feat(docs): 添加权限管理模块文档

1 year ago · 13ee01b0b6
8 changed files with 626 additions and 0 deletions
--- a/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application.Contracts/README.EN.md
+++ b/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application.Contracts/README.EN.md
@ -0,0 +1,64 @@
+# LINGYUN.Abp.PermissionManagement.Application.Contracts
+
+Permission management application service contract module, defining interfaces and DTOs for permission management.
+
+## Features
+
+* Permission Group Definition Interfaces
+  * Provides CRUD operation interfaces for permission groups
+  * Supports pagination query for permission groups
+* Permission Definition Interfaces
+  * Provides CRUD operation interfaces for permissions
+  * Supports pagination query for permissions
+* Permission Definition DTOs
+  * PermissionGroupDefinitionDto - Permission group definition DTO
+  * PermissionDefinitionDto - Permission definition DTO
+  * Supports permission provider configuration (Role, User, OrganizationUnit, etc.)
+* Permission Error Codes
+  * 001100 - Permission group already exists
+  * 001010 - Static permission group is not allowed to change
+  * 001404 - Permission group not found
+  * 002100 - Permission already exists
+  * 002010 - Static permission is not allowed to change
+  * 002101 - Could not retrieve the group definition of permission
+  * 002404 - Permission not found
+
+## Module Dependencies
+
+```csharp
+[DependsOn(
+    typeof(AbpPermissionManagementApplicationContractsModule))]
+public class YouProjectModule : AbpModule
+{
+    // other
+}
+```
+
+## Permission Definition
+
+```csharp
+public class YourPermissionDefinitionProvider : PermissionDefinitionProvider
+{
+    public override void Define(IPermissionDefinitionContext context)
+    {
+        var permissionGroup = context.AddGroup(
+            "YourPermissionGroup",
+            "Your Permission Group");
+
+        var permission = permissionGroup.AddPermission(
+            "YourPermission",
+            "Your Permission",
+            MultiTenancySides.Both);
+
+        permission.AddChild(
+            "Create",
+            "Create Permission");
+    }
+}
+```
+
+## See Also
+
+* [LINGYUN.Abp.PermissionManagement.Application](../LINGYUN.Abp.PermissionManagement.Application/README.EN.md)
+* [LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits](../LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits/README.EN.md)
+* [LINGYUN.Abp.PermissionManagement.HttpApi](../LINGYUN.Abp.PermissionManagement.HttpApi/README.EN.md)
--- a/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application.Contracts/README.md
+++ b/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application.Contracts/README.md
@ -0,0 +1,64 @@
+# LINGYUN.Abp.PermissionManagement.Application.Contracts
+
+权限管理应用服务契约模块，定义了权限管理的接口和DTO。
+
+## 功能特性
+
+* 权限组定义接口
+  * 提供权限组的CRUD操作接口
+  * 支持权限组分页查询
+* 权限定义接口
+  * 提供权限的CRUD操作接口
+  * 支持权限分页查询
+* 权限定义DTO
+  * PermissionGroupDefinitionDto - 权限组定义DTO
+  * PermissionDefinitionDto - 权限定义DTO
+  * 支持权限提供者配置（Role、User、OrganizationUnit等）
+* 权限错误代码定义
+  * 001100 - 权限组已存在
+  * 001010 - 静态权限组不允许修改
+  * 001404 - 权限组不存在
+  * 002100 - 权限已存在
+  * 002010 - 静态权限不允许修改
+  * 002101 - 无法获取权限的组定义
+  * 002404 - 权限不存在
+
+## 模块引用
+
+```csharp
+[DependsOn(
+    typeof(AbpPermissionManagementApplicationContractsModule))]
+public class YouProjectModule : AbpModule
+{
+    // other
+}
+```
+
+## 权限定义
+
+```csharp
+public class YourPermissionDefinitionProvider : PermissionDefinitionProvider
+{
+    public override void Define(IPermissionDefinitionContext context)
+    {
+        var permissionGroup = context.AddGroup(
+            "YourPermissionGroup",
+            "Your Permission Group");
+
+        var permission = permissionGroup.AddPermission(
+            "YourPermission",
+            "Your Permission",
+            MultiTenancySides.Both);
+
+        permission.AddChild(
+            "Create",
+            "Create Permission");
+    }
+}
+```
+
+## 另请参阅
+
+* [LINGYUN.Abp.PermissionManagement.Application](../LINGYUN.Abp.PermissionManagement.Application/README.md)
+* [LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits](../LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits/README.md)
+* [LINGYUN.Abp.PermissionManagement.HttpApi](../LINGYUN.Abp.PermissionManagement.HttpApi/README.md)
--- a/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application/README.EN.md
+++ b/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application/README.EN.md
@ -0,0 +1,100 @@
+# LINGYUN.Abp.PermissionManagement.Application
+
+Permission management application service module, providing application layer implementation for permission management.
