diff --git a/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application.Contracts/Users/Dtos/PageIdentityUserOutput.cs b/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application.Contracts/Users/Dtos/PageIdentityUserOutput.cs
new file mode 100644
index 00000000..36ae4d64
--- /dev/null
+++ b/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application.Contracts/Users/Dtos/PageIdentityUserOutput.cs
@@ -0,0 +1,11 @@
+using Volo.Abp.Identity;
+
+namespace Lion.AbpPro.BasicManagement.Users.Dtos;
+
+public class PageIdentityUserOutput : IdentityUserDto
+{
+ ///
+ /// 是否开启双因素验证码
+ ///
+ public bool TwoFactorEnabled { get; set; }
+}
\ No newline at end of file
diff --git a/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application.Contracts/Users/IUserAppService.cs b/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application.Contracts/Users/IUserAppService.cs
index 3954d7a2..7cc48f0f 100644
--- a/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application.Contracts/Users/IUserAppService.cs
+++ b/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application.Contracts/Users/IUserAppService.cs
@@ -10,7 +10,7 @@ namespace Lion.AbpPro.BasicManagement.Users
///
/// 分页查询用户
///
- Task> ListAsync(PagingUserListInput input);
+ Task> ListAsync(PagingUserListInput input);
///
/// 分页查询用户
diff --git a/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/ApplicationConfigurations/AbpProApplicationConfigurationAppService.cs b/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/ApplicationConfigurations/AbpProApplicationConfigurationAppService.cs
index dee3f48b..8f3345dd 100644
--- a/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/ApplicationConfigurations/AbpProApplicationConfigurationAppService.cs
+++ b/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/ApplicationConfigurations/AbpProApplicationConfigurationAppService.cs
@@ -191,40 +191,60 @@ public class AbpProApplicationConfigurationAppService : ApplicationService, IAbp
/// 比如设置了角色有权限AbpIdentity.Roles.Update,但是没有AbpIdentity.Roles权限,那么这个时候AbpIdentity.Roles应该是false
private List GetPolicy(string policy, MultiplePermissionGrantResult permissions)
{
+ // AbpIdentity.Roles.Create
+ // AbpIdentity 按照.分割,第一级是分组,剩下的才是权限
var result = new List();
var split = policy.Split('.', StringSplitOptions.RemoveEmptyEntries);
if (split.Length <= 0) return result;
- var currentPolicy = string.Empty;
- for (int i = 0; i < split.Length - 1; i++)
+ // 1. 获取当前policy组名
+ var groupName = split.First();
+
+ // 这个情况是菜单权限
+ if (split.Length == 2)
{
- if (i == 0)
- {
- currentPolicy += split[i];
- }
- else
+ var currentPolicyValue = permissions.Result.FirstOrDefault(e => e.Key == policy);
+
+ if (currentPolicyValue.Value != PermissionGrantResult.Granted) return result;
{
- currentPolicy += "." + split[i];
+ result.Add(groupName);
}
}
-
- if (!currentPolicy.IsNullOrWhiteSpace())
+ else
{
- var currentPolicyValue = permissions.Result.FirstOrDefault(e => e.Key == currentPolicy);
- if (currentPolicyValue.Value == PermissionGrantResult.Granted)
+ var currentPolicy = string.Empty;
+ for (int i = 0; i < split.Length - 1; i++)
{
- result.Add(currentPolicy);
- // 获取上级code
- var parent = currentPolicy.Split('.', StringSplitOptions.RemoveEmptyEntries);
- if (parent.Length > 1)
+ if (i == 0)
+ {
+ currentPolicy += split[i];
+ }
+ else
{
- result.Add(parent[0]);
+ currentPolicy += "." + split[i];
}
}
- result.AddRange(GetPolicy(currentPolicy, permissions));
+ if (!currentPolicy.IsNullOrWhiteSpace())
+ {
+ var currentPolicyValue = permissions.Result.FirstOrDefault(e => e.Key == currentPolicy);
