[MODIFY] 增加权限校验

3 months ago · 1b878776b8
3 changed files with 93 additions and 2 deletions
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@ -0,0 +1,35 @@
+{
+    "version": "0.2.0",
+    "configurations": [
+        {
+            // 使用 IntelliSense 找出 C# 调试存在哪些属性
+            // 将悬停用于现有属性的说明
+            // 有关详细信息，请访问 https://github.com/dotnet/vscode-csharp/blob/main/debugger-launchjson.md。
+            "name": ".NET Core Launch (web)",
+            "type": "coreclr",
+            "request": "launch",
+            "preLaunchTask": "build",
+            // 如果已更改目标框架，请确保更新程序路径。
+            "program": "${workspaceFolder}/src/4.apps/ATS.NonCustodial.Admin.Api/bin/Debug/net9.0/ATS.NonCustodial.Admin.Api.dll",
+            "args": [],
+            "cwd": "${workspaceFolder}/src/4.apps/ATS.NonCustodial.Admin.Api",
+            "stopAtEntry": false,
+            // 启用在启动 ASP.NET Core 时启动 Web 浏览器。有关详细信息: https://aka.ms/VSCode-CS-LaunchJson-WebBrowser
+            "serverReadyAction": {
+                "action": "openExternally",
+                "pattern": "\\bNow listening on:\\s+(https?://\\S+)"
+            },
+            "env": {
+                "ASPNETCORE_ENVIRONMENT": "Development"
+            },
+            "sourceFileMap": {
+                "/Views": "${workspaceFolder}/Views"
+            }
+        },
+        {
+            "name": ".NET Core Attach",
+            "type": "coreclr",
+            "request": "attach"
+        }
+    ]
+}
--- a/.vscode/tasks.json
+++ b/.vscode/tasks.json
@ -0,0 +1,41 @@
+{
+    "version": "2.0.0",
+    "tasks": [
+        {
+            "label": "build",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "build",
+                "${workspaceFolder}/ATS.NonCustodial.Admin.sln",
+                "/property:GenerateFullPaths=true",
+                "/consoleloggerparameters:NoSummary;ForceNoAlign"
+            ],
+            "problemMatcher": "$msCompile"
+        },
+        {
+            "label": "publish",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "publish",
+                "${workspaceFolder}/ATS.NonCustodial.Admin.sln",
+                "/property:GenerateFullPaths=true",
+                "/consoleloggerparameters:NoSummary;ForceNoAlign"
+            ],
+            "problemMatcher": "$msCompile"
+        },
+        {
+            "label": "watch",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "watch",
+                "run",
+                "--project",
+                "${workspaceFolder}/ATS.NonCustodial.Admin.sln"
+            ],
+            "problemMatcher": "$msCompile"
+        }
+    ]
+}
--- a/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppAnnouncementService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppAnnouncementService.cs
@ -40,6 +40,7 @@ namespace ATS.NonCustodial.Application.Impl.Business
        #region Identity

        private readonly IEfRepository<AppAnnouncement, long> _appAnnouncementRepository;
+        protected readonly IEfRepository<AppCaseSupervisor, long> _appCaseSupervisorRepository;
        private readonly IEfRepository<AppAnnouncementViewStatistics, long> _appAnnouncementViewStatisticsRepository;
        private readonly IHubContext<NonCustodialHub> _hubContext;
        protected readonly IEfRepository<AppCaseManagement, long> _appCaseManagementRepository;
@ -56,6 +57,7 @@ namespace ATS.NonCustodial.Application.Impl.Business
        public AppAnnouncementService(IEfRepository<AppAnnouncement, long> appAnnouncementRepository,
            IEfRepository<AppAnnouncementViewStatistics, long> appAnnouncementViewStatisticsRepository,
            IHubContext<NonCustodialHub> hubContext,
+            IEfRepository<AppCaseSupervisor, long> appCaseSupervisorRepository,
            IEfRepository<AppCaseManagement, long> appCaseManagementRepository,
            IEfRepository<AppCaseSupervisedPerson, long> appSupervisedPersonRepository)
        {
@ -64,6 +66,7 @@ namespace ATS.NonCustodial.Application.Impl.Business
            _hubContext = hubContext;
            _appCaseManagementRepository = appCaseManagementRepository;
            _appSupervisedPersonRepository = appSupervisedPersonRepository;
+            _appCaseSupervisorRepository = appCaseSupervisorRepository;
        }

        #endregion Identity
@ -103,8 +106,20 @@ namespace ATS.NonCustodial.Application.Impl.Business
        [HttpPost]
        public async Task<IResultOutput> GetPageAsync(AppAnnouncementPageInput input)
        {
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIdList = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
+
+            var appAnnouncementViewStatistics = await _appAnnouncementViewStatisticsRepository.AsQueryable(false, true).Where(w => caseIdList.Contains(w.CaseId ?? -1)).Select(s => s.AnnouncementId).ToListAsync();
+
            var express = GetExpression(input, _appAnnouncementRepository.AsQueryable(false, true));
-            var rtn = await base.GetPageAsync<AppAnnouncement, AppAnnouncementPageInput, AppAnnouncementListDto>(input, express);
+
+            var rtn = (await base.GetPageAsync<AppAnnouncement, AppAnnouncementPageInput, AppAnnouncementListDto>(input, express));
+           // rtn.Data = rtn.Data.Where(w => appAnnouncementViewStatistics.Contains(w.Id));
            return ResultOutput.Ok(rtn);       
        }