/// <summary>
/// 合并权限规则
/// </summary>
/// <param name="permissionItem">权限项目</param>
/// <param name="permissionType">权限许可类型</param>
/// <param name="permissionScope">权限许可范围</param>
/// <param name="permissionQuota">权限许可额度</param>
internal void Merge(PermissionItem permissionItem, PermissionType permissionType, PermissionScope permissionScope, float permissionQuota)
{
if (userPermissionSettings.ContainsKey(permissionItem.ItemKey))
{
PermissionSetting permissionSetting = userPermissionSettings[permissionItem.ItemKey];
if (permissionSetting.PermissionType == PermissionType.Refuse || permissionType == PermissionType.Refuse)
{
permissionSetting.PermissionType = PermissionType.Refuse;
}
else if (permissionSetting.PermissionType == PermissionType.NotSet && permissionType == PermissionType.NotSet)
{
permissionSetting.PermissionType = PermissionType.NotSet;
}
else
{
permissionSetting.PermissionType = PermissionType.Allow;
if (permissionType == PermissionType.Allow)
{
if (permissionItem.EnableScope)
{
if ((int)permissionSetting.PermissionScope < (int)permissionScope)
{
permissionSetting.PermissionScope = permissionScope;
}
}
if (permissionItem.EnableQuota)
{
if (permissionSetting.PermissionQuota < permissionQuota)
{
permissionSetting.PermissionQuota = permissionQuota;
}
}
}
}
userPermissionSettings[permissionItem.ItemKey] = permissionSetting;
}
else
{
this.userPermissionSettings[permissionItem.ItemKey] = new PermissionSetting(permissionType, permissionScope, permissionQuota);
}
}
/// <summary>
/// 解析用户的权限规则用于权限验证
/// </summary>
/// <param name="userId">用户Id</param>
/// <returns></returns>
public ResolvedUserPermission ResolveUserPermission(long userId)
{
string cacheKey = "ResolvedUserPermission:" + userId;
ICacheService cacheService = DIContainer.Resolve <ICacheService>();
ResolvedUserPermission resolvedUserPermission = cacheService.Get <ResolvedUserPermission>(cacheKey);
if (resolvedUserPermission == null)
{
resolvedUserPermission = new ResolvedUserPermission();
var user = DIContainer.Resolve <IUserService>().GetUser(userId);
//匿名用户
if (user == null)
{
return(resolvedUserPermission);
}
RoleService roleService = DIContainer.Resolve <RoleService>();
IEnumerable <Role> userRoles = roleService.GetRolesOfUser(userId);
IList <string> roleNamesOfUser = userRoles.Select(n => n.RoleName).ToList();
roleNamesOfUser.Add(RoleNames.Instance().RegisteredUsers());
if (user.IsModerated)
{
roleNamesOfUser.Add(RoleNames.Instance().ModeratedUser());
}
foreach (var roleName in roleNamesOfUser)
{
IEnumerable <PermissionItemInUserRole> permissionItemsInUserRole = GetPermissionItemsInUserRole(roleName);
foreach (var permissionItemInUserRole in permissionItemsInUserRole)
{
PermissionItem permissionItem = GetPermissionItem(permissionItemInUserRole.ItemKey);
if (permissionItem == null)
{
continue;
}
resolvedUserPermission.Merge(permissionItem, permissionItemInUserRole.PermissionType, permissionItemInUserRole.PermissionScope, permissionItemInUserRole.PermissionQuota);
}
}
cacheService.Add(cacheKey, resolvedUserPermission, CachingExpirationType.UsualObjectCollection);
}
return(resolvedUserPermission);
}