using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using System.Web.Mvc; using Abp.Application.Services.Dto; using Abp.Auditing; using Abp.Authorization; using Abp.Domain.Repositories; using Abp.MultiTenancy; using Abp.Runtime.Caching; using WeApp.Authorization; using WeApp.Authorization.Roles; using WeApp.Authorization.Users; using WeApp.BaseInfo; using WeApp.BaseSystem.Roles.Dto; using WeApp.BaseSystem.Users.Dto; using WeApp.Configuration; using IwbZero.AppServiceBase; using IwbZero.Auditing; using IwbZero.Authorization.Base.Users; namespace WeApp.BaseSystem.Roles { [AbpAuthorize(PermissionNames.PagesSystemMgRoleMg), AuditLog("系统角色", "角色")] public class RolesAppService : IwbAsyncCrudAppService, IRolesAppService { private RoleManager RoleManager { get; } private IRepository UserRepository { get; } private IRepository UserRoleRepository { get; } private IRepository FunRepository { get; } public RolesAppService( IRepository repository, RoleManager roleManager, UserManager userManager, IRepository userRepository, IRepository userRoleRepository, ICacheManager cacheManager, IRepository funRepository) : base(repository) { RoleManager = roleManager; UserManager = userManager; UserRepository = userRepository; UserRoleRepository = userRoleRepository; FunRepository = funRepository; CacheManager = cacheManager; } [DisableAuditing] public async Task> GetRoleTypeSelect() { var sList = new List(); var list = await StatesManager.GetStateListAsync("SysRole", "RoleType"); foreach (var l in list) { if (int.TryParse(l.CodeValue, out var roleType)) { if (roleType <= AbpSession.UserType && AbpSession?.UserName.ToLower() != "admin") { continue; } sList.Add(new SelectListItem { Text = l.DisplayValue, Value = l.CodeValue }); } } return sList; } #region CURD [DisableAuditing] public async Task GetRoleByIdAsync(int roleId) { var role = await RoleManager.GetRoleByIdAsync(roleId); return MapToEntityDto(role); } [DisableAuditing] [AbpAuthorize(PermissionNames.PagesSystemMgRoleMgQuery)] public override async Task> GetAll(IwbPagedRequestDto input) { var query = CreateFilteredQuery(input); if (AbpSession.UserName != UserBase.AdminUserName && !(IwbConsts.MultiTenancyEnabled && AbpSession.MultiTenancySide.HasFlag(MultiTenancySides.Host))) query = query.Where(a => a.Name != UserBase.AdminUserName && (a.RoleType > AbpSession.UserType) && (AbpSession.AccountType == AccountTypeDefinition.System || a.AccountType == AbpSession.AccountType)); var totalCount = await AsyncQueryableExecuter.CountAsync(query); query = ApplySorting(query, input); query = ApplyPaging(query, input); var entities = await AsyncQueryableExecuter.ToListAsync(query); return new PagedResultDto(totalCount, entities.Select(MapToEntityDto).ToList()); } [AbpAuthorize(PermissionNames.PagesSystemMgRoleMgCreate)] public override async Task Create(RoleCreateDto input) { if (input.RoleType <= AbpSession.UserType && AbpSession.UserName != UserBase.AdminUserName && AbpSession.UserName != UserBase.SystemUserName) { ThrowError(IwbLanguageMessage.NoPermissionUpdateRoleType); } var role = ObjectMapper.Map(input); role.SetNormalizedName(); CheckErrors(await RoleManager.CreateAsync(role)); await CurrentUnitOfWork.SaveChangesAsync(); } [AbpAuthorize(PermissionNames.PagesSystemMgRoleMgUpdate)] public override async Task Update(RoleUpdateDto input) { if (input.RoleType <= AbpSession.UserType && AbpSession.UserName != UserBase.AdminUserName && AbpSession.UserName != UserBase.SystemUserName) { ThrowError(IwbLanguageMessage.NoPermissionUpdateRoleType); } var role = await RoleManager.GetRoleByIdAsync(input.Id); MapToEntity(input, role); CheckErrors(await RoleManager.UpdateAsync(role)); } [AbpAuthorize(PermissionNames.PagesSystemMgRoleMgDelete)] public override async Task Delete(EntityDto input) { var role = await RoleManager.FindByIdAsync(input.Id); if (role.IsStatic) ThrowError(IwbLanguageMessage.CanNotDeleteRole); var users = await GetUsersInRoleAsync(role.NormalizedName); foreach (var user in users) { CheckErrors(await UserManager.RemoveFromRoleAsync(user, role.NormalizedName)); } CheckErrors(await RoleManager.DeleteAsync(role)); } #endregion #region Auth [AbpAuthorize(PermissionNames.PagesSystemMgRoleMgAuth), AuditLog("角色权限配置")] public async Task Auth(AuthDto input) { var role = await RoleManager.GetRoleByIdAsync(input.Id); var grantedPermissions = new List(); if (input.PermissionNames != null && input.PermissionNames.Any()) { grantedPermissions = PermissionManager .GetAllPermissions() .Where(p => input.PermissionNames.Contains(p.Name)) .ToList(); } await RoleManager.SetGrantedPermissionsAsync(role, grantedPermissions); } ///

