public void RBAC_DataPermissionCu_rrentGroupAndLowerDataPermisssion()
{
var repo = RepositoryFacade.ResolveInstance <TestDataPermissionRepository>();
using (RepositoryFacade.TransactionScope(repo))
{
var tuple = RBAC_InitRBAC();
var role = new Role {
Name = "包含下级管理员", Code = "admin"
};
RepositoryFacade.Save(role);
var userRole = new UserRole {
User = tuple.Item1, Role = role
};
RepositoryFacade.Save(userRole);
var dataPermission1 = new DataPermission
{
Resource = tuple.Item4,
Role = role
};
dataPermission1.SetBuilder(new CurrentGroupPermissionConstraintBuilder
{
IsIncludeChildGroup = true,
GroupIdProperty = "GroupId"
});
RepositoryFacade.Save(dataPermission1);
var testDataPermission = new TestDataPermission();
testDataPermission.Group = tuple.Item3.TreeChildren[0] as Group;
testDataPermission.Name = "test";
RepositoryFacade.Save(testDataPermission);
using (DataPermissionFacade.EnableDataPermission(tuple.Item4))
{
AccountContext.CurrentUser = tuple.Item1;
Assert.IsTrue(repo.GetAll().Count == 2);
}
Assert.IsTrue(repo.GetAll().Count == 2);
}
}
private Tuple <User, Role, Group, Resource> RBAC_InitRBAC()
{
var user = new User {
UserName = "******"
};
RepositoryFacade.Save(user);
var role = new Role {
Name = "管理员", Code = "admin"
};
RepositoryFacade.Save(role);
var userRole = new UserRole {
User = user, Role = role
};
RepositoryFacade.Save(userRole);
var group = new Group
{
Name = "研发部",
Code = "abc",
TreeChildren =
{
new Group
{
Name = "测试组",
Code = "def"
}
}
};
RepositoryFacade.Save(group);
var groupUser = new GroupUser {
Group = group, User = user
};
RepositoryFacade.Save(groupUser);
var groupRole = new GroupRole {
Group = group, Role = role
};
RepositoryFacade.Save(groupRole);
var resource = new Resource
{
Name = "待开明细",
Code = "Transcation",
Description = "Transcation"
}.SetIsSupportDataPermission(true).SetResourceEntityType(typeof(TestDataPermission).FullName);
var operation = new ResourceOperation
{
Name = "新增",
Code = "Add"
};
resource.ResourceOperationList.Add(operation);
resource.ResourceOperationList.Add(
new ResourceOperation
{
Name = "删除",
Code = "Delete"
}
);
RepositoryFacade.Save(resource);
RepositoryFacade.Save(new RoleOperation
{
Role = role,
Operation = operation
});
var dataPermission = new DataPermission
{
Resource = resource,
Role = role
};
dataPermission.SetBuilder(new CurrentGroupPermissionConstraintBuilder
{
IsIncludeChildGroup = false,
GroupIdProperty = "GroupId"
});
RepositoryFacade.Save(dataPermission);
var testDataPermission = new TestDataPermission();
testDataPermission.Group = group;
testDataPermission.Name = "test";
RepositoryFacade.Save(testDataPermission);
return(Tuple.Create(user, role, group, resource));
}