/// <summary> /// @xis 权限验证 2020-3-29 09:43:30 /// </summary> /// <param name="context"></param> /// <returns></returns> private async Task <bool> PrivilegeVerify(HttpContext context, LoginResult user) { if (context.GetEndpoint().Metadata.Any(a => a is PrivilegeAnyAttribute)) { return(true); } IEnumerable <PrivilegeAttribute> privilege_list = context.GetEndpoint().Metadata.Where(w => w is PrivilegeAttribute).Select(s => s as PrivilegeAttribute); if (privilege_list.Count() == 0) { return(true); } IPrivilegeServer privilegeServer = new PrivilegeServerImpl(); foreach (var item in privilege_list) { if (await privilegeServer.HasPrivilege(user.user_id, item.privilege_key)) { return(true); } } return(false); }
/// <summary> /// @xis 添加用户 /// </summary> /// <param name="reqmodel"></param> /// <returns></returns> public async Task <Result> AddUserAsync(reqmodel <RegisterModel> reqmodel) { const string modelname = "UserServerImpl.AddUserAsync"; Result result = new Result { status = ErrorCodeConst.ERROR_403, code = ErrorCodeConst.ERROR_100 }; //检查用户名是否存在 string sql_user_name_exist = g_sqlMaker.Select <t_user>(s => new { s.id }) .Where("user_name", "=", "@user_name") .And("state", "=", (int)EnumState.Normal) .ToSQL(); try { g_dbHelper.Transaction(); //检查用户名是否存在 t_user user = await g_dbHelper.QueryAsync <t_user>(sql_user_name_exist, new { reqmodel.Data.user_name }); if (user != null && user.id != 0) { g_dbHelper.Rollback(); g_logServer.Log(modelname, "添加用户失败", new { msg = $"用户名{reqmodel.Data.user_name}已存在" }, EnumLogType.Info); result.code = ErrorCodeConst.ERROR_1005; return(result); } //职位 IPositionServer positionServer = new PositionServerImpl(g_dbHelper, g_logServer); if (!int.TryParse(reqmodel.Data.position_id, out int position_id)) { g_dbHelper.Rollback(); g_logServer.Log(modelname, "添加用户失败", new { msg = $"parse position_id fail" }, EnumLogType.Info); result.code = ErrorCodeConst.ERROR_1020; return(result); } if (!await positionServer.ExistPositionAsync(position_id)) { g_dbHelper.Rollback(); g_logServer.Log(modelname, "添加用户失败", new { msg = $"position_id not exist" }, EnumLogType.Info); result.code = ErrorCodeConst.ERROR_1020; return(result); } user = new t_user { user_name = reqmodel.Data.user_name, real_name = reqmodel.Data.real_name, position_id = position_id, status = 1, state = 1 }; string sql_user_insert = g_sqlMaker.Insert <t_user>(i => new { i.user_name, i.real_name, i.position_id, i.state, i.status }).ToSQL(); user.id = await g_dbHelper.ExecScalarAsync <int>(sql_user_insert, user); if (user.id == 0) { g_dbHelper.Rollback(); g_logServer.Log(modelname, "添加用户失败", new { msg = $"id=0" }, EnumLogType.Info); result.code = ErrorCodeConst.ERROR_1018; return(result); } //设置密码 user.salt = MakeUserSalt(); user.log_pwd = EncPassword(user.id, reqmodel.Data.log_pwd, user.salt); string sql_user_update = g_sqlMaker.Update <t_user>(u => new { u.salt, u.log_pwd }) .Where("id", "=", "@id") .And("state", "=", (int)EnumState.Normal) .ToSQL(); if (await g_dbHelper.ExecAsync(sql_user_update, user) <= 0) { g_dbHelper.Rollback(); g_logServer.Log(modelname, "添加用户失败", new { msg = $"update pwd fail" }, EnumLogType.Info); result.code = ErrorCodeConst.ERROR_1018; return(result); } //权限 IPrivilegeServer privilegeServer = new PrivilegeServerImpl(g_dbHelper, g_logServer); List <t_position_privilege_relation> privilege_list = await privilegeServer.GetPrivilegesByPositionIdAsync(user.id); if (!await privilegeServer.SetUserPrivileges(user.id, privilege_list.Select(s => s.privilege_key))) { g_dbHelper.Rollback(); g_logServer.Log(modelname, "添加用户失败", new { msg = $"insert privilege fail" }, EnumLogType.Info); result.code = ErrorCodeConst.ERROR_1018; return(result); } g_dbHelper.Commit(); g_logServer.Log(modelname, "添加用户成功", new { msg = $"用户名:{reqmodel.Data.user_name}" }, EnumLogType.Info); result.code = ErrorCodeConst.ERROR_1019; result.status = ErrorCodeConst.ERROR_200; return(result); } catch (Exception ex) { g_dbHelper.Rollback(); g_logServer.Log(modelname, "添加用户异常", JsonConvert.SerializeObject(ex), EnumLogType.Error); result.code = ErrorCodeConst.ERROR_1018; } return(result); }