/// <summary> /// 分配权限 /// </summary> /// <param name="assignModel"></param> /// <returns></returns> public bool AssignPermission(AssignPermissionDto assignModel) { if (assignModel.IsChecked) { var exist = RolePermissionRepo.Exists(t => t.PermissionCode == assignModel.PermissionCode && t.RoleCode == assignModel.RoleCode && t.PermissionType == assignModel.PermissionType); if (!exist)//如果不存在则新增 { var rolePermission = new RolePermission { ID = Util.NewID(), PermissionCode = assignModel.PermissionCode, PermissionType = assignModel.PermissionType, RoleCode = assignModel.RoleCode, }; this.RolePermissionRepo.Add(rolePermission); } } else { var rolePermission = RolePermissionRepo.Get(t => t.PermissionCode == assignModel.PermissionCode && t.RoleCode == assignModel.RoleCode && t.PermissionType == assignModel.PermissionType); if (rolePermission != null) { rolePermission.IsDeleted = true; RolePermissionRepo.Update(rolePermission); } } return(true); }
public async Task <ActionResult> AssignPermissions(string id, AssignPermissionDto model) { // 除了平台的超级管理员,其他管理员只能管理所属 Client 的资源 bool isSuper = User.IsSuperAdmin(); IEnumerable <string> allowedClientIds = null; if (!isSuper) { allowedClientIds = User.FindAll(JwtClaimTypes.ClientId).Select(itm => itm.Value); } await _roleService.UpdatePermissionsAsync(id, model, allowedClientIds); return(Ok()); }
public async Task AssignPermissionAsync(AssignPermissionDto input) { await _rolePermissionRepository.DeleteAsync(a => a.RoleId == input.Id); var entities = input.PermissionIds.Select( a => new RolePermission { RoleId = input.Id, PermissionId = a } ); await _rolePermissionRepository.InsertAsync(entities); /* * 角色重新分配权限,对应的用户的所有权限都产生改变 * 在这里把用户权限缓存清除,以保证角色分配权限实时生效 */ await Cache.RemoveByKeyPrefixAsync(SystemCacheKeyPrefixDefinition.UserPermission); }
public async Task RemovePermissionsAsync(string id, AssignPermissionDto model, IEnumerable <string> allowedClientIds = null) { if (model == null || model.PermissionIds == null || !model.PermissionIds.Any()) { return; } var role = await _roleRepo.GetAsync(id, true, false); if (role == null) { throw new IamException(HttpStatusCode.BadRequest, "角色不存在"); } if (allowedClientIds != null && allowedClientIds.Any() && !allowedClientIds.Contains(role.ClientId)) { throw new IamException(HttpStatusCode.BadRequest, "无权操作"); } role.RemovePermissions(model.PermissionIds); }
public async Task UpdatePermissionsAsync(string id, AssignPermissionDto model, IEnumerable <string> allowedClientIds = null) { var role = await _roleRepo.GetAsync(id, true, false); if (role == null) { throw new IamException(HttpStatusCode.BadRequest, "角色不存在"); } if (allowedClientIds != null && allowedClientIds.Any() && !allowedClientIds.Contains(role.ClientId)) { throw new IamException(HttpStatusCode.BadRequest, "无权操作"); } if (model != null && model.PermissionIds != null) { role.RemovePermissions(); foreach (var permId in model.PermissionIds) { role.AddPermissions(permId); } } }
public JsonActionResult <bool> AssignPermission(AssignPermissionDto assignModel) { return(SafeExecute(() => PermissionFuncService.AssignPermission(assignModel))); }
public async Task <JsonResultModel <bool> > AssignPermissionAsync([FromBody] AssignPermissionDto input) { await _service.AssignPermissionAsync(input); return(true.ToSuccess()); }