可视数据权限调整

dev
cjy 3 months ago
parent 82d1149da4
commit 758f2d71cd

@ -19,4 +19,10 @@ public static class DataRuleConst
/// 数据权限配置中当前登录机构的key /// 数据权限配置中当前登录机构的key
/// </summary> /// </summary>
public const string LoginOrg = "{loginOrg}"; public const string LoginOrg = "{loginOrg}";
/// <summary>
/// 数据权限配置中当前登录所属部门的key
/// </summary>
public const string LoginDept = "{loginDept}";
} }

@ -31,6 +31,12 @@ namespace DS.WMS.Core.Code.Entity
/// </summary> /// </summary>
[SqlSugar.SugarColumn(ColumnDescription = "权限描述", IsNullable = true, Length = 200)] [SqlSugar.SugarColumn(ColumnDescription = "权限描述", IsNullable = true, Length = 200)]
public string Description { get; set; } public string Description { get; set; }
/// <summary>
/// 权限实体
/// </summary>
[SqlSugar.SugarColumn(ColumnDescription = "权限实体", IsNullable = false, Length = 100)]
public string PermissionEntity { get; set; }
/// <summary> /// <summary>
/// 用户Id /// 用户Id
/// </summary> /// </summary>
@ -46,7 +52,7 @@ namespace DS.WMS.Core.Code.Entity
/// 可视模板Id /// 可视模板Id
/// </summary> /// </summary>
[SugarColumn(ColumnDescription = "可视模板Id")] [SugarColumn(ColumnDescription = "可视模板Id")]
public long VisibleTemplateId { get; set; } public long? VisibleTemplateId { get; set; }
/// <summary> /// <summary>
/// 可视权限模板范围 /// 可视权限模板范围
@ -63,7 +69,7 @@ namespace DS.WMS.Core.Code.Entity
/// 操作模板Id /// 操作模板Id
/// </summary> /// </summary>
[SugarColumn(ColumnDescription = "操作模板Id")] [SugarColumn(ColumnDescription = "操作模板Id")]
public long OperateTemplateId { get; set; } public long? OperateTemplateId { get; set; }
/// <summary> /// <summary>
/// 操作权限模板范围 /// 操作权限模板范围

@ -67,6 +67,7 @@ namespace DS.WMS.Core.Code.Method
VisibleTemplateId = visibleTemp.Id, VisibleTemplateId = visibleTemp.Id,
VisibleRuleScope =visibleTemp.RuleScope, VisibleRuleScope =visibleTemp.RuleScope,
VisibleRuleScopeName = visibleTemp.RuleScopeName, VisibleRuleScopeName = visibleTemp.RuleScopeName,
PermissionEntity = visibleTemp.PermissionEntity,
OperateTemplateId = operateTemp.Id, OperateTemplateId = operateTemp.Id,
OperateRuleScope = operateTemp.RuleScope, OperateRuleScope = operateTemp.RuleScope,
OperateRuleScopeName = operateTemp.RuleScopeName, OperateRuleScopeName = operateTemp.RuleScopeName,
@ -166,6 +167,7 @@ namespace DS.WMS.Core.Code.Method
VisibleTemplateId = rule.VisibleTemplateId, VisibleTemplateId = rule.VisibleTemplateId,
VisibleRuleScope = rule.VisibleRuleScope, VisibleRuleScope = rule.VisibleRuleScope,
VisibleRuleScopeName = rule.VisibleRuleScopeName, VisibleRuleScopeName = rule.VisibleRuleScopeName,
PermissionEntity = rule.PermissionEntity,
OperateTemplateId = rule.OperateTemplateId, OperateTemplateId = rule.OperateTemplateId,
OperateRuleScope = rule.OperateRuleScope, OperateRuleScope = rule.OperateRuleScope,
OperateRuleScopeName = rule.OperateRuleScopeName, OperateRuleScopeName = rule.OperateRuleScopeName,

@ -18,6 +18,7 @@ using DS.WMS.Core.Op.Entity;
using DS.WMS.Core.Op.Interface; using DS.WMS.Core.Op.Interface;
using DS.WMS.Core.Sys.Entity; using DS.WMS.Core.Sys.Entity;
using DS.WMS.Core.Sys.Interface; using DS.WMS.Core.Sys.Interface;
using DS.WMS.Core.Sys.Method;
using DS.WMS.Core.TaskPlat.Dtos; using DS.WMS.Core.TaskPlat.Dtos;
using Hangfire; using Hangfire;
using LanguageExt; using LanguageExt;
@ -95,6 +96,8 @@ public partial class SeaExportService : ISeaExportService
{ {
var tenantDb = saasService.GetBizDbScopeById(user.TenantId); var tenantDb = saasService.GetBizDbScopeById(user.TenantId);
//var query = commonService.GetVisibleDataRuleFilter<SeaExport>(tenantDb);
var orgList = db.Queryable<SysOrg>().Where(x => x.Status == StatusEnum.Enable); var orgList = db.Queryable<SysOrg>().Where(x => x.Status == StatusEnum.Enable);
//序列化查询条件 //序列化查询条件
var whereList = db.ConfigQuery.Context.Utilities.JsonToConditionalModels(request.QueryCondition); var whereList = db.ConfigQuery.Context.Utilities.JsonToConditionalModels(request.QueryCondition);
@ -786,6 +789,7 @@ public partial class SeaExportService : ISeaExportService
//data.IsBusinessLocking = false; //data.IsBusinessLocking = false;
//data.IsFeeLocking = false; //data.IsFeeLocking = false;
//data.CustomerNo = sequence.Data; //data.CustomerNo = sequence.Data;
data.BusinessStatusName = "";
data.CustomerNo = ""; data.CustomerNo = "";
var entity = tenantDb.Insertable(data).ExecuteReturnEntity(); var entity = tenantDb.Insertable(data).ExecuteReturnEntity();
@ -803,6 +807,7 @@ public partial class SeaExportService : ISeaExportService
data.Id = 0; data.Id = 0;
data.ParentId = 0; data.ParentId = 0;
data.CustomerNo = ""; data.CustomerNo = "";
data.BusinessStatusName = "";
//data.IsBusinessLocking = false; //data.IsBusinessLocking = false;
//data.IsFeeLocking = false; //data.IsFeeLocking = false;
//data.CustomerNo = sequence.Data; //data.CustomerNo = sequence.Data;

