From f5f5000854ed38283df0eebe33e675eedcd5cc47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=B8=8D=E5=81=9A=E7=A0=81=E5=86=9C?= <599854767@qq.com> Date: Sat, 22 Jan 2022 16:57:38 +0800 Subject: [PATCH] update DbExtension.cs --- ZR.Admin.WebApi/Extensions/DbExtension.cs | 98 ++++++++++++----------- 1 file changed, 53 insertions(+), 45 deletions(-) diff --git a/ZR.Admin.WebApi/Extensions/DbExtension.cs b/ZR.Admin.WebApi/Extensions/DbExtension.cs index 958535d..78e344f 100644 --- a/ZR.Admin.WebApi/Extensions/DbExtension.cs +++ b/ZR.Admin.WebApi/Extensions/DbExtension.cs @@ -13,6 +13,17 @@ namespace ZR.Admin.WebApi.Extensions public static class DbExtension { private static NLog.Logger logger = NLog.LogManager.GetCurrentClassLogger(); + //全部数据权限 + public static string DATA_SCOPE_ALL = "1"; + //自定数据权限 + public static string DATA_SCOPE_CUSTOM = "2"; + //部门数据权限 + public static string DATA_SCOPE_DEPT = "3"; + //部门及以下数据权限 + public static string DATA_SCOPE_DEPT_AND_CHILD = "4"; + //仅本人数据权限 + public static string DATA_SCOPE_SELF = "5"; + public static void AddDb(IConfiguration Configuration) { string connStr = Configuration.GetConnectionString(OptionsSetting.ConnAdmin); @@ -35,22 +46,22 @@ namespace ZR.Admin.WebApi.Extensions } }); //每次Sql执行前事件 - var db0 = DbScoped.SugarScope.GetConnection(0); - db0.Aop.OnLogExecuting = (sql, pars) => + + DbScoped.SugarScope.GetConnection(0).Aop.OnLogExecuting = (sql, pars) => { var param = DbScoped.SugarScope.Utilities.SerializeObject(pars.ToDictionary(it => it.ParameterName, it => it.Value)); - FilterData(db0); + FilterData(DbScoped.SugarScope.GetConnection(0)); logger.Info($"{sql},{param}"); }; //出错打印日志 - db0.Aop.OnError = (e) => + DbScoped.SugarScope.GetConnection(0).Aop.OnError = (e) => { logger.Error(e, $"执行SQL出错:{e.Message}"); }; //SQL执行完 - db0.Aop.OnLogExecuted = (sql, pars) => + DbScoped.SugarScope.GetConnection(0).Aop.OnLogExecuted = (sql, pars) => { //执行完了可以输出SQL执行时间 (OnLogExecutedDelegate) }; @@ -58,7 +69,7 @@ namespace ZR.Admin.WebApi.Extensions DbScoped.SugarScope.GetConnection(1).Aop.OnLogExecuting = (sql, pars) => { var param = DbScoped.SugarScope.Utilities.SerializeObject(pars.ToDictionary(it => it.ParameterName, it => it.Value)); - + logger.Info($"Sql语句:{sql}, {param}"); }; //Db1错误日志 @@ -66,53 +77,50 @@ namespace ZR.Admin.WebApi.Extensions { logger.Error($"执行Sql语句失败:{e.Sql},原因:{e.Message}"); }; - } private static void FilterData(SqlSugarProvider db0) { var u = App.User; - if (u != null && u.Identity.IsAuthenticated) - { - //获取当前用户的信息 - var user = JwtUtil.GetLoginUser(App.HttpContext); - if (user != null) - { - //非管理员过滤数据权限 - if (!user.RoleIds.Any(f => f.Equals("admin"))) - { - //TODO 实现范围过滤 - foreach (var role in user.Roles) - { - string dataScope = role.DataScope; - if ("1".Equals(dataScope)) - { - break; - } - else if ("2".Equals(dataScope)) - { - //var roleDepts = db0.Queryable() - //.Where(f => f.RoleId == role.RoleId).Select(f => f.DeptId).ToList(); - //var filter1 = new TableFilterItem(it => roleDepts.Contains(it.DeptId)); - } - else if ("3".Equals(dataScope)) - { - var filter1 = new TableFilterItem(it => it.DeptId == user.DeptId); - } - else if ("4".Equals(dataScope)) - { + if (u == null) return; + //获取当前用户的信息 + var user = JwtUtil.GetLoginUser(App.HttpContext); + if (user == null) return; + //管理员不过滤 + if (user.RoleIds.Any(f => f.Equals("admin"))) return; - } - else if ("5".Equals(dataScope)) - { - var filter1 = new TableFilterItem(it => it.UserId == user.UserId); - } - } - } + foreach (var role in user.Roles) + { + string dataScope = role.DataScope; + if (DATA_SCOPE_ALL.Equals(dataScope))//所有权限 + { + break; + } + else if (DATA_SCOPE_CUSTOM.Equals(dataScope))//自定数据权限 + { + //var roleDepts = db0.Queryable() + //.Where(f => f.RoleId == role.RoleId).Select(f => f.DeptId).ToList(); + //var filter1 = new TableFilterItem(it => roleDepts.Contains(it.DeptId)); + } + else if (DATA_SCOPE_DEPT.Equals(dataScope))//本部门数据 + { + //有问题添加后的SQL 语句 是 AND deptId = @deptId + var exp = Expressionable.Create(); + exp.Or(it => it.DeptId == user.DeptId); + var filter1 = new TableFilterItem(exp.ToExpression()); + DbScoped.SugarScope.GetConnection(0).QueryFilter.Add(filter1); + Console.WriteLine("本部门数据过滤"); + } + else if (DATA_SCOPE_DEPT_AND_CHILD.Equals(dataScope))//本部门及以下数据 + { + //SQl OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) ) + } + else if (DATA_SCOPE_SELF.Equals(dataScope))//仅本人数据 + { + var filter1 = new TableFilterItem(it => it.UserId == user.UserId); + DbScoped.SugarScope.GetConnection(0).QueryFilter.Add(filter1); } } - //TODO 在此实现数据过滤 - //DbScoped.SugarScope.GetConnection(0).QueryFilter.Add(new TableFilterItem(it => it.DeptId == 333)); //为Order表置全局条件 } } }