V 1.1.1

优化公共数据获取权限控制
2025-05-23 21:05:17 +08:00 · 2025-05-23 21:05:17 +08:00 · c07369c297
commit c07369c297
parent aaebbb9104
2 changed files with 39 additions and 30 deletions
--- a/LMS.service/Service/OptionsService.cs
+++ b/LMS.service/Service/OptionsService.cs
@ -207,7 +207,7 @@ namespace LMS.service.Service

        #region 获取指定的配置项
        /// <summary>
-        /// 获取指定的配置项，需要判断权限
+        /// 获取指定的配置项，只能获取不需要权限的
        /// </summary>
        /// <param name="userId"></param>
        /// <param name="category"></param>
@ -225,39 +225,48 @@ namespace LMS.service.Service

                Options? options = await _context.Options.FirstOrDefaultAsync(x => x.Key == optionsKey && (OptionCategory)category == x.Category) ?? throw new Exception("数据不存在");

-                List<long> roleIds = [];
-                if (userId != 0)
+                if (options.RoleIds != null && options.RoleIds.Count != 0)
                {
-                    roleIds = await _userBasicDao.GetUserRoleIds(userId);
-                }
-
-                // 数据存在 对比权限 
-                if (options.RoleIds.Count == 0)
-                {
-                    // 不需要权限 直接返回
-                    return APIResponseModel<OptionsDto>.CreateSuccessResponseModel(_mapper.Map<OptionsDto>(options));
+                    return APIResponseModel<OptionsDto>.CreateErrorResponseModel(ResponseCode.NotPermissionAction);
                }
                else
                {
-                    // 需要判断权限 判断 roleIds 是不是有权限在 options.RoleIds 里面
-                    bool hasPermission = false;
-                    foreach (var roleId in roleIds)
-                    {
-                        if (options.RoleIds.Contains(roleId))
-                        {
-                            hasPermission = true;
-                            break;
-                        }
-                    }
-                    if (!hasPermission)
-                    {
-                        return APIResponseModel<OptionsDto>.CreateErrorResponseModel(ResponseCode.NotPermissionAction);
-                    }
-                    else
-                    {
-                        return APIResponseModel<OptionsDto>.CreateSuccessResponseModel(_mapper.Map<OptionsDto>(options));
-                    }
+                    return APIResponseModel<OptionsDto>.CreateSuccessResponseModel(_mapper.Map<OptionsDto>(options));
                }
+
+                //List<long> roleIds = [];
+                //if (userId != 0)
+                //{
+                //    roleIds = await _userBasicDao.GetUserRoleIds(userId);
+                //}
+
+                //// 数据存在 对比权限 
+                //if (options.RoleIds.Count == 0)
+                //{
+                //    // 不需要权限 直接返回
+                //    return APIResponseModel<OptionsDto>.CreateSuccessResponseModel(_mapper.Map<OptionsDto>(options));
+                //}
+                //else
+                //{
+                //    // 需要判断权限 判断 roleIds 是不是有权限在 options.RoleIds 里面
+                //    bool hasPermission = false;
+                //    foreach (var roleId in roleIds)
+                //    {
+                //        if (options.RoleIds.Contains(roleId))
+                //        {
+                //            hasPermission = true;
+                //            break;
+                //        }
+                //    }
+                //    if (!hasPermission)
+                //    {
+                //        return APIResponseModel<OptionsDto>.CreateErrorResponseModel(ResponseCode.NotPermissionAction);
+                //    }
+                //    else
+                //    {
+                //        return APIResponseModel<OptionsDto>.CreateSuccessResponseModel(_mapper.Map<OptionsDto>(options));
+                //    }
+                //}
            }
            catch (Exception ex)
            {
--- a/LMS.service/appsettings.json
+++ b/LMS.service/appsettings.json
@ -68,6 +68,6 @@
      }
    ]
  },
-  "Version": "1.1.0",
+  "Version": "1.1.1",
  "AllowedHosts": "*"
 }