zhaozhenj
/
ATSNonCustodial
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

[MODIFY] 越界预警增加权限校验

dev_wp
zhaozhenjing 3 months ago
parent
639a6fb3a4
commit
a86a5aa087
2 changed files with 12 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      src/2.services/ATS.NonCustodial.Application/Impl/Business/AppAnnouncementService.cs
  2. 11
      src/2.services/ATS.NonCustodial.Application/Impl/Business/AppEarlyWarningService.cs

3
src/2.services/ATS.NonCustodial.Application/Impl/Business/AppAnnouncementService.cs
Unescape View File

@ -117,9 +117,8 @@ namespace ATS.NonCustodial.Application.Impl.Business
var appAnnouncementViewStatistics = await _appAnnouncementViewStatisticsRepository.AsQueryable(false, true).Where(w => caseIdList.Contains(w.CaseId ?? -1)).Select(s => s.AnnouncementId).ToListAsync(); var appAnnouncementViewStatistics = await _appAnnouncementViewStatisticsRepository.AsQueryable(false, true).Where(w => caseIdList.Contains(w.CaseId ?? -1)).Select(s => s.AnnouncementId).ToListAsync();
var express = GetExpression(input, _appAnnouncementRepository.AsQueryable(false, true)); var express = GetExpression(input, _appAnnouncementRepository.AsQueryable(false, true));
express = express.Where(w => appAnnouncementViewStatistics.Contains(w.Id));
var rtn = (await base.GetPageAsync<AppAnnouncement, AppAnnouncementPageInput, AppAnnouncementListDto>(input, express)); var rtn = (await base.GetPageAsync<AppAnnouncement, AppAnnouncementPageInput, AppAnnouncementListDto>(input, express));
rtn.Data = rtn.Data.Where(w => appAnnouncementViewStatistics.Contains(w.Id)).ToList();
return ResultOutput.Ok(rtn); return ResultOutput.Ok(rtn);
} }

11
src/2.services/ATS.NonCustodial.Application/Impl/Business/AppEarlyWarningService.cs
Unescape View File

@ -265,7 +265,18 @@ namespace ATS.NonCustodial.Application.Impl.Business
[AllowAnonymous] [AllowAnonymous]
public async Task<IResultOutput> GetPageAsync(AppEarlyWarningGetPageInput input) public async Task<IResultOutput> GetPageAsync(AppEarlyWarningGetPageInput input)
{ {
//获取当前用户权限下的案件ids
var limits = User.limits;
var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
.Where(w => limits.Contains(w.UnitId.ToString()))
.ToListAsync();
var caseIdList = selectLimits.Select(w => w.CaseId).Distinct().ToList();
var express = await GetExpression(input, _appEarlyWarningRepository.AsQueryable(false, true)); var express = await GetExpression(input, _appEarlyWarningRepository.AsQueryable(false, true));
// 先应用案件ID过滤条件
express = express.Where(w => caseIdList.Contains(w.CaseId));
// 然后再获取分页数据
return await base.GetEntityAddPageAsync<AppEarlyWarning, AppEarlyWarningGetPageInput, AppEarlyWarningListDto>(input, express); return await base.GetEntityAddPageAsync<AppEarlyWarning, AppEarlyWarningGetPageInput, AppEarlyWarningListDto>(input, express);
} }

Write Preview
Loading…
Cancel
Save