+
+## Features
+
+* Permission Group Definition Management
+  * Create, update, and delete permission group definitions
+  * Support enabling/disabling permission groups
+  * Support static/dynamic configuration of permission groups
+* Permission Definition Management
+  * Create, update, and delete permission definitions
+  * Support enabling/disabling permissions
+  * Support static/dynamic configuration of permissions
+  * Support parent-child hierarchy relationships for permissions
+* Multi-tenancy Support
+  * Support both Host and Tenant multi-tenancy modes
+  * Support multi-tenancy side configuration for permissions
+
+## Module Dependencies
+
+```csharp
+[DependsOn(
+    typeof(AbpPermissionManagementApplicationContractsModule),
+    typeof(VoloAbpPermissionManagementApplicationModule))]
+public class YouProjectModule : AbpModule
+{
+    // other
+}
+```
+
+## Basic Usage
+
+1. Permission Group Definition Management
+```csharp
+public class YourService
+{
+    private readonly IPermissionGroupDefinitionAppService _groupDefinitionAppService;
+
+    public YourService(IPermissionGroupDefinitionAppService groupDefinitionAppService)
+    {
+        _groupDefinitionAppService = groupDefinitionAppService;
+    }
+
+    public async Task ManageGroupDefinitionAsync()
+    {
+        // Create permission group
+        await _groupDefinitionAppService.CreateAsync(new PermissionGroupDefinitionCreateDto
+        {
+            Name = "MyPermissionGroup",
+            DisplayName = "My Permission Group"
+        });
+
+        // Update permission group
+        await _groupDefinitionAppService.UpdateAsync("MyPermissionGroup", 
+            new PermissionGroupDefinitionUpdateDto
+            {
+                DisplayName = "Updated Permission Group"
+            });
+    }
+}
+```
+
+2. Permission Definition Management
+```csharp
+public class YourService
+{
+    private readonly IPermissionDefinitionAppService _permissionDefinitionAppService;
+
+    public YourService(IPermissionDefinitionAppService permissionDefinitionAppService)
+    {
+        _permissionDefinitionAppService = permissionDefinitionAppService;
+    }
+
+    public async Task ManagePermissionDefinitionAsync()
+    {
+        // Create permission
+        await _permissionDefinitionAppService.CreateAsync(new PermissionDefinitionCreateDto
+        {
+            GroupName = "MyPermissionGroup",
+            Name = "MyPermission",
+            DisplayName = "My Permission",
+            Providers = new[] { "Role", "User" }
+        });
+
+        // Update permission
+        await _permissionDefinitionAppService.UpdateAsync("MyPermission",
+            new PermissionDefinitionUpdateDto
+            {
+                DisplayName = "Updated Permission"
+            });
+    }
+}
+```
+
+## See Also
+
+* [LINGYUN.Abp.PermissionManagement.Application.Contracts](../LINGYUN.Abp.PermissionManagement.Application.Contracts/README.EN.md)
+* [LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits](../LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits/README.EN.md)
+* [LINGYUN.Abp.PermissionManagement.HttpApi](../LINGYUN.Abp.PermissionManagement.HttpApi/README.EN.md)
