tsai
/
abp-vnext-pro
mirror of https://github.com/WangJunZzz/abp-vnext-pro.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

fix: 修复获取权限

8.3.3.10
Hanpaopao 1 year ago
parent
417c0b7ced
commit
4b55d26796
7 changed files with 176 additions and 25 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application.Contracts/Users/Dtos/PageIdentityUserOutput.cs
  2. 2
      aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application.Contracts/Users/IUserAppService.cs
  3. 58
      aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/ApplicationConfigurations/AbpProApplicationConfigurationAppService.cs
  4. 1
      aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/BasicManagementApplicationAutoMapperProfile.cs
  5. 9
      aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/Users/UserAppService.cs
  6. 2
      aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.HttpApi/Systems/UserController.cs
  7. 118
      aspnet-core/modules/BasicManagement/test/Lion.AbpPro.BasicManagement.Application.Tests/Permission_Tests.cs

11
aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application.Contracts/Users/Dtos/PageIdentityUserOutput.cs
View File

@ -0,0 +1,11 @@
using Volo.Abp.Identity;
namespace Lion.AbpPro.BasicManagement.Users.Dtos;
public class PageIdentityUserOutput : IdentityUserDto
{
/// <summary>
/// 是否开启双因素验证码
/// </summary>
public bool TwoFactorEnabled { get; set; }
}

2
aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application.Contracts/Users/IUserAppService.cs
View File

@ -10,7 +10,7 @@ namespace Lion.AbpPro.BasicManagement.Users
/// <summary> /// <summary>
/// 分页查询用户 /// 分页查询用户
/// </summary> /// </summary>
Task<PagedResultDto<IdentityUserDto>> ListAsync(PagingUserListInput input); Task<PagedResultDto<PageIdentityUserOutput>> ListAsync(PagingUserListInput input);
/// <summary> /// <summary>
/// 分页查询用户 /// 分页查询用户

58
aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/ApplicationConfigurations/AbpProApplicationConfigurationAppService.cs
View File

@ -191,40 +191,60 @@ public class AbpProApplicationConfigurationAppService : ApplicationService, IAbp
/// <remarks>比如设置了角色有权限AbpIdentity.Roles.Update,但是没有AbpIdentity.Roles权限,那么这个时候AbpIdentity.Roles应该是false</remarks> /// <remarks>比如设置了角色有权限AbpIdentity.Roles.Update,但是没有AbpIdentity.Roles权限,那么这个时候AbpIdentity.Roles应该是false</remarks>
private List<string> GetPolicy(string policy, MultiplePermissionGrantResult permissions) private List<string> GetPolicy(string policy, MultiplePermissionGrantResult permissions)
{ {
// AbpIdentity.Roles.Create
// AbpIdentity 按照.分割,第一级是分组,剩下的才是权限
var result = new List<string>(); var result = new List<string>();
var split = policy.Split('.', StringSplitOptions.RemoveEmptyEntries); var split = policy.Split('.', StringSplitOptions.RemoveEmptyEntries);
if (split.Length <= 0) return result; if (split.Length <= 0) return result;
var currentPolicy = string.Empty; // 1. 获取当前policy组名
for (int i = 0; i < split.Length - 1; i++) var groupName = split.First();
// 这个情况是菜单权限
if (split.Length == 2)
{ {
if (i == 0) var currentPolicyValue = permissions.Result.FirstOrDefault(e => e.Key == policy);
{
currentPolicy += split[i]; if (currentPolicyValue.Value != PermissionGrantResult.Granted) return result;
}
else
{ {
currentPolicy += "." + split[i]; result.Add(groupName);
} }
} }
else
if (!currentPolicy.IsNullOrWhiteSpace())
{ {
var currentPolicyValue = permissions.Result.FirstOrDefault(e => e.Key == currentPolicy); var currentPolicy = string.Empty;
if (currentPolicyValue.Value == PermissionGrantResult.Granted) for (int i = 0; i < split.Length - 1; i++)
{ {
result.Add(currentPolicy); if (i == 0)
// 获取上级code {
var parent = currentPolicy.Split('.', StringSplitOptions.RemoveEmptyEntries); currentPolicy += split[i];
if (parent.Length > 1) }
else
{ {
result.Add(parent[0]); currentPolicy += "." + split[i];
} }
} }
result.AddRange(GetPolicy(currentPolicy, permissions)); if (!currentPolicy.IsNullOrWhiteSpace())
{
var currentPolicyValue = permissions.Result.FirstOrDefault(e => e.Key == currentPolicy);
if (currentPolicyValue.Value == PermissionGrantResult.Granted)
{
result.Add(currentPolicy);
// 获取上级code
var parent = currentPolicy.Split('.', StringSplitOptions.RemoveEmptyEntries);
if (parent.Length > 1)
{
result.Add(parent.First());
}
}
result.AddRange(GetPolicy(currentPolicy, permissions));
}
} }
return result; return result.Distinct().ToList();
} }

