xwl2023/Yi.Framework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

数据权限功能

Browse Source
This commit is contained in:
chenchun
2022-09-18 17:22:47 +08:00
parent a64d493a29
commit 483aea5c4f
9 changed files with 170 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Yi.Framework.Net6/Yi.Framework.ApiMicroservice/Controllers/AccountController.cs
View File

@@ -64,10 +64,8 @@ namespace Yi.Framework.ApiMicroservice.Controllers
[HttpPost] [HttpPost]
public async Task<Result> Login(LoginDto loginDto) public async Task<Result> Login(LoginDto loginDto)
{ {
//跳过需要redis缓存获取uuid与code的关系进行比较即可
//跳过
//先效验验证码和UUID //先效验验证码和UUID
UserEntity user = new(); UserEntity user = new();
if (await _iUserService.Login(loginDto.UserName, loginDto.Password, o => user = o)) if (await _iUserService.Login(loginDto.UserName, loginDto.Password, o => user = o))
{ {
@@ -181,7 +179,7 @@ namespace Yi.Framework.ApiMicroservice.Controllers
{ {
var uuid = Guid.NewGuid(); var uuid = Guid.NewGuid();
var code = _securityCode.GetRandomEnDigitalText(4); var code = _securityCode.GetRandomEnDigitalText(4);
//将uuid与code中心化保存起来登录根据uuid比对即可 //将uuid与codeRedis缓存中心化保存起来登录根据uuid比对即可
var imgbyte = _securityCode.GetEnDigitalCodeByte(code); var imgbyte = _securityCode.GetEnDigitalCodeByte(code);
return Result.Success().SetData(new { uuid = uuid, img = imgbyte }); return Result.Success().SetData(new { uuid = uuid, img = imgbyte });
} }

13
Yi.Framework.Net6/Yi.Framework.ApiMicroservice/Program.cs
View File

@@ -11,6 +11,8 @@ using Microsoft.Extensions.Localization;
using Yi.Framework.WebCore.AttributeExtend; using Yi.Framework.WebCore.AttributeExtend;
using Yi.Framework.WebCore.SignalRHub; using Yi.Framework.WebCore.SignalRHub;
using Hei.Captcha; using Hei.Captcha;
using Yi.Framework.WebCore;
using Microsoft.Extensions.DependencyInjection;
var builder = WebApplication.CreateBuilder(args); var builder = WebApplication.CreateBuilder(args);
builder.Configuration.AddCommandLine(args); builder.Configuration.AddCommandLine(args);
@@ -52,9 +54,10 @@ builder.Host.ConfigureLogging(loggingBuilder =>
#endregion #endregion
builder.Services.AddIocService(builder.Configuration); builder.Services.AddIocService(builder.Configuration);
#region #region
//Sqlsugar<61><72><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ע<EFBFBD><D7A2> //Sqlsugar<61><72><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ע<EFBFBD><D7A2>,<2C>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ȩ<EFBFBD>޹<EFBFBD><DEB9>ܣ<EFBFBD><DCA3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ҪRedis<69><73><EFBFBD><EFBFBD>
#endregion #endregion
builder.Services.AddSqlsugarServer(); builder.Services.AddSqlsugarServer();
//builder.Services.AddSqlsugarServer(DbFiterExtend.Data);
#region #region
//Quartz<74><7A><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> //Quartz<74><7A><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
#endregion #endregion
@@ -117,8 +120,14 @@ builder.Services.AddLocalizerService();
//<2F><><EFBFBD><EFBFBD>signalR //<2F><><EFBFBD><EFBFBD>signalR
#endregion #endregion
builder.Services.AddSignalR(); builder.Services.AddSignalR();
#region
//<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>֤<EFBFBD><D6A4>
#endregion
builder.Services.AddHeiCaptcha(); builder.Services.AddHeiCaptcha();
#region
//<2F><><EFBFBD><EFBFBD>Http<74><70><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
#endregion
builder.Services.AddHttpContextAccessor();
//----------------------------------------------------------------------------------------------------------- //-----------------------------------------------------------------------------------------------------------
var app = builder.Build(); var app = builder.Build();
#region #region

