/// <summary> /// 用户是否允许访问Action /// </summary> /// <param name="request"></param> /// <param name="context"></param> /// <returns></returns> public override async Task <VerificationResult> GetAccess(VerificationModel request, ServerCallContext context) { GetUserIdByTokenResult result = await tokenService.GetUserIdByTokenAsync(request.Token); if (!result.Exist) { return(AccessResult(false)); } //如果是管理员用户,返回允许 if (await db.Users.AnyAsync(x => x.Id == result.UserId && x.PositionId == null)) { return(AccessResult(true)); } //Tag不存在时,返回不允许 ActionTag tag = await( from a in db.ActionTags where a.TagName == request.TagName select a).FirstOrDefaultAsync(); if (tag == null) { return(AccessResult(false)); } //存在针对单个用户新增的该Tag的访问权限,允许访问 if (await db.UserActionMaps.AnyAsync(x => x.UserId == result.UserId && x.ActionTagId == tag.Id && x.AccessType == UserActionMapType.Add)) { return(AccessResult(true)); } //如过用户的职位允许访问该tag,返回允许 Position userPosition = await( from u in db.Users join p in db.Positions on u.PositionId equals p.Id select p).FirstOrDefaultAsync(); if (await db.PositionActionMaps.AnyAsync(x => x.PositionId == userPosition.Id && x.ActionTagId == tag.Id)) { return(AccessResult(true)); } //如过用户的部门允许访问该tag,返回允许 Department department = await db.Departments.FirstOrDefaultAsync(x => x.Id == userPosition.DepartmentId); if (await db.DepartmentActionMaps.AnyAsync(x => x.DepartmentId == department.Id && x.ActionTagId == tag.Id)) { return(AccessResult(true)); } return(AccessResult(false)); }
public override async Task <GetUserResponse> GetCurrentUser(GetUserRequesr request, ServerCallContext context) { GetUserIdByTokenResult result = await tokenService.GetUserIdByTokenAsync(request.Token); GetUserResponse response = new GetUserResponse(); if (result.Exist) { User user = await db.Users.FirstOrDefaultAsync(x => x.Id == result.UserId); if (user != null) { response.Id = user.Id; response.Name = user.Name; response.DepartmentId = user.PositionId ?? -1; } } return(response); }