zhusenlin/Yi.Admin
1
0
Fork 0
mirror of https://gitee.com/ccnetcore/Yi synced 2026-03-05 01:00:51 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
30c45eeb5913d27d5b438d96d3eaf1663aade4fd
Yi.Admin/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.SqlSugarCore/YiRbacDbContext.cs
chenchun 5d793344cd fix: 修复移除属性注入
2024-11-20 13:43:35 +08:00

96 lines
3.9 KiB
C#
Raw Blame History

using Microsoft.Extensions.DependencyInjection;
using SqlSugar;
using Volo.Abp.Data;
using Volo.Abp.DependencyInjection;
using Volo.Abp.Users;
using Yi.Framework.Rbac.Domain.Authorization;
using Yi.Framework.Rbac.Domain.Entities;
using Yi.Framework.Rbac.Domain.Extensions;
using Yi.Framework.Rbac.Domain.Shared.Consts;
using Yi.Framework.Rbac.Domain.Shared.Enums;
using Yi.Framework.SqlSugarCore;
namespace Yi.Framework.Rbac.SqlSugarCore
{
public class YiRbacDbContext : SqlSugarDbContext
{
protected IDataFilter DataFilter => LazyServiceProvider.LazyGetRequiredService<IDataFilter>();
protected ICurrentUser CurrentUser => LazyServiceProvider.GetRequiredService<ICurrentUser>();
protected override void CustomDataFilter(ISqlSugarClient sqlSugarClient)
{
if (DataFilter.IsEnabled<IDataPermission>())
{
DataPermissionFilter(sqlSugarClient);
}
}
public YiRbacDbContext(IAbpLazyServiceProvider lazyServiceProvider) : base(lazyServiceProvider)
{
}
/// <summary>
/// 数据权限过滤
/// </summary>
protected void DataPermissionFilter(ISqlSugarClient sqlSugarClient)
{
//获取当前用户的信息
if (CurrentUser.Id == null || CurrentUser.IsRefreshToken()) return;
//管理员不过滤
if (CurrentUser.UserName.Equals(UserConst.Admin) || CurrentUser.Roles.Any(f => f.Equals(UserConst.AdminRolesCode))) return;
var expUser = Expressionable.Create<UserAggregateRoot>();
var expRole = Expressionable.Create<RoleAggregateRoot>();
var roleInfo = CurrentUser.GetRoleInfo();
//如果无岗位,或者无角色,只能看自己的数据
if (/*CurrentUser.GetDeptId() is null ||*/ roleInfo is null)
{
expUser.Or(it => it.Id == CurrentUser.Id);
expRole.Or(it => roleInfo.Select(x => x.Id).Contains(it.Id));
}
else
{
foreach (var role in roleInfo.OrderBy(f => f.DataScope))
{
var dataScope = role.DataScope;
if (DataScopeEnum.ALL.Equals(dataScope))//所有权限
{
break;
}
else if (DataScopeEnum.CUSTOM.Equals(dataScope))//自定数据权限
{
//" OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias, role.getRoleId()));
expUser.Or(it => SqlFunc.Subqueryable<RoleDeptEntity>().Where(f => f.DeptId == it.DeptId && f.RoleId == role.Id).Any());
}
else if (DataScopeEnum.DEPT.Equals(dataScope))//本部门数据
{
expUser.Or(it => it.DeptId == CurrentUser.GetDeptId());
}
else if (DataScopeEnum.DEPT_FOLLOW.Equals(dataScope))//本部门及以下数据
{
//SQl OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )
var allChildDepts = sqlSugarClient.Queryable<DeptAggregateRoot>().ToChildList(it => it.ParentId, CurrentUser.GetDeptId());
expUser.Or(it => allChildDepts.Select(f => f.Id).ToList().Contains(it.DeptId ?? Guid.Empty));
}
else if (DataScopeEnum.USER.Equals(dataScope))//仅本人数据
{
expUser.Or(it => it.Id == CurrentUser.Id);
expRole.Or(it => roleInfo.Select(x => x.Id).Contains(it.Id));
}
}
}
sqlSugarClient.QueryFilter.AddTableFilter(expUser.ToExpression());
sqlSugarClient.QueryFilter.AddTableFilter(expRole.ToExpression());
}
}
}
Reference in New Issue View Git Blame Copy Permalink