客户端角色授权检测

9 months ago · 285e0e30c1
parent 2d1451f543
commit 285e0e30c1
6 changed files with 99 additions and 6 deletions
--- a/ds-wms-client-web/src/api/system/role.ts
+++ b/ds-wms-client-web/src/api/system/role.ts
@ -7,7 +7,7 @@ enum Api {
  getRole = '/mainApi/Role/GetRoleInfo',
  getPermissionTree = '/mainApi/Role/GetClientRolePermissionTree',
  getRolePermission = '/mainApi/Role/GetRolePermission',
-  updateRolePermission = '/mainApi/Role/UpdateRolePermission',
+  updateRolePermission = '/mainApi/Role/UpdateClientRolePermission',
 }
 export function getRoleList(data: PageRequest) {
  return request<DataResult>({
--- a/ds-wms-service/DS.Module.Core/Constants/MultiLanguageConst.cs
+++ b/ds-wms-service/DS.Module.Core/Constants/MultiLanguageConst.cs
@ -44,6 +44,9 @@ public static class MultiLanguageConst
    [Description("用户授权数量限制")]
    public const string UserAuthNumLimit = "User_AuthNum_Limit";
    [Description("{0}模块数量超出授权数量{1}")]
    public const string PerAuthNumLimit = "Permission_AuthNum_Limit";
    [Description("用户唯一编码已存在")]
    public const string UserCodeExist = "UserCode_Exist";
    [Description("角色唯一编码已存在")]
--- a/ds-wms-service/DS.WMS.Core/System/Interface/ISysRoleService.cs
+++ b/ds-wms-service/DS.WMS.Core/System/Interface/ISysRoleService.cs
@ -55,4 +55,10 @@ public interface ISysRoleService
    /// <param name="model"></param>
    /// <returns></returns>
    DataResult UpdateRolePermission(RolePermissionInput model);
    /// <summary>
    /// 更新角色权限-客户端
    /// </summary>
    /// <param name="model"></param>
    /// <returns></returns>
    public DataResult UpdateClientRolePermission(RolePermissionInput model);
 }
--- a/ds-wms-service/DS.WMS.Core/System/Method/CommonService.cs
+++ b/ds-wms-service/DS.WMS.Core/System/Method/CommonService.cs
@ -604,7 +604,7 @@ public class CommonService : ICommonService
            {
                var childs = db.Queryable<SysPermissionTenant>().Where(x =>
                        x.MenuType == 2 && x.ParentId == item.ParentId && x.IsHidden == false && permissions.Contains(x.PermissionId) &&
-                        (x.PermissionType == 1 || x.PermissionType == 0))
+                        (x.PermissionType == 1 || x.PermissionType == 0) && x.PermissionId!=1744968217220222976)//排除企业用户维护
                    .OrderBy(x => x.SortCode)
                    .Select(a => new RouteItem
                    {
--- a/ds-wms-service/DS.WMS.Core/System/Method/SysRoleService.cs
+++ b/ds-wms-service/DS.WMS.Core/System/Method/SysRoleService.cs
@ -1,5 +1,6 @@
 using DS.Module.Core;
 using DS.Module.Core.Extensions;
 using DS.Module.Core.Helpers;
 using DS.Module.UserModule;
 using DS.WMS.Core.System.Dtos;
 using DS.WMS.Core.System.Entity;
@ -245,4 +246,87 @@ public class SysRoleService : ISysRoleService
        }
        return DataResult.Successed("更新成功!",MultiLanguageConst.DataUpdateSuccess);
    }
    public DataResult UpdateClientRolePermission(RolePermissionInput model)
    {
        var existPermissions = db.Queryable<SysRolePermission>().Where(x => x.RoleId == model.RoleId && x.IsPermission == 1).Select(n => n.PermissionId).ToArray();
        IEnumerable<long?> delPermissions = existPermissions.AsQueryable().Except(model.PermissionIds);
        if (delPermissions.Count() > 0)
        {
            db.Updateable<SysRolePermission>()
                .SetColumns(it => it.IsPermission == 0)//SetColumns是可以叠加的 写2个就2个字段赋值
                .Where(it => it.RoleId == model.RoleId && delPermissions.Contains(it.PermissionId))
                .ExecuteCommand();
        }
        IEnumerable<long?> addPermissions = model.PermissionIds.AsQueryable().Except(existPermissions);
        if (addPermissions.Count() > 0)
        {