@ -290,4 +290,12 @@ public interface ICommonService
/// 批量获取任务台用户字段设置 /// 批量获取任务台用户字段设置
/// </summary> /// </summary>
Task<DataResult<List<SysFieldSetTaskPlatResultDto>>> GetUserTaskPlatFieldSet(SysFieldSetTaskPlatQueryDto query); Task<DataResult<List<SysFieldSetTaskPlatResultDto>>> GetUserTaskPlatFieldSet(SysFieldSetTaskPlatQueryDto query);
/// <summary>
/// 获取当前用户的可视权限范围
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="tenantDb"></param>
/// <returns></returns>
public ISugarQueryable<T> GetVisibleDataRuleFilter<T>(SqlSugarScopeProvider tenantDb);
} }

@ -25,6 +25,7 @@ using DS.WMS.Core.Flow.Dtos;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using DS.Module.Core.Constants; using DS.Module.Core.Constants;
using DS.WMS.Core.Op.Entity; using DS.WMS.Core.Op.Entity;
using DS.Module.Core.Data;
namespace DS.WMS.Core.Sys.Method; namespace DS.WMS.Core.Sys.Method;
@ -1434,6 +1435,82 @@ public class CommonService : ICommonService
return conditionalModels; return conditionalModels;
} }
/// <summary>
/// 获取当前用户的可视权限范围
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="tenantDb"></param>
/// <returns></returns>
public ISugarQueryable<T> GetVisibleDataRuleFilter<T>(SqlSugarScopeProvider tenantDb)
{
var userInfo = db.Queryable<SysUser>().First(x => x.Id == long.Parse(user.UserId));
if (userInfo.UserType == 0)
{
return db.Queryable<T>(); //超级管理员特权
}
var moduleName = typeof(T).Name.ToLower();
var rule = tenantDb.Queryable<CodeDataRule>()
.First(u => u.UserId == long.Parse(user.UserId) && u.PermissionEntity.ToLower() == moduleName && u.Status == StatusEnum.Enable);
if (rule == null) return db.Queryable<T>(); //没有设置数据规则,那么视为该资源允许被任何主体查看
#region 可视权限
if ((long)rule.VisibleTemplateId == 0)
{
return db.Queryable<T>();
}
var ruleInfo = tenantDb.Queryable<CodeDataRuleTemplate>().First(x => x.Id == (long)rule.VisibleTemplateId);
if (ruleInfo.DataRules.IsNull())
{
return db.Queryable<T>();
}
if (ruleInfo.RuleScope == "all")
{
return db.Queryable<T>().ClearFilter<IOrgId>();
}
if (ruleInfo.RuleScope == "none")
{
SqlSugar.Check.ExceptionEasy("NO Operation", "没有数据查看权限!");
}
if (ruleInfo.RuleScope == "self")
{
ruleInfo.DataRules = ruleInfo.DataRules.Replace(DataRuleConst.LoginUser, user.UserId);
}
if (ruleInfo.RuleScope == "self_org")
{
ruleInfo.DataRules = ruleInfo.DataRules.Replace(DataRuleConst.LoginOrg, userInfo.DefaultOrgId.ToString());
}
if (ruleInfo.RuleScope == "self_dept")
{
var deptUsers = db.Queryable<SysUser>().Where(x => x.DeptId == userInfo.DeptId).Select(x => x.Id).ToList();
ruleInfo.DataRules = ruleInfo.DataRules.Replace(DataRuleConst.LoginDept, string.Join(",", deptUsers));
}
if (ruleInfo.RuleScope == "select_org")
{
var orgUsers = db.Queryable<SysUser>().Where(x => x.DefaultOrgId == userInfo.DefaultOrgId).Select(x => x.Id).ToList();
ruleInfo.DataRules = ruleInfo.DataRules.Replace(DataRuleConst.LoginDept, string.Join(",", orgUsers));
var conditions1 = ruleInfo.DataRules.ConvertSqlSugarExpression();
var conditionalModels1 =
db.ConfigQuery.Context.Utilities.JsonToConditionalModels(
JsonConvert.SerializeObject(conditions1));
return db.Queryable<T>().ClearFilter<IOrgId>().Where(conditionalModels1);
}
#endregion
var conditions = ruleInfo.DataRules.ConvertSqlSugarExpression();
var conditionalModels =
db.ConfigQuery.Context.Utilities.JsonToConditionalModels(
JsonConvert.SerializeObject(conditions));
return db.Queryable<T>().Where(conditionalModels);
}
#region 获取数据库表及字段属性 #region 获取数据库表及字段属性
/// <summary> /// <summary>

Loading…
Cancel
Save