guotianliang
/
Sanhe.Abp.Framework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Abp模块
abp
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
29 Commits
1 Branch
0 Tags
3.6 MiB
 
 
 
 
 
Tree: 8d44141a20
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8d44141a20'
${ noResults }
Sanhe.Abp.Framework/modules/identity/Sanhe.Abp.Identity.Application/Sanhe/Abp/Identity/IdentityRoleAppService.cs

124 lines
4.8 KiB
Raw Blame History

using Microsoft.AspNetCore.Authorization;
using Sanhe.Abp.Identity.Dto;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using Volo.Abp;
using Volo.Abp.Application.Dtos;
using Volo.Abp.Identity;
namespace Sanhe.Abp.Identity
{
[Authorize(Volo.Abp.Identity.IdentityPermissions.Roles.Default)]
public class IdentityRoleAppService : IdentityAppServiceBase, IIdentityRoleAppService
{
protected IIdentityRoleRepository IdentityRoleRepository { get; }
protected OrganizationUnitManager OrganizationUnitManager { get; }
protected IOrganizationUnitRepository OrganizationUnitRepository { get; }
public IdentityRoleAppService(
IIdentityRoleRepository roleRepository,
OrganizationUnitManager organizationUnitManager)
{
OrganizationUnitManager = organizationUnitManager;
IdentityRoleRepository = roleRepository;
}
#region OrganizationUnit
[Authorize(IdentityPermissions.Roles.ManageOrganizationUnits)]
public virtual async Task<ListResultDto<OrganizationUnitDto>> GetOrganizationUnitsAsync(Guid id)
{
var organizationUnits = await IdentityRoleRepository.GetOrganizationUnitsAsync(id);
return new ListResultDto<OrganizationUnitDto>(
ObjectMapper.Map<List<OrganizationUnit>, List<OrganizationUnitDto>>(organizationUnits));
}
[Authorize(IdentityPermissions.Roles.ManageOrganizationUnits)]
public virtual async Task SetOrganizationUnitsAsync(Guid id, IdentityRoleAddOrRemoveOrganizationUnitDto input)
{
var organizationUnits = await IdentityRoleRepository.GetOrganizationUnitsAsync(id, true);
var notInRoleOuIds = input.OrganizationUnitIds.Where(ouid => !organizationUnits.Any(ou => ou.Id.Equals(ouid)));
foreach (var ouId in notInRoleOuIds)
{
await OrganizationUnitManager.AddRoleToOrganizationUnitAsync(id, ouId);
}
var removeRoleOriganzationUnits = organizationUnits.Where(ou => !input.OrganizationUnitIds.Contains(ou.Id));
foreach (var origanzationUnit in removeRoleOriganzationUnits)
{
origanzationUnit.RemoveRole(id);
}
await CurrentUnitOfWork.SaveChangesAsync();
}
[Authorize(IdentityPermissions.Roles.ManageOrganizationUnits)]
public virtual async Task RemoveOrganizationUnitsAsync(Guid id, Guid ouId)
{
await OrganizationUnitManager.RemoveRoleFromOrganizationUnitAsync(id, ouId);
await CurrentUnitOfWork.SaveChangesAsync();
}
#endregion
#region ClaimType
public virtual async Task<ListResultDto<IdentityClaimDto>> GetClaimsAsync(Guid id)
{
var role = await IdentityRoleRepository.GetAsync(id);
return new ListResultDto<IdentityClaimDto>(ObjectMapper.Map<ICollection<IdentityRoleClaim>, List<IdentityClaimDto>>(role.Claims));
}
[Authorize(IdentityPermissions.Roles.ManageClaims)]
public virtual async Task AddClaimAsync(Guid id, IdentityRoleClaimCreateDto input)
{
var role = await IdentityRoleRepository.GetAsync(id);
var claim = new Claim(input.ClaimType, input.ClaimValue);
if (role.FindClaim(claim) != null)
{
throw new UserFriendlyException(L["RoleClaimAlreadyExists"]);
}
role.AddClaim(GuidGenerator, claim);
await IdentityRoleRepository.UpdateAsync(role);
await CurrentUnitOfWork.SaveChangesAsync();
}
[Authorize(IdentityPermissions.Roles.ManageClaims)]
public virtual async Task UpdateClaimAsync(Guid id, IdentityRoleClaimUpdateDto input)
{
var role = await IdentityRoleRepository.GetAsync(id);
var oldClaim = role.FindClaim(new Claim(input.ClaimType, input.ClaimValue));
if (oldClaim != null)
{
role.RemoveClaim(oldClaim.ToClaim());
role.AddClaim(GuidGenerator, new Claim(input.ClaimType, input.NewClaimValue));
await IdentityRoleRepository.UpdateAsync(role);
await CurrentUnitOfWork.SaveChangesAsync();
}
}
[Authorize(IdentityPermissions.Roles.ManageClaims)]
public virtual async Task DeleteClaimAsync(Guid id, IdentityRoleClaimDeleteDto input)
{
var role = await IdentityRoleRepository.GetAsync(id);
role.RemoveClaim(new Claim(input.ClaimType, input.ClaimValue));
await IdentityRoleRepository.UpdateAsync(role);
await CurrentUnitOfWork.SaveChangesAsync();
}
#endregion
}
}