public async Task <bool> CheckPermission(long userId, string serviceId) { var userRoles = await GetUserRoles(userId, Status.Valid); foreach (var userRole in userRoles) { if (await _roleDomainService.CheckPermission(userRole.Id, serviceId)) { return(true); } } return(await _userGroupDomainService.CheckPermission(userId, serviceId)); }
public async Task <bool> Check(long userId, string serviceId) { var servcieRoute = await _serviceRouteProvider.Locate(serviceId); if (servcieRoute.ServiceDescriptor.GetMetadata <bool>("AllowPermission")) { return(true); } var checkPermissionResult = await _userDomainService.CheckPermission(userId, serviceId) || await _userGroupDomainService.CheckPermission(userId, serviceId); if (!checkPermissionResult) { var actionName = servcieRoute.ServiceDescriptor.GroupName().IsNullOrEmpty() ? servcieRoute.ServiceDescriptor.RoutePath : servcieRoute.ServiceDescriptor.GroupName(); throw new AuthException($"您没有访问{actionName}的权限"); } return(true); }