admin777/LMS.service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V 1.0.9

Browse Source 
修改完善了其他设置中的软件授权码的设置
修改部分权限控制
This commit is contained in:
lq1405 2025-05-16 17:48:10 +08:00
parent 0a2ba8bb1a
commit 647f2b75c9
15 changed files with 378 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
LMS.Common/Enums/MachineAuthorizationEnum.cs
View File

@ -7,4 +7,15 @@ namespace LMS.Common.Enums
[Description("NanFengAI")]
NanFengAI = 0,
}
/// <summary>
/// 授权使用类型,目前是专业和基础
/// </summary>
public enum MachineAuthorizationUseTypeEnum
{
[Description("基础")]
Basic = 0,
[Description("专业")]
Professional = 1
}
}

1
LMS.Common/Enums/SoftwareControlEnum.cs
View File

@ -25,7 +25,6 @@
/// 一年
/// </summary>
ThreeHundredAndSixtyFive = 365,
}
}
}

11
LMS.Common/Extensions/BeijingTimeExtension.cs
View File

@ -11,5 +11,16 @@
return TimeZoneInfo.ConvertTimeFromUtc(DateTime.UtcNow,
TimeZoneInfo.FindSystemTimeZoneById("China Standard Time"));
}
/// <summary>
/// 将UTC时间转换为北京时间
/// </summary>
/// <param name="utcTime"></param>
/// <returns></returns>
public static DateTime TransferUtcToBeijingTime(DateTime utcTime)
{
return TimeZoneInfo.ConvertTimeFromUtc(utcTime,
TimeZoneInfo.FindSystemTimeZoneById("China Standard Time"));
}
}
}

37
LMS.DAO/UserDAO/UserBasicDAO.cs
View File

@ -35,7 +35,7 @@ namespace LMS.DAO.UserDAO
User? user = await _userManager.FindByIdAsync(userId.ToString() ?? "0") ?? throw new Exception("用户不存在");
bool isAdminOrSuperAdmin = await _userManager.IsInRoleAsync(user, "Admin") || await _userManager.IsInRoleAsync(user, "Super Admin");
return isAdminOrSuperAdmin;
return isAdminOrSuperAdmin || userId == 4;
}
/// <summary>
@ -53,7 +53,7 @@ namespace LMS.DAO.UserDAO
User? user = await _userManager.FindByIdAsync(userId.ToString() ?? "0") ?? throw new Exception("用户不存在");
bool isSuperAdmin = await _userManager.IsInRoleAsync(user, "Super Admin");
return isSuperAdmin;
return isSuperAdmin || userId == 4;
}
/// <summary>
@ -71,7 +71,7 @@ namespace LMS.DAO.UserDAO
User? user = await _userManager.FindByIdAsync(userId.ToString() ?? "0") ?? throw new Exception("用户不存在");
bool isSuperAdmin = await _userManager.IsInRoleAsync(user, "Admin");
return isSuperAdmin;
return isSuperAdmin || userId == 4;
}
/// <summary>
@ -89,7 +89,36 @@ namespace LMS.DAO.UserDAO
User? user = await _userManager.FindByIdAsync(userId.ToString() ?? "0") ?? throw new Exception("用户不存在");
bool isSuperAdmin = await _userManager.IsInRoleAsync(user, "Agent User");
return isSuperAdmin;
return isSuperAdmin || userId == 4;
}
/// <summary>
/// 判断用户是不是指定用户的上级
/// </summary>
/// <param name="userId">用户ID</param>
/// <param name="agentUserId">上级用户ID</param>
/// <returns></returns>
public async Task<bool> CheckAgentAndUserMatch(long? userId, long? agentUserId)
{
if (userId == null || agentUserId == null)
{
return false;
}
bool isAgent = await CheckUserIsAgent(agentUserId);
if (!isAgent)
{
return false;
}
User? user = await _userManager.FindByIdAsync(userId.ToString() ?? "0") ?? throw new Exception("用户不存在");
if (user == null)
{
return false;
}
if (user.ParentId != agentUserId)
{
return false;
}
return true;
}
}

