• asp.net zero 8.2 学习-6-权限控制


    asp.net zero给服务配置权限的步骤:

    • 定义权限标识符 SIS.Core层 Authorization/AppPermissions.cs
    • 创建权限 SIS.Core层 Authorization/AppAuthorizationProvider.cs
    • 菜单权限配置 SIS.Web.Mvc层 Areas/app/Startup/appNavigationProviders.cs
    • 对应服务及方法权限配置 AbpAuthorize()
    • 权限测试及API访问 https://localhost:44302/api/TokenAuth/Authenticate

    定义权限标识符

    在SIS.Core项目的Authorization/AppPermissions.cs文件中,添加相应的权限

    // demo
    public const string Pages_Demo = "Pages.Demo";
    public const string Pages_Demo_Create = "Pages.Demo.Create";
    public const string Pages_Demo_Edit = "Pages.Demo.Edit";
    public const string Pages_Demo_Delete = "Pages.Demo.Delete";
    

    创建权限

    在SIS.Core层的Authorization/AppAuthorizationProvider.cs中创建权限:
    创建权限过程中,使用了字符串需要多语言配置,在SIS.Core项目下Localization>SIS目录下SIS-zh-Hans.xml配置对应字符串的中文

    var demo = pages.CreateChildPermission(AppPermissions.Pages_Demo, L("Demo"));
    demo.CreateChildPermission(AppPermissions.Pages_Demo_Create, L("CreatingNewDemo"));
    demo.CreateChildPermission(AppPermissions.Pages_Demo_Edit, L("EditingDemo"));
    demo.CreateChildPermission(AppPermissions.Pages_Demo_Delete, L("DeletingDemo"));
    

    多语言配置:

        <text name="Demo">测试页面</text>
        <text name="DemoHeaderInfo">测试页面副标题</text>
        <text name="CreatingNewDemo">创建测试实体</text>
        <text name="EditingDemo">编辑测试实体</text>
        <text name="DeletingDemo">删除测试实体</text>
    

    分配权限

    给菜单分配页面权限:

     .AddItem(new MenuItemDefinition(
                            appPageNames.Common.Demo,
                            L("Demo"),
                            url: "app/Demo",
                            icon: "flaticon-line-graph",
                            permissionDependency: new SimplePermissionDependency(AppPermissions.Pages_Demo)
                        )
    

    给服务类及方法配置权限

    using Abp.Application.Services.Dto;
    using Abp.Collections.Extensions;
    using Abp.Domain.Repositories;
    using EDU.SIS.Demo.Dtos;
    using System.Linq;
    using System.Threading.Tasks;
    using Microsoft.EntityFrameworkCore;
    using Abp.Linq.Extensions;
    using System.Linq.Dynamic.Core;
    using Abp.Authorization;
    using EDU.SIS.Authorization;
    
    namespace EDU.SIS.Demo
    {
        /// <summary>
        /// 测试页面服务
        /// </summary>
        [AbpAuthorize(AppPermissions.Pages_Demo)]
        public class DemoObjectAppService : SISAppServiceBase, IDemoObjectAppService
        {
            private readonly IRepository<DemoObject> _demoObjectRepository;
            public DemoObjectAppService(IRepository<DemoObject> demoObjectRepository)
            {
                _demoObjectRepository = demoObjectRepository;
            }
    
            /// <summary>
            /// 创建和修改
            /// </summary>
            /// <param name="input"></param>
            /// <returns></returns>
            [AbpAuthorize(AppPermissions.Pages_Demo)]
            public async Task CreateOrEdit(CreateOrEditDemoObjectDto input)
            {
                if (input.Id==null)
                {
                    //创建
                   await Create(input);
                }
                else
                {
                    //修改
                    await Update(input);
                }
            }
    
            /// <summary>
            /// 创建实体
            /// </summary>
            /// <param name="input"></param>
            /// <returns></returns>
            [AbpAuthorize(AppPermissions.Pages_Demo_Create)]
            private async Task Create(CreateOrEditDemoObjectDto input)
            {
                var demoObject = ObjectMapper.Map<DemoObject>(input);
                await  _demoObjectRepository.InsertAsync(demoObject);
            }
    
            /// <summary>
            /// 修改实体
            /// </summary>
            /// <param name="input"></param>
            /// <returns></returns>
            [AbpAuthorize(AppPermissions.Pages_Demo_Edit)]
            private async Task Update(CreateOrEditDemoObjectDto input)
            {
                var demoObject = await _demoObjectRepository.FirstOrDefaultAsync((int)input.Id);
                var demo = ObjectMapper.Map(input, demoObject);
    
