using Chloe; using Chloe.Annotations; using System; using System.Collections.Generic; using System.Data; using System.Linq; using System.Linq.Expressions; using System.Reflection; using WaterCloud.Code; using WaterCloud.DataBase; using WaterCloud.Domain.SystemManage; using WaterCloud.Domain.SystemOrganize; namespace WaterCloud.Service { public class DataFilterService where T : class, new() { // 用户信息 public OperatorModel currentuser; // 用于当前表操作 protected IRepositoryBase repository; // 用于其他表操作 protected IRepositoryBase uniwork; public DataFilterService(IDbContext context) { currentuser = OperatorProvider.Provider.GetCurrent(); repository = new RepositoryBase(context); uniwork = new RepositoryBase(context); if (currentuser == null) { currentuser = new OperatorModel(); } } /// /// 获取当前登录用户的数据访问权限(单表) /// /// linq表达式参数的名称,如u=>u.name中的"u" /// 菜单名称 /// 查询 /// protected IQuery GetDataPrivilege(string parametername, string moduleName = "", IQuery query = null) { moduleName = string.IsNullOrEmpty(moduleName) ? ReflectionHelper.GetModuleName() : moduleName; if (query == null) { query = repository.IQueryable(); } if (!CheckDataPrivilege(moduleName)) { return GetFieldsFilterDataNew(parametername, query, moduleName); } var rule = uniwork.IQueryable(u => u.F_ModuleCode == moduleName).FirstOrDefault(); if (rule.F_PrivilegeRules.Contains(Define.DATAPRIVILEGE_LOGINUSER) || rule.F_PrivilegeRules.Contains(Define.DATAPRIVILEGE_LOGINROLE) || rule.F_PrivilegeRules.Contains(Define.DATAPRIVILEGE_LOGINORG)) { //即把{loginUser} =='xxxxxxx'换为 loginUser.User.Id =='xxxxxxx',从而把当前登录的用户名与当时设计规则时选定的用户id对比 rule.F_PrivilegeRules = rule.F_PrivilegeRules.Replace(Define.DATAPRIVILEGE_LOGINUSER, currentuser.UserId); var roles = currentuser.RoleId; //var roles = loginUser.Roles.Select(u => u.Id).ToList();//多角色 //roles.Sort(); rule.F_PrivilegeRules = rule.F_PrivilegeRules.Replace(Define.DATAPRIVILEGE_LOGINROLE, roles); var orgs = currentuser.DepartmentId; //var orgs = loginUser.Orgs.Select(u => u.Id).ToList();//多部门 //orgs.Sort(); rule.F_PrivilegeRules = rule.F_PrivilegeRules.Replace(Define.DATAPRIVILEGE_LOGINORG, orgs); } query = query.GenerateFilter(parametername, JsonHelper.ToObject>(rule.F_PrivilegeRules)); return GetFieldsFilterDataNew(parametername, query, moduleName); } /// /// 获取当前登录用户的数据访问权限(复杂查询) /// /// linq表达式参数的名称,如u=>u.name中的"u" /// 菜单名称 /// 查询 /// protected IQuery GetDataPrivilege(string parametername, string moduleName = "", IQuery query = null) { moduleName = string.IsNullOrEmpty(moduleName) ? ReflectionHelper.GetModuleName() : moduleName; if (!CheckDataPrivilege(moduleName)) { return GetFieldsFilterDataNew(parametername, query, moduleName); } var rule = uniwork.IQueryable(u => u.F_ModuleCode == moduleName).FirstOrDefault(); if (rule.F_PrivilegeRules.Contains(Define.DATAPRIVILEGE_LOGINUSER) || rule.F_PrivilegeRules.Contains(Define.DATAPRIVILEGE_LOGINROLE) || rule.F_PrivilegeRules.Contains(Define.DATAPRIVILEGE_LOGINORG)) { //即把{loginUser} =='xxxxxxx'换为 loginUser.User.Id =='xxxxxxx',从而把当前登录的用户名与当时设计规则时选定的用户id对比 