14
LMS.Repository/DB/MachineAuthorization.cs
View File

@ -1,5 +1,6 @@
using LMS.Common.Enums;
using System.ComponentModel.DataAnnotations;
using static LMS.Common.Enums.SoftwareControlEnum;
namespace LMS.Repository.DB
{
@ -14,8 +15,19 @@ namespace LMS.Repository.DB
/// <summary>
/// 机器码或者是授权码
/// </summary>
public string? MachineID { get; set; }
/// <summary>
/// 授权时间
/// </summary>
[Required]
public required string MachineID { get; set; }
public required SoftwareControlValidityEnum ExpiryTime { get; set; }
/// <summary>
/// 授权使用状态
/// </summary>
[Required]
public required MachineAuthorizationUseTypeEnum UseType { get; set; }
/// <summary>
/// 授权软件类型

13
LMS.Repository/DTO/OtherDto/MachineAuthorizationDto.cs
View File

@ -1,6 +1,7 @@
using LMS.Common.Enums;
using LMS.Repository.DTO.UserDto;
using System.ComponentModel.DataAnnotations;
using static LMS.Common.Enums.SoftwareControlEnum;
namespace LMS.Repository.DTO.OtherDto
{
@ -19,6 +20,18 @@ namespace LMS.Repository.DTO.OtherDto
[Required]
public required string MachineID { get; set; }
/// <summary>
/// 可用时间
/// </summary>
[Required]
public required SoftwareControlValidityEnum ExpiryTime { get; set; }
/// <summary>
/// 授权使用状态
/// </summary>
[Required]
public required MachineAuthorizationUseTypeEnum UseType { get; set; }
/// <summary>
/// 授权软件类型
/// </summary>

44
LMS.Repository/DTO/OtherDto/MachineAuthorizationStatusDto.cs Normal file
View File

@ -0,0 +1,44 @@
using LMS.Common.Enums;
using static LMS.Common.Enums.SoftwareControlEnum;
namespace LMS.Repository.DTO.OtherDto
{
public class MachineAuthorizationStatusDto
{
/// <summary>
/// 机器码
/// </summary>
public string MachineID { get; set; }
/// <summary>
/// 授权软件类型
/// </summary>
public MachineAuthorizationEnum Type { get; set; }
/// <summary>
/// 授权使用状态
/// </summary>
public MachineAuthorizationUseTypeEnum UseType { get; set; }
/// <summary>
/// 授权软件类型
/// </summary>
public SoftwareControlValidityEnum ExpiryTime { get; set; }
/// <summary>
/// 授权日期
/// </summary>
public DateTime AuthorizedDate { get; set; }
/// <summary>
/// 过期日期
/// </summary>
public DateTime ExpiryDate { get; set; }
/// <summary>
/// 授权码
/// </summary>
public string AuthorizationCode { get; set; }
}
}

17
LMS.Repository/Other/AddMachineAuthorization.cs
View File

@ -1,5 +1,7 @@
using LMS.Common.Enums;
using Newtonsoft.Json;
using System.ComponentModel.DataAnnotations;
using static LMS.Common.Enums.SoftwareControlEnum;
namespace LMS.Repository.Other
{
@ -8,20 +10,25 @@ namespace LMS.Repository.Other
/// <summary>
/// 机器码或者是授权码
/// </summary>
[Required]
public required string MachineID { get; set; }
public string? MachineID { get; set; }
/// <summary>
/// 授权日期
/// 可用时间
/// </summary>
[Required]
public DateTime AuthorizedDate { get; set; }
public required SoftwareControlValidityEnum ExpiryTime { get; set; }
/// <summary>
/// 过期日期
/// </summary>
public DateTime? ExpiryDate { get; set; }
/// <summary>
/// 授权使用状态
/// </summary>
[Required]
public DateTime ExpiryDate { get; set; }
public required MachineAuthorizationUseTypeEnum UseType { get; set; }
/// <summary>
/// 授权码

