admin777/LMS.service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V 1.1.1

Browse Source 
优化公共数据获取权限控制
This commit is contained in:
lq1405 2025-05-23 21:05:17 +08:00
parent aaebbb9104
commit c07369c297
2 changed files with 39 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
LMS.service/Service/OptionsService.cs
View File

@ -207,7 +207,7 @@ namespace LMS.service.Service
#region #region
/// <summary> /// <summary>
/// 获取指定的配置项,需要判断权限 /// 获取指定的配置项,只能获取不需要权限
/// </summary> /// </summary>
/// <param name="userId"></param> /// <param name="userId"></param>
/// <param name="category"></param> /// <param name="category"></param>
@ -225,39 +225,48 @@ namespace LMS.service.Service
Options? options = await _context.Options.FirstOrDefaultAsync(x => x.Key == optionsKey && (OptionCategory)category == x.Category) ?? throw new Exception("数据不存在"); Options? options = await _context.Options.FirstOrDefaultAsync(x => x.Key == optionsKey && (OptionCategory)category == x.Category) ?? throw new Exception("数据不存在");
List<long> roleIds = []; if (options.RoleIds != null && options.RoleIds.Count != 0)
if (userId != 0)
{ {
roleIds = await _userBasicDao.GetUserRoleIds(userId); return APIResponseModel<OptionsDto>.CreateErrorResponseModel(ResponseCode.NotPermissionAction);
}
// 数据存在 对比权限
if (options.RoleIds.Count == 0)
{
// 不需要权限 直接返回
return APIResponseModel<OptionsDto>.CreateSuccessResponseModel(_mapper.Map<OptionsDto>(options));
} }
else else
{ {
// 需要判断权限 判断 roleIds 是不是有权限在 options.RoleIds 里面 return APIResponseModel<OptionsDto>.CreateSuccessResponseModel(_mapper.Map<OptionsDto>(options));
bool hasPermission = false;
foreach (var roleId in roleIds)
{
if (options.RoleIds.Contains(roleId))
{
hasPermission = true;
break;
}
}
if (!hasPermission)
{
return APIResponseModel<OptionsDto>.CreateErrorResponseModel(ResponseCode.NotPermissionAction);
}
else
{
return APIResponseModel<OptionsDto>.CreateSuccessResponseModel(_mapper.Map<OptionsDto>(options));
}
} }
//List<long> roleIds = [];
//if (userId != 0)
//{
// roleIds = await _userBasicDao.GetUserRoleIds(userId);
//}
//// 数据存在 对比权限
//if (options.RoleIds.Count == 0)
//{
// // 不需要权限 直接返回
// return APIResponseModel<OptionsDto>.CreateSuccessResponseModel(_mapper.Map<OptionsDto>(options));
//}
//else
//{
// // 需要判断权限 判断 roleIds 是不是有权限在 options.RoleIds 里面
// bool hasPermission = false;
// foreach (var roleId in roleIds)
// {
// if (options.RoleIds.Contains(roleId))
// {
// hasPermission = true;
// break;
// }
// }
// if (!hasPermission)
// {
// return APIResponseModel<OptionsDto>.CreateErrorResponseModel(ResponseCode.NotPermissionAction);
// }
// else
// {
// return APIResponseModel<OptionsDto>.CreateSuccessResponseModel(_mapper.Map<OptionsDto>(options));
// }
//}
} }
catch (Exception ex) catch (Exception ex)
{ {

2
LMS.service/appsettings.json
View File

@ -68,6 +68,6 @@
} }
] ]
}, },
"Version": "1.1.0", "Version": "1.1.1",
"AllowedHosts": "*" "AllowedHosts": "*"
} }