MES / IOT · Files

AuthContextFactory.cs 3.07 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 
// ***********************************************************************
// <summary>
// 用户权限策略工厂
//</summary>
// ***********************************************************************


using Hh.Mes.POJO.Entity;
using Hh.Mes.Service.Repository;
using Microsoft.Extensions.Caching.Distributed;
using System;
using System.Text.Json;


namespace Hh.Mes.Service.SystemAuth
{
    /// <summary>
    ///  加载用户所有可访问的资源/机构/模块
    /// </summary>
    public class AuthContextFactory : RepositorySqlSugar<SysUser>
    {
        private SystemAuthStrategy _systemAuth;
        private NormalAuthStrategy _normalAuthStrategy;
        private readonly IDistributedCache _cache;

        public AuthContextFactory(SystemAuthStrategy sysStrategy, NormalAuthStrategy normalAuthStrategy, IDistributedCache cache)
        {
            _systemAuth = sysStrategy;
            _normalAuthStrategy = normalAuthStrategy;
            _cache = cache;
        }

        /// <summary>
        /// 生成授权信息
        /// System给开发者用的,普通管理员只能看到System授权过的模块,普通管理员即使能新增模块,保存后也看不到。
        /// 想了很久才明白,普通管理员是用于授权给其他用户,模块的增加、修改、删除只能由System来进行。
        /// 组织管理,这个确实架构有天生的bug,组织本来就该由管理员设置,居然设置后不能看到。
        /// </summary>
        /// <param name="username"></param>
        /// <returns></returns>
        public AuthStrategyContext GetAuthStrategyContext(string username)
        {
            //var cl = new RedisBase();


            var authStrategyBytes = _cache.Get(username);
            if (authStrategyBytes != null)
            {
                return JsonSerializer.Deserialize<AuthStrategyContext>(authStrategyBytes);
            }

            var authStrategy = new AuthStrategyContext();
            var user = Context.Queryable<SysUser>().First(t => t.Account == username);
            if (user != null)
            {
                if (username == "System")
                {
                    _systemAuth.User = user;
                    authStrategy.Modules = _systemAuth.Modules;
                    authStrategy.Roles = _systemAuth.Roles;
                    authStrategy.Orgs = _systemAuth.Orgs;
                    authStrategy.User = _systemAuth.User;
                }
                else
                {
                    _normalAuthStrategy.User = user;
                    authStrategy.Modules = _normalAuthStrategy.Modules;
                    authStrategy.Roles = _normalAuthStrategy.Roles;
                    authStrategy.Orgs = _normalAuthStrategy.Orgs;
                    authStrategy.User = _normalAuthStrategy.User;
                }
                var cacheOption = new DistributedCacheEntryOptions().SetSlidingExpiration(TimeSpan.FromDays(1));
                _cache.Set(username, JsonSerializer.SerializeToUtf8Bytes(authStrategy), cacheOption);
            }
            return authStrategy;
        }
    }
}