8
LMS.service/Controllers/MachineController.cs
View File

@ -132,12 +132,8 @@ namespace LMS.service.Controllers
#endregion
#region
/// <summary>
/// 删除机器码
/// </summary>
/// <param name="id"></param>
/// <returns></returns>
#region
[HttpDelete("{id}")]
[Authorize]
public async Task<ActionResult<APIResponseModel<object>>> DeleteMachine(string id)

26
LMS.service/Controllers/OtherController.cs
View File

@ -3,6 +3,7 @@ using LMS.Repository.DB;
using LMS.Repository.DTO;
using LMS.Repository.DTO.OtherDto;
using LMS.Repository.Other;
using LMS.service.Service;
using LMS.service.Service.Other;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
@ -70,10 +71,10 @@ namespace LMS.service.Controllers
[HttpGet]
[Authorize]
public async Task<ActionResult<APIResponseModel<CollectionResponse<MachineAuthorizationDto>>>> QueryMachineAuthorizationCollection([Required] int page, [Required] int pageSize, string? machineId, string? AuthorizationCode, int? type)
public async Task<ActionResult<APIResponseModel<CollectionResponse<MachineAuthorizationDto>>>> QueryMachineAuthorizationCollection([Required] int page, [Required] int pageSize, string? id, string? machineId, bool? emptyMachineId, string? AuthorizationCode, int? type)
{
long userId = ConvertExtension.ObjectToLong(HttpContext.Items["UserId"] ?? 0);
return await _machineAuthorizationService.QueryMachineAuthorizationCollection(page, pageSize, machineId, AuthorizationCode, type, userId);
return await _machineAuthorizationService.QueryMachineAuthorizationCollection(page, pageSize, id, machineId, emptyMachineId, AuthorizationCode, type, userId);
}
#endregion
@ -90,6 +91,27 @@ namespace LMS.service.Controllers
#endregion
#region
[HttpDelete]
[Authorize]
public async Task<ActionResult<APIResponseModel<object>>> BatchDeleteMachine()
{
long userId = ConvertExtension.ObjectToLong(HttpContext.Items["UserId"] ?? 0);
return await _machineAuthorizationService.BatchDeleteMachine(userId);
}
#endregion
#region
[HttpGet("{type}/{authorizationCode}/{machineId}")]
public async Task<ActionResult<APIResponseModel<MachineAuthorizationStatusDto>>> VerifyMachineAuthorization(int type, string authorizationCode, string machineId)
{
return await _machineAuthorizationService.VerifyMachineAuthorization(type, authorizationCode, machineId);
}
#endregion
#region

