/// <summary>
/// 获取当前组的所有菜单资源的权限
/// </summary>
/// <param name="groupID">用户组的主键</param>
/// <returns>返回获取到的资源数组列表</returns>
protected override IList <Resource> GenerateResourcePermission(int groupID)
{
ResourceList resourceList = RepositoryFacade.ResolveInstance <ResourceRepository>().Extension <ResourceRepositoryExtension>().GetResourceByGroupID(groupID);
IList <Resource> resource = resourceList.Concrete().ToList();
return(resource);
}
public void RBAC_UserRole_GetRoleListTest()
{
this._controller = DomainControllerFactory.Create <UserRoleController>();
var userRoleRepository = RepositoryFacade.ResolveInstance <UserRoleRepository>();
var userRepository = RepositoryFacade.ResolveInstance <UserRepository>();
var roleRepository = RepositoryFacade.ResolveInstance <RoleRepository>();
using (RepositoryFacade.TransactionScope(userRoleRepository))
{
var user = new User {
Id = 1, UserName = "******", RealName = "Test_001", Email = "*****@*****.**", PhoneNumber = "18666666666"
};
var role = new Role {
Id = 1, Code = Guid.NewGuid().ToString("N"), Description = "", Name = "管理员"
};
userRepository.Save(user);
roleRepository.Save(role);
userRoleRepository.Save(new UserRole {
User = user, Role = role
});
var roleList = roleRepository.GetRoleByUserId(user.Id);
Assert.IsNotNull(roleList);
Assert.IsTrue(roleList.Count == 1);
}
}
/// <summary>
/// 设置组织的用户列表
/// 用户列表必须是当前组织的所有用户集合
/// </summary>
/// <param name="userIds">用户Id集合</param>
/// <param name="groupId">组织Id</param>
public void SetGroupUser(IList <long> userIds, long groupId)
{
var groupUserRepository = RepositoryFacade.ResolveInstance <GroupUserRepository>();
var groupUserList = groupUserRepository.GetByParentId(groupId).Concrete();
var changeGroupUserList = groupUserRepository.NewList();
var groupUsers = groupUserList as IList <GroupUser> ?? groupUserList.ToList();
foreach (GroupUser item in groupUsers)
{
if (userIds.All(id => id != item.UserId))
{
changeGroupUserList.Add(item);
item.PersistenceStatus = PersistenceStatus.Deleted;
}
}
var group = new Group {
Id = groupId
};
foreach (var userId in userIds)
{
if (groupUsers.All(g => g.UserId != userId))
{
GroupUser groupUser = new GroupUser();
groupUser.Group = group;
groupUser.User = new Accounts.User {
Id = userId
};
groupUser.PersistenceStatus = PersistenceStatus.New;
changeGroupUserList.Add(groupUser);
}
}
groupUserRepository.Save(changeGroupUserList);
}
/// <summary>
/// 根据用户所在的组集合,获取组的角色列表
/// </summary>
/// <param name="user">用户</param>
/// <returns></returns>
public RoleList FindByUser(User user)
{
var groupList = RepositoryFacade.ResolveInstance <GroupRepository>().GetGroupByUserId(user.Id);
var idList = groupList.Select(p => (long)p.Id);
return
(RepositoryFacade.ResolveInstance <RoleRepository>()
.GetRoleByGroupIdList(idList));
}
public void RBAC_GetPermissionEntry_Success()
{
var repo = RepositoryFacade.ResolveInstance <GroupRepository>();
using (RepositoryFacade.TransactionScope(repo))
{
var controller = new PermissionFacadeController();
Assert.IsNotNull(controller.GetPermissionEntry(1));
}
}
public void RBAC_Role_GetResourceOperation()
{
var repo = RepositoryFacade.ResolveInstance <ResourceOperationRepository>();
using (RepositoryFacade.TransactionScope(repo))
{
var tuple = RBAC_InitRBAC();
Assert.IsTrue(repo.GetByParentId(tuple.Item4.Id).Count == 2);
Assert.IsTrue(repo.GetResourceOperation(tuple.Item1.Id, tuple.Item4.Id).Count == 1);
}
}
public void RBAC_Group_GetAllGroupList()
{
var repo = RepositoryFacade.ResolveInstance <GroupRepository>();
using (RepositoryFacade.TransactionScope(repo))
{
RBAC_InitRBAC();
var groupList = TreeHelper.ConvertToList <Group>(repo.GetAll());
Assert.IsTrue(groupList.Count == 2);
}
}
public void RBAC_DataPermission_CurrentGroupDataPermisssion()
{
var repo = RepositoryFacade.ResolveInstance <TestDataPermissionRepository>();
using (RepositoryFacade.TransactionScope(repo))
{
var tuple = RBAC_InitRBAC();
using (DataPermissionFacade.EnableDataPermission(tuple.Item4))
{
AccountContext.CurrentUser = tuple.Item1;
Assert.IsTrue(repo.GetAll().Count == 1);
}
}
}
public void RBAC_Role_GetOperationByRole()
{
var repo = RepositoryFacade.ResolveInstance <RoleRepository>();
using (RepositoryFacade.TransactionScope(repo))
{
var tuple = RBAC_InitRBAC();
Assert.IsTrue(