rule.F_PrivilegeRules = rule.F_PrivilegeRules.Replace(Define.DATAPRIVILEGE_LOGINUSER, currentuser.UserId); var roles = currentuser.RoleId; rule.F_PrivilegeRules = rule.F_PrivilegeRules.Replace(Define.DATAPRIVILEGE_LOGINROLE, roles); var orgs = currentuser.DepartmentId; rule.F_PrivilegeRules = rule.F_PrivilegeRules.Replace(Define.DATAPRIVILEGE_LOGINORG, orgs); } query = query.GenerateFilter(parametername, JsonHelper.ToObject>(rule.F_PrivilegeRules)); return GetFieldsFilterDataNew(parametername, query, moduleName); } /// /// 获取当前登录用户是否需要数据控制 /// /// 菜单名称 /// protected bool CheckDataPrivilege(string moduleName = "") { moduleName = string.IsNullOrEmpty(moduleName) ? ReflectionHelper.GetModuleName() : moduleName; if (currentuser.UserId == GlobalContext.SystemConfig.SysemUserId) return false; //超级管理员特权 var rule = uniwork.IQueryable(u => u.F_ModuleCode == moduleName).FirstOrDefault(); ////系统菜单也不需要数据权限 跟字段重合取消这样处理 //var module = UnitWork.FindEntity(u => u.F_EnCode == moduleName).GetAwaiter().GetResult(); if (rule == null) { return false; //没有设置数据规则,那么视为该资源允许被任何主体查看 } //if (rule == null|| module.F_IsPublic==true) //{ // return false; //没有设置数据规则,那么视为该资源允许被任何主体查看 //} return true; } /// /// soul数据反向模板化 /// /// 集合 /// 分页 /// protected SoulPage ChangeSoulData(Dictionary> dic, SoulPage pagination) { List filterSos = pagination.getFilterSos(); filterSos = FormatData(dic, filterSos); pagination.filterSos = filterSos.ToJson(); return pagination; } protected List FormatData(Dictionary> dic, List filterSos) { foreach (var item in filterSos) { if (item.mode == "condition" && dic.ContainsKey(item.field) && dic[item.field].ContainsKey(item.value)) { item.value = dic[item.field][item.value]; } if (item.children != null && item.children.Count > 0) { item.children = FormatData(dic, item.children); } } return filterSos; } /// /// 字段权限处理 /// ///数据列表 /// 菜单名称 /// protected List GetFieldsFilterData(List list, string moduleName = "") { moduleName = string.IsNullOrEmpty(moduleName) ? ReflectionHelper.GetModuleName() : moduleName; //管理员跳过 if (currentuser.RoleId == "admin" || currentuser.IsSystem) { return list; } //系统菜单跳过 var module = uniwork.IQueryable(u => u.F_EnCode == moduleName).FirstOrDefault(); //判断是否需要字段权限 if (module == null || module.F_IsFields == false) { return list; } //空list直接返回 if (list.Count == 0) { return list; } var rolelist = currentuser.RoleId.Split(','); var rule = uniwork.IQueryable(u => rolelist.Contains(u.F_ObjectId) && u.F_ItemType == 3).Select(a => a.F_ItemId).Distinct().ToList(); var fieldsList = uniwork.IQueryable(u => (rule.Contains(u.F_Id) || u.F_IsPublic == true) && u.F_ModuleId == module.F_Id).Select(u => u.F_EnCode).ToList(); //反射获取主键 PropertyInfo pkProp = typeof(TEntity).GetProperties().Where(p => p.GetCustomAttributes(typeof(ColumnAttribute), false).Length > 0).FirstOrDefault(); var idName = "F_Id"; if (pkProp != null) { idName = pkProp.Name; } fieldsList.Add(idName); fieldsList = fieldsList.Distinct().ToList(); return DataTableHelper.ListFilter(list, fieldsList); } /// /// 