BoXu.Zheng
/
BeiJinSettleAccount
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
132 Commits
1 Branch
0 Tags
200 MiB
 
 
 
 
 
 
Tree: a6fbfc0e3f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a6fbfc0e3f'
${ noResults }
BeiJinSettleAccount/code/src/Modules/BaseService/BaseService.Application/UserManagement/UserAppService.cs

412 lines
16 KiB
Raw Blame History

using BaseService.BaseData;
using BaseService.BaseData.Permissions.Dto;
using BaseService.RelationBaseData;
using BaseService.RelationData.Dto;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Omu.ValueInjecter;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Volo.Abp;
using Volo.Abp.Application.Dtos;
using Volo.Abp.Application.Services;
using Volo.Abp.Authorization;
using Volo.Abp.Authorization.Permissions;
using Volo.Abp.Domain.Repositories;
using Volo.Abp.Identity;
using Volo.Abp.ObjectExtending;
using Volo.Abp.PermissionManagement;
using Volo.Abp.Users;
using IdentityUser = Volo.Abp.Identity.IdentityUser;
namespace BaseService.Systems.UserManagement
{
[Route("api/base/user")]
[Authorize(IdentityPermissions.Users.Default)]
public class UserAppService : ApplicationService, IUserAppService
{
protected IdentityUserManager UserManager { get; }
protected IIdentityUserRepository UserRepository { get; }
public IIdentityRoleRepository RoleRepository { get; }
private readonly IRepository<Branch, Guid> _branchRepository;
private readonly IRepository<BranchRole> _branchRoleRepository;
//权限提供者类
private readonly IAbpAuthorizationPolicyProvider _abpAuthorizationPolicyProvider;
private readonly IAuthorizationService _authorizationService;
protected ICurrentUser CurrentUsers { get; }
/// <summary>
/// 权限列表
/// </summary>
protected IPermissionGrantRepository PermissionGrantRepository { get; }
public UserAppService(
IdentityUserManager userManager,
IIdentityUserRepository userRepository,
IIdentityRoleRepository roleRepository,
IRepository<Branch, Guid> branchRepository,
IRepository<BranchRole> branchRoleRepository,
IAbpAuthorizationPolicyProvider abpAuthorizationPolicyProvider,
IAuthorizationService authorizationService,
ICurrentUser currentUser,
IPermissionGrantRepository permissionGrantRepository)
{
UserManager = userManager;
UserRepository = userRepository;
RoleRepository = roleRepository;
_branchRepository = branchRepository;
_abpAuthorizationPolicyProvider = abpAuthorizationPolicyProvider;
_authorizationService = authorizationService;
CurrentUsers = currentUser;
PermissionGrantRepository = permissionGrantRepository;
_branchRoleRepository = branchRoleRepository;
}
[HttpGet]
[Route("{id}")]
public async Task<IdentityUserUpdateDto> GetAsync(Guid id)
{
var user = await UserManager.GetByIdAsync(id);
var dto = Mapper.Map<IdentityUserUpdateDto>(user);
dto.RoleNames = (await UserRepository.GetRoleNamesAsync(id)).ToArray();
return dto;
}
/// <summary>
/// 获取当前登录用户信息
/// </summary>
/// <returns></returns>
[HttpGet]
[Route("current")]
[AllowAnonymous]
public async Task<IdentityUserDto> GetCurrentUserAsync()
{
var id = CurrentUser.GetId();
var currentUser = await UserManager.GetByIdAsync(id);
var dto = ObjectMapper.Map<IdentityUser, IdentityUserDto>(currentUser);
return dto;
}
[HttpPost]
[Authorize(IdentityPermissions.Users.Create)]
public async Task<IdentityUserDto> CreateAsync(IdentityUserCreateDto input)
{
var user = new IdentityUser(
GuidGenerator.Create(),
input.UserName,
input.Email,
CurrentTenant.Id
);
input.MapExtraPropertiesTo(user);
(await UserManager.CreateAsync(user, input.Password)).CheckErrors();
await UpdateAsync(user, input);
var dto = ObjectMapper.Map<IdentityUser, IdentityUserDto>(user);
await CurrentUnitOfWork.SaveChangesAsync();
return dto;
}
[HttpPut]
[Route("{id}")]
[Authorize(IdentityPermissions.Users.Update)]
public async Task<IdentityUserDto> UpdateAsync(Guid id, IdentityUserUpdateDto input)
{
var user = await UserManager.GetByIdAsync(id);
