/// <summary>
/// 获取可以访问的域
/// </summary>
/// <param name="userPermissions"></param>
/// <returns></returns>
public List <UserScopeAccessAuthority> GetUserScopeAccessAuthorities(IEnumerable <Permission> userPermissions)
{
Expression <Func <ApiScope, object> >[] propertySelectors = new Expression <Func <ApiScope, object> >[] {
e => e.ApiManageScope,
e => e.ApiManageScope.ApiScopePermissions,
e => e.ApiQueryScope,
e => e.ApiQueryScope.ApiScopePermissions
};
var apiScopes = ApiScopeRepository.GetAllIncluding(propertySelectors).ToList();
List <UserScopeAccessAuthority> userScopeAccessAuthoritys = new List <UserScopeAccessAuthority>();
List <int> permissionIds = userPermissions.Select(e => e.Id).ToList();
foreach (var apiScope in apiScopes)
{
bool manageAuthority = apiScope.ApiManageScope.IsAllowAccess(userPermissions);
bool queryAuthority = apiScope.ApiQueryScope.IsAllowAccess(userPermissions);
if (manageAuthority || queryAuthority)
{
userScopeAccessAuthoritys.Add(new UserScopeAccessAuthority(apiScope.Name, manageAuthority, queryAuthority));
}
}
return(userScopeAccessAuthoritys);
}
public void Register(string name, string displayName)
{
if (!ApiScopeRepository.GetAll().Any(e => e.Name == name))
{
Permission scopeManagePermission = new Permission(name + ApiManageScope.NamePostfix)
{
DisplayName = (displayName ?? name) + "域权限" + ApiManageScope.DisplayNamePostfix
};
_permissionManager.Create(scopeManagePermission);
Permission queryManagePermission = new Permission(name + ApiQueryScope.NamePostfix)
{
DisplayName = (displayName ?? name) + "域权限" + ApiQueryScope.DisplayNamePostfix
};
_permissionManager.Create(queryManagePermission);
ApiScope apiScope = new ApiScope(name);
apiScope.SetDisplayName(displayName ?? name);
apiScope.ApiManageScope.AddPermission(scopeManagePermission);
apiScope.ApiQueryScope.AddPermission(scopeManagePermission);
apiScope.ApiQueryScope.AddPermission(queryManagePermission);
ApiScopeRepository.Insert(apiScope);
}
}
public void AddApiScopeApi(string apiScopeName, ApiSingle apiSingle)
{
var apiScope = ApiScopeRepository.FirstOrDefault(e => e.Name == apiScopeName);
if (apiScope == null)
{
throw new Exception("找不到Api域");
}
apiScope.AddApiScopeApi(apiSingle);
}
/// <summary>
/// Gets API scopes by scope name.
/// </summary>
public virtual async Task <IEnumerable <IdentityServer4.Models.ApiScope> > FindApiScopesByNameAsync(IEnumerable <string> scopeNames)
{
return(await GetCacheItemsAsync(
ApiScopeCache,
scopeNames,
async keys => await ApiScopeRepository.GetListByNameAsync(keys, includeDetails: true),
(models, cacheKeyPrefix) => new List <IEnumerable <KeyValuePair <string, IdentityServer4.Models.ApiScope> > >
{
models.Select(x => new KeyValuePair <string, IdentityServer4.Models.ApiScope>(AddCachePrefix(x.Name, cacheKeyPrefix), x))
}));
}
/// <summary>
/// Gets all resources.
/// </summary>
public virtual async Task <IdentityServer4.Models.Resources> GetAllResourcesAsync()
{
var identityResources = await IdentityResourceRepository.GetListAsync(includeDetails : true);
var apiResources = await ApiResourceRepository.GetListAsync(includeDetails : true);
var apiScopes = await ApiScopeRepository.GetListAsync(includeDetails : true);
return(new Resources(
ObjectMapper.Map <List <Volo.Abp.IdentityServer.IdentityResources.IdentityResource>, List <IdentityServer4.Models.IdentityResource> >(identityResources),
ObjectMapper.Map <List <Volo.Abp.IdentityServer.ApiResources.ApiResource>, List <IdentityServer4.Models.ApiResource> >(apiResources),
ObjectMapper.Map <List <Volo.Abp.IdentityServer.ApiScopes.ApiScope>, List <IdentityServer4.Models.ApiScope> >(apiScopes)));
}
public void Register(string name, string displayName, List <Permission> managePermissions, List <Permission> queryPermissions)
{
if (!ApiScopeRepository.GetAll().Any(e => e.Name == name))
{
ApiScope apiScope = new ApiScope(name);
apiScope.SetDisplayName(displayName ?? name);
managePermissions.ForEach(item => apiScope.ApiManageScope.AddPermission(item));
queryPermissions.ForEach(item => apiScope.ApiQueryScope.AddPermission(item));
ApiScopeRepository.Insert(apiScope);
}
}
/// <summary>
/// Gets all resources.