字段权限处理 /// ///数据 /// 菜单名称 /// protected TEntity GetFieldsFilterData(TEntity entity, string moduleName = "") { moduleName = string.IsNullOrEmpty(moduleName) ? ReflectionHelper.GetModuleName() : moduleName; //管理员跳过 if (currentuser.RoleId == "admin" || currentuser.IsSystem) { return entity; } //系统菜单跳过 var module = uniwork.IQueryable(u => u.F_EnCode == moduleName).FirstOrDefault(); //判断是否需要字段权限 if (module == null || module.F_IsFields == false) { return entity; } //空对象直接返回 if (entity == null) { return entity; } var rolelist = currentuser.RoleId.Split(','); var rule = uniwork.IQueryable(u => rolelist.Contains(u.F_ObjectId) && u.F_ItemType == 3).Select(a => a.F_ItemId).Distinct().ToList(); var fieldsList = uniwork.IQueryable(u => (rule.Contains(u.F_Id) || u.F_IsPublic == true) && u.F_ModuleId == module.F_Id).Select(u => u.F_EnCode).ToList(); //反射获取主键 PropertyInfo pkProp = typeof(TEntity).GetProperties().Where(p => p.GetCustomAttributes(typeof(ColumnAttribute), false).Length > 0).FirstOrDefault(); var idName = "F_Id"; if (pkProp != null) { idName = pkProp.Name; } fieldsList.Add(idName); fieldsList = fieldsList.Distinct().ToList(); List list = new List(); list.Add(entity); return DataTableHelper.ListFilter(list, fieldsList)[0]; } /// /// 字段权限处理 /// ///数据列表 /// 菜单名称 /// protected IQuery GetFieldsFilterDataNew(string parametername, IQuery query, string moduleName = "") { moduleName = string.IsNullOrEmpty(moduleName) ? ReflectionHelper.GetModuleName() : moduleName; //管理员跳过 if (currentuser.RoleId == "admin" || currentuser.IsSystem) { return query; } //系统菜单跳过 var module = uniwork.IQueryable(u => u.F_EnCode == moduleName).FirstOrDefault(); //判断是否需要字段权限 if (module == null || module.F_IsFields == false) { return query; } var rolelist = currentuser.RoleId.Split(','); var rule = uniwork.IQueryable(u => rolelist.Contains(u.F_ObjectId) && u.F_ItemType == 3).Select(a => a.F_ItemId).Distinct().ToList(); var fieldsList = uniwork.IQueryable(u => (rule.Contains(u.F_Id) || u.F_IsPublic == true) && u.F_ModuleId == module.F_Id).Select(u => u.F_EnCode).ToList(); //反射获取主键 PropertyInfo pkProp = typeof(TEntity).GetProperties().Where(p => p.GetCustomAttributes(typeof(ColumnAttribute), false).Length > 0).FirstOrDefault(); var idName = "F_Id"; if (pkProp != null) { idName = pkProp.Name; } fieldsList.Add(idName); fieldsList = fieldsList.Distinct().ToList(); //可以构建lambda var parameter = Expression.Parameter(typeof(TEntity), parametername); var bindings = fieldsList .Select(name => name.Trim()) .Select(name => Expression.Bind( typeof(TEntity).GetProperty(name), Expression.Property(parameter, name) )); var newT = Expression.MemberInit(Expression.New(typeof(TEntity)), bindings); var lambda = Expression.Lambda>(newT, parameter); query = query.Select(lambda); //chloe扩展方法 //List ignoreList = new List(); // foreach (var item in typeof(TEntity).GetProperties()) // { // if (!fieldsList.Contains(item.Name)) // { // ignoreList.Add(item.Name); // } // } // query = query.Ignore(ignoreList.ToArray()); return query; } } }