user.ConcurrencyStamp = input.ConcurrencyStamp;
(await UserManager.SetUserNameAsync(user, input.UserName)).CheckErrors();
await UpdateAsync(user, input);
input.MapExtraPropertiesTo(user);
(await UserManager.UpdateAsync(user)).CheckErrors();
if (!input.Password.IsNullOrEmpty())
{
(await UserManager.RemovePasswordAsync(user)).CheckErrors();
(await UserManager.AddPasswordAsync(user, input.Password)).CheckErrors();
}
var dto = ObjectMapper.Map<IdentityUser, IdentityUserDto>(user);
await CurrentUnitOfWork.SaveChangesAsync();
return dto;
}
[HttpGet]
public async Task<PagedResultDto<IdentityUserDto>> GetAll(GetIdentityUsersInput input)
{
var totalCount = await UserRepository.GetCountAsync(input.Filter);
var items = await UserRepository.GetListAsync(input.Sorting, input.MaxResultCount, input.SkipCount,
input.Filter);
var dtos = ObjectMapper.Map<List<IdentityUser>, List<IdentityUserDto>>(items);
return new PagedResultDto<IdentityUserDto>(totalCount, dtos);
}
[HttpGet]
[Route("update")]
protected virtual async Task UpdateAsync(IdentityUser user, IdentityUserCreateOrUpdateDtoBase input)
{
if (!string.Equals(user.Email, input.Email, StringComparison.InvariantCultureIgnoreCase))
{
(await UserManager.SetEmailAsync(user, input.Email)).CheckErrors();
}
if (!string.Equals(user.PhoneNumber, input.PhoneNumber, StringComparison.InvariantCultureIgnoreCase))
{
(await UserManager.SetPhoneNumberAsync(user, input.PhoneNumber)).CheckErrors();
}
//说明:从3.1升级到3.3后,去掉了TwoFactorEnabled属性
//(await UserManager.SetTwoFactorEnabledAsync(user, input.TwoFactorEnabled)).CheckErrors();
(await UserManager.SetLockoutEnabledAsync(user, input.LockoutEnabled)).CheckErrors();
user.Name = input.Name;
user.Surname = input.Surname;
if (input.RoleNames != null)
{
(await UserManager.SetRolesAsync(user, input.RoleNames)).CheckErrors();
}
}
/// <summary>
/// 获取当前登录用户的分支信息,绑定分支下拉列表项
/// </summary>
/// <returns></returns>
[HttpGet]
[Route("current/branches")]
[AllowAnonymous]
public async Task<List<BranchRoleDto>> GetCurrentUserBranchesAsync()
{
var branchList = new List<BranchRoleDto>();
//获取用户的所有分支
var branchRoles = await GetUserBranchRolesAsync(CurrentUsers.GetId());
var groupBranchRoles = branchRoles.GroupBy(x => x.BranchId)
.Select(y => new { xx = new { BranchId = y.Key }, items = y });
foreach (var group in groupBranchRoles
)
{
var mybranchrole = new BranchRoleDto
{
BranchId = @group.xx.BranchId,
BranchName = (await _branchRepository.GetListAsync())
.FirstOrDefault(_ => _.Id == @group.xx.BranchId)?.Name
};
branchList.Add(mybranchrole);
}
return branchList;
}
/// <summary>
/// 根据用户ID,查所有该用户的分支(供用户管理用)
/// </summary>
/// <param name="userId"></param>
/// <returns></returns>
[HttpGet]
[Route("{userId}/branches")]
public async Task<ListResultDto<BranchRoleDto>> GetUserBranchesAsync(Guid userId)
{
var branchList = new List<BranchRoleDto>();
//获取用户的所有分支
var branchRoles = await GetUserBranchRolesAsync(userId);
var groupBranchRoles = branchRoles.GroupBy(x => x.BranchId)
.Select(y => new { xx = new { BranchId = y.Key }, items = y });
foreach (var group in groupBranchRoles)
{
var mybranchrole = new BranchRoleDto
{
BranchId = @group.xx.BranchId,
BranchName = (await _branchRepository.GetListAsync())
.FirstOrDefault(_ => _.Id == @group.xx.BranchId)
.Name
};
branchList.Add(mybranchrole);
}
return new ListResultDto<BranchRoleDto>(branchList);
}
/// <summary>
/// 根据用户ID,获取当前登录用户的所有权限信息,带角色名称
/// </summary>
/// <returns></returns>
[HttpGet]
[Route("{userId}/granted-permissions")]
protected virtual async Task<List<PermissionGrant>> GetUserGrantedPermissionsAsync(Guid userId)
{
// var userRoleNames = (await AppService.GetRolesAsync(id)).Items.Select(r => r.Name).ToList();
var listPermiss = new List<PermissionGrant>();
var listRolesName = await UserRepository.GetRoleNamesAsync(userId);
if (listRolesName != null)
{
foreach (var rolename in listRolesName)
{
var permissionGrantsInRole = await PermissionGrantRepository.GetListAsync(RolePermissionValueProvider.ProviderName, rolename);