RepositoryFacade.ResolveInstance <ResourceOperationRepository>()
.GetOperationByRoleList(new List <long> {
tuple.Item2.Id
})
.Count == 1);
}
}
/// <summary>
/// 获取用户的组织列表或者及其下级组织列表
/// </summary>
/// <param name="userId">用户Id</param>
/// <param name="isIncludeChildGroup">是否包含下级</param>
/// <returns></returns>
protected virtual List <long> GetGroupListByUserId(long userId, bool isIncludeChildGroup)
{
List <long> groupIdList = new List <long>();
var groupRepository = RepositoryFacade.ResolveInstance <GroupRepository>();
var groupList = groupRepository.GetGroupByUserId(userId);
if (isIncludeChildGroup)
{
groupIdList.AddRange(groupRepository.GetGroupAndLowerByGroupList(groupList));
}
else
{
groupIdList.AddRange(groupList.Select(p => p.Id).Cast <long>());
}
return(groupIdList);
}
/// <summary>
/// 获取用户的资源列表
/// </summary>
/// <param name="userId">用户Id</param>
/// <returns></returns>
public virtual ResourceList GetResourceListByUserId(long userId)
{
RoleRepository roleRepository = RepositoryFacade.ResolveInstance <RoleRepository>();
var roleList = roleRepository.GetRoleByUserId(userId);
var roleIdList = roleList.Select(r => r.Id).Cast <long>().ToList();
List <object> resourceIdList = new List <object>();
var resourceOperationRepository = RepositoryFacade.ResolveInstance <ResourceOperationRepository>();
var resourceOperationList = resourceOperationRepository.GetOperationByRoleList(roleIdList);
foreach (var item in resourceOperationList)
{
if (!resourceIdList.Contains(item.ResourceId))
{
resourceIdList.Add(item.ResourceId);
}
}
return(RepositoryFacade.ResolveInstance <ResourceRepository>().GetByIdList(resourceIdList.ToArray()));
}
/// <summary>
/// 重载构造函数,初始化权限使用对象
/// </summary>
/// <param name="permissionEntry">权限使用对象</param>
protected PermissionBuilder(PermissionEntry permissionEntry)
{
if (permissionEntry == null)
{
_permissionEntry = new DefaultPermissionEntry();
}
else
{
_permissionEntry = permissionEntry;
}
if (_groupRepository == null)
{
_groupRepository = RepositoryFacade.ResolveInstance <GroupRepository>();
}
if (_userRepository == null)
{
_userRepository = RepositoryFacade.ResolveInstance <UserRepository>();
}
}
public void RBAC_Role_SetRoleOperation()
{
var controller = DomainControllerFactory.Create <RoleController>();
var repo = RepositoryFacade.ResolveInstance <RoleOperationRepository>();
using (RepositoryFacade.TransactionScope(repo))
{
var tuple = RBAC_InitRBAC();
var originId = repo.GetAll()[0].OperationId;
var role = tuple.Item2;
var resource = tuple.Item4;
var delopId = Convert.ToInt64(resource.ResourceOperationList[1].Id);
controller.SetRoleOperation(role.Id, new List <long> {
delopId
});
var savedId = repo.GetAll()[0].OperationId;
Assert.AreNotEqual(originId, savedId);
}
}
public void RBAC_DataPermissionCu_rrentGroupAndLowerDataPermisssion()
{
var repo = RepositoryFacade.ResolveInstance <TestDataPermissionRepository>();
using (RepositoryFacade.TransactionScope(repo))
{
var tuple = RBAC_InitRBAC();
var role = new Role {
Name = "包含下级管理员", Code = "admin"
};
RepositoryFacade.Save(role);
var userRole = new UserRole {
User = tuple.Item1, Role = role
};
RepositoryFacade.Save(userRole);
var dataPermission1 = new DataPermission
{
Resource = tuple.Item4,
Role = role
};
dataPermission1.SetBuilder(new CurrentGroupPermissionConstraintBuilder
{
IsIncludeChildGroup = true,
GroupIdProperty = "GroupId"
});
RepositoryFacade.Save(dataPermission1);
var testDataPermission = new TestDataPermission();
testDataPermission.Group = tuple.Item3.TreeChildren[0] as Group;
testDataPermission.Name = "test";
RepositoryFacade.Save(testDataPermission);
using (DataPermissionFacade.EnableDataPermission(tuple.Item4))
{
AccountContext.CurrentUser = tuple.Item1;
Assert.IsTrue(repo.GetAll().Count == 2);
}
Assert.IsTrue(repo.GetAll().Count == 2);
}
}
/// <summary>
/// 获取指定用户、资源的操作列表
/// </summary>
/// <param name="userId">用户Id</param>
/// <param name="resourceId">资源Id</param>
/// <returns></returns>
public virtual ResourceOperationList GetResourceOperation(long userId, long resourceId)
{
RoleRepository roleRepository = RepositoryFacade.ResolveInstance <RoleRepository>();
var roleList = roleRepository.GetRoleByUserId(userId);
var roleIdList = roleList.Select(r => r.Id).Cast <long>().ToList();
