/// <summary>
/// 获取用户所有的访问控制详情
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public (List <ClientApp>, List <UserGroup>, List <Role>, List <Permission>, List <Control>, List <Menu>) Details(UserInfo user)
{
DataContext context = BaseDal.GetDataContext();
List <ClientApp> apps = user.ClientApp.ToList();
List <Control> controls = new List <Control>();
List <Menu> menus = new List <Menu>();
List <UserGroup> groups = new List <UserGroup>();
List <Role> roles = new List <Role>();
List <Permission> permissions = new List <Permission>();
//1.0 用户-角色-权限-功能 主线,权限的优先级最低
user.Role.ForEach(r =>
{
int[] rids = context.Database.SqlQuery <int>("exec sp_getParentRoleIdByChildId " + r.Id).ToArray(); //拿到所有上级角色
foreach (int i in rids)
{
Role role = context.Role.FirstOrDefault(o => o.Id == i);
roles.Add(role);
role?.Permission.ForEach(p =>
{
int[] pids = context.Database.SqlQuery <int>("exec sp_getParentPermissionIdByChildId " + p.Id).ToArray(); //拿到所有上级权限
foreach (int s in pids)
{
Permission permission = context.Permission.FirstOrDefault(x => x.Id == s);
permissions.Add(permission);
controls.AddRange(permission.Controls.Where(c => c.IsAvailable));
menus.AddRange(permission.Menu.Where(c => c.IsAvailable));
}
});
}
});
//2.0 用户-用户组-角色-权限,权限的优先级其次
user.UserGroup.ForEach(g =>
{
//2.1 拿到所有上级用户组
int[] gids = context.Database.SqlQuery <int>("exec sp_getParentGroupIdByChildId " + g.Id).ToArray(); //拿到所有上级用户组
foreach (int i in gids)
{
UserGroup group = context.UserGroup.FirstOrDefault(u => u.Id == i);
groups.Add(g);
List <int> noRoleIds = @group?.UserGroupRole.Where(x => !x.HasRole).Select(x => x.Id).ToList(); //没有角色的id集合
@group?.UserGroupRole.ForEach(ugp =>
{
if (ugp.HasRole)
{
//角色可用,取并集
//2.2 拿到所有上级角色,并排除掉角色不可用的角色id
int[] rids = context.Database.SqlQuery <int>("exec sp_getParentRoleIdByChildId " + ugp.Role.Id).Except(noRoleIds).ToArray(); //拿到所有上级角色,并排除掉角色不可用的角色id
foreach (int r in rids)
{
Role role = context.Role.FirstOrDefault(o => o.Id == r);
roles.Add(role);
role?.Permission.ForEach(p =>
{
//2.3 拿到所有上级权限
int[] pids = context.Database.SqlQuery <int>("exec sp_getParentPermissionIdByChildId " + p.Id).ToArray(); //拿到所有上级权限
foreach (int s in pids)
{
Permission permission = context.Permission.FirstOrDefault(x => x.Id == s);
permissions.Add(permission);
controls.AddRange(permission.Controls.Where(c => c.IsAvailable));
menus.AddRange(permission.Menu.Where(c => c.IsAvailable));
}
});
}
}
else
{
//角色不可用,取差集
ugp.Role.Permission.ForEach(p => controls = controls.Except(p.Controls).Where(c => c.IsAvailable).ToList());
ugp.Role.Permission.ForEach(p => menus = menus.Except(p.Menu).Where(c => c.IsAvailable).ToList());
}
});
}
});
//3.0 用户-权限-功能 临时权限,权限的优先级最高
List <int> noPermissionIds = user.UserPermission.Where(p => !p.HasPermission).Select(p => p.Id).ToList(); //没有权限的id集合
user.UserPermission?.ForEach(p =>
{
if (p.HasPermission)
{
//临时权限可用,取并集
//3.1 拿到所有上级权限,并排除掉没有权限的角色id
int[] pids = context.Database.SqlQuery <int>("exec sp_getParentPermissionIdByChildId " + p.Id).Except(noPermissionIds).ToArray(); //拿到所有上级权限,并排除掉没有权限的角色id
