wip: 将角色数据权限的保存过滤条件操作从更新操作中剥离为单独操作

dotnetcore · Feb 27, 2024 · 703892a · 703892a
1 parent 58cd226
commit 703892a
Show file tree

Hide file tree

Showing 6 changed files with 97 additions and 35 deletions.
diff --git a/src/OSharp.Authorization.Datas/DataAuthorizationManagerBase.cs b/src/OSharp.Authorization.Datas/DataAuthorizationManagerBase.cs
@@ -7,6 +7,8 @@
 //  <last-date>2020-02-26 23:15</last-date>
 // -----------------------------------------------------------------------
 
+using OSharp.Json;
+
 
 namespace OSharp.Authorization.DataAuthorization;
 
@@ -141,22 +143,23 @@ public virtual async Task<OperationResult> CreateEntityRoles(params TEntityRoleI
                     throw new OsharpException($"角色“{role.Name}”和实体“{entityInfo.Name}”和操作“{dto.Operation}”的数据权限规则已存在，不能重复添加");
                 }
 
-                OperationResult checkResult = CheckFilterGroup(dto.FilterGroup, entityInfo);
-                if (!checkResult.Succeeded)
-                {
-                    throw new OsharpException($"数据规则验证失败：{checkResult.Message}");
-                }
-
+            },
+            async (dto, entity) =>
+            {
                 if (!dto.IsLocked)
                 {
+                    TRole role = await RoleRepository.GetAsync(dto.RoleId);
+                    TEntityInfo entityInfo = await EntityInfoRepository.GetAsync(dto.EntityId);
                     eventData.SetItems.Add(new DataAuthCacheItem()
                     {
                         RoleName = role.Name,
                         EntityTypeFullName = entityInfo.TypeName,
-                        Operation = dto.Operation,
-                        FilterGroup = dto.FilterGroup
+                        Operation = entity.Operation,
+                        FilterGroup = entity.FilterGroup
                     });
                 }
+
+                return entity;
             });
         if (result.Succeeded && eventData.HasData())
         {
@@ -197,18 +200,12 @@ public virtual async Task<OperationResult> UpdateEntityRoles(params TEntityRoleI
                     throw new OsharpException($"角色“{role.Name}”和实体“{entityInfo.Name}”和操作“{dto.Operation}”的数据权限规则已存在，不能重复添加");
                 }
 
-                OperationResult checkResult = CheckFilterGroup(dto.FilterGroup, entityInfo);
-                if (!checkResult.Succeeded)
-                {
-                    throw new OsharpException($"数据规则验证失败：{checkResult.Message}");
-                }
-
                 DataAuthCacheItem cacheItem = new DataAuthCacheItem()
                 {
                     RoleName = role.Name,
                     EntityTypeFullName = entityInfo.TypeName,
                     Operation = dto.Operation,
-                    FilterGroup = dto.FilterGroup
+                    FilterGroup = entity.FilterGroup
                 };
                 if (dto.IsLocked)
                 {
@@ -228,6 +225,63 @@ public virtual async Task<OperationResult> UpdateEntityRoles(params TEntityRoleI
         return result;
     }
 
+    /// <summary>
+    /// 设置角色数据权限的过滤条件组
+    /// </summary>
+    /// <param name="id">权限记录identity.api</param>
+    /// <param name="group">过滤条件组</param>
+    /// <returns>业务操作结果</returns>
+    public async Task<OperationResult> SetFilterGroup(Guid id, FilterGroup group)
+    {
+        TEntityRole entityRole = await EntityRoleRepository.GetAsync(id);
+        if (entityRole == null)
+        {
+            return new OperationResult(OperationResultType.QueryNull, $"编号为“{id}”的数据权限信息不存在");
+        }
+
+        TRole role = await RoleRepository.GetAsync(entityRole.RoleId);
+        if (role == null)
+        {
+            return new OperationResult(OperationResultType.QueryNull, $"编号为“{entityRole.RoleId}”的角色信息不存在");
+        }
+
+        TEntityInfo entityInfo = await EntityInfoRepository.GetAsync(entityRole.EntityId);
+        if (entityInfo == null)
+        {
+            return new OperationResult(OperationResultType.QueryNull, $"编号为“{entityRole.EntityId}”的数据实体信息不存在");
+        }
+
+        OperationResult checkResult = CheckFilterGroup(group, entityInfo);
+        if (!checkResult.Succeeded)
+        {
+            return new OperationResult(OperationResultType.Error, $"数据规则验证失败：{checkResult.Message}");
+        }
+
+        IUnitOfWork unitOfWork = _provider.GetUnitOfWork(true);
+        entityRole.FilterGroupJson = group.ToJsonString();
+        int count = await EntityRoleRepository.UpdateAsync(entityRole);
+        await unitOfWork.CommitAsync();
+        if (count > 0)
+        {
+            DataAuthCacheRefreshEventData eventData = new DataAuthCacheRefreshEventData();
+            eventData.SetItems.Add(new DataAuthCacheItem()
+            {
+                RoleName = role.Name,
+                EntityTypeFullName = entityInfo.TypeName,
+                Operation = entityRole.Operation,
+                FilterGroup = entityRole.FilterGroup
+            });
+            if (eventData.HasData())
+            {
+                await EventBus.PublishAsync(eventData);
+            }
+
+            return new OperationResult(OperationResultType.Success, $"{role.Name} - {entityInfo.Name} - {entityRole.Operation} 的过滤条件设置成功");
+        }
+
+        return OperationResult.NoChanged;
+    }
+
     /// <summary>
     /// 删除实体角色信息
     /// </summary>
@@ -244,7 +298,7 @@ public virtual async Task<OperationResult> DeleteEntityRoles(params Guid[] ids)
                 if (role != null && entityInfo != null)
                 {
                     eventData.RemoveItems.Add(new DataAuthCacheItem()
-                        { RoleName = role.Name, EntityTypeFullName = entityInfo.TypeName, Operation = entity.Operation });
+                    { RoleName = role.Name, EntityTypeFullName = entityInfo.TypeName, Operation = entity.Operation });
                 }
             });
         if (result.Succeeded && eventData.HasData())

