perf: 优化主题权限
This commit is contained in:
橙子
@@ -8,6 +8,5 @@ namespace Yi.Framework.Bbs.Application.Contracts.IServices
|
||||
/// </summary>
|
||||
public interface IDiscussService : IYiCrudAppService<DiscussGetOutputDto, DiscussGetListOutputDto, Guid, DiscussGetListInputVo, DiscussCreateInputVo, DiscussUpdateInputVo>
|
||||
{
|
||||
Task VerifyDiscussPermissionAsync(Guid discussId);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -72,7 +72,7 @@ namespace Yi.Framework.Bbs.Application.Services.Forum
|
||||
[Route("article/all/discuss-id/{discussId}")]
|
||||
public async Task<List<ArticleAllOutputDto>> GetAllAsync([FromRoute] Guid discussId)
|
||||
{
|
||||
await _discussService.VerifyDiscussPermissionAsync(discussId);
|
||||
await _forumManager.VerifyDiscussPermissionAsync(discussId,CurrentUser.Id);
|
||||
|
||||
|
||||
var entities = await _articleRepository.GetTreeAsync(x => x.DiscussId == discussId);
|
||||
|
||||
@@ -50,7 +50,7 @@ namespace Yi.Framework.Bbs.Application.Services.Forum
|
||||
/// <returns></returns>
|
||||
public async Task<PagedResultDto<CommentGetListOutputDto>> GetDiscussIdAsync([FromRoute] Guid discussId, [FromQuery] CommentGetListInputVo input)
|
||||
{
|
||||
await _discussService.VerifyDiscussPermissionAsync(discussId);
|
||||
await _forumManager.VerifyDiscussPermissionAsync(discussId,CurrentUser.Id);
|
||||
|
||||
var entities = await _repository._DbQueryable.WhereIF(!string.IsNullOrEmpty(input.Content), x => x.Content.Contains(input.Content))
|
||||
.Where(x => x.DiscussId == discussId)
|
||||
|
||||
@@ -109,7 +109,7 @@ namespace Yi.Framework.Bbs.Application.Services.Forum
|
||||
item.IsAgree = agreeCreatorList.Contains(CurrentUser.Id);
|
||||
}
|
||||
|
||||
await VerifyDiscussPermissionAsync(item.Id);
|
||||
await _forumManager.VerifyDiscussPermissionAsync(item.Id,CurrentUser.Id);
|
||||
await _localEventBus.PublishAsync(new SeeDiscussEventArgs
|
||||
{ DiscussId = item.Id, OldSeeNum = item.SeeNum });
|
||||
return item;
|
||||
@@ -260,37 +260,5 @@ namespace Yi.Framework.Bbs.Application.Services.Forum
|
||||
var entity = await _forumManager.CreateDiscussAsync(await MapToEntityAsync(input));
|
||||
return await MapToGetOutputDtoAsync(entity);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 校验主题查询权限
|
||||
/// </summary>
|
||||
/// <param name="discussId"></param>
|
||||
/// <returns></returns>
|
||||
/// <exception cref="UserFriendlyException"></exception>
|
||||
public async Task VerifyDiscussPermissionAsync(Guid discussId)
|
||||
{
|
||||
var discuss = await _forumManager._discussRepository.GetFirstAsync(x => x.Id == discussId);
|
||||
if (discuss is null)
|
||||
{
|
||||
throw new UserFriendlyException(DiscussConst.No_Exist);
|
||||
}
|
||||
|
||||
if (discuss.PermissionType == DiscussPermissionTypeEnum.Oneself)
|
||||
{
|
||||
if (discuss.CreatorId != CurrentUser.Id)
|
||||
{
|
||||
throw new UserFriendlyException(DiscussConst.Privacy);
|
||||
}
|
||||
}
|
||||
|
||||
if (discuss.PermissionType == DiscussPermissionTypeEnum.User)
|
||||
{
|
||||
if (discuss.CreatorId != CurrentUser.Id &&
|
||||
!discuss.PermissionUserIds.Contains(CurrentUser.Id ?? Guid.Empty))
|
||||
{
|
||||
throw new UserFriendlyException(DiscussConst.Privacy);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,8 +1,10 @@
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Volo.Abp.Domain.Services;
|
||||
using Volo.Abp.Users;
|
||||
using Yi.Framework.Bbs.Domain.Entities.Forum;
|
||||
using Yi.Framework.Bbs.Domain.Managers.ArticleImport;
|
||||
using Yi.Framework.Bbs.Domain.Shared.Consts;
|
||||
using Yi.Framework.Bbs.Domain.Shared.Enums;
|
||||
using Yi.Framework.Bbs.Domain.Shared.Model;
|
||||
using Yi.Framework.SqlSugarCore.Abstractions;
|
||||
@@ -44,6 +46,38 @@ namespace Yi.Framework.Bbs.Domain.Managers
|
||||
return await _commentRepository.InsertReturnEntityAsync(entity);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 校验主题查询权限
|
||||
/// </summary>
|
||||
/// <param name="discussId"></param>
|
||||
/// <returns></returns>
|
||||
/// <exception cref="UserFriendlyException"></exception>
|
||||
public async Task VerifyDiscussPermissionAsync(Guid discussId,Guid? userId)
|
||||
{
|
||||
var discuss = await _discussRepository.GetFirstAsync(x => x.Id == discussId);
|
||||
if (discuss is null)
|
||||
{
|
||||
throw new UserFriendlyException(DiscussConst.No_Exist);
|
||||
}
|
||||
|
||||
if (discuss.PermissionType == DiscussPermissionTypeEnum.Oneself)
|
||||
{
|
||||
if (discuss.CreatorId != userId)
|
||||
{
|
||||
throw new UserFriendlyException(DiscussConst.Privacy);
|
||||
}
|
||||
}
|
||||
|
||||
if (discuss.PermissionType == DiscussPermissionTypeEnum.User)
|
||||
{
|
||||
if (discuss.CreatorId !=userId &&
|
||||
!discuss.PermissionUserIds.Contains(userId?? Guid.Empty))
|
||||
{
|
||||
throw new UserFriendlyException(DiscussConst.Privacy);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 导入文章
|
||||
/// </summary>
|
||||
|
||||
Reference in New Issue
Block a user