private ApiResult CheckPermission(User u, MembersFilterDto filter, string companyRegion, string prevRegion)
{
var regionResult = CheckRegion(u, companyRegion, prevRegion);
if (filter == null || regionResult.Status != 0)
{
return(regionResult);
}
if (u == null)
{
return(ActionStatusMessage.UserMessage.NotExist);
}
var targetCompanies = filter.Companies;
foreach (var targetCompany in targetCompanies)
{
var permit = userActionServices.Permission(u?.Application?.Permission, DictionaryAllPermission.Apply.AuditStream, Operation.Create, u.Id, targetCompany);
var targetCompanyItem = companiesService.GetById(targetCompany);
if (!targetCompany.StartsWith(companyRegion))
{
return(new ApiResult(ActionStatusMessage.Account.Auth.Invalid.Default.Status, $"包含的单位{targetCompanyItem?.Name}({targetCompany})的越权"));
}
if (!permit)
{
return(new ApiResult(ActionStatusMessage.Account.Auth.Invalid.Default.Status, $"不具有{targetCompanyItem?.Name}({targetCompany})的权限"));
}
}
return(ActionStatusMessage.Success);
}
public static TResult ToModel <TResult>(this MembersFilterDto model) where TResult : IMembersFilter, new()
{
if (model == null)
{
return(default);
