public void CheckAccess(Rolession permission, User user)
{
if (!TryCheckAccess(permission, user))
{
throw new Exception("安全错误");
}
}
private IEnumerable <MenuItem> GetChildMenu(MenuItem parent, Module current, User currUser)
{
var navList = _moduleRepository.GetAll()
.Where(a => a.Parent != null && a.Parent.Id == parent.Id && (a.IsUse == null || (a.IsUse != null && a.IsUse.Value)))
.OrderBy(a => a.ShowOrder).OrderBy(a => a.ShowOrder).MapTo <List <MenuItem> >().ToList();
return(navList
.Where(nav => _authorizationService.TryCheckAccess(Rolession.For(nav.Code), currUser))
.Select(nav =>
{
var childMenus = GetChildMenu(nav, current, currUser).ToList();
return new MenuItem
{
Id = nav.Id,
ParentId = nav.ParentId,
Items = childMenus,
Name = nav.Name,
Code = nav.Code,
Icon = nav.Icon,
Url = string.IsNullOrWhiteSpace(nav.Url) ? "" : _urlHelper.Content(nav.Url),
Selected = nav.Id == current.Id || childMenus.Any(a => a.Selected)
};
}));
}
public bool TryCheckAccess(Rolession rolession, User user)
{
if (user == null)
{
return(false);
}
//取消admin用所有权限功能,仍然通过赋权得到
//if (IsAdministrator(user))
// return true;
var nav = _moduleManager.GetNavigation(rolession.Code);
return(nav.RoleModule.Select(s => s.RoleId).Intersect(user.Roles.Select(s => s.RoleId)).Any());
}