+ if (currentPolicyValue.Value == PermissionGrantResult.Granted)
+ {
+ result.Add(currentPolicy);
+ // 获取上级code
+ var parent = currentPolicy.Split('.', StringSplitOptions.RemoveEmptyEntries);
+ if (parent.Length > 1)
+ {
+ result.Add(parent.First());
+
+ }
+ }
+
+ result.AddRange(GetPolicy(currentPolicy, permissions));
+ }
}
+
- return result;
+ return result.Distinct().ToList();
}
diff --git a/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/BasicManagementApplicationAutoMapperProfile.cs b/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/BasicManagementApplicationAutoMapperProfile.cs
index 7a50105b..5b920d6b 100644
--- a/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/BasicManagementApplicationAutoMapperProfile.cs
+++ b/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/BasicManagementApplicationAutoMapperProfile.cs
@@ -36,5 +36,6 @@ public class BasicManagementApplicationAutoMapperProfile : Profile
CreateMap();
CreateMap();
CreateMap();
+ CreateMap();
}
}
\ No newline at end of file
diff --git a/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/Users/UserAppService.cs b/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/Users/UserAppService.cs
index a40daa93..f79c7de4 100644
--- a/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/Users/UserAppService.cs
+++ b/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/Users/UserAppService.cs
@@ -10,7 +10,7 @@ using IdentityRole = Volo.Abp.Identity.IdentityRole;
namespace Lion.AbpPro.BasicManagement.Users
{
- [Authorize(IdentityPermissions.Users.Default)]
+ [Authorize]
public class UserAppService : BasicManagementAppService, IUserAppService
{
private readonly IIdentityUserAppService _identityUserAppService;
@@ -36,7 +36,8 @@ namespace Lion.AbpPro.BasicManagement.Users
///
/// 分页查询用户
///
- public virtual async Task> ListAsync(PagingUserListInput input)
+ [Authorize(IdentityPermissions.Users.Default)]
+ public virtual async Task> ListAsync(PagingUserListInput input)
{
var request = new GetIdentityUsersInput
{
@@ -50,8 +51,8 @@ namespace Lion.AbpPro.BasicManagement.Users
var source = await _identityUserRepository
.GetListAsync(request.Sorting, request.MaxResultCount, request.SkipCount, request.Filter);
- return new PagedResultDto(count,
- base.ObjectMapper.Map, List>(source));
+ return new PagedResultDto(count,
+ base.ObjectMapper.Map, List>(source));
}
public async Task> ListAllAsync(PagingUserListInput input)
diff --git a/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.HttpApi/Systems/UserController.cs b/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.HttpApi/Systems/UserController.cs
index e52c98a2..d444711b 100644
--- a/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.HttpApi/Systems/UserController.cs
+++ b/aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.HttpApi/Systems/UserController.cs
@@ -15,7 +15,7 @@ namespace Lion.AbpPro.BasicManagement.Systems
[HttpPost("page")]
[SwaggerOperation(summary: "分页获取用户信息", Tags = new[] { "Users" })]
- public Task> ListAsync(PagingUserListInput input)
+ public Task> ListAsync(PagingUserListInput input)
{
return _userAppService.ListAsync(input);
}
diff --git a/aspnet-core/modules/BasicManagement/test/Lion.AbpPro.BasicManagement.Application.Tests/Permission_Tests.cs b/aspnet-core/modules/BasicManagement/test/Lion.AbpPro.BasicManagement.Application.Tests/Permission_Tests.cs
new file mode 100644
index 00000000..6334d16d
--- /dev/null
+++ b/aspnet-core/modules/BasicManagement/test/Lion.AbpPro.BasicManagement.Application.Tests/Permission_Tests.cs