diff --git a/src/OSharp.Authorization.Datas/Dtos/EntityRoleInputDtoBase.cs b/src/OSharp.Authorization.Datas/Dtos/EntityRoleInputDtoBase.cs
@@ -16,14 +16,6 @@ namespace OSharp.Authorization.Dtos;
 /// <typeparam name="TRoleKey">角色编号类型</typeparam>
 public abstract class EntityRoleInputDtoBase<TRoleKey> : IInputDto<Guid>
 {
-    /// <summary>
-    /// 初始化一个<see cref="EntityRoleInputDtoBase{TRoleKey}"/>类型的新实例
-    /// </summary>
-    protected EntityRoleInputDtoBase()
-    {
-        FilterGroup = new FilterGroup();
-    }
-
     /// <summary>
     /// 获取或设置 主键，唯一标识
     /// </summary>
@@ -48,12 +40,6 @@ protected EntityRoleInputDtoBase()
     [DisplayName("数据权限操作")]
     public DataAuthOperation Operation { get; set; }
 
-    /// <summary>
-    /// 获取或设置 过滤条件组
-    /// </summary>
-    [DisplayName("数据筛选条件组")]
-    public FilterGroup FilterGroup { get; set; }
-
     /// <summary>
     /// 获取或设置 是否锁定
     /// </summary>

diff --git a/src/OSharp.Authorization.Datas/IEntityRoleStore.cs b/src/OSharp.Authorization.Datas/IEntityRoleStore.cs
@@ -53,6 +53,14 @@ public interface IEntityRoleStore<TEntityRole, in TEntityRoleInputDto, in TRoleK
     /// <returns>业务操作结果</returns>
     Task<OperationResult> UpdateEntityRoles(params TEntityRoleInputDto[] dtos);
 
+    /// <summary>
+    /// 设置角色数据权限的过滤条件组
+    /// </summary>
+    /// <param name="id">权限记录identity.api</param>
+    /// <param name="group">过滤条件组</param>
+    /// <returns>业务操作结果</returns>
+    Task<OperationResult> SetFilterGroup(Guid id, FilterGroup group);
+
     /// <summary>
     /// 删除实体角色信息
     /// </summary>

diff --git a/src/OSharp.EntityFrameworkCore/Repository.cs b/src/OSharp.EntityFrameworkCore/Repository.cs
@@ -942,7 +942,7 @@ private void CheckDataAuth(DataAuthOperation operation, params TEntity[] entitie
         bool flag = _dataAuthService.CheckDataAuth<TEntity>(operation, entities);
         if (!flag)
         {
-            throw new OsharpException($"实体 {typeof(TEntity)} 的数据 {entities.ExpandAndToString(m => m.Id.ToString())} 进行 {operation.ToDescription()} 操作时权限不足");
+            throw new OsharpException($"实体 {typeof(TEntity).Name} 的数据 {entities.ExpandAndToString(m => m.Id.ToString())} 进行 {operation.ToDescription()} 操作时权限不足");
         }
     }
 
@@ -1026,4 +1026,4 @@ private void DeleteInternal(params TEntity[] entities)
     }
 
     #endregion
-}
+}
diff --git a/src/OSharp.Hosting.Apis/Areas/Admin/Controllers/Auth/RoleEntityController.cs b/src/OSharp.Hosting.Apis/Areas/Admin/Controllers/Auth/RoleEntityController.cs
@@ -105,6 +105,23 @@ public async Task<AjaxResult> Update(params EntityRoleInputDto[] dtos)
         return result.ToAjaxResult();
     }
 
+    /// <summary>
+    /// 设置角色数据权限的过滤条件组
+    /// </summary>
+    /// <param name="id">权限记录identity.api</param>
+    /// <param name="group">过滤条件组</param>
+    /// <returns>JSON操作结果</returns>
+    [HttpPost]
+    [ModuleInfo]
+    [DependOnFunction(nameof(Read))]
+    [UnitOfWork]
+    [Description("设置过滤条件")]
+    public async Task<AjaxResult> SetFilterGroup(Guid id, [FromBody]FilterGroup group)
+    {
+        OperationResult result = await _dataAuthManager.SetFilterGroup(id, group);
+        return result.ToAjaxResult();
+    }
+
     /// <summary>
     /// 删除角色数据权限信息
     /// </summary>

diff --git a/src/OSharp.Hosting.Core/Authorization/Dtos/AutoMapperConfiguration.cs b/src/OSharp.Hosting.Core/Authorization/Dtos/AutoMapperConfiguration.cs
@@ -22,9 +22,6 @@ public class AutoMapperConfiguration : AutoMapperTupleBase
     /// </summary>
     public override void CreateMap()
     {
-        CreateMap<EntityRoleInputDto, EntityRole>()
-            .ForMember(mr => mr.FilterGroupJson, opt => opt.MapFrom(dto => dto.FilterGroup.ToJsonString(false, false)));
-
         //mapper.CreateMap<EntityRole, EntityRoleOutputDto>()
         //    .ForMember(dto => dto.FilterGroup, opt => opt.ResolveUsing(mr => mr.FilterGroupJson?.FromJsonString<FilterGroup>()));
     }