foreach (int i in pids)
{
Permission permission = context.Permission.FirstOrDefault(x => x.Id == i);
permissions.Add(permission);
controls.AddRange(permission.Controls.Where(c => c.IsAvailable));
menus.AddRange(permission.Menu.Where(c => c.IsAvailable));
}
}
else
{
//临时权限不可用,取差集
controls = controls.Except(p.Permission.Controls.Where(c => c.IsAvailable)).ToList();
menus = menus.Except(p.Permission.Menu.Where(c => c.IsAvailable)).ToList();
}
});
return(apps, groups.Distinct().ToList(), roles.Distinct().ToList(), permissions.Distinct().ToList(), controls.Distinct().ToList(), menus.Distinct().ToList());
}
/// <summary>
/// 获取用户组所有的访问控制详情
/// </summary>
/// <param name="group"></param>
/// <param name="g"></param>
/// <returns></returns>
public (IQueryable <ClientApp>, IQueryable <UserInfo>, List <UserGroup>, List <UserGroupRole>, List <Permission>, List <Control>, List <Menu>) Details(UserGroup @group)
{
DataContext context = BaseDal.GetDataContext();
IQueryable <ClientApp> apps = new ClientAppBll().LoadEntities(a => a.UserGroup.Any(p => p.Id == group.Id));
IQueryable <UserInfo> users = new UserInfoBll().LoadEntities(u => u.UserGroup.Any(g => g.Id == group.Id));
List <UserGroup> groups = new List <UserGroup>();
List <Control> controls = new List <Control>();
List <Menu> menus = new List <Menu>();
List <Permission> permissions = new List <Permission>();
List <UserGroupRole> groupRoles = new List <UserGroupRole>();
//2.1 拿到所有上级用户组
int[] gids = context.Database.SqlQuery <int>("exec sp_getParentGroupIdByChildId " + group.Id).ToArray(); //拿到所有上级用户组
foreach (int i in gids)
{
UserGroup gg = context.UserGroup.FirstOrDefault(u => u.Id == i);
if (i != group.Id)
{
groups.Add(gg);
}
List <int> noRoleIds = gg?.UserGroupRole.Where(x => !x.HasRole).Select(x => x.Id).ToList(); //没有角色的id集合
gg?.UserGroupRole.ForEach(ugp =>
{
groupRoles.Add(ugp);
if (ugp.HasRole)
{
//角色可用,取并集
//2.2 拿到所有上级角色,并排除掉角色不可用的角色id
int[] rids = context.Database.SqlQuery <int>("exec sp_getParentRoleIdByChildId " + ugp.Role.Id).Except(noRoleIds).ToArray(); //拿到所有上级角色,并排除掉角色不可用的角色id
foreach (int r in rids)
{
Role role = context.Role.FirstOrDefault(o => o.Id == r);
role?.Permission.ForEach(p =>
{
//2.3 拿到所有上级权限
int[] pids = context.Database.SqlQuery <int>("exec sp_getParentPermissionIdByChildId " + p.Id).ToArray(); //拿到所有上级权限
foreach (int s in pids)
{
Permission permission = context.Permission.FirstOrDefault(x => x.Id == s);
permissions.Add(permission);
controls.AddRange(permission.Controls.Where(c => c.IsAvailable));
menus.AddRange(permission.Menu.Where(c => c.IsAvailable));
}
});
}
}
else
{
//角色不可用,取差集
ugp.Role.Permission.ForEach(p => controls = controls.Except(p.Controls).Where(c => c.IsAvailable).ToList());
ugp.Role.Permission.ForEach(p => menus = menus.Except(p.Menu).Where(c => c.IsAvailable).ToList());
}
});
}
return(apps, users, groups, groupRoles.Distinct().ToList(), permissions.Distinct().ToList(), controls.Distinct().ToList(), menus.Distinct().ToList());
}