1
aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/BasicManagementApplicationAutoMapperProfile.cs
View File

@ -36,5 +36,6 @@ public class BasicManagementApplicationAutoMapperProfile : Profile
CreateMap<IdentitySecurityLog, PagingIdentitySecurityLogOutput>(); CreateMap<IdentitySecurityLog, PagingIdentitySecurityLogOutput>();
CreateMap<TenantConnectionString, PageTenantConnectionStringOutput>(); CreateMap<TenantConnectionString, PageTenantConnectionStringOutput>();
CreateMap<IdentityUser, MyProfileOutput>(); CreateMap<IdentityUser, MyProfileOutput>();
CreateMap<IdentityUser, PageIdentityUserOutput>();
} }
} }

9
aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.Application/Users/UserAppService.cs
View File

@ -10,7 +10,7 @@ using IdentityRole = Volo.Abp.Identity.IdentityRole;
namespace Lion.AbpPro.BasicManagement.Users namespace Lion.AbpPro.BasicManagement.Users
{ {
[Authorize(IdentityPermissions.Users.Default)] [Authorize]
public class UserAppService : BasicManagementAppService, IUserAppService public class UserAppService : BasicManagementAppService, IUserAppService
{ {
private readonly IIdentityUserAppService _identityUserAppService; private readonly IIdentityUserAppService _identityUserAppService;
@ -36,7 +36,8 @@ namespace Lion.AbpPro.BasicManagement.Users
/// <summary> /// <summary>
/// 分页查询用户 /// 分页查询用户
/// </summary> /// </summary>
public virtual async Task<PagedResultDto<IdentityUserDto>> ListAsync(PagingUserListInput input) [Authorize(IdentityPermissions.Users.Default)]
public virtual async Task<PagedResultDto<PageIdentityUserOutput>> ListAsync(PagingUserListInput input)
{ {
var request = new GetIdentityUsersInput var request = new GetIdentityUsersInput
{ {
@ -50,8 +51,8 @@ namespace Lion.AbpPro.BasicManagement.Users
var source = await _identityUserRepository var source = await _identityUserRepository
.GetListAsync(request.Sorting, request.MaxResultCount, request.SkipCount, request.Filter); .GetListAsync(request.Sorting, request.MaxResultCount, request.SkipCount, request.Filter);
return new PagedResultDto<IdentityUserDto>(count, return new PagedResultDto<PageIdentityUserOutput>(count,
base.ObjectMapper.Map<List<Volo.Abp.Identity.IdentityUser>, List<IdentityUserDto>>(source)); base.ObjectMapper.Map<List<Volo.Abp.Identity.IdentityUser>, List<PageIdentityUserOutput>>(source));
} }
public async Task<List<IdentityUserDto>> ListAllAsync(PagingUserListInput input) public async Task<List<IdentityUserDto>> ListAllAsync(PagingUserListInput input)

2
aspnet-core/modules/BasicManagement/src/Lion.AbpPro.BasicManagement.HttpApi/Systems/UserController.cs
View File

@ -15,7 +15,7 @@ namespace Lion.AbpPro.BasicManagement.Systems
[HttpPost("page")] [HttpPost("page")]
[SwaggerOperation(summary: "分页获取用户信息", Tags = new[] { "Users" })] [SwaggerOperation(summary: "分页获取用户信息", Tags = new[] { "Users" })]
public Task<PagedResultDto<IdentityUserDto>> ListAsync(PagingUserListInput input) public Task<PagedResultDto<PageIdentityUserOutput>> ListAsync(PagingUserListInput input)
{ {
return _userAppService.ListAsync(input); return _userAppService.ListAsync(input);
} }

118
aspnet-core/modules/BasicManagement/test/Lion.AbpPro.BasicManagement.Application.Tests/Permission_Tests.cs
View File