            var existNoPermissions = db.Queryable<SysRolePermission>().Where(x => x.RoleId == model.RoleId && x.IsPermission == 0).Select(n => n.PermissionId).ToArray();
            IEnumerable<long?> updatePermissions = existNoPermissions.AsQueryable().Except(addPermissions);
            if (updatePermissions.Count() > 0)
            {
                db.Updateable<SysRolePermission>()
                    .SetColumns(it => it.IsPermission == 1)
                    .Where(it => it.RoleId == model.RoleId && updatePermissions.Contains(it.PermissionId))
                    .ExecuteCommand();
            }
            IEnumerable<long?> addRolePermissions = addPermissions.AsQueryable().Except(existNoPermissions);
            #region 租户模块权限检测
            var tenant = db.Queryable<SysTenant>().Where(x=>x.Id ==long.Parse(user.TenantId)).First();
            foreach (var item in addRolePermissions)
            {
                var per = db.Queryable<SysPermission>().Where(x => x.Id == item)
                    .First();
                if (per.MenuType == 2)
                {
                    var perAuth = db.Queryable<SysTenantPermissionAuth>().Where(x=>x.PermissionId == item).First();
                    if (perAuth.IsNotNull())
                    {
                        var authNum = EncrypteHelper.DecryptData(perAuth.AuthNum, tenant.AppSecret);
                        var roleList = db.Queryable<SysRolePermission>()
                            .Where(x => x.PermissionId == item && x.IsPermission == 1).Select(n => n.RoleId).ToList();
                        roleList.Add(model.RoleId);
                        roleList.Distinct();
                        var userList = new List<long?>();
                        foreach (var role in roleList)
                        {
                            var userArr = db.Queryable<SysRoleUser>().Where(x => x.RoleId == role).Select(n => n.UserId)
                                .ToList();
                            userList.AddRange(userArr);
                        }
                        userList.Distinct(); 
                        var userCount = userList.Count();
                        if (userCount>= int.Parse(authNum))
                        {
                            return DataResult.Failed(string.Format("{0}模块数量超出授权数量{1}",per.PermissionName, int.Parse(authNum)),MultiLanguageConst.PerAuthNumLimit);
                        }
                    }
                } 
            }
            #endregion
            foreach (var item in addRolePermissions)
            {
                var permission = new SysRolePermission
                {
                    RoleId = model.RoleId,
                    PermissionId = item,
                    IsPermission = 1,
                };
                db.Insertable(permission).ExecuteCommand();
            }
        }
        return DataResult.Successed("更新成功!",MultiLanguageConst.DataUpdateSuccess);
    }
 }
--- a/ds-wms-service/DS.WMS.MainApi/Controllers/RoleController.cs
+++ b/ds-wms-service/DS.WMS.MainApi/Controllers/RoleController.cs
@ -87,15 +87,15 @@ public class RoleController : ApiController
    }
    /// <summary>
-    /// 更新角色权限
+    /// 更新角色权限-客户端
    /// </summary>
    /// <param name="model"></param>
    /// <returns></returns>
    [HttpPost]
-    [Route("UpdateRolePermission")]
+    [Route("UpdateClientRolePermission")]
-    public DataResult UpdateRolePermission([FromBody] RolePermissionInput model)
+    public DataResult UpdateClientRolePermission([FromBody] RolePermissionInput model)
    {
-        var res = _invokeService.UpdateRolePermission(model);
+        var res = _invokeService.UpdateClientRolePermission(model);
        return res;
    }
 }