2
Yi.Framework.Net6/Yi.Framework.Common/Base/NullValue.cs
View File

@@ -90,6 +90,8 @@
{ {
#region #region
public static Guid TryToGuid(this string guid) public static Guid TryToGuid(this string guid)
{ {
if (Guid.TryParse(guid, out var guid1)) if (Guid.TryParse(guid, out var guid1))

10
Yi.Framework.Net6/Yi.Framework.Common/Models/ServiceLocator.cs
View File

@@ -1,10 +0,0 @@
using System;
namespace Yi.Framework.Common.Models
{
public static class ServiceLocator
{
public static IServiceProvider Instance { get; set; }
}
}

90
Yi.Framework.Net6/Yi.Framework.Core/DbFiterExtend.cs
View File

@@ -1,90 +0,0 @@
//using Brick.Common;
//using Brick.Common.Const;
//using Brick.Core;
//using Brick.Grpc;
//using Brick.WebCore.MiddlewareExtend;
//using ETX.Common.Enum;
//using ETX.Entity;
//using ETX.Interface.IService;
//using SqlSugar;
//using System.Linq;
//using Yi.Framework.Common.Enum;
//using Yi.Framework.Model.Models;
//namespace Yi.Framework.Core
//{
// public class DbFiterExtend
// {
// public static void Data(SqlSugarClient db)
// {
// //未登录情况
// //if (!ServiceLocator.GetHttp(out var httpContext))
// //{
// // return;
// //}
// //无需授权情况
// //var account = httpContext.GetAccount();
// //if (account.IsNull())
// //{
// // return;
// //}
// //超级管理员直接放行
// //if (ServiceLocator.Admin.Equals(account))
// //{
// // return;
// //}
// //这里可以优化一下
// //根据缓存获取全部用户信息
// //var userRoleMenu = ServiceLocator.Instance.GetService<CacheClientDB>().Get<UserRoleMenu>(RedisConst.GetStr(RedisConst.UserRoleMenu, account));
// var roles = userRoleMenu.Roles;
// if (roles.IsNull())
// {
// roles = new ();
// }
// //先测试部门就是LEBG
// long deptId= userRoleMenu.User.DeptId.TryToGuid();
// long userId =httpContext.GetId();
// //根据角色的数据范围,来添加相对于的数据权限
// foreach (var role in roles)
// {
// DataScopeEnum dataScope =(DataScopeEnum)role.DataScope;
// switch (dataScope)
// {
// case DataScopeEnum.ALL:
// //直接放行
// break;
// case DataScopeEnum.DEPT:
// //只能查询到自己的部门的数据
// db.QueryFilter.Add(new TableFilterItem<UserEntity>(it => it.DeptId== deptId, true));
// break;
// case DataScopeEnum.USER:
// //只能查询到自己
// db.QueryFilter.Add(new TableFilterItem<UserEntity>(it => it.Id == userId,true));
// break;
// case DataScopeEnum.CUSTOM:
// //自定义查询
// var filter = new TableFilterItem<UserEntity>(it => SqlFunc.Subqueryable<RoleDeptEntity>().Where(f => f.DeptId == it.DeptId && f.RoleId == role.Id.TryToGuid()).Any(),true);
// db.QueryFilter.Add(filter);
// break;
// case DataScopeEnum.DEPT_FOLLOW:
// //放行自己部门及以下
// var allChildDepts = db.Queryable<DeptEntity>().ToChildList(it => it.ParentId, deptId);
// var filter1 = new TableFilterItem<UserEntity>(it => allChildDepts.Select(f => f.Id).ToList().Contains((long)it.DeptId),true);
// db.QueryFilter.Add(filter1);
// //var filter2 = new TableFilterItem<DeptEntity>(it => allChildDepts.Select(f => f.Id).ToList().Contains(it.Id),true);
// //db.QueryFilter.Add(filter2);
// break;
// default:
// break;
// }
// }
// }
// }
//}