if (permissionGrantsInRole != null)
{
foreach (var permiss in permissionGrantsInRole)
{
listPermiss.Add(permiss);
}
}
}
}
return listPermiss;
}
/// <summary>
/// 获取当前用户的组织信息
/// </summary>
/// <param name="uid"></param>
/// <returns></returns>
protected virtual async Task<List<BranchRoleDto>> GetUserBranchRolesAsync(Guid userId)
{
var branchList = new List<BranchRole>();
//获取当前用户的所有角色
var userRoles = await UserRepository.GetRolesAsync(userId);
if (userRoles == null)
{
throw new BusinessException("当前登录用户没有任何角色信息,请找管理员进行维护!");
}
else
{
//获取所有分支-角色的信息
var allBranchRoles = await _branchRoleRepository.GetListAsync();
if (allBranchRoles != null)
{
foreach (var role in userRoles)
{
var branchRoles = allBranchRoles.Where(_ => _.RoleId == role.Id).ToList();
foreach (var branch in branchRoles)
{
if (branch == null)
continue; //该用户没有角色-分支信息
var branchRole = new BranchRole(branch.BranchId, role.Id);
branchList.Add(branchRole);
}
}
}
else
{
// Logger.LogDebug("未找到分支和角色的关联信息!");
throw new BusinessException("未找到分支和角色的关联信息!");
}
}
var dtos = ObjectMapper.Map<List<BranchRole>, List<BranchRoleDto>>(branchList);
return new List<BranchRoleDto>(dtos);
}
/// <summary>
/// 重要:根据分支ID,过滤当前登录用户的权限信息
/// </summary>
/// <param name="branchId"></param>
/// <returns></returns>
[HttpGet]
[Route("{branchId}/auth-config")]
public async Task<ApplicationAuthes> GetAuthConfigAsync(Guid branchId)
{
var authConfig = new ApplicationAuthes();
var policyNames = await _abpAuthorizationPolicyProvider.GetPoliciesNamesAsync();
foreach (var policyName in policyNames)
{
authConfig.Policies[policyName] = true;
//if (await _authorizationService.IsGrantedAsync(policyName))
//{
// authConfig.GrantedPolicies[policyName] = true;
//}
}
var userPermissList = new List<BranchPermissionDto>();
var userId = CurrentUsers.GetId();
//获取当前用户的所有权限信息
var getUserPermissions = await GetUserGrantedPermissionsAsync(userId);
//获取当前用户的所有分支
var gerUserBranches = await GetUserBranchRolesAsync(userId);
if (gerUserBranches == null)
{
throw new BusinessException("当前登录用户没有任何分支信息,请找管理员进行维护!");
}
else
{
//根据分支ID过滤
var branchRoles = gerUserBranches.Where(_ => _.BranchId == branchId).ToList();
if (!branchRoles.Any())
{
throw new BusinessException("当前登录用户在分支【" + branchRoles.FirstOrDefault()?.BranchName + "】中不存在!");
}
else
{
if (getUserPermissions == null)
{
throw new BusinessException("当前登录用户没有任何权限信息,请找管理员进行维护!");
}
else
{
foreach (var role in branchRoles)
{
var userPermission = getUserPermissions.Where(_ => _.ProviderKey == role.RoleName);
foreach (var permission in userPermission)
{
authConfig.GrantedPolicies.Add(permission.Name, true);
}
}
}
}
}
return authConfig;
}
/// <summary>
/// 重置密码功能
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
//[HttpPut]
//[Route("{userId}/reset-password")]
//public async Task<IdentityUserDto> ResetPasswordAsync(Guid userId)
//{
// var user = await UserManager.FindByIdAsync(userId.ToString());
// string token = await UserManager.GeneratePasswordResetTokenAsync(user);
// await UserManager.ResetPasswordAsync(user, token, "1q2w3E*");
// //await UserManager.ResetPasswordAsync(user, token, "123456");
// var dto = ObjectMapper.Map<IdentityUser, IdentityUserDto>(user);
// return dto;
//}
[HttpPut]
[Route("{userId}/reset-password")]
[Authorize(IdentityPermissions.Users.Update)]
public async Task<IdentityUserDto> ResetPasswordAsync(Guid userId)
{
var user = await UserManager.FindByIdAsync(userId.ToString());
//string token = await UserManager.GeneratePasswordResetTokenAsync(user);//err:No IUserTwoFactorTokenProvider<TUser> named 'Default' is registered.
//await UserManager.ResetPasswordAsync(user, token, "1q2w3E*");
await UserManager.RemovePasswordAsync(user);
if (user.PasswordHash == null)
{
(await UserManager.AddPasswordAsync(user, "123456")).CheckErrors();
}
var dto = ObjectMapper.Map<IdentityUser, IdentityUserDto>(user);
return dto;
}
}
}