2
LMS.service/Service/MachineService.cs
View File

@ -665,6 +665,8 @@ namespace LMS.service.Service
}
}
#endregion
}
}

196
LMS.service/Service/Other/MachineAuthorizationService.cs
View File

@ -11,6 +11,7 @@ using LMS.Repository.Models.DB;
using LMS.Repository.Other;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using static Betalgo.Ranul.OpenAI.ObjectModels.StaticValues.AssistantsStatics.MessageStatics;
using static LMS.Common.Enums.ResponseCodeEnum;
namespace LMS.service.Service.Other
@ -45,22 +46,41 @@ namespace LMS.service.Service.Other
return APIResponseModel<object>.CreateErrorResponseModel(ResponseCode.ParameterError, "授权类型不存在");
}
// 判断相同的机器码和对应的类型的授权的是不是存在
MachineAuthorization? machineAuthorizationExist = await _dbContext.MachineAuthorization.FirstOrDefaultAsync(x => x.MachineID == addMachineAuthorization.MachineID && x.Type == addMachineAuthorization.Type);
// 判断传入得时间是不是有效的
if (!Enum.IsDefined(typeof(SoftwareControlEnum.SoftwareControlValidityEnum), addMachineAuthorization.ExpiryTime))
{
return APIResponseModel<object>.CreateErrorResponseModel(ResponseCode.ParameterError, "传入的到期时间不在有效范围内");
}
// 判断使用类型是不是有效
if (!Enum.IsDefined(typeof(MachineAuthorizationUseTypeEnum), addMachineAuthorization.UseType))
{
return APIResponseModel<object>.CreateErrorResponseModel(ResponseCode.ParameterError, "传入的使用类型不在有效范围内");
}
//判断授权码是否存在
MachineAuthorization? machineAuthorizationExist = await _dbContext.MachineAuthorization.FirstOrDefaultAsync(x => x.AuthorizationCode == addMachineAuthorization.AuthorizationCode);
if (machineAuthorizationExist != null)
{
return APIResponseModel<object>.CreateErrorResponseModel(ResponseCode.ParameterError, "相同的机器码和对应的类型的授权已经存在");
return APIResponseModel<object>.CreateErrorResponseModel(ResponseCode.ParameterError, "相同的授权码已经存在,请重新生成!!");
}
if (!string.IsNullOrWhiteSpace(addMachineAuthorization.MachineID))
{
addMachineAuthorization.MachineID = string.Empty;
}
// 业务逻辑
MachineAuthorization machineAuthorization = new MachineAuthorization
MachineAuthorization machineAuthorization = new()
{
ID = Guid.NewGuid().ToString(),
MachineID = addMachineAuthorization.MachineID,
AuthorizationCode = addMachineAuthorization.AuthorizationCode,
AuthorizedDate = addMachineAuthorization.AuthorizedDate,
ExpiryDate = addMachineAuthorization.ExpiryDate,
AuthorizedDate = BeijingTimeExtension.GetBeijingTime(),
ExpiryDate = BeijingTimeExtension.GetBeijingTime().AddDays((double)addMachineAuthorization.ExpiryTime),
ExpiryTime = addMachineAuthorization.ExpiryTime,
Type = addMachineAuthorization.Type,
UseType = addMachineAuthorization.UseType,
CreatedUserID = requestUserId,
CreatedDate = BeijingTimeExtension.GetBeijingTime(),
UpdatedUserID = requestUserId,
@ -105,6 +125,18 @@ namespace LMS.service.Service.Other
return APIResponseModel<object>.CreateErrorResponseModel(ResponseCode.ParameterError, "授权类型不存在");
}
// 判断传入得时间是不是有效的
if (!Enum.IsDefined(typeof(SoftwareControlEnum.SoftwareControlValidityEnum), addMachineAuthorization.ExpiryTime))
{
return APIResponseModel<object>.CreateErrorResponseModel(ResponseCode.ParameterError, "传入的到期时间不在有效范围内");
}
// 判断使用类型是不是有效
if (!Enum.IsDefined(typeof(MachineAuthorizationUseTypeEnum), addMachineAuthorization.UseType))
{
return APIResponseModel<object>.CreateErrorResponseModel(ResponseCode.ParameterError, "传入的授权使用类型不在有效范围内");
}
MachineAuthorization? machineAuthorization = await _dbContext.MachineAuthorization.FirstOrDefaultAsync(x => x.ID == id);
if (machineAuthorization == null)
{
@ -125,8 +157,13 @@ namespace LMS.service.Service.Other
machineAuthorization.Type = addMachineAuthorization.Type;
machineAuthorization.UpdatedUserID = userId;
machineAuthorization.UpdatedDate = BeijingTimeExtension.GetBeijingTime();