/// 角色权限 ///

/// /// [AbpAuthorize(PermissionNames.PagesSystemMgRoleMgAuth), DisableAuditing] public async Task GetPermissions(int roleId) { var permissions = (await GetAllPermissions()).Items; List currentPerms = new List(); if (AbpSession.UserName == UserBase.AdminUserName) { currentPerms.AddRange(permissions); } else { foreach (var perm in permissions) { if (await PermissionChecker.IsGrantedAsync(perm.Name)) currentPerms.Add(perm); } } var permission = permissions.FirstOrDefault(a => a.Name == PermissionNames.Pages); var model = new PermissionAuthDto(); if (permission != null) { var fun = await CacheManager.GetCache(IwbCacheNames.FunctionCache) .GetAsync(permission.Name, () => FunRepository.FirstOrDefaultAsync(a => a.PermissionName == permission.Name)); model.Name = permission.Name; model.IsAuth = await RoleManager.IsGrantedAsync(roleId, permission.Name); model.PermDisplayName = fun.FunctionName; model.Sort = fun.Sort; model.Icon = fun.Icon; model.IsOpen = fun.Depth < 2; model.Children = await GetPermissionTree(permission.Name, currentPerms, roleId); } return model; } ///

/// 获取角色权限树 ///

/// /// /// /// private async Task> GetPermissionTree(string parentName, List permissions, int userId) { var parentPerms = permissions.Where(a => a.Parent?.Name == parentName).OrderBy(a => a.Sort).ToList(); var list = new List(); if (parentPerms.Any()) { foreach (var p in parentPerms) { var fun = await CacheManager.GetCache(IwbCacheNames.FunctionCache) .GetAsync(p.Name, () => FunRepository.FirstOrDefaultAsync(a => a.PermissionName == p.Name)); var model = new PermissionAuthDto { Name = p.Name, IsAuth = await RoleManager.IsGrantedAsync(userId, p.Name), PermDisplayName = fun.FunctionName, Sort = fun.Sort, Icon = fun.Icon, IsOpen = fun.Depth < 2, Children = await GetPermissionTree(p.Name, permissions, userId) }; list.Add(model); } } return list; } [DisableAuditing] private Task> GetAllPermissions() { var permissions = PermissionManager.GetAllPermissions(); return Task.FromResult(new ListResultDto( ObjectMapper.Map>(permissions) )); } #endregion public Task> GetUsersInRoleAsync(string roleName) { var users = (from user in UserRepository.GetAll() join userRole in UserRoleRepository.GetAll() on user.Id equals userRole.UserId join role in Repository.GetAll() on userRole.RoleId equals role.Id where role.Name == roleName select user.Id).Distinct().ToList(); return Task.FromResult(users); } protected override IQueryable ApplySorting(IQueryable query, IwbPagedRequestDto input) { return query.OrderBy(r => r.DisplayName); } } }