VberAdmin_V4/SourceCode/Zero/VberYue.Zero/AppService/Users/UserAppServiceBase.cs

using Abp.Application.Services.Dto;
using Abp.Auditing;
using Abp.Authorization;
using Abp.Domain.Repositories;
using Abp.Linq.Extensions;
using Abp.Localization;
using Abp.MultiTenancy;
using Abp.Runtime.Caching;
using Abp.Runtime.Session;
using Abp.UI;

using Microsoft.AspNetCore.Identity;

using VberZero.AppService.Base;
using VberZero.AppService.Base.Dto;
using VberZero.AppService.Roles.Dto;
using VberZero.AppService.Users.Dto;
using VberZero.Auditing;
using VberZero.Authorization;
using VberZero.Authorization.Roles;
using VberZero.Authorization.Users;
using VberZero.BaseSystem;
using VberZero.BaseSystem.Roles;
using VberZero.BaseSystem.Users;
using VberZero.DomainService.Notifications;
using VberZero.Session;
using VberZero.Tools.StringModel;

namespace VberZero.AppService.Users;

[AbpAuthorize, AuditLog("用户管理", "用户")]
public class UserAppServiceBase : VzCrudAppServiceBase<User, UserDto, long, VzPagedRequestDto, CreateUserDto, UpdateUserDto>, IUserAppServiceBase
{
    private readonly VzUserManager _userManager;

    //private readonly VzRoleManager _roleManager;
    private readonly IRepository<Role> _roleRepository;

    private readonly IPasswordHasher<User> _passwordHasher;
    private readonly IVzSession _abpSession;
    private readonly VzLogInManager _logInManager;
    private readonly IRepository<SysFunction, int?> _funRepository;
    private readonly IAppNotifier _appNotifier;

    public UserAppServiceBase(
        ICacheManager cacheManager,
        IRepository<User, long> repository,
        VzUserManager userManager,
        //VzRoleManager roleManager,
        IRepository<Role> roleRepository,
        IPasswordHasher<User> passwordHasher,
        IVzSession abpSession,
        VzLogInManager logInManager, IRepository<SysFunction, int?> funRepository, IAppNotifier appNotifier)
        : base(repository)
    {
        _userManager = userManager;
        //_roleManager = roleManager;
        _roleRepository = roleRepository;
        _passwordHasher = passwordHasher;
        _abpSession = abpSession;
        _logInManager = logInManager;
        _funRepository = funRepository;
        _appNotifier = appNotifier;
        CacheManager = cacheManager;
    }

    protected virtual string ActivatePermissionName { get; set; }
    protected virtual string DeActivatePermissionName { get; set; }
    protected virtual string ResetLockPermissionName { get; set; }
    protected virtual string ResetPasswordPermissionName { get; set; }

    #region Curd

    [DisableAuditing]
    public override async Task<PagedResultDto<UserDto>> GetAll(VzPagedRequestDto input)
    {
        CheckGetAllPermission();
        var accountType = AbpSession.GetAccountType();
        var userType = AbpSession.GetUserType();
        var userName = AbpSession.GetUserName();
        IQueryable<User> query = CreateFilteredQuery(input);

#pragma warning disable CS0162
        if (userName != User.AdminUserName && !(VzConsts.MultiTenancyEnabled && AbpSession.MultiTenancySide.HasFlag(MultiTenancySides.Host)))
#pragma warning restore CS0162
            query = query.Where(a => a.UserName != User.AdminUserName && (a.UserType > userType) && (accountType == VzDefinition.AccountType.System || a.AccountType == accountType));

        var totalCount = await AsyncQueryableExecuter.CountAsync(query);
        query = ApplySorting(query, input);
        query = ApplyPaging(query, input);

        var entities = await AsyncQueryableExecuter.ToListAsync(query);
        return new PagedResultDto<UserDto>(totalCount, entities.Select(MapToEntityDto).ToList());
    }

    protected override IQueryable<T> SelfSorting<T>(IQueryable<T> query, VzPagedRequestDto input)
    {
        if (query is IQueryable<User> queryable)
            return (IQueryable<T>)queryable.OrderBy(r => r.UserName).ThenBy(a => a.UserType);
        return query;
    }

    protected override IQueryable<T> KeyWordFilter<T>(IQueryable<T> query, string keyword)
    {
        if (query is IQueryable<User> queryable)
            return (IQueryable<T>)queryable.WhereIf(keyword.NotEmpty(), a =>
                a.Name.Contains(keyword) || a.UserName.Contains(keyword) || a.EmailAddress.Contains(keyword) ||
                a.EmailAddress.Contains(keyword) || a.PhoneNumber.Contains(keyword));
        return query;
    }

    public override async Task Create(CreateUserDto input)
    {
        CheckCreatePermission();
        var userType = AbpSession.GetUserType();
        var userName = AbpSession.GetUserName();
        if (input.UserType <= userType && userName != User.AdminUserName && userName != User.SystemUserName)
        {
            ThrowError("NoPermissionUpdateUserType");
        }
        var user = MapToEntity(input);
        user.IsEmailConfirmed = true;