                //await _demoObjectRepository.UpdateAsync(demo);
            }
    
            /// <summary>
            /// 数据删除
            /// </summary>
            /// <param name="input"></param>
            /// <returns></returns>
            [AbpAuthorize(AppPermissions.Pages_Demo_Delete)]
            public async Task Delete(EntityDto input)
            {
                //先查询再修改
                //var demoObject = await _demoObjectRepository.GetAsync(input.Id);
                //await _demoObjectRepository.DeleteAsync(demoObject);
    
                //直接删除实体,注意转换id,不转换则删不了
                await _demoObjectRepository.DeleteAsync((int)input.Id);
            }
    
            /// <summary>
            /// 分页查询所有实体
            /// </summary>
            /// <param name="input">分页排序筛选</param>
            /// <returns></returns>
            public async Task<PagedResultDto<GetDemoObjectForViewDto>> GetAll(GetAllDemoObjectInput input)
            {
                //注意这里要用Abp.Linq.Extensions,否则返回的是IEnumerable类型
                var filter = _demoObjectRepository.GetAll()
                    .WhereIf(!string.IsNullOrWhiteSpace(input.Filter), e => e.Name.Contains(input.Filter))
                    .WhereIf(!string.IsNullOrWhiteSpace(input.NameFilter), e => e.Name.Equals(input.NameFilter));
    
                //先排序,再映射
                filter = filter.OrderBy(input.Sorting ?? "id asc");//OrderBy来自System.Linq.Dynamic.Core
    
                var query = (from o in filter
                             orderby o.Id
                             select new GetDemoObjectForViewDto()
                             {
                                 DemoObject = ObjectMapper.Map<DemoObjectDto>(o)
                             });
    
                var totalCount = await query.CountAsync(); //CountAsync来自Abp.Linq.Extensions
    
                var demoObject = await query
                    .PageBy(input)
                    .ToListAsync();
    
    
                var result = new PagedResultDto<GetDemoObjectForViewDto>()
                {
                    TotalCount = totalCount,
                    Items = demoObject
                };
                return result;
    
            }
    
            /// <summary>
            /// 获取修改数据详情
            /// </summary>
            /// <param name="input"></param>
            /// <returns></returns>
            public async Task<GetDemoObjectForEditOutput> GetDemoObjectForEdit(EntityDto input)
            {
                var demoObject = await _demoObjectRepository.GetAsync(input.Id);
                var result = new GetDemoObjectForEditOutput()
                {
                    DemoObject = ObjectMapper.Map<DemoObjectDto>(demoObject)
                };
                return result;
            }
    
            /// <summary>
            /// 获取单条数据
            /// </summary>
            /// <param name="id"></param>
            /// <returns></returns>
            public async Task<GetDemoObjectForViewDto> GetDemoObjectForView(int id)
            {
                var demoObject = await _demoObjectRepository.GetAsync(id);
                var result = new GetDemoObjectForViewDto()
                {
                   DemoObject =  ObjectMapper.Map<DemoObjectDto>(demoObject)
                };
                return result;
            }
        }
    }
    
    

    权限测试及API访问

    ###页面权限
    运行应用程序,在管理->角色点击修改,能够看到我们定义的权限:

    API请求token

    由于我们加了权限,需要通过请求token,才能有权限访问服务,请求accesstoken地址:https://localhost:44302/api/TokenAuth/Authenticate 具体配置如下图:
    header要加上租户ID,应为系统默认开启了多租户,可以在SIS.Core项目SISCoreModule.cs中查看到Configuration.MultiTenancy.IsEnabled = SISConsts.MultiTenancyEnabled;

    body加上用户名和密码:

    带token分页查询

    查询需要复制上一步请求的accesstoken,在分页查询请求中的Header添加Authorization,具体如下图,添加accesstoken就可以请求成功:

    同样带token添加实体也是与分页查询一样:

  • 相关阅读:
    Android textAppearance的属性设置及TextView属性详解
    Eclipse Hot Keys
    面向对象(一)
    Java基础知识(下)
    code2uml使用教程
    AndroidDevTools简介
    idea2020.3 安装插件JetBrains 插件市场安装 Cloud Toolkit
    在 Mac 上撰写和格式化备忘录-添加提醒-添加日历
    macbook-键盘连击问题002
    创业团队建设与管理
  • 原文地址:https://www.cnblogs.com/AlexanderZhao/p/12878776.html
Copyright © 2020-2023  润新知