优化用户角色授权

2021-12-26 14:26:48 +08:00
parent 19b6239ceb
commit 4794ec410e
12 changed files with 206 additions and 105 deletions
--- a/ZR.Admin.WebApi/Controllers/System/SysRoleController.cs
+++ b/ZR.Admin.WebApi/Controllers/System/SysRoleController.cs
@@ -7,7 +7,6 @@ using ZR.Common;
 using ZR.Admin.WebApi.Filters;
 using ZR.Model;
 using ZR.Model.System;
-using ZR.Model.Vo;
 using ZR.Service.System.IService;
 using ZR.Admin.WebApi.Extensions;

@@ -129,6 +128,8 @@ namespace ZR.Admin.WebApi.Controllers.System
            if (sysRoleDto == null || sysRoleDto.RoleId <= 0) return ToResponse(ApiResult.Error(101, "请求参数错误"));

            sysRoleDto.Create_by = HttpContext.GetName();
+            sysRoleService.CheckRoleAllowed(sysRoleDto);
+            
            bool result = sysRoleService.UseTran2(() =>
            {
                //删除角色菜单
@@ -162,9 +163,10 @@ namespace ZR.Admin.WebApi.Controllers.System
        /// <returns></returns>
        [HttpPut("changeStatus")]
        [Log(Title = "修改角色状态", BusinessType = BusinessType.UPDATE)]
-        [ActionPermissionFilter(Permission = "system:role:update")]
+        [ActionPermissionFilter(Permission = "system:role:edit")]
        public IActionResult ChangeStatus([FromBody] SysRole roleDto)
        {
+            sysRoleService.CheckRoleAllowed(roleDto);
            int result = sysRoleService.UpdateRoleStatus(roleDto);

            return ToResponse(ToJson(result));
@@ -176,7 +178,7 @@ namespace ZR.Admin.WebApi.Controllers.System
        /// <returns></returns>
        [Log(BusinessType = BusinessType.EXPORT, IsSaveResponseData = false, Title = "角色导出")]
        [HttpGet("export")]
-        [ActionPermissionFilter(Permission = "system:role:export")]
+        //[ActionPermissionFilter(Permission = "system:role:export")]
        public IActionResult Export()
        {
            var list = sysRoleService.SelectRoleAll();
--- a/ZR.Admin.WebApi/Controllers/System/SysUserRoleController.cs
+++ b/ZR.Admin.WebApi/Controllers/System/SysUserRoleController.cs
@@ -1,11 +1,8 @@
 using Infrastructure;
 using Infrastructure.Attribute;
 using Microsoft.AspNetCore.Mvc;
-using System.Linq;
 using ZR.Admin.WebApi.Filters;
-using ZR.Model;
 using ZR.Model.System.Dto;
-using ZR.Model.System;
 using ZR.Service.System.IService;

 namespace ZR.Admin.WebApi.Controllers.System
@@ -31,7 +28,7 @@ namespace ZR.Admin.WebApi.Controllers.System
        /// <param name="roleUserQueryDto"></param>
        /// <returns></returns>
        [HttpGet("list")]
-        [ActionPermissionFilter(Permission = "system:roleusers:query")]
+        [ActionPermissionFilter(Permission = "system:roleusers:list")]
        public IActionResult GetList([FromQuery] RoleUserQueryDto roleUserQueryDto)
        {
            var list = SysUserRoleService.GetSysUsersByRoleId(roleUserQueryDto);
@@ -59,7 +56,7 @@ namespace ZR.Admin.WebApi.Controllers.System
        /// <param name="roleUsersCreateDto"></param>
        /// <returns></returns>
        [HttpPost("delete")]
-        [ActionPermissionFilter(Permission = "system:roleusers:del")]
+        [ActionPermissionFilter(Permission = "system:roleusers:remove")]
        [Log(Title = "删除角色用户", BusinessType = Infrastructure.Enums.BusinessType.DELETE)]
        public IActionResult Delete([FromBody] RoleUsersCreateDto roleUsersCreateDto)
        {