        user = await _userManager.CreateUser(user, input.RoleNames, input.PermissionNames);
        await CacheManager.GetCache(VzConsts.CacheSystemUser).SetAsync(user.Id + "", user);
        await _appNotifier.WelcomeToSystemAsync(user);
    }

    public override async Task Update(UpdateUserDto input)
    {
        CheckUpdatePermission();
        var userType = AbpSession.GetUserType();
        var userName = AbpSession.GetUserName();
        var user = await _userManager.GetUserByIdAsync(input.Id);

        if (userName != User.AdminUserName && userName != User.SystemUserName)
        {
            var oldUser = await GetEntityById(input.Id);
            if (oldUser?.UserType <= userType) ThrowError("NoPermissionUpdateUser");
            if (input.UserType <= userType) ThrowError("NoPermissionUpdateUserType");
        }

        /*修改绑定账号。。。 */

        MapToEntity(input, user);
        CheckErrors(await _userManager.UpdateAsync(user));

        if (input.RoleNames != null && user.UserName != User.AdminUserName && user.UserName != User.SystemUserName)
        {
            CheckErrors(await _userManager.SetRolesAsync(user, input.RoleNames));
        }
        if (input.PermissionNames != null && userName != User.AdminUserName && userName != User.SystemUserName)
        {
            var grantedPermissions = PermissionManager.GetAllPermissions().Where(p => input.PermissionNames.Contains(p.Name));
            await _userManager.SetGrantedPermissionsAsync(user, grantedPermissions, false);
        }
    }

    public override async Task Delete(VzEntityDto<long> input)
    {
        CheckDeletePermission();
        var user = await _userManager.GetUserByIdAsync(input.Id);
        await _userManager.DeleteAsync(user);
    }

    #endregion Curd

    #region Password

    [AuditLog("更改密码")]
    public async Task<bool> ChangePassword(ChangePasswordDto input)
    {
        if (_abpSession.UserId == null)
        {
            throw new UserFriendlyException("请登录后再尝试修改密码。");
        }
        await _userManager.InitializeOptionsAsync(AbpSession.TenantId);

        var user = await _userManager.FindByIdAsync(AbpSession.GetUserId().ToString());
        if (user == null)
        {
            throw new Exception("没有当前用户！");
        }

        if (await _userManager.CheckPasswordAsync(user, input.CurrentPassword))
        {
            CheckErrors(await _userManager.ChangePasswordAsync(user, input.NewPassword));
        }
        else
        {
            CheckErrors(IdentityResult.Failed(new IdentityError
            {
                Description = "密码错误。"
            }));
        }

        return true;
    }

    [AuditLog("重置密码")]
    public async Task<bool> ResetPassword(ResetPasswordDto input)
    {
        if (_abpSession.UserId == null)
        {
            throw new UserFriendlyException("请登录后再尝试重置密码。");
        }
        CheckPermission(ResetPasswordPermissionName);
        var currentUser = await _userManager.GetUserByIdAsync(_abpSession.GetUserId());
        var loginAsync = await _logInManager.LoginAsync(currentUser.UserName, input.AdminPassword, shouldLockout: false);
        if (loginAsync.Result != VzLoginResultType.Success)
        {
            throw new UserFriendlyException("密码不正确，请再试一次！");
        }

        if (currentUser.IsDeleted || !currentUser.IsActive)
        {
            return false;
        }

        var roles = await _userManager.GetRolesAsync(currentUser);
        if (!roles.Contains(VzStaticRoleNames.Tenants.Admin))
        {
            throw new UserFriendlyException("只有管理员可以重置密码。");
        }

        var user = await _userManager.GetUserByIdAsync(input.UserId);
        if (user != null)
        {
            user.Password = _passwordHasher.HashPassword(user, input.NewPassword);
            await CurrentUnitOfWork.SaveChangesAsync();
        }

        return true;
    }

    #endregion Password

    #region Permission

    /// <summary>
    /// 用户权限
    /// </summary>
    /// <param name="userId"></param>
    /// <returns></returns>
    [DisableAuditing]
    public async Task<PermissionDto> GetPermissions(long userId)
    {
        var allPermissions = PermissionManager.GetAllPermissions();
        List<Permission> currentPerms = new List<Permission>();
        if (AbpSession.GetUserName() == User.AdminUserName || AbpSession.GetUserName() == User.SystemUserName)
        {
            currentPerms.AddRange(allPermissions);
        }
        else
        {
            foreach (var perm in allPermissions)
            {
                if (await PermissionChecker.IsGrantedAsync(perm.Name))
                    currentPerms.Add(perm);
            }
        }

        var rootFunc = await CacheManager.GetCache<string, SysFunction>(VzConsts.CacheFunction)
            .GetAsync(VzConsts.FunRootName, () => _funRepository.FirstOrDefaultAsync(a => a.Name == VzConsts.FunRootName));
        var dto = new PermissionDto();
        if (rootFunc != null)
        {
            dto.Name = rootFunc.Name;
            dto.IsAuth = await _userManager.IsGrantedAsync(userId, rootFunc.PermissionName);
            dto.DisplayName = rootFunc.DisplayName;
            dto.Sort = rootFunc.Sort;
            dto.Icon = rootFunc.Icon;
            dto.IsOpen = rootFunc.Depth < 2;
            dto.Children = await GetPermissionTree(rootFunc.PermissionName, currentPerms, userId);
        }
        return dto;
    }