--- a/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application/README.md
+++ b/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application/README.md
@ -0,0 +1,100 @@
+# LINGYUN.Abp.PermissionManagement.Application
+
+权限管理应用服务模块，提供权限管理的应用层实现。
+
+## 功能特性
+
+* 权限组定义管理
+  * 创建、更新、删除权限组定义
+  * 支持权限组的启用/禁用
+  * 支持权限组的静态/动态配置
+* 权限定义管理
+  * 创建、更新、删除权限定义
+  * 支持权限的启用/禁用
+  * 支持权限的静态/动态配置
+  * 支持权限的父子层级关系
+* 多租户支持
+  * 支持Host和Tenant两种多租户模式
+  * 支持权限的多租户侧配置
+
+## 模块引用
+
+```csharp
+[DependsOn(
+    typeof(AbpPermissionManagementApplicationContractsModule),
+    typeof(VoloAbpPermissionManagementApplicationModule))]
+public class YouProjectModule : AbpModule
+{
+    // other
+}
+```
+
+## 基本用法
+
+1. 权限组定义管理
+```csharp
+public class YourService
+{
+    private readonly IPermissionGroupDefinitionAppService _groupDefinitionAppService;
+
+    public YourService(IPermissionGroupDefinitionAppService groupDefinitionAppService)
+    {
+        _groupDefinitionAppService = groupDefinitionAppService;
+    }
+
+    public async Task ManageGroupDefinitionAsync()
+    {
+        // 创建权限组
+        await _groupDefinitionAppService.CreateAsync(new PermissionGroupDefinitionCreateDto
+        {
+            Name = "MyPermissionGroup",
+            DisplayName = "My Permission Group"
+        });
+
+        // 更新权限组
+        await _groupDefinitionAppService.UpdateAsync("MyPermissionGroup", 
+            new PermissionGroupDefinitionUpdateDto
+            {
+                DisplayName = "Updated Permission Group"
+            });
+    }
+}
+```
+
+2. 权限定义管理
+```csharp
+public class YourService
+{
+    private readonly IPermissionDefinitionAppService _permissionDefinitionAppService;
+
+    public YourService(IPermissionDefinitionAppService permissionDefinitionAppService)
+    {
+        _permissionDefinitionAppService = permissionDefinitionAppService;
+    }
+
+    public async Task ManagePermissionDefinitionAsync()
+    {
+        // 创建权限
+        await _permissionDefinitionAppService.CreateAsync(new PermissionDefinitionCreateDto
+        {
+            GroupName = "MyPermissionGroup",
+            Name = "MyPermission",
+            DisplayName = "My Permission",
+            Providers = new[] { "Role", "User" }
+        });
+
+        // 更新权限
+        await _permissionDefinitionAppService.UpdateAsync("MyPermission",
+            new PermissionDefinitionUpdateDto
+            {
+                DisplayName = "Updated Permission"
+            });
+    }
+}
+```
+
+## 另请参阅
+
+* [LINGYUN.Abp.PermissionManagement.Application.Contracts](../LINGYUN.Abp.PermissionManagement.Application.Contracts/README.md)
+* [LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits](../LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits/README.md)
+* [LINGYUN.Abp.PermissionManagement.HttpApi](../LINGYUN.Abp.PermissionManagement.HttpApi/README.md)
--- a/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits/README.EN.md
+++ b/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits/README.EN.md
@ -0,0 +1,62 @@
+# LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits
+
+Organization unit permission management domain module, providing permission management functionality based on organization units.