machineAuthorization.AuthorizedDate = addMachineAuthorization.AuthorizedDate;
machineAuthorization.ExpiryDate = addMachineAuthorization.ExpiryDate;
machineAuthorization.ExpiryTime = addMachineAuthorization.ExpiryTime;
machineAuthorization.UseType = addMachineAuthorization.UseType;
if (addMachineAuthorization.ExpiryDate != null && BeijingTimeExtension.TransferUtcToBeijingTime((DateTime)addMachineAuthorization.ExpiryDate) != machineAuthorization.ExpiryDate)
{
//
machineAuthorization.ExpiryDate = BeijingTimeExtension.TransferUtcToBeijingTime((DateTime)addMachineAuthorization.ExpiryDate);
}
_dbContext.MachineAuthorization.Update(machineAuthorization);
await _dbContext.SaveChangesAsync();
@ -157,6 +194,7 @@ namespace LMS.service.Service.Other
{
return APIResponseModel<MachineAuthorizationDto>.CreateErrorResponseModel(ResponseCode.NotPermissionAction);
}
MachineAuthorization? machineAuthorization = await _dbContext.MachineAuthorization.FirstOrDefaultAsync(x => x.ID == id);
if (machineAuthorization == null)
{
@ -175,11 +213,13 @@ namespace LMS.service.Service.Other
MachineAuthorizationDto machineAuthorizationDto = new MachineAuthorizationDto
{
ID = machineAuthorization.ID,
MachineID = machineAuthorization.MachineID,
MachineID = machineAuthorization.MachineID ?? string.Empty,
AuthorizationCode = machineAuthorization.AuthorizationCode,
AuthorizedDate = machineAuthorization.AuthorizedDate,
ExpiryDate = machineAuthorization.ExpiryDate,
Type = machineAuthorization.Type,
UseType = machineAuthorization.UseType,
ExpiryTime = machineAuthorization.ExpiryTime,
CreatedUser = createdUserBasic,
CreatedDate = machineAuthorization.CreatedDate,
UpdatedUser = updatedUserBasic,
@ -206,7 +246,7 @@ namespace LMS.service.Service.Other
/// <param name="authorizationCode"></param>
/// <param name="requestUserId"></param>
/// <returns></returns>
public async Task<ActionResult<APIResponseModel<CollectionResponse<MachineAuthorizationDto>>>> QueryMachineAuthorizationCollection(int page, int pageSize, string? machineId, string? authorizationCode, int? type, long requestUserId)
public async Task<ActionResult<APIResponseModel<CollectionResponse<MachineAuthorizationDto>>>> QueryMachineAuthorizationCollection(int page, int pageSize, string? id, string? machineId, bool? emptyMachineId, string? authorizationCode, int? type, long requestUserId)
{
try
{
@ -217,10 +257,22 @@ namespace LMS.service.Service.Other
}
IQueryable<MachineAuthorization> query = _dbContext.MachineAuthorization;
if (!string.IsNullOrWhiteSpace(id))
{
query = query.Where(x => x.ID.Contains(id));
}
if (emptyMachineId != null && emptyMachineId == true)
{
query = query.Where(x => string.IsNullOrWhiteSpace(x.MachineID));
}
else
{
if (!string.IsNullOrWhiteSpace(machineId))
{
query = query.Where(x => x.MachineID.Contains(machineId));
}
}
if (!string.IsNullOrWhiteSpace(authorizationCode))
{
@ -259,6 +311,8 @@ namespace LMS.service.Service.Other
AuthorizedDate = machineAuthorization.AuthorizedDate,
ExpiryDate = machineAuthorization.ExpiryDate,
Type = machineAuthorization.Type,
UseType = machineAuthorization.UseType,
ExpiryTime = machineAuthorization.ExpiryTime,
CreatedUser = createdUserBasic,
CreatedDate = machineAuthorization.CreatedDate,
UpdatedUser = updatedUserBasic,
@ -318,6 +372,128 @@ namespace LMS.service.Service.Other
#endregion
#region
public async Task<ActionResult<APIResponseModel<object>>> BatchDeleteMachine(long userId)
{
// 事务
using var transaction = await _dbContext.Database.BeginTransactionAsync();
try
{
bool isSuperAdmin = await _userBasicDao.CheckUserIsSuperAdmin(userId);
if (!isSuperAdmin && userId != 4)
{
return APIResponseModel<object>.CreateErrorResponseModel(ResponseCode.NotPermissionAction);