@@ -0,0 +1,118 @@
+using Shouldly;
+using Volo.Abp.Authorization.Permissions;
+using Xunit;
+
+namespace Lion.AbpPro.BasicManagement;
+
+public class Permission_Tests:BasicManagementApplicationTestBase
+{
+
+ [Fact]
+ public void GetPolicySingleTest()
+ {
+ var grant = new MultiplePermissionGrantResult();
+
+ grant.Result.Add("AbpIdentity.AuditLog", PermissionGrantResult.Granted);
+ var result= GetPolicy("AbpIdentity.AuditLog", grant);
+ result.FirstOrDefault(e=>e=="AbpIdentity").ShouldBe("AbpIdentity");
+ }
+
+
+ [Fact]
+ public void GetPolicyTest()
+ {
+ var grant = new MultiplePermissionGrantResult();
+ grant.Result.Add("AbpIdentity.Roles", PermissionGrantResult.Granted);
+ grant.Result.Add("AbpIdentity.Roles.Create", PermissionGrantResult.Granted);
+ grant.Result.Add("AbpIdentity.Roles.Update", PermissionGrantResult.Undefined);
+
+ grant.Result.Add("AbpIdentity.Users", PermissionGrantResult.Undefined);
+ grant.Result.Add("AbpIdentity.Users.Create", PermissionGrantResult.Granted);
+ grant.Result.Add("AbpIdentity.Users.Update", PermissionGrantResult.Granted);
+
+
+ grant.Result.Add("AbpCode.CodeManagement.Project", PermissionGrantResult.Granted);
+ grant.Result.Add("AbpCode.CodeManagement.Project.Create", PermissionGrantResult.Undefined);
+ var result1= GetPolicy("AbpIdentity.Roles.Update", grant);
+
+ result1.FirstOrDefault(e=>e=="AbpIdentity").ShouldBe("AbpIdentity");
+ result1.FirstOrDefault(e=>e=="AbpIdentity.Roles").ShouldBe("AbpIdentity.Roles");
+ result1.FirstOrDefault(e=>e=="AbpIdentity.Roles.Update").ShouldBe(null);
+
+ var result2= GetPolicy("AbpIdentity.Users.Update", grant);
+ result2.FirstOrDefault(e=>e=="AbpIdentity").ShouldBe(null);
+ result2.FirstOrDefault(e=>e=="AbpIdentity.Users").ShouldBe(null);
+
+ var result3= GetPolicy("AbpCode.CodeManagement.Project", grant);
+ result3.FirstOrDefault(e=>e=="AbpCode.CodeManagement").ShouldBe(null);
+ result3.FirstOrDefault(e=>e=="AbpCode.CodeManagement.Project").ShouldBe(null);
+ }
+
+
+ ///
+ /// 获取权限
+ ///
+ /// 比如设置了角色有权限AbpIdentity.Roles.Update,但是没有AbpIdentity.Roles权限,那么这个时候AbpIdentity.Roles应该是false
+ private List GetPolicy(string policy, MultiplePermissionGrantResult permissions)
+ {
+ // AbpIdentity.Roles.Create
+ // AbpIdentity 按照.分割,第一级是分组,剩下的才是权限
+ var result = new List();
+ var split = policy.Split('.', StringSplitOptions.RemoveEmptyEntries);
+ if (split.Length <= 0) return result;
+ // 1. 获取当前policy组名
+ var groupName = split.First();
+
+ //2. 判断组下面的权限是菜单权限还是按钮权限
+ // AbpIdentity.Roles 页面权限
+ // AbpIdentity.Roles.Create 按钮权限
+ // AbpIdentity.AuditLog 页面权限
+
+ // 这个情况是菜单权限
+ if (split.Length == 2)
+ {
+ var currentPolicyValue = permissions.Result.FirstOrDefault(e => e.Key == policy);
+
+ if (currentPolicyValue.Value != PermissionGrantResult.Granted) return result;
+ {
+ result.Add(groupName);
+ }
+ }
+ else
+ {
+ var currentPolicy = string.Empty;
+ for (int i = 0; i < split.Length - 1; i++)
+ {
+ if (i == 0)
+ {
+ currentPolicy += split[i];
+ }
+ else
+ {
+ currentPolicy += "." + split[i];
+ }
+ }
+
+ if (!currentPolicy.IsNullOrWhiteSpace())
+ {
+ var currentPolicyValue = permissions.Result.FirstOrDefault(e => e.Key == currentPolicy);
+ if (currentPolicyValue.Value == PermissionGrantResult.Granted)
+ {
+ result.Add(currentPolicy);
+ // 获取上级code
+ var parent = currentPolicy.Split('.', StringSplitOptions.RemoveEmptyEntries);
+ if (parent.Length > 1)
+ {
+ result.Add(parent.First());
+
+ }
+ }
+
+ result.AddRange(GetPolicy(currentPolicy, permissions));
+ }
+ }
+
+
+ return result.Distinct().ToList();
+ }
+}
\ No newline at end of file