数据权限功能

Yi.Framework.Net6/Yi.Framework.WebCore/CommonExtend.cs

@@ -26,13 +26,49 @@ namespace Yi.Framework.WebCore
             return "XMLHttpRequest".Equals(header);
         }
 
-
+        /// <summary>
+        /// 通过鉴权完的token获取用户id
+        /// </summary>
+        /// <param name="httpContext"></param>
+        /// <returns></returns>
         public static long GetUserIdInfo(this HttpContext httpContext)
         {
             var p = httpContext;
-            return Convert.ToInt64(httpContext .User.Claims.FirstOrDefault(u => u.Type== JwtRegisteredClaimNames.Sid).Value);
+            return Convert.ToInt64(httpContext.User.Claims.FirstOrDefault(u => u.Type == JwtRegisteredClaimNames.Sid).Value);
         }
 
+        /// <summary>
+        /// 通过鉴权完的token获取用户名
+        /// </summary>
+        /// <param name="httpContext"></param>
+        /// <returns></returns>
+        public static string GetUserNameInfo(this HttpContext httpContext)
+        {
+            var p = httpContext;
+            return httpContext.User.Claims.FirstOrDefault(u => u.Type == JwtRegisteredClaimNames.Name).Value;
+        }
+
+        /// <summary>
+        /// 通过鉴权完的token获取用户部门
+        /// </summary>
+        /// <param name="httpContext"></param>
+        /// <returns></returns>
+        public static string GetDeptIdInfo(this HttpContext httpContext)
+        {
+            var p = httpContext;
+            return httpContext.User.Claims.FirstOrDefault(u => u.Type == "deptId").Value;
+        }
+
+        /// <summary>
+        /// 通过鉴权完的token获取权限code
+        /// </summary>
+        /// <param name="httpContext"></param>
+        /// <returns></returns>
+        public static string GetPermissionInfo(this HttpContext httpContext)
+        {
+            var p = httpContext;
+            return httpContext.User.Claims.FirstOrDefault(u => u.Type == "permission").Value;
+        }
         /// <summary>
         /// 基于HttpContext,当前鉴权方式解析，获取用户信息
         /// 现在使用redis作为缓存，不需要将菜单存放至jwt中了

Yi.Framework.Net6/Yi.Framework.WebCore/DbExtend/DbFiterExtend.cs

@@ -0,0 +1,88 @@
+using Microsoft.Extensions.DependencyInjection;
+using SqlSugar;
+using System;
+using System.Linq;
+using Yi.Framework.Common.Enum;
+using Yi.Framework.Common.Models;
+using Yi.Framework.DTOModel;
+using Yi.Framework.Model.Models;
+using Yi.Framework.WebCore;
+
+namespace Yi.Framework.Core
+{
+    public class DbFiterExtend
+    {
+        public static void Data(SqlSugarClient db)
+        {
+            //非请求情况
+            if (!ServiceLocator.GetHttp(out var httpContext))
+            {
+                return;
+            }
+
+            //无需授权情况
+            var userName = httpContext.GetUserNameInfo();
+            if (userName is null)
+            {
+                return;
+            }
+
+            //超级管理员直接放行
+            if (ServiceLocator.Admin.Equals(userName))
+            {
+                return;
+            }
+
+            //这里可以优化一下
+            //根据缓存获取全部用户信息
+            var userRoleMenu = ServiceLocator.Instance.GetService<CacheClientDB>().Get<UserRoleMenuDto>("用户id");
+
+
+            var roles = userRoleMenu.Roles;
+            if (roles.IsNull())
+            {
+                roles = new();
+            }
+            //先测试部门就是LEBG
+            long deptId = (long)userRoleMenu.User.DeptId;
+            long userId = httpContext.GetUserIdInfo();
+            //根据角色的数据范围，来添加相对于的数据权限
+            foreach (var role in roles)
+            {
+                DataScopeEnum dataScope = (DataScopeEnum)role.DataScope;
+                switch (dataScope)
+                {
+                    case DataScopeEnum.ALL:
+                        //直接放行
+                        break;
+                    case DataScopeEnum.DEPT:
+                        //只能查询到自己的部门的数据
+                        db.QueryFilter.Add(new TableFilterItem<UserEntity>(it => it.DeptId == deptId, true));
+                        break;
+                    case DataScopeEnum.USER:
+                        //只能查询到自己
+                        db.QueryFilter.Add(new TableFilterItem<UserEntity>(it => it.Id == userId, true));
+                        break;
+                    case DataScopeEnum.CUSTOM:
+                        //自定义查询
+                        var filter = new TableFilterItem<UserEntity>(it => SqlFunc.Subqueryable<RoleDeptEntity>().Where(f => f.DeptId == it.DeptId && f.RoleId == (long)role.Id).Any(), true);
+                        db.QueryFilter.Add(filter);
+                        break;
+                    case DataScopeEnum.DEPT_FOLLOW:
+                        //放行自己部门及以下
+                        var allChildDepts = db.Queryable<DeptEntity>().ToChildList(it => it.ParentId, deptId);
+
+                        var filter1 = new TableFilterItem<UserEntity>(it => allChildDepts.Select(f => f.Id).ToList().Contains((long)it.DeptId), true);
+                        db.QueryFilter.Add(filter1);
+
+                        //部门无需过滤
+                        //var filter2 = new TableFilterItem<DeptEntity>(it => allChildDepts.Select(f => f.Id).ToList().Contains(it.Id),true);
+                        //db.QueryFilter.Add(filter2);
+                        break;
+                    default:
+                        break;
+                }
+            }
+        }
+    }
+}

Yi.Framework.Net6/Yi.Framework.WebCore/ServiceLocator.cs

@@ -0,0 +1,27 @@
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.DependencyInjection;
+using System;
+using Ubiety.Dns.Core.Common;
+
+namespace Yi.Framework.WebCore
+{
+    public static class ServiceLocator
+    {
+        public static IServiceProvider Instance { get; set; }
+
+        public static string Admin { get; set; } = "cc";
+
+        public static bool GetHttp(out HttpContext httpContext)
+        {
+            httpContext = null;
+            var httpContextAccessor = Instance.GetService<IHttpContextAccessor>();
+            if (httpContextAccessor is null)
+            {
+                return false;
+            }
+            httpContext = httpContextAccessor.HttpContext;
+            return true;
+        }
+    }
+
+}