9
Yi.Framework.Net6/Yi.Framework.Core/JwtInvoker.cs
View File

@@ -37,7 +37,8 @@ namespace Yi.Framework.Core
claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}")); claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"));
claims.Add(new Claim(JwtRegisteredClaimNames.Exp, $"{new DateTimeOffset(DateTime.Now.AddMinutes(minutes)).ToUnixTimeSeconds()}")); claims.Add(new Claim(JwtRegisteredClaimNames.Exp, $"{new DateTimeOffset(DateTime.Now.AddMinutes(minutes)).ToUnixTimeSeconds()}"));
claims.Add(new Claim(JwtRegisteredClaimNames.Sid, user.Id.ToString())); claims.Add(new Claim(JwtRegisteredClaimNames.Sid, user.Id.ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Name, user.UserName));
claims.Add(new Claim("deptId", user.DeptId.ToString()));
//-----------------------------以下从user的权限表中添加权限-----------------------例如: //-----------------------------以下从user的权限表中添加权限-----------------------例如:
foreach (var m in menus) foreach (var m in menus)
@@ -47,12 +48,6 @@ namespace Yi.Framework.Core
claims.Add(new Claim("permission", m.PermissionCode.ToString())); claims.Add(new Claim("permission", m.PermissionCode.ToString()));
} }
} }
if (isRefresh)
{
claims.Add(new Claim("Re", "true"));
}
var creds = new SigningCredentials(new RsaSecurityKey(Common.Helper.RSAFileHelper.GetKey()), SecurityAlgorithms.RsaSha256); var creds = new SigningCredentials(new RsaSecurityKey(Common.Helper.RSAFileHelper.GetKey()), SecurityAlgorithms.RsaSha256);
var token = new JwtSecurityToken( var token = new JwtSecurityToken(
issuer: _JWTTokenOptions.Issuer, issuer: _JWTTokenOptions.Issuer,

40
Yi.Framework.Net6/Yi.Framework.WebCore/CommonExtend.cs
View File

@@ -26,13 +26,49 @@ namespace Yi.Framework.WebCore
return "XMLHttpRequest".Equals(header); return "XMLHttpRequest".Equals(header);
} }
/// <summary>
/// 通过鉴权完的token获取用户id
/// </summary>
/// <param name="httpContext"></param>
/// <returns></returns>
public static long GetUserIdInfo(this HttpContext httpContext) public static long GetUserIdInfo(this HttpContext httpContext)
{ {
var p = httpContext; var p = httpContext;
return Convert.ToInt64(httpContext .User.Claims.FirstOrDefault(u => u.Type== JwtRegisteredClaimNames.Sid).Value); return Convert.ToInt64(httpContext.User.Claims.FirstOrDefault(u => u.Type == JwtRegisteredClaimNames.Sid).Value);
} }
/// <summary>
/// 通过鉴权完的token获取用户名
/// </summary>
/// <param name="httpContext"></param>
/// <returns></returns>
public static string GetUserNameInfo(this HttpContext httpContext)
{
var p = httpContext;
return httpContext.User.Claims.FirstOrDefault(u => u.Type == JwtRegisteredClaimNames.Name).Value;
}
/// <summary>
/// 通过鉴权完的token获取用户部门
/// </summary>
/// <param name="httpContext"></param>
/// <returns></returns>
public static string GetDeptIdInfo(this HttpContext httpContext)
{
var p = httpContext;
return httpContext.User.Claims.FirstOrDefault(u => u.Type == "deptId").Value;
}
/// <summary>
/// 通过鉴权完的token获取权限code
/// </summary>
/// <param name="httpContext"></param>
/// <returns></returns>
public static string GetPermissionInfo(this HttpContext httpContext)
{
var p = httpContext;
return httpContext.User.Claims.FirstOrDefault(u => u.Type == "permission").Value;
}
/// <summary> /// <summary>
/// 基于HttpContext,当前鉴权方式解析,获取用户信息 /// 基于HttpContext,当前鉴权方式解析,获取用户信息
/// 现在使用redis作为缓存不需要将菜单存放至jwt中了 /// 现在使用redis作为缓存不需要将菜单存放至jwt中了