var operationIdList = RepositoryFacade.ResolveInstance <ResourceOperationRepository>().GetOperationByRoleList(roleIdList).Select(o => (long)o.Id);
var resourceOperationRepository = RepositoryFacade.ResolveInstance <ResourceOperationRepository>();
var resourceOperationList = resourceOperationRepository.GetByParentId(resourceId);
var newOperationList = resourceOperationRepository.NewList();
var idList = operationIdList as long[] ?? operationIdList.ToArray();
foreach (var item in resourceOperationList)
{
if (idList.Any(id => id == item.Id))
{
newOperationList.Add(item);
}
}
return(newOperationList);
}
/// <summary>
/// 保存角色分配功能操作
/// 功能操作列表必须是当前角色所有的功能操作集合
/// </summary>
/// <param name="roleId">角色Id</param>
/// <param name="operationIdList">操作Id集合</param>
public virtual void SetRoleOperation(long roleId, List <long> operationIdList)
{
RoleOperationRepository roleOperationRepository = RepositoryFacade.ResolveInstance <RoleOperationRepository>();
var roleOperationList = roleOperationRepository.GetByRoleIdList(new List <long> {
roleId
}).Concrete().ToList();
var changeRoleOpertaionList = roleOperationRepository.NewList();
//处理删除的操作
foreach (var item in roleOperationList)
{
if (operationIdList.All(id => id != item.OperationId))
{
changeRoleOpertaionList.Add(item);
item.PersistenceStatus = PersistenceStatus.Deleted;
}
}
var addRole = new Role {
Id = roleId
};
//处理新增操作
foreach (var item in operationIdList)
{
if (roleOperationList.All(o => o.OperationId != item))
{
RoleOperation roleOpertaion = new RoleOperation();
roleOpertaion.Role = addRole;
roleOpertaion.Operation = new ResourceOperation()
{
Id = item
};
roleOpertaion.PersistenceStatus = PersistenceStatus.New;
changeRoleOpertaionList.Add(roleOpertaion);
}
}
if (changeRoleOpertaionList.Count > 0)
{
roleOperationRepository.Save(changeRoleOpertaionList);
}
}
/// <summary>
/// 获取当前组的所有菜单资源所对应的操作权限
/// </summary>
/// <param name="groupID">用户组的主键</param>
/// <returns>返回获取到的当前组每个资源所对应的操作权限的字典集合</returns>
protected override IDictionary <long, IList <ResourceOperation> > GenerateOperationPermission(int groupID)
{
IDictionary <long, IList <ResourceOperation> > operations = new Dictionary <long, IList <ResourceOperation> >();
var resourceOperationList = RepositoryFacade.ResolveInstance <ResourceOperationRepository>().Extension <ResourceOperationRepositoryExtension>().GetResourceOperationByGroupID(groupID);
foreach (ResourceOperation item in resourceOperationList)
{
IList <ResourceOperation> list = null;
if (operations.TryGetValue(item.ResourceId, out list))
{
list.Add(item);
}
else
{
list = new List <ResourceOperation>();
list.Add(item);
operations.Add(item.ResourceId, list);
}
}
return(operations);
}
public void RBAC_UserRole_HasRoleTest()
{
this._controller = DomainControllerFactory.Create <UserRoleController>();
var userRoleRepository = RepositoryFacade.ResolveInstance <UserRoleRepository>();
var userRepository = RepositoryFacade.ResolveInstance <UserRepository>();
var roleRepository = RepositoryFacade.ResolveInstance <RoleRepository>();
using (RepositoryFacade.TransactionScope(userRepository))
{
var user = new User {
Id = 1, UserName = "******", RealName = "Test_001", Email = "*****@*****.**", PhoneNumber = "18666666666"
};
var role = new Role {
Id = 1, Code = Guid.NewGuid().ToString("N"), Description = "", Name = "管理员"
};
userRepository.Save(user);
roleRepository.Save(role);
userRoleRepository.Save(new UserRole {
User = user, Role = role
});
var result1 = this._controller.HasRole(new User {
Id = user.Id
}, new Role {
Id = role.Id
});
var result2 = this._controller.HasRole(new User {
Id = user.Id
}, new Role {
Id = role.Id + 1L
});
Assert.IsTrue(result1);
Assert.IsFalse(result2);
}
}
/// <summary>
/// 查询用户的所有角色
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public RoleList FindByUser(User user)
{
RoleRepository roleRepository = RepositoryFacade.ResolveInstance <RoleRepository>();
return(roleRepository.GetRoleByUserId(user.Id));
}
/// <summary>
/// 获取某个资源角色的数据权限列表
/// </summary>
/// <param name="resourceId"></param>
/// <param name="roles"></param>
/// <returns></returns>
private static DataPermissionList CollectDataPermissions(long resourceId, RoleList roles)
{
return(RepositoryFacade.ResolveInstance <DataPermissionRepository>()
.GetDataPermissionList(resourceId, roles.Select(p => p.Id).Cast <long>().ToList()));
}
