wenyongda/ZrAdminNetCore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

数据权限正式兼容多多角色过滤

Browse Source
This commit is contained in:
不做码农 2023-05-23 14:11:52 +08:00
parent be54ae8379
commit 253d21cb54
1 changed files with 15 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
ZR.Admin.WebApi/Extensions/DbExtension.cs
View File

@ -145,9 +145,13 @@ namespace ZR.Admin.WebApi.Extensions
//管理员不过滤 //管理员不过滤
if (user.RoleIds.Any(f => f.Equals(GlobalConstant.AdminRole))) return; if (user.RoleIds.Any(f => f.Equals(GlobalConstant.AdminRole))) return;
var db = DbScoped.SugarScope.GetConnectionScope(configId); var db = DbScoped.SugarScope.GetConnectionScope(configId);
var expUser = Expressionable.Create<SysUser>().Or(it => 1 == 1);
var expRole = Expressionable.Create<SysRole>().Or(it => 1 == 1);
var expLoginlog = Expressionable.Create<SysLogininfor>();
foreach (var role in user.Roles.OrderBy(f => f.DataScope)) foreach (var role in user.Roles.OrderBy(f => f.DataScope))
{ {
string dataScope = role.DataScope.ToString(); long dataScope = role.DataScope;
if (DATA_SCOPE_ALL.Equals(dataScope))//所有权限 if (DATA_SCOPE_ALL.Equals(dataScope))//所有权限
{ {
break; break;
@ -155,31 +159,29 @@ namespace ZR.Admin.WebApi.Extensions
else if (DATA_SCOPE_CUSTOM.Equals(dataScope))//自定数据权限 else if (DATA_SCOPE_CUSTOM.Equals(dataScope))//自定数据权限
{ {
//" OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias, role.getRoleId())); //" OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias, role.getRoleId()));
var filter1 = new TableFilterItem<SysUser>(it => SqlFunc.Subqueryable<SysRoleDept>().Where(f => f.DeptId == it.DeptId && f.RoleId == role.RoleId).Any());
db.QueryFilter.Add(filter1); expUser.Or(it => SqlFunc.Subqueryable<SysRoleDept>().Where(f => f.DeptId == it.DeptId && f.RoleId == role.RoleId).Any());
} }
else if (DATA_SCOPE_DEPT.Equals(dataScope))//本部门数据 else if (DATA_SCOPE_DEPT.Equals(dataScope))//本部门数据
{ {
var filter1 = new TableFilterItem<SysUser>(it => it.DeptId == user.DeptId); expUser.Or(it => it.DeptId == user.DeptId);
db.QueryFilter.Add(filter1);
} }
else if (DATA_SCOPE_DEPT_AND_CHILD.Equals(dataScope))//本部门及以下数据 else if (DATA_SCOPE_DEPT_AND_CHILD.Equals(dataScope))//本部门及以下数据
{ {
//SQl OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) ) //SQl OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )
var allChildDepts = db.Queryable<SysDept>().ToChildList(it => it.ParentId, user.DeptId); var allChildDepts = db.Queryable<SysDept>().ToChildList(it => it.ParentId, user.DeptId);
var filter1 = new TableFilterItem<SysUser>(it => allChildDepts.Select(f => f.DeptId).ToList().Contains(it.DeptId)); expUser.Or(it => allChildDepts.Select(f => f.DeptId).ToList().Contains(it.DeptId));
db.QueryFilter.Add(filter1);
var filter2 = new TableFilterItem<SysDept>(it => allChildDepts.Select(f => f.DeptId).ToList().Contains(it.DeptId));
db.QueryFilter.Add(filter2);
} }
else if (DATA_SCOPE_SELF.Equals(dataScope))//仅本人数据 else if (DATA_SCOPE_SELF.Equals(dataScope))//仅本人数据
{ {
db.QueryFilter.AddTableFilter<SysUser>(it => it.UserId == user.UserId); expUser.Or(it => it.UserId == user.UserId);
db.QueryFilter.AddTableFilter<SysRole>(it => user.RoleIds.Contains(it.RoleKey)); expRole.Or(it => user.RoleIds.Contains(it.RoleKey));
db.QueryFilter.AddTableFilter<SysLogininfor>(it => it.UserName == user.UserName); expLoginlog.And(it => it.UserName == user.UserName);
} }
db.QueryFilter.AddTableFilter(expUser.ToExpression());
db.QueryFilter.AddTableFilter(expRole.ToExpression());
db.QueryFilter.AddTableFilter(expLoginlog.ToExpression());
} }
} }
} }