88
Yi.Framework.Net6/Yi.Framework.WebCore/DbExtend/DbFiterExtend.cs Normal file
View File

@@ -0,0 +1,88 @@
using Microsoft.Extensions.DependencyInjection;
using SqlSugar;
using System;
using System.Linq;
using Yi.Framework.Common.Enum;
using Yi.Framework.Common.Models;
using Yi.Framework.DTOModel;
using Yi.Framework.Model.Models;
using Yi.Framework.WebCore;
namespace Yi.Framework.Core
{
public class DbFiterExtend
{
public static void Data(SqlSugarClient db)
{
//非请求情况
if (!ServiceLocator.GetHttp(out var httpContext))
{
return;
}
//无需授权情况
var userName = httpContext.GetUserNameInfo();
if (userName is null)
{
return;
}
//超级管理员直接放行
if (ServiceLocator.Admin.Equals(userName))
{
return;
}
//这里可以优化一下
//根据缓存获取全部用户信息
var userRoleMenu = ServiceLocator.Instance.GetService<CacheClientDB>().Get<UserRoleMenuDto>("用户id");
var roles = userRoleMenu.Roles;
if (roles.IsNull())
{
roles = new();
}
//先测试部门就是LEBG
long deptId = (long)userRoleMenu.User.DeptId;
long userId = httpContext.GetUserIdInfo();
//根据角色的数据范围,来添加相对于的数据权限
foreach (var role in roles)
{
DataScopeEnum dataScope = (DataScopeEnum)role.DataScope;
switch (dataScope)
{
case DataScopeEnum.ALL:
//直接放行
break;
case DataScopeEnum.DEPT:
//只能查询到自己的部门的数据
db.QueryFilter.Add(new TableFilterItem<UserEntity>(it => it.DeptId == deptId, true));
break;
case DataScopeEnum.USER:
//只能查询到自己
db.QueryFilter.Add(new TableFilterItem<UserEntity>(it => it.Id == userId, true));
break;
case DataScopeEnum.CUSTOM:
//自定义查询
var filter = new TableFilterItem<UserEntity>(it => SqlFunc.Subqueryable<RoleDeptEntity>().Where(f => f.DeptId == it.DeptId && f.RoleId == (long)role.Id).Any(), true);
db.QueryFilter.Add(filter);
break;
case DataScopeEnum.DEPT_FOLLOW:
//放行自己部门及以下
var allChildDepts = db.Queryable<DeptEntity>().ToChildList(it => it.ParentId, deptId);
var filter1 = new TableFilterItem<UserEntity>(it => allChildDepts.Select(f => f.Id).ToList().Contains((long)it.DeptId), true);
db.QueryFilter.Add(filter1);
//部门无需过滤
//var filter2 = new TableFilterItem<DeptEntity>(it => allChildDepts.Select(f => f.Id).ToList().Contains(it.Id),true);
//db.QueryFilter.Add(filter2);
break;
default:
break;
}
}
}
}
}

27
Yi.Framework.Net6/Yi.Framework.WebCore/ServiceLocator.cs Normal file
View File

@@ -0,0 +1,27 @@
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.DependencyInjection;
using System;
using Ubiety.Dns.Core.Common;
namespace Yi.Framework.WebCore
{
public static class ServiceLocator
{
public static IServiceProvider Instance { get; set; }
public static string Admin { get; set; } = "cc";
public static bool GetHttp(out HttpContext httpContext)
{
httpContext = null;
var httpContextAccessor = Instance.GetService<IHttpContextAccessor>();
if (httpContextAccessor is null)
{
return false;
}
httpContext = httpContextAccessor.HttpContext;
return true;
}
}
}