diff --git a/projects/Application/Domain/Entities/Admin/DepartmentUser.cs b/projects/Application/Domain/Entities/Admin/DepartmentUser.cs index 86803e1d..d25a4632 100644 --- a/projects/Application/Domain/Entities/Admin/DepartmentUser.cs +++ b/projects/Application/Domain/Entities/Admin/DepartmentUser.cs @@ -7,7 +7,6 @@ namespace Application.Domain.Entities [Display(Name = "部门用户", Order = 93)] [Scope(ScopeAttribute.PlatformAll | ScopeAttribute.OrganAll | ScopeType.UserRead | ScopeType.UserEdit)] [AdminModule] - [ManyToMany] public class DepartmentUser : BaseEntity { public string Position { get; set; } diff --git a/projects/Application/Domain/Entities/Admin/OrganUser.cs b/projects/Application/Domain/Entities/Admin/OrganUser.cs index 6325ddaa..1f5512f5 100644 --- a/projects/Application/Domain/Entities/Admin/OrganUser.cs +++ b/projects/Application/Domain/Entities/Admin/OrganUser.cs @@ -7,7 +7,6 @@ namespace Application.Domain.Entities { [Display(Name = "机构用户", Order = 80)] [Scope(ScopeAttribute.PlatformAll | ScopeAttribute.OrganAll | ScopeType.UserRead | ScopeType.UserDelete)] - [ManyToMany] [AdminModule] public class OrganUser : BaseEntity { diff --git a/projects/Application/Domain/Entities/Admin/OrganUserRole.cs b/projects/Application/Domain/Entities/Admin/OrganUserRole.cs index f2ef8185..df888c2e 100644 --- a/projects/Application/Domain/Entities/Admin/OrganUserRole.cs +++ b/projects/Application/Domain/Entities/Admin/OrganUserRole.cs @@ -7,7 +7,6 @@ namespace Application.Domain.Entities [Display(Name = "用户角色", Order = 81)] [Scope(ScopeAttribute.PlatformAll | ScopeAttribute.OrganAll)] [AdminModule] - [ManyToMany] public class OrganUserRole : BaseEntity { public bool IsReadOnly { get; set; } diff --git a/projects/Application/Domain/Entities/Admin/RolePermission.cs b/projects/Application/Domain/Entities/Admin/RolePermission.cs index 936183a2..c4279263 100644 --- a/projects/Application/Domain/Entities/Admin/RolePermission.cs +++ b/projects/Application/Domain/Entities/Admin/RolePermission.cs @@ -7,7 +7,6 @@ namespace Application.Domain.Entities [Display(Name = "角色权限", Order = 81)] [Scope(ScopeAttribute.PlatformAll | ScopeAttribute.OrganAll )] [AdminModule] - [ManyToMany] public class RolePermission : BaseEntity { public Guid RoleId { get; set; } diff --git a/projects/Platform/Api/Api/SiteController.cs b/projects/Platform/Api/Api/SiteController.cs index e2d4c977..a7b5b1df 100644 --- a/projects/Platform/Api/Api/SiteController.cs +++ b/projects/Platform/Api/Api/SiteController.cs @@ -62,6 +62,11 @@ namespace Platform.Api .Select(o => o.Organ) .ToList(); var organId = User.GetOrganId(); + var temp = this._organUserRepo.ReadOnlyTable() + .Where(o => o.User.UserName == userName) + .Include(o=>o.User).Include(o=>o.Organ) + .Include(o => o.UserRoles).ThenInclude(o => o.OrganRole) + .ToList(); var model = new LayoutModel { Name = this._settingService.GetValue("name"), @@ -75,7 +80,6 @@ namespace Platform.Api Roles = User == null ? new List() : this._organUserRepo.ReadOnlyTable() - .Include(o=>o.UserRoles).ThenInclude(o=>o.OrganRole) .Where(o => o.User.UserName == userName) .Where(o => o.OrganId == organId) .SelectMany(o => o.UserRoles) diff --git a/projects/