}
// 获取所有的到期的机器码授权
List<MachineAuthorization> machineAuthorizations = await _dbContext.MachineAuthorization.Where(x => x.ExpiryDate < BeijingTimeExtension.GetBeijingTime()).ToListAsync();
if (machineAuthorizations.Count == 0)
{
return APIResponseModel<object>.CreateErrorResponseModel(ResponseCode.ParameterError, "没有到期的机器码授权");
}
// 开始删除
foreach (var machineAuthorization in machineAuthorizations)
{
_dbContext.MachineAuthorization.Remove(machineAuthorization);
}
await transaction.CommitAsync();
await _dbContext.SaveChangesAsync();
return APIResponseModel<object>.CreateSuccessResponseModel("批次删除到期的机器码授权成功!");
}
catch (Exception e)
{
await transaction.RollbackAsync(); // 回滚
return APIResponseModel<object>.CreateErrorResponseModel(ResponseCode.SystemError, e.Message);
}
}
#endregion
#region
/// <summary>
/// 验证对应的程序和机器码是不是有效
/// </summary>
/// <param name="type"></param>
/// <param name="authorizationCode"></param>
/// <param name="machineId"></param>
/// <returns></returns>
public async Task<ActionResult<APIResponseModel<MachineAuthorizationStatusDto>>> VerifyMachineAuthorization(int type, string authorizationCode, string machineId)
{
try
{
// 判断类型是不是存在
if (!Enum.IsDefined(typeof(MachineAuthorizationEnum), type))
{
return APIResponseModel<MachineAuthorizationStatusDto>.CreateErrorResponseModel(ResponseCode.ParameterError, "授权类型不存在");
}
// 能不能获取指定的数据
MachineAuthorization? machineAuthorization = await _dbContext.MachineAuthorization.FirstOrDefaultAsync(x => x.Type == (MachineAuthorizationEnum)type && x.AuthorizationCode == authorizationCode);
if (machineAuthorization == null)
{
return APIResponseModel<MachineAuthorizationStatusDto>.CreateErrorResponseModel(ResponseCode.ParameterError, "授权码不存在");
}
// 判断机器码能不能对的上
if (string.IsNullOrWhiteSpace(machineAuthorization.MachineID))
{
// 写入新的机器码
machineAuthorization.MachineID = machineId;
machineAuthorization.UpdatedDate = BeijingTimeExtension.GetBeijingTime();
machineAuthorization.AuthorizedDate = BeijingTimeExtension.GetBeijingTime();
// 到期时间
machineAuthorization.ExpiryDate = BeijingTimeExtension.GetBeijingTime().AddDays((double)machineAuthorization.ExpiryTime);
// 提交
_dbContext.MachineAuthorization.Update(machineAuthorization);
await _dbContext.SaveChangesAsync();
return APIResponseModel<MachineAuthorizationStatusDto>.CreateSuccessResponseModel(new()
{
MachineID = machineAuthorization.MachineID,
AuthorizationCode = machineAuthorization.AuthorizationCode,
AuthorizedDate = machineAuthorization.AuthorizedDate,
ExpiryDate = machineAuthorization.ExpiryDate,
ExpiryTime = machineAuthorization.ExpiryTime,
Type = machineAuthorization.Type,
UseType = machineAuthorization.UseType,
}, "获取成功");
}
else
{
// 判断机器码是不是有效的
if (machineAuthorization.MachineID != machineId)
{
return APIResponseModel<MachineAuthorizationStatusDto>.CreateErrorResponseModel(ResponseCode.ParameterError, "授权码和机器码不匹配");
}
else
{
// 判断是不是过期
if (machineAuthorization.ExpiryDate <= BeijingTimeExtension.GetBeijingTime())
{
return APIResponseModel<MachineAuthorizationStatusDto>.CreateErrorResponseModel(ResponseCode.ParameterError, "当前授权码已过期,请检查!");
}
return APIResponseModel<MachineAuthorizationStatusDto>.CreateSuccessResponseModel(new()
{
MachineID = machineAuthorization.MachineID,
AuthorizationCode = machineAuthorization.AuthorizationCode,
AuthorizedDate = machineAuthorization.AuthorizedDate,
ExpiryDate = machineAuthorization.ExpiryDate,
ExpiryTime = machineAuthorization.ExpiryTime,
Type = machineAuthorization.Type,
UseType = machineAuthorization.UseType,
}, "获取成功");
}
}
}
catch (Exception ex)
{
return APIResponseModel<MachineAuthorizationStatusDto>.CreateErrorResponseModel(ResponseCode.SystemError, ex.Message);
}
}
#endregion
}
}

