = cacheService.Get <ResolvedUserPermission>(cacheKey);

            if (resolvedUserPermission == null)
            {
                resolvedUserPermission = new ResolvedUserPermission();
                var user = DIContainer.Resolve <IUserService>().GetUser(userId);
                //匿名用户
                if (user == null)
                {
                    return(resolvedUserPermission);
                }

                RoleService        roleService     = DIContainer.Resolve <RoleService>();
                IEnumerable <Role> userRoles       = roleService.GetRolesOfUser(userId);
                IList <string>     roleNamesOfUser = userRoles.Select(n => n.RoleName).ToList();
                roleNamesOfUser.Add(RoleNames.Instance().RegisteredUsers());
                if (user.IsModerated)
                {
                    roleNamesOfUser.Add(RoleNames.Instance().ModeratedUser());
                }

                foreach (var roleName in roleNamesOfUser)
                {
                    IEnumerable <PermissionItemInUserRole> permissionItemsInUserRole = GetPermissionItemsInUserRole(roleName);
                    foreach (var permissionItemInUserRole in permissionItemsInUserRole)
                    {
                        PermissionItem permissionItem = GetPermissionItem(permissionItemInUserRole.ItemKey);
                        if (permissionItem == null)
                        {
                            continue;
                        }
                        resolvedUserPermission.Merge(permissionItem, permissionItemInUserRole.PermissionType, permissionItemInUserRole.PermissionScope, permissionItemInUserRole.PermissionQuota);
                    }
                }
                cacheService.Add(cacheKey, resolvedUserPermission, CachingExpirationType.UsualObjectCollection);
            }
            return(resolvedUserPermission);
        }