AddEntityControlCondition(ExtendedIdentityDbContext db,
YuShang.ERP.Entities.Privileges.EntityControlType entityControlType,
IQueryable <OrderContract> tempDbQuery, string userName, IList <string> roles)
{
//int level = PrivilegeLevelByEntityControlType.GetDefaultPrivilegeLevelByEntityControlType(entityControlType);
int selfLevel = PrivilegeManager.GetSelfPrivilegeLevelByEntityControlType(
entityControlType, userName, roles, db);
tempDbQuery = tempDbQuery.Where(m => ((m.OrderSysUserKey == userName && m.EntityPrivLevRequired <= selfLevel) ||
m.EntityPrivLevRequired < selfLevel));
//简单的规则就是:一般的用户只能看到小于自己数据权限级别的数据;
//或者自己录入的数据但是权限小于等于自己的
return(tempDbQuery);
}
//public PrivilegeManager(Microsoft.Owin.IOwinContext owinContext)
//{
// this._owinContext = owinContext;
//}
//private ApplicationSignInManager _signInManager;
//private Microsoft.Owin.IOwinContext _owinContext;
//internal ApplicationSignInManager SignInManager
//{
// get
// {
// return _signInManager;
// // ?? _owinContext.Get<ApplicationSignInManager>();
// //.Get<ApplicationSignInManager>();
// }
// set { _signInManager = value; }
//}
public bool IsHighLevelPrivilege(IOwinContext owinContext, string userName,
YuShang.ERP.Entities.Privileges.EntityControlType type, out IList <string> roles)
{//FIXED: 判断数据权限
bool result = false;
IList <string> userRoles = null;
IList <string> highLevelRoleNames = this.GetHighLevelRoleNameByConfig(type);
if (owinContext != null)
{
var ttmp = owinContext.GetUserManager <ApplicationUserManager>();
if (ttmp != null)
{
m_userManager = ttmp;
}
}
// m_userManager = owinContext.GetUserManager<ApplicationUserManager>();
var taskUserName = m_userManager.FindByNameAsync(userName);
taskUserName.Wait();
var user = taskUserName.Result;
if (user != null)
{
var task = m_userManager.GetRolesAsync(user.Id);
task.Wait();
if (task.Result != null)
{
userRoles = task.Result;
if (userRoles.Intersect(highLevelRoleNames).Count() > 0)
{//当用户角色与高级别角色之间交集大于0个,则说明是高权限角色
roles = userRoles;
return(true);
}
}
//m_userManager.GetRolesAsync().Result.Intersect(highLevelRoleNames).Count() > 0;
//int userid = user.Id;
//foreach (var hi in highLevelRoleNames)
//{
// var ttask = m_userManager.IsInRoleAsync(userid, hi);
// ttask.Wait();
// if (ttask.Result)
// {
// result = true;
// break;
// }
//}
//Parallel.ForEach(highLevelRoleNames, (s =>
//{
// var tempTask = m_userManager.IsInRoleAsync(userid, s);
// tempTask.Wait();
// if (tempTask.Result)
// {
// result = true;
// }
//}));
//var task = m_userManager.GetRolesAsync(userid);
//task.Wait();
//if (task.Result != null)
// userRoles = task.Result;
}
roles = userRoles;
return(result);
}