/// </summary>
public virtual async Task <IdentityServer4.Models.Resources> GetAllResourcesAsync()
{
return(await ResourcesCache.GetOrAddAsync(AllResourcesKey, async() =>
{
var identityResources = await IdentityResourceRepository.GetListAsync(includeDetails: true);
var apiResources = await ApiResourceRepository.GetListAsync(includeDetails: true);
var apiScopes = await ApiScopeRepository.GetListAsync(includeDetails: true);
return new Resources(
ObjectMapper.Map <List <Volo.Abp.IdentityServer.IdentityResources.IdentityResource>, List <IdentityServer4.Models.IdentityResource> >(identityResources),
ObjectMapper.Map <List <Volo.Abp.IdentityServer.ApiResources.ApiResource>, List <IdentityServer4.Models.ApiResource> >(apiResources),
ObjectMapper.Map <List <Volo.Abp.IdentityServer.ApiScopes.ApiScope>, List <IdentityServer4.Models.ApiScope> >(apiScopes));
}, () => new DistributedCacheEntryOptions
{
AbsoluteExpirationRelativeToNow = Options.Caching.ClientStoreExpiration
}));
}
public void RemoveApiScopeApi(int apiScopeId, int apiSingleId)
{
var apiScope = ApiScopeRepository.FirstOrDefault(apiScopeId);
if (apiScope == null)
{
throw new Exception("找不到Api域");
}
var apiSingle = _apiSingleRepository.Get(apiSingleId);
if (apiSingle == null)
{
throw new Exception("找不到要移除的Api");
}
apiScope.RemoveApiScopeApi(apiSingle);
}
public void AddQueryPermission(int apiScopeId, int permissionId)
{
Expression <Func <ApiScope, object> >[] propertySelectors = new Expression <Func <ApiScope, object> >[] {
e => e.ApiQueryScope
};
var apiScope = ApiScopeRepository.GetAllIncluding(propertySelectors).FirstOrDefault(e => e.Id == apiScopeId);
if (apiScope == null)
{
throw new Exception("找不到Api域");
}
var permission = _permissionManager.PermissionRepository.FirstOrDefault(permissionId);
if (permission == null)
{
throw new Exception("找不到要添加的权限");
}
apiScope.ApiQueryScope.AddPermission(permission);
}
public IQueryable <ApiScope> GetApiScopes(Expression <Func <ApiScope, object> >[] propertySelectors)
{
return(ApiScopeRepository.GetAllIncluding(propertySelectors));
}
public IQueryable <ApiScope> GetApiScopes() => ApiScopeRepository.GetAll();
public IndexModel(ApiScopeRepository repository)
{
_repository = repository;
}
public NewModel(ApiScopeRepository repository)
{
_repository = repository;
}
public EditModel(ApiScopeRepository repository)
{
_repository = repository;
}
public ApiScope GetApiScopesForApiSingle(ApiSingle apiSingle)
{
return(ApiScopeRepository.GetAll().FirstOrDefault(e => e.ApiSingles.Where(ie => ie.Id == apiSingle.Id).Any()));
}
public void RemoveAllApiScope()
{
ApiScopeRepository.Delete((entity) => true);
}
private IApiScopeRepository GetApiScopeRepository(IdentityServerConfigurationDbContext context)
{
IApiScopeRepository apiScopeRepository = new ApiScopeRepository <IdentityServerConfigurationDbContext>(context);
return(apiScopeRepository);
}
/// <summary>
/// Gets API scopes by scope name.
/// </summary>
public virtual async Task <IEnumerable <IdentityServer4.Models.ApiScope> > FindApiScopesByNameAsync(IEnumerable <string> scopeNames)
{
var scopes = await ApiScopeRepository.GetListByNameAsync(scopeNames.ToArray(), includeDetails : true);
return(ObjectMapper.Map <List <Volo.Abp.IdentityServer.ApiScopes.ApiScope>, List <IdentityServer4.Models.ApiScope> >(scopes));
}
