feat: 添加权限效验

Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application.Contracts/Dtos/Plate/PlateCreateInputVo.cs

@@ -12,5 +12,7 @@ namespace Yi.Framework.Bbs.Application.Contracts.Dtos.Plate
         public string Code { get; set; }
 
         public int OrderNum { get; set; }
+
+        public bool IsDisableCreateDiscuss { get; set; }
     }
 }

Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application.Contracts/Dtos/Plate/PlateGetListOutputDto.cs

@@ -12,5 +12,8 @@ namespace Yi.Framework.Bbs.Application.Contracts.Dtos.Plate
         public string Code { get; set; }
 
         public DateTime CreationTime { get; set; }
+
+
+        public bool IsDisableCreateDiscuss { get; set; }
     }
 }

Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application.Contracts/Dtos/Plate/PlateGetOutputDto.cs

@@ -10,5 +10,8 @@ namespace Yi.Framework.Bbs.Application.Contracts.Dtos.Plate
         public string Code { get; set; }
 
         public DateTime CreationTime { get; set; }
+
+
+        public bool IsDisableCreateDiscuss { get; set; }
     }
 }

Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application.Contracts/Dtos/Plate/PlateUpdateInputVo.cs

@@ -9,5 +9,8 @@ namespace Yi.Framework.Bbs.Application.Contracts.Dtos.Plate
         public string? Code { get; set; }
 
         public int OrderNum { get; set; }
+
+
+        public bool IsDisableCreateDiscuss { get; set; }
     }
 }

Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application/Services/ArticleService.cs

@@ -99,34 +99,60 @@ namespace Yi.Framework.Bbs.Application.Services
         /// <exception cref="UserFriendlyException"></exception>
         public async override Task<ArticleGetOutputDto> CreateAsync(ArticleCreateInputVo input)
         {
-            var discuss = await _discussRepository.GetFirstAsync(x => x.Id == input.DiscussId);
-            if (discuss is null)
-            {
-                throw new UserFriendlyException(DiscussConst.No_Exist);
-            }
-            if (input.ParentId != Guid.Empty && !await _articleRepository.IsAnyAsync(x => x.Id == input.ParentId))
-            {
-                throw new UserFriendlyException(ArticleConst.No_Exist);
-            }
-            await VerifyDiscussCreateIdAsync(discuss.CreatorId);
+            await VerifyDiscussCreateIdAsync(input.DiscussId);
             return await base.CreateAsync(input);
         }
 
+        /// <summary>
+        /// 更新文章
+        /// </summary>
+        /// <param name="id"></param>
+        /// <param name="input"></param>
+        /// <returns></returns>
+        public override async Task<ArticleGetOutputDto> UpdateAsync(Guid id, ArticleUpdateInputVo input)
+        {
+            var entity = await _articleRepository.GetByIdAsync(id);
+            await VerifyDiscussCreateIdAsync(entity.DiscussId);
+            return await base.UpdateAsync(id, input);
+        }
+
 
         /// <summary>
-        /// 效验创建权限
+        /// 删除文章
         /// </summary>
-        /// <param name="userId"></param>
+        /// <param name="id"></param>
         /// <returns></returns>
-        public async Task VerifyDiscussCreateIdAsync(Guid? userId)
+        public override async Task DeleteAsync(Guid id)
         {
+            var entity = await _articleRepository.GetByIdAsync(id);
+            await VerifyDiscussCreateIdAsync(entity.DiscussId);
+            await base.DeleteAsync(id);
+        }
+
+
+
+
+        /// <summary>
+        /// 效验创建权限，userId为主题创建者
+        /// </summary>
+        /// <param name="disucssId"></param>
+        /// <returns></returns>
+        private async Task VerifyDiscussCreateIdAsync(Guid disucssId)
+        {
+            var discuss = await _discussRepository.GetFirstAsync(x => x.Id == disucssId);
+            if (discuss is null)
+            {
+                throw new UserFriendlyException(DiscussConst.No_Exist);
+            }
             //只有文章是特殊的，不能在其他主题下创建
             //主题的创建者不是当前用户，同时，没有权限或者超级管理
             //false  & true  & false  ,三个条件任意满意一个，即可成功使用||，最后取反，一个都不满足
-            //
-            if (userId != CurrentUser.Id && !UserConst.Admin.Equals(this.CurrentUser.UserName) && CurrentUser.GetUserPermissions().Contains("bbs:discuss:add"))
+
+
+            //一个条件都不满足，即可拦截
+            if (discuss.CreatorId != CurrentUser.Id && !UserConst.Admin.Equals(this.CurrentUser.UserName) && !CurrentUser.GetPermissions().Contains("bbs:discuss:add"))
             {
-                throw new UserFriendlyException("无权限在其他用户主题中创建子文章");
+                throw new UserFriendlyException("权限不足，请联系主题作者或管理员申请开通");
             }
         }
     }

Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application/Services/DiscussService.cs

@@ -9,6 +9,7 @@ using Volo.Abp.Users;
 using Yi.Framework.Bbs.Application.Contracts.Dtos.Discuss;
 using Yi.Framework.Bbs.Application.Contracts.IServices;
 using Yi.Framework.Bbs.Domain.Entities;
+using Yi.Framework.Bbs.Domain.Extensions;
 using Yi.Framework.Bbs.Domain.Managers;
 using Yi.Framework.Bbs.Domain.Shared.Consts;
 using Yi.Framework.Bbs.Domain.Shared.Enums;
@@ -16,6 +17,7 @@ using Yi.Framework.Bbs.Domain.Shared.Etos;
 using Yi.Framework.Ddd.Application;
 using Yi.Framework.Rbac.Application.Contracts.Dtos.User;
 using Yi.Framework.Rbac.Domain.Entities;
+using Yi.Framework.Rbac.Domain.Shared.Consts;
 using Yi.Framework.SqlSugarCore.Abstractions;
 
 namespace Yi.Framework.Bbs.Application.Services
@@ -125,10 +127,24 @@ namespace Yi.Framework.Bbs.Application.Services
         /// <returns></returns>
         public override async Task<DiscussGetOutputDto> CreateAsync(DiscussCreateInputVo input)
         {
-            if (!await _plateEntityRepository.IsAnyAsync(x => x.Id == input.PlateId))
+            var plate = await _plateEntityRepository.FindAsync(x => x.Id == input.PlateId);
+            if (plate is null)
             {
                 throw new UserFriendlyException(PlateConst.No_Exist);
             }
+
+            //如果开启了禁用创建主题
+            if (plate.IsDisableCreateDiscuss == true)
+            {
+
+                if (!CurrentUser.GetPermissions().Contains("") && CurrentUser.UserName != UserConst.Admin)
+                {
+                    throw new UserFriendlyException("该板块已禁止创建主题，请在其他板块中发布");
+                }
+            }
+
+
+
             var entity = await _forumManager.CreateDiscussAsync(await MapToEntityAsync(input));
             return await MapToGetOutputDtoAsync(entity);
         }

Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Domain/Entities/PlateEntity.cs

@@ -6,7 +6,7 @@ using Volo.Abp.Auditing;
 namespace Yi.Framework.Bbs.Domain.Entities
 {
     [SugarTable("Plate")]
-    public class PlateEntity : Entity<Guid>, ISoftDelete,IAuditedObject
+    public class PlateEntity : Entity<Guid>, ISoftDelete, IAuditedObject
     {
 
         [SugarColumn(ColumnName = "Id", IsPrimaryKey = true)]
@@ -29,5 +29,10 @@ namespace Yi.Framework.Bbs.Domain.Entities
         public DateTime? LastModificationTime { get; set; }
 
         public int OrderNum { get; set; }
+
+        /// <summary>
+        /// 是否禁用创建主题，禁用后，只有管理员或者权限者能够发送
+        /// </summary>
+        public bool IsDisableCreateDiscuss { get; set; }
     }
 }

Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Domain/Extensions/CurrestUserExtensions.cs

@@ -15,7 +15,7 @@ namespace Yi.Framework.Bbs.Domain.Extensions
         /// </summary>
         /// <param name="currentUser"></param>
         /// <returns></returns>
-        public static List<string> GetUserPermissions(this ICurrentUser currentUser)
+        public static List<string> GetPermissions(this ICurrentUser currentUser)
         {
             return currentUser.FindClaims(TokenTypeConst.Permission).Select(x => x.Value).ToList();