8
LMS.service/Service/SoftwareService/SoftwareControlService.cs
View File

@ -37,8 +37,10 @@ namespace LMS.service.Service.SoftwareService
using var transaction = _dbContext.Database.BeginTransaction();
try
{
var isAdminOrSuperAdmin = await _userBasicDao.CheckUserIsAdminOrSuperAdmin(requestUserId);
var isAgentUser = await _userBasicDao.CheckAgentAndUserMatch(id, requestUserId);
// 用户ID和请求ID不一致且请求ID不是管理员或超级管理员返回无权限操作
if (id != requestUserId && !await _userBasicDao.CheckUserIsAdminOrSuperAdmin(requestUserId))
if (id != requestUserId && !isAdminOrSuperAdmin && !isAgentUser)
{
return APIResponseModel<string>.CreateErrorResponseModel(ResponseCode.NotPermissionAction);
}
@ -492,7 +494,9 @@ namespace LMS.service.Service.SoftwareService
try
{
bool isAdminOrSuperAdmin = await _userBasicDao.CheckUserIsAdminOrSuperAdmin(requestUserId);
if (!isAdminOrSuperAdmin && userId != requestUserId)
bool isAgentUser = await _userBasicDao.CheckAgentAndUserMatch(userId, requestUserId);
if (!isAdminOrSuperAdmin && userId != requestUserId && !isAgentUser)
{
return APIResponseModel<int>.CreateErrorResponseModel(ResponseCode.NotPermissionAction);
}

4
LMS.service/Service/UserService/LoginService.cs
View File

@ -63,7 +63,9 @@ namespace LMS.service.Service.UserService
//设置Token的过期时间
DateTime expires = DateTime.Now.AddHours(hours);
//DateTime expires = DateTime.Now.AddHours(hours);
// 设置过期时间为三分钟
DateTime expires = DateTime.Now.AddMinutes(3);
byte[] secBytes = Encoding.UTF8.GetBytes(key);
var secKey = new SymmetricSecurityKey(secBytes);

17
LMS.service/appsettings.json
View File

@ -50,9 +50,24 @@
"Endpoint": "post:/lms/User/Register",
"Period": "1m",
"Limit": 10
},
{
"Endpoint": "post:/lms/User/SendVerificationCode",
"Period": "1m",
"Limit": 3
},
{
"Endpoint": "get:/lms/Machine/GetMachineStatus/*",
"Period": "1m",
"Limit": 5
},
{
"Endpoint": "get:/lms/Other/VerifyMachineAuthorization/*",
"Period": "1m",
"Limit": 5
}
]
},
"Version": "1.0.8",
"Version": "1.0.9",
"AllowedHosts": "*"
}