@ -0,0 +1,118 @@
using Shouldly;
using Volo.Abp.Authorization.Permissions;
using Xunit;
namespace Lion.AbpPro.BasicManagement;
public class Permission_Tests:BasicManagementApplicationTestBase
{
[Fact]
public void GetPolicySingleTest()
{
var grant = new MultiplePermissionGrantResult();
grant.Result.Add("AbpIdentity.AuditLog", PermissionGrantResult.Granted);
var result= GetPolicy("AbpIdentity.AuditLog", grant);
result.FirstOrDefault(e=>e=="AbpIdentity").ShouldBe("AbpIdentity");
}
[Fact]
public void GetPolicyTest()
{
var grant = new MultiplePermissionGrantResult();
grant.Result.Add("AbpIdentity.Roles", PermissionGrantResult.Granted);
grant.Result.Add("AbpIdentity.Roles.Create", PermissionGrantResult.Granted);
grant.Result.Add("AbpIdentity.Roles.Update", PermissionGrantResult.Undefined);
grant.Result.Add("AbpIdentity.Users", PermissionGrantResult.Undefined);
grant.Result.Add("AbpIdentity.Users.Create", PermissionGrantResult.Granted);
grant.Result.Add("AbpIdentity.Users.Update", PermissionGrantResult.Granted);
grant.Result.Add("AbpCode.CodeManagement.Project", PermissionGrantResult.Granted);
grant.Result.Add("AbpCode.CodeManagement.Project.Create", PermissionGrantResult.Undefined);
var result1= GetPolicy("AbpIdentity.Roles.Update", grant);
result1.FirstOrDefault(e=>e=="AbpIdentity").ShouldBe("AbpIdentity");
result1.FirstOrDefault(e=>e=="AbpIdentity.Roles").ShouldBe("AbpIdentity.Roles");
result1.FirstOrDefault(e=>e=="AbpIdentity.Roles.Update").ShouldBe(null);
var result2= GetPolicy("AbpIdentity.Users.Update", grant);
result2.FirstOrDefault(e=>e=="AbpIdentity").ShouldBe(null);
result2.FirstOrDefault(e=>e=="AbpIdentity.Users").ShouldBe(null);
var result3= GetPolicy("AbpCode.CodeManagement.Project", grant);
result3.FirstOrDefault(e=>e=="AbpCode.CodeManagement").ShouldBe(null);
result3.FirstOrDefault(e=>e=="AbpCode.CodeManagement.Project").ShouldBe(null);
}
/// <summary>
/// 获取权限
/// </summary>
/// <remarks>比如设置了角色有权限AbpIdentity.Roles.Update,但是没有AbpIdentity.Roles权限,那么这个时候AbpIdentity.Roles应该是false</remarks>
private List<string> GetPolicy(string policy, MultiplePermissionGrantResult permissions)
{
// AbpIdentity.Roles.Create
// AbpIdentity 按照.分割,第一级是分组,剩下的才是权限
var result = new List<string>();
var split = policy.Split('.', StringSplitOptions.RemoveEmptyEntries);
if (split.Length <= 0) return result;
// 1. 获取当前policy组名
var groupName = split.First();
//2. 判断组下面的权限是菜单权限还是按钮权限
// AbpIdentity.Roles 页面权限
// AbpIdentity.Roles.Create 按钮权限
// AbpIdentity.AuditLog 页面权限
// 这个情况是菜单权限
if (split.Length == 2)
{
var currentPolicyValue = permissions.Result.FirstOrDefault(e => e.Key == policy);
if (currentPolicyValue.Value != PermissionGrantResult.Granted) return result;
{
result.Add(groupName);
}
}
else
{
var currentPolicy = string.Empty;
for (int i = 0; i < split.Length - 1; i++)
{
if (i == 0)
{
currentPolicy += split[i];
}
else
{
currentPolicy += "." + split[i];
}
}
if (!currentPolicy.IsNullOrWhiteSpace())
{
var currentPolicyValue = permissions.Result.FirstOrDefault(e => e.Key == currentPolicy);
if (currentPolicyValue.Value == PermissionGrantResult.Granted)
{
result.Add(currentPolicy);
// 获取上级code
var parent = currentPolicy.Split('.', StringSplitOptions.RemoveEmptyEntries);
if (parent.Length > 1)
{
result.Add(parent.First());
}
}
result.AddRange(GetPolicy(currentPolicy, permissions));
}
}
return result.Distinct().ToList();
}
}
Write Preview
Loading…
Cancel
Save