/// <summary> /// 获取用户所有的访问控制详情 /// </summary> /// <param name="user"></param> /// <returns></returns> public (List <ClientApp>, List <UserGroup>, List <Role>, List <Permission>, List <Control>, List <Menu>) Details(UserInfo user) { DataContext context = BaseDal.GetDataContext(); List <ClientApp> apps = user.ClientApp.ToList(); List <Control> controls = new List <Control>(); List <Menu> menus = new List <Menu>(); List <UserGroup> groups = new List <UserGroup>(); List <Role> roles = new List <Role>(); List <Permission> permissions = new List <Permission>(); //1.0 用户-角色-权限-功能 主线,权限的优先级最低 user.Role.ForEach(r => { int[] rids = context.Database.SqlQuery <int>("exec sp_getParentRoleIdByChildId " + r.Id).ToArray(); //拿到所有上级角色 foreach (int i in rids) { Role role = context.Role.FirstOrDefault(o => o.Id == i); roles.Add(role); role?.Permission.ForEach(p => { int[] pids = context.Database.SqlQuery <int>("exec sp_getParentPermissionIdByChildId " + p.Id).ToArray(); //拿到所有上级权限 foreach (int s in pids) { Permission permission = context.Permission.FirstOrDefault(x => x.Id == s); permissions.Add(permission); controls.AddRange(permission.Controls.Where(c => c.IsAvailable)); menus.AddRange(permission.Menu.Where(c => c.IsAvailable)); } }); } }); //2.0 用户-用户组-角色-权限,权限的优先级其次 user.UserGroup.ForEach(g => { //2.1 拿到所有上级用户组 int[] gids = context.Database.SqlQuery <int>("exec sp_getParentGroupIdByChildId " + g.Id).ToArray(); //拿到所有上级用户组 foreach (int i in gids) { UserGroup group = context.UserGroup.FirstOrDefault(u => u.Id == i); groups.Add(g); List <int> noRoleIds = @group?.UserGroupRole.Where(x => !x.HasRole).Select(x => x.Id).ToList(); //没有角色的id集合 @group?.UserGroupRole.ForEach(ugp => { if (ugp.HasRole) { //角色可用,取并集 //2.2 拿到所有上级角色,并排除掉角色不可用的角色id int[] rids = context.Database.SqlQuery <int>("exec sp_getParentRoleIdByChildId " + ugp.Role.Id).Except(noRoleIds).ToArray(); //拿到所有上级角色,并排除掉角色不可用的角色id foreach (int r in rids) { Role role = context.Role.FirstOrDefault(o => o.Id == r); roles.Add(role); role?.Permission.ForEach(p => { //2.3 拿到所有上级权限 int[] pids = context.Database.SqlQuery <int>("exec sp_getParentPermissionIdByChildId " + p.Id).ToArray(); //拿到所有上级权限 foreach (int s in pids) { Permission permission = context.Permission.FirstOrDefault(x => x.Id == s); permissions.Add(permission); controls.AddRange(permission.Controls.Where(c => c.IsAvailable)); menus.AddRange(permission.Menu.Where(c => c.IsAvailable)); } }); } } else { //角色不可用,取差集 ugp.Role.Permission.ForEach(p => controls = controls.Except(p.Controls).Where(c => c.IsAvailable).ToList()); ugp.Role.Permission.ForEach(p => menus = menus.Except(p.Menu).Where(c => c.IsAvailable).ToList()); } }); } }); //3.0 用户-权限-功能 临时权限,权限的优先级最高 List <int> noPermissionIds = user.UserPermission.Where(p => !p.HasPermission).Select(p => p.Id).ToList(); //没有权限的id集合 user.UserPermission?.ForEach(p => { if (p.HasPermission) { //临时权限可用,取并集 //3.1 拿到所有上级权限,并排除掉没有权限的角色id int[] pids = context.Database.SqlQuery <int>("exec sp_getParentPermissionIdByChildId " + p.Id).Except(noPermissionIds).ToArray(); //拿到所有上级权限,并排除掉没有权限的角色id foreach (int i in pids) { Permission permission = context.Permission.FirstOrDefault(x => x.Id == i); permissions.Add(permission); controls.AddRange(permission.Controls.Where(c => c.IsAvailable)); menus.AddRange(permission.Menu.Where(c => c.IsAvailable)); } } else { //临时权限不可用,取差集 controls = controls.Except(p.Permission.Controls.Where(c => c.IsAvailable)).ToList(); menus = menus.Except(p.Permission.Menu.Where(c => c.IsAvailable)).ToList(); } }); return(apps, groups.Distinct().ToList(), roles.Distinct().ToList(), permissions.Distinct().ToList(), controls.Distinct().ToList(), menus.Distinct().ToList()); }
/// <summary> /// 获取用户组所有的访问控制详情 /// </summary> /// <param name="group"></param> /// <param name="g"></param> /// <returns></returns> public (IQueryable <ClientApp>, IQueryable <UserInfo>, List <UserGroup>, List <UserGroupRole>, List <Permission>, List <Control>, List <Menu>) Details(UserGroup @group) { DataContext context = BaseDal.GetDataContext(); IQueryable <ClientApp> apps = new ClientAppBll().LoadEntities(a => a.UserGroup.Any(p => p.Id == group.Id)); IQueryable <UserInfo> users = new UserInfoBll().LoadEntities(u => u.UserGroup.Any(g => g.Id == group.Id)); List <UserGroup> groups = new List <UserGroup>(); List <Control> controls = new List <Control>(); List <Menu> menus = new List <Menu>(); List <Permission> permissions = new List <Permission>(); List <UserGroupRole> groupRoles = new List <UserGroupRole>(); //2.1 拿到所有上级用户组 int[] gids = context.Database.SqlQuery <int>("exec sp_getParentGroupIdByChildId " + group.Id).ToArray(); //拿到所有上级用户组 foreach (int i in gids) { UserGroup gg = context.UserGroup.FirstOrDefault(u => u.Id == i); if (i != group.Id) { groups.Add(gg); } List <int> noRoleIds = gg?.UserGroupRole.Where(x => !x.HasRole).Select(x => x.Id).ToList(); //没有角色的id集合 gg?.UserGroupRole.ForEach(ugp => { groupRoles.Add(ugp); if (ugp.HasRole) { //角色可用,取并集 //2.2 拿到所有上级角色,并排除掉角色不可用的角色id int[] rids = context.Database.SqlQuery <int>("exec sp_getParentRoleIdByChildId " + ugp.Role.Id).Except(noRoleIds).ToArray(); //拿到所有上级角色,并排除掉角色不可用的角色id foreach (int r in rids) { Role role = context.Role.FirstOrDefault(o => o.Id == r); role?.Permission.ForEach(p => { //2.3 拿到所有上级权限 int[] pids = context.Database.SqlQuery <int>("exec sp_getParentPermissionIdByChildId " + p.Id).ToArray(); //拿到所有上级权限 foreach (int s in pids) { Permission permission = context.Permission.FirstOrDefault(x => x.Id == s); permissions.Add(permission); controls.AddRange(permission.Controls.Where(c => c.IsAvailable)); menus.AddRange(permission.Menu.Where(c => c.IsAvailable)); } }); } } else { //角色不可用,取差集 ugp.Role.Permission.ForEach(p => controls = controls.Except(p.Controls).Where(c => c.IsAvailable).ToList()); ugp.Role.Permission.ForEach(p => menus = menus.Except(p.Menu).Where(c => c.IsAvailable).ToList()); } }); } return(apps, users, groups, groupRoles.Distinct().ToList(), permissions.Distinct().ToList(), controls.Distinct().ToList(), menus.Distinct().ToList()); }