    /// <summary>
    /// 获取用户权限树
    /// </summary>
    /// <param name="parentName"></param>
    /// <param name="permissions"></param>
    /// <param name="userId"></param>
    /// <returns></returns>
    private async Task<List<PermissionDto>> GetPermissionTree(string parentName, List<Permission> permissions, long userId)
    {
        var parentPerms = permissions.Where(a => a.Parent?.Name == parentName).ToList();
        var list = new List<PermissionDto>();
        if (parentPerms.Any())
        {
            foreach (var permission in parentPerms)
            {
                var fun = await CacheManager.GetCache<string, SysFunction>(VzConsts.CacheFunction)
                    .GetAsync(permission.Name, () => _funRepository.FirstOrDefaultAsync(a => a.PermissionName == permission.Name));
                var model = new PermissionDto
                {
                    Name = permission.Name,
                    IsAuth = await _userManager.IsGrantedAsync(userId, permission.Name),
                    DisplayName = fun.DisplayName,
                    Sort = fun.Sort,
                    Icon = fun.Icon,
                    IsOpen = fun.Depth < 2,
                    Children = await GetPermissionTree(permission.Name, permissions, userId)
                };
                list.Add(model);
            }
        }
        return list.OrderBy(a => a.Sort).ToList();
    }

    #endregion Permission

    [AuditLog("激活用户")]
    public async Task Activate(EntityDto<long> user)
    {
        CheckPermission(ActivatePermissionName);
        await Repository.UpdateAsync(user.Id, (entity) => Task.FromResult(entity.IsActive = true));
    }

    [AuditLog("锁定用户")]
    public async Task DeActivate(EntityDto<long> user)
    {
        CheckPermission(DeActivatePermissionName);
        await Repository.UpdateAsync(user.Id, (entity) => Task.FromResult(entity.IsActive = false));
    }

    [DisableAuditing]
    public async Task<ListResultDto<RoleDto>> GetRoles(long userId)
    {
        //var roles = await _roleRepository.GetAllListAsync();
        //return new ListResultDto<RoleDto>(ObjectMapper.Map<List<RoleDto>>(roles));
        var userName = AbpSession.GetUserName();
        var userType = AbpSession.GetUserType();
        var accountType = AbpSession.GetAccountType();
        var roles = await _roleRepository.GetAllListAsync(a =>
            (userName == User.AdminUserName || a.UserType > userType) &&
            (a.AccountType == accountType || accountType == VzDefinition.AccountType.System) && !a.IsDefault);
        var userRoles = await GetUserRoles(userId);
        var list = new List<RoleDto>();
        foreach (var role in roles)
        {
            list.Add(new RoleDto(role, userRoles.Contains(role.Name)));
        }
        return new ListResultDto<RoleDto>(list);
    }

    [DisableAuditing]
    public async Task<string[]> GetUserRoles(long userId)
    {
        var roleList = await _userManager.GetRolesAsync(new User() { Id = userId });
        string[] roles = roleList.ToArray();
        return roles;
    }

    public async Task ChangeLanguage(ChangeUserLanguageDto input)
    {
        await SettingManager.ChangeSettingForUserAsync(
            AbpSession.ToUserIdentifier(),
            LocalizationSettingNames.DefaultLanguage,
            input.LanguageName
        );
    }

    /// <summary>
    /// 解锁
    /// </summary>
    /// <param name="input"></param>
    /// <returns></returns>
    [AuditLog("解除登录锁定")]
    public async Task ResetLock(VzEntityDto<long> input)
    {
        CheckPermission(ResetLockPermissionName);
        var user = await _userManager.GetUserByIdAsync(input.Id);
        if (user == null)
        {
            CheckErrors(NotExistMessage);
            return;
        }
        if (user.UserType <= AbpSession.GetUserType() && AbpSession.GetUserName() != User.AdminUserName && AbpSession.GetUserName() != User.SystemUserName)
        {
            ThrowError("NoPermissionUpdateUser");
        }
        user.Unlock();
        await UnitOfWorkManager.Current.SaveChangesAsync();
    }

    protected override User MapToEntity(CreateUserDto createInput)
    {
        var user = ObjectMapper.Map<User>(createInput);
        user.SetNormalizedNames();
        return user;
    }

    protected override void MapToEntity(UpdateUserDto input, User user)
    {
        ObjectMapper.Map(input, user);
        user.SetNormalizedNames();
    }

    //protected override UserDto MapToEntityDto(User user)
    //{
    //    var roleIds = user.Roles.Select(x => x.RoleId).ToArray();

    //    var roles = _roleManager.Roles.Where(r => roleIds.Contains(r.Id)).Select(r => r.NormalizedName);

    //    var userDto = base.MapToEntityDto(user);
    //    userDto.RoleNames = roles.ToArray();

    //    return userDto;
    //}
}