+
+## Features
+
+* Organization Unit Permission Management
+  * Support assigning permissions to organization units
+  * Support organization unit permission inheritance
+* Permission Provider
+  * Implement OrganizationUnit permission provider
+  * Support role organization unit permission check
+  * Support user organization unit permission check
+* Automatic Permission Cleanup
+  * Automatically clean up related permissions when organization unit is deleted
+
+## Module Dependencies
+
+```csharp
+[DependsOn(
+    typeof(AbpPermissionManagementDomainOrganizationUnitsModule))]
+public class YouProjectModule : AbpModule
+{
+    // other
+}
+```
+
+## Basic Usage
+
+1. Organization Unit Permission Management
+```csharp
+public class YourService
+{
+    private readonly IPermissionManager _permissionManager;
+
+    public YourService(IPermissionManager permissionManager)
+    {
+        _permissionManager = permissionManager;
+    }
+
+    public async Task ManageOrganizationUnitPermissionAsync(string organizationUnitCode)
+    {
+        // Set organization unit permission
+        await _permissionManager.SetAsync(
+            "MyPermission",
+            OrganizationUnitPermissionValueProvider.ProviderName,
+            organizationUnitCode);
+
+        // Check organization unit permission
+        var result = await _permissionManager.GetAsync(
+            "MyPermission",
+            OrganizationUnitPermissionValueProvider.ProviderName,
+            organizationUnitCode);
+    }
+}
+```
+
+## See Also
+
+* [LINGYUN.Abp.PermissionManagement.Application](../LINGYUN.Abp.PermissionManagement.Application/README.EN.md)
+* [LINGYUN.Abp.PermissionManagement.Application.Contracts](../LINGYUN.Abp.PermissionManagement.Application.Contracts/README.EN.md)
+* [LINGYUN.Abp.PermissionManagement.HttpApi](../LINGYUN.Abp.PermissionManagement.HttpApi/README.EN.md)
--- a/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits/README.md
+++ b/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits/README.md
@ -0,0 +1,62 @@
+# LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits
+
+组织单元权限管理领域模块，提供基于组织单元的权限管理功能。
+
+## 功能特性
+
+* 组织单元权限管理
+  * 支持为组织单元分配权限
+  * 支持组织单元权限的继承
+* 权限提供者
+  * 实现OrganizationUnit权限提供者
+  * 支持角色组织单元权限检查
+  * 支持用户组织单元权限检查
+* 自动权限清理
+  * 组织单元删除时自动清理相关权限
+
+## 模块引用
+
+```csharp
+[DependsOn(
+    typeof(AbpPermissionManagementDomainOrganizationUnitsModule))]
+public class YouProjectModule : AbpModule
+{
+    // other
+}
+```
+
+## 基本用法
+
+1. 组织单元权限管理
+```csharp
+public class YourService
+{
+    private readonly IPermissionManager _permissionManager;
+
+    public YourService(IPermissionManager permissionManager)
+    {
+        _permissionManager = permissionManager;
+    }
+
+    public async Task ManageOrganizationUnitPermissionAsync(string organizationUnitCode)
+    {
+        // 设置组织单元权限
+        await _permissionManager.SetAsync(
+            "MyPermission",
+            OrganizationUnitPermissionValueProvider.ProviderName,
+            organizationUnitCode);
+
+        // 检查组织单元权限
+        var result = await _permissionManager.GetAsync(
+            "MyPermission",
+            OrganizationUnitPermissionValueProvider.ProviderName,
+            organizationUnitCode);
+    }
+}
+```
+
+## 另请参阅
+
+* [LINGYUN.Abp.PermissionManagement.Application](../LINGYUN.Abp.PermissionManagement.Application/README.md)
+* [LINGYUN.Abp.PermissionManagement.Application.Contracts](../LINGYUN.Abp.PermissionManagement.Application.Contracts/README.md)
+* [LINGYUN.Abp.PermissionManagement.HttpApi](../LINGYUN.Abp.PermissionManagement.HttpApi/README.md)
--- a/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.HttpApi/README.EN.md
+++ b/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.HttpApi/README.EN.md
@ -0,0 +1,87 @@
+# LINGYUN.Abp.PermissionManagement.HttpApi
+
+Permission management HTTP API module, providing RESTful API interfaces for permission management.
+
+## Features
+
+* Permission Group Definition API
+  * Provides CRUD operation interfaces for permission groups
+  * Supports pagination query for permission groups
+* Permission Definition API
+  * Provides CRUD operation interfaces for permissions
+  * Supports pagination query for permissions
+* Unified API Base Classes
+  * PermissionManagementControllerBase - Permission management controller base class
+  * Standardized API response format
+
+## Module Dependencies
+
+```csharp
+[DependsOn(
+    typeof(AbpPermissionManagementApplicationContractsModule),
+    typeof(AbpPermissionManagementHttpApiModule))]
+public class YouProjectModule : AbpModule
+{
+    // other
+}
+```
+
+## API Endpoints
+
+1. Permission Group Definition
+```
+GET    /api/permission-management/groups
+POST   /api/permission-management/groups
+PUT    /api/permission-management/groups/{name}
+DELETE /api/permission-management/groups/{name}
+```
+
+2. Permission Definition
+```
+GET    /api/permission-management/permissions
+POST   /api/permission-management/permissions
+PUT    /api/permission-management/permissions/{name}
+DELETE /api/permission-management/permissions/{name}
+```
+
+## Basic Usage
+
+1. Permission Group Definition Management
+```http
+### Create permission group
+POST /api/permission-management/groups
+{
+    "name": "MyPermissionGroup",
+    "displayName": "My Permission Group"
+}
+
+### Update permission group
+PUT /api/permission-management/groups/MyPermissionGroup
+{
+    "displayName": "Updated Permission Group"
+}
+```
+
+2. Permission Definition Management
+```http
+### Create permission
+POST /api/permission-management/permissions
+{
+    "groupName": "MyPermissionGroup",
+    "name": "MyPermission",
+    "displayName": "My Permission",
+    "providers": ["Role", "User"]
+}
+
+### Update permission
+PUT /api/permission-management/permissions/MyPermission
+{
+    "displayName": "Updated Permission"
+}
+```
+
+## See Also
+
+* [LINGYUN.Abp.PermissionManagement.Application](../LINGYUN.Abp.PermissionManagement.Application/README.EN.md)
+* [LINGYUN.Abp.PermissionManagement.Application.Contracts](../LINGYUN.Abp.PermissionManagement.Application.Contracts/README.EN.md)
+* [LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits](../LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits/README.EN.md)
--- a/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.HttpApi/README.md
+++ b/aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.HttpApi/README.md
@ -0,0 +1,87 @@
+# LINGYUN.Abp.PermissionManagement.HttpApi
+
+权限管理HTTP API模块，提供权限管理的RESTful API接口。
+
+## 功能特性
+
+* 权限组定义API
+  * 提供权限组的CRUD操作接口
+  * 支持权限组分页查询
+* 权限定义API
+  * 提供权限的CRUD操作接口
+  * 支持权限分页查询
+* 统一的API基类
+  * PermissionManagementControllerBase - 权限管理控制器基类
+  * 标准化的API响应格式
+
+## 模块引用
+
+```csharp
+[DependsOn(
+    typeof(AbpPermissionManagementApplicationContractsModule),
+    typeof(AbpPermissionManagementHttpApiModule))]
+public class YouProjectModule : AbpModule
+{
+    // other
+}
+```
+
+## API接口
+
+1. 权限组定义
+```
+GET    /api/permission-management/groups
+POST   /api/permission-management/groups
+PUT    /api/permission-management/groups/{name}
+DELETE /api/permission-management/groups/{name}
+```
+
+2. 权限定义
+```
+GET    /api/permission-management/permissions
+POST   /api/permission-management/permissions
+PUT    /api/permission-management/permissions/{name}
+DELETE /api/permission-management/permissions/{name}
+```
+
+## 基本用法
+
+1. 权限组定义管理
+```http
+### 创建权限组
+POST /api/permission-management/groups
+{
+    "name": "MyPermissionGroup",
+    "displayName": "My Permission Group"
+}
+
+### 更新权限组
+PUT /api/permission-management/groups/MyPermissionGroup
+{
+    "displayName": "Updated Permission Group"
+}
+```
+
+2. 权限定义管理
+```http
+### 创建权限
+POST /api/permission-management/permissions
+{
+    "groupName": "MyPermissionGroup",
+    "name": "MyPermission",
+    "displayName": "My Permission",
+    "providers": ["Role", "User"]
+}
+
+### 更新权限
+PUT /api/permission-management/permissions/MyPermission
+{
+    "displayName": "Updated Permission"
+}
+```
+
+## 另请参阅
+
+* [LINGYUN.Abp.PermissionManagement.Application](../LINGYUN.Abp.PermissionManagement.Application/README.md)
+* [LINGYUN.Abp.PermissionManagement.Application.Contracts](../LINGYUN.Abp.PermissionManagement.Application.Contracts/README.md)
+* [LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits](../LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits/README.md)