/// <summary> /// 获取用户无读取权限的字段 /// </summary> /// <param name="userId"></param> /// <param name="securityFields"></param> /// <returns></returns> public List <Guid> GetNoneReadFields(Guid userId, List <Guid> securityFields, int objectTypeCode) { if (securityFields.IsEmpty()) { return(securityFields); } List <Guid> result; Sql s = Sql.Builder.Append("select distinct b.AttributeId from RoleObjectAccess a") .Append("inner join Attribute b on a.ObjectId = b.AttributeId") .Append("inner join SystemUserRoles c on a.RoleId = c.RoleId") .Append("where a.AccessRightsMask = 1 and c.SystemUserId=@0", userId) .Append("and a.ObjectId in(@0)", securityFields.Select(x => (object)x).ToArray()) .Append("and a.ObjectTypeCode = @0", objectTypeCode); var data = new DataRepositoryBase <dynamic>(_dbContext).ExecuteQuery(s); if (data.NotEmpty()) { result = securityFields.Where(x => !data.Select(f => f.AttributeId).Contains(x)).ToList(); } else { result = securityFields; } return(result); }