订单查看权限优化

5 months ago · a14bf225f3
parent a38141cd88
commit a14bf225f3
4 changed files with 34 additions and 8 deletions
--- a/EntrustSettle.Api/Controllers/OrderController.cs
+++ b/EntrustSettle.Api/Controllers/OrderController.cs
@ -74,8 +74,12 @@ namespace EntrustSettle.Api.Controllers
                    throw new Exception("登陆人所属公司非东胜或大简云，无法查看运营端，请联系管理员");
                }
            }
            // 可以查看所有数据的用户Gid列表
            var seeAllDataUserGids = AppSettings.app<string>("Startup", "SeeAllDataUserGids");
            PageModel<OrderDto> result = await orderService.AsQueryable()
-                .WhereIF(App.User.ID != "d85fd590-d9f6-4410-93a1-f6fac77b606e" && input.QueryType != 2, x => x.CompanyId == App.User.CompanyId) // 衣国豪的账号在客户端也可以看全部数据
+                .WhereIF(!seeAllDataUserGids.Contains(App.User.ID) && input.QueryType != 2, x => x.CompanyId == App.User.CompanyId) // 衣国豪的账号在客户端也可以看全部数据
                .WhereIF(!string.IsNullOrWhiteSpace(input.Mblno), x => x.Mblno.Contains(input.Mblno))
                .WhereIF(!string.IsNullOrWhiteSpace(input.CompanyName), x => x.CompanyName.Contains(input.CompanyName))
                .WhereIF(!string.IsNullOrWhiteSpace(input.Remark), x => x.Remark.Contains(input.Remark))
@ -87,6 +91,9 @@ namespace EntrustSettle.Api.Controllers
                .OrderBy("id desc")
                .ToPageListAsyncExtension(input.pageIndex, input.pageSize);
            //var sql = orderService.AsQueryable()
                //.WhereIF(!seeAllDataUserGids.Contains(App.User.ID) && input.QueryType != 2, x => x.CompanyId == App.User.CompanyId).ToSqlString();
            var orderIdList = result.data.Select(x => x.Id).ToList();
            if (orderIdList.Count > 0)
            {
--- a/EntrustSettle.Api/appsettings.Production.json
+++ b/EntrustSettle.Api/appsettings.Production.json
@ -23,7 +23,13 @@
      "Enabled": false //redis 消息队列
    },
-    "UserInfoCacheTime": 60 //用户信息缓存时间，单位：分钟
+    "UserInfoCacheTime": 60, //用户信息缓存时间，单位：分钟
    // 可以查看所有数据的用户Gid列表
    "SeeAllDataUserGids": [
      "67233107-0db0-425c-9f14-5498d3cdd8b9", // 衣国豪
      "d85fd590-d9f6-4410-93a1-f6fac77b606e" // 邹文坤
    ]
  },
  "Apis": {
    "Hyd": {
--- a/EntrustSettle.Api/appsettings.Staging.json
+++ b/EntrustSettle.Api/appsettings.Staging.json
@ -23,7 +23,13 @@
      "Enabled": false //redis 消息队列
    },
-    "UserInfoCacheTime": 60 //用户信息缓存时间，单位：分钟
+    "UserInfoCacheTime": 60, //用户信息缓存时间，单位：分钟
    // 可以查看所有数据的用户Gid列表
    "SeeAllDataUserGids": [
      "67233107-0db0-425c-9f14-5498d3cdd8b9", // 衣国豪
      "d85fd590-d9f6-4410-93a1-f6fac77b606e" // 邹文坤
    ]
  },
  "Apis": {
    "Hyd": {
--- a/EntrustSettle.Api/appsettings.json
+++ b/EntrustSettle.Api/appsettings.json
@ -17,13 +17,20 @@
    "IdentityServer4": {
      "Enabled": true, // 这里默认是false，表示使用jwt授权模式，如果设置为true，则表示系统使用Ids4模式
      "AuthorizationUrl": "http://60.209.125.238:40501", // 认证中心域名
      //"AuthorizationUrl": "http://djy-identity.myshipping.net", // 认证中心域名
      "ApiName": "(未验证Audience)" // 资源服务器
    },
    "RedisMq": {
      "Enabled": false //redis 消息队列
    },
-    "UserInfoCacheTime": 60 //用户信息缓存时间，单位：分钟
+    "UserInfoCacheTime": 60, //用户信息缓存时间，单位：分钟
    // 可以查看所有数据的用户Gid列表
    "SeeAllDataUserGids": [
      "67233107-0db0-425c-9f14-5498d3cdd8b9", // 衣国豪
      "d85fd590-d9f6-4410-93a1-f6fac77b606e" // 邹文坤
    ]
  },
  "Apis": {
    "Hyd": {
@ -146,8 +153,8 @@
      "ConnId": "Main",
      "DBType": 0,
      "Enabled": true,
-      //"Connection": "server=rm-m5e06xxqpa68a68ry5o.mysql.rds.aliyuncs.com;Database=EntrustSettle;Uid=rulesengine_admin;Pwd=Rule1qaz2wsx!QAZ;Port=3306;Allow User Variables=True;Charset=utf8;TreatTinyAsBoolean=false;",
+      "Connection": "server=rm-m5e06xxqpa68a68ry5o.mysql.rds.aliyuncs.com;Database=EntrustSettle;Uid=rulesengine_admin;Pwd=Rule1qaz2wsx!QAZ;Port=3306;Allow User Variables=True;Charset=utf8;TreatTinyAsBoolean=false;",
-      "Connection": "server=60.209.125.238;Database=entrustsettle_dev;User ID=root;Password=Djy@Mysql.test;pooling=true;port=32006;Allow User Variables=True;Charset=utf8;TreatTinyAsBoolean=false;",
+      //"Connection": "server=60.209.125.238;Database=entrustsettle_dev;User ID=root;Password=Djy@Mysql.test;pooling=true;port=32006;Allow User Variables=True;Charset=utf8;TreatTinyAsBoolean=false;",
      "Slaves": [
        {
          "HitRate": 0, // 值越大，优先级越高 0不使用
@ -179,8 +186,8 @@
      "ConnId": "PingTai",
      "DBType": 1,
      "Enabled": true,
-      "Connection": "Data Source =60.209.125.238,32009; Initial Catalog=TestDsPingTai; Persist Security Info=True; User ID =sa; Password=Djy@Sql2022.test;pooling=true",
+      //"Connection": "Data Source =60.209.125.238,32009; Initial Catalog=TestDsPingTai; Persist Security Info=True; User ID =sa; Password=Djy@Sql2022.test;pooling=true",
-      //"Connection": "Data Source =47.104.73.97,6761; Initial Catalog=DsPingTai; Persist Security Info=True; User ID =sa; Password=QDdjy#2020*;pooling=true"
+      "Connection": "Data Source =47.104.73.97,6761; Initial Catalog=DsPingTai; Persist Security Info=True; User ID =sa; Password=QDdjy#2020*;pooling=true"
    }
  ],
  "Mongo": {