Exemplo n.º 1
0
        public async Task <IEnumerable <UserRoleDto> > GetRolesAsync(string id, bool getAllRoles = false, IEnumerable <string> allowedClientIds = null)
        {
            var user = await _userRepo.GetAsync(id);

            if (user == null)
            {
                throw new IamException(System.Net.HttpStatusCode.BadRequest, "用户不存在");
            }

            var roleNames = await _userMgr.GetRolesAsync(user);

            var userRoles = await _roleRepo.GetAllByNamesAsync(roleNames, allowedClientIds);

            var orgRoles = user.UserOrganizations.SelectMany(itm => itm.Organization.OrganizationRoles.Select(itm => itm.Role));

            if (allowedClientIds != null)
            {
                // 普通管理员只能看到有权限的 clientId
                orgRoles = orgRoles.Where(itm => allowedClientIds.Contains(itm.ClientId));
            }

            List <UserRoleDto> results = null;

            if (!getAllRoles)
            {
                results = userRoles.Select(itm => new UserRoleDto
                {
                    Id           = itm.Id,
                    Name         = itm.Name,
                    Desc         = itm.Description,
                    IsAdmin      = itm.IsAdmin,
                    IsSuperAdmin = itm.IsSuperAdmin,
                    IsOwned      = true,
                }).ToList();

                // 增加组织中包含的角色
                results.AddRange(orgRoles.Select(itm => new UserRoleDto
                {
                    Id            = itm.Id,
                    Name          = itm.Name,
                    Desc          = itm.Description,
                    IsAdmin       = itm.IsAdmin,
                    IsSuperAdmin  = itm.IsSuperAdmin,
                    IsOwned       = true,
                    IsBelongToOrg = true
                }));
                return(results.Distinct());
            }

            var allRoles = await _roleRepo.GetAllAsync(allowedClientIds : allowedClientIds, pageSize : 0);

            results = allRoles.Data?.Select(itm => new UserRoleDto
            {
                Id            = itm.Id,
                Name          = itm.Name,
                Desc          = itm.Description,
                IsAdmin       = itm.IsAdmin,
                IsSuperAdmin  = itm.IsSuperAdmin,
                IsOwned       = userRoles.Any(role => itm.Id == role.Id) || orgRoles.Any(role => itm.Id == role.Id),
                IsBelongToOrg = orgRoles.Any(role => itm.Id == role.Id)
            }).ToList();

            return(results.Distinct());
        }