From 046a470ea48b5ae7b5362529eea84779f4f4aeb5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=B8=8D=E5=81=9A=E7=A0=81=E5=86=9C?= <599854767@qq.com>
Date: Fri, 30 Jun 2023 06:41:20 +0800
Subject: [PATCH] :sparkles: add DataPermi.cs
---
ZR.Admin.WebApi/Extensions/DataPermi.cs | 121 ++++++++++++++++++++++++
1 file changed, 121 insertions(+)
create mode 100644 ZR.Admin.WebApi/Extensions/DataPermi.cs
diff --git a/ZR.Admin.WebApi/Extensions/DataPermi.cs b/ZR.Admin.WebApi/Extensions/DataPermi.cs
new file mode 100644
index 0000000..a313987
--- /dev/null
+++ b/ZR.Admin.WebApi/Extensions/DataPermi.cs
@@ -0,0 +1,121 @@
+using Infrastructure;
+using SqlSugar.IOC;
+using SqlSugar;
+using ZR.Admin.WebApi.Framework;
+using ZR.Model.System;
+
+namespace ZR.Admin.WebApi.Extensions
+{
+ public enum DataPermiEnum
+ {
+ None = 0,
+ ///
+ /// 全部数据权限
+ ///
+ All = 1,
+ ///
+ /// 仅本人数据权限
+ ///
+ SELF = 5,
+ ///
+ /// 部门数据权限
+ ///
+ DEPT = 3,
+ ///
+ /// 自定数据权限
+ ///
+ CUSTOM = 2,
+ ///
+ /// 部门及以下数据权限
+ ///
+ DEPT_CHILD = 4
+ }
+ ///
+ /// 数据权限
+ ///
+ public class DataPermi
+ {
+ ///
+ /// 数据过滤
+ ///
+ /// 多库id
+ public static void FilterData(int configId)
+ {
+ //获取当前用户的信息
+ var user = JwtUtil.GetLoginUser(App.HttpContext);
+ if (user == null) return;
+ //管理员不过滤
+ if (user.RoleIds.Any(f => f.Equals(GlobalConstant.AdminRole))) return;
+ var db = DbScoped.SugarScope.GetConnectionScope(configId);
+ var expUser = Expressionable.Create();
+ var expRole = Expressionable.Create();
+ var expLoginlog = Expressionable.Create();
+
+ foreach (var role in user.Roles.OrderBy(f => f.DataScope))
+ {
+ var dataScope = (DataPermiEnum)role.DataScope;
+ if (DataPermiEnum.All.Equals(dataScope))//所有权限
+ {
+ break;
+ }
+ else if (DataPermiEnum.CUSTOM.Equals(dataScope))//自定数据权限
+ {
+ //" OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias, role.getRoleId()));
+
+ expUser.Or(it => SqlFunc.Subqueryable().Where(f => f.DeptId == it.DeptId && f.RoleId == role.RoleId).Any());
+ }
+ else if (DataPermiEnum.DEPT.Equals(dataScope))//本部门数据
+ {
+ expUser.Or(it => it.DeptId == user.DeptId);
+ }
+ else if (DataPermiEnum.DEPT_CHILD.Equals(dataScope))//本部门及以下数据
+ {
+ //SQl OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )
+ var allChildDepts = db.Queryable().ToChildList(it => it.ParentId, user.DeptId);
+
+ expUser.Or(it => allChildDepts.Select(f => f.DeptId).ToList().Contains(it.DeptId));
+ }
+ else if (DataPermiEnum.SELF.Equals(dataScope))//仅本人数据
+ {
+ expUser.Or(it => it.UserId == user.UserId);
+ expRole.Or(it => user.RoleIds.Contains(it.RoleKey));
+ expLoginlog.And(it => it.UserName == user.UserName);
+ }
+ }
+
+ db.QueryFilter.AddTableFilter(expUser.ToExpression());
+ db.QueryFilter.AddTableFilter(expRole.ToExpression());
+ db.QueryFilter.AddTableFilter(expLoginlog.ToExpression());
+ }
+
+ public static void FilterData1(int configId)
+ {
+ //获取当前用户的信息
+ var user = JwtUtil.GetLoginUser(App.HttpContext);
+ if (user == null) return;
+ var db = DbScoped.SugarScope.GetConnectionScope(configId);
+
+ foreach (var role in user.Roles.OrderBy(f => f.DataScope))
+ {
+ var dataScope = (DataPermiEnum)role.DataScope;
+ if (DataPermiEnum.All.Equals(dataScope))//所有权限
+ {
+ break;
+ }
+ else if (DataPermiEnum.CUSTOM.Equals(dataScope))//自定数据权限
+ {
+ }
+ else if (DataPermiEnum.DEPT.Equals(dataScope))//本部门数据
+ {
+ }
+ else if (DataPermiEnum.DEPT_CHILD.Equals(dataScope))//本部门及以下数据
+ {
+
+ }
+ else if (DataPermiEnum.SELF.Equals(dataScope))//仅本人数据
+ {
+ }
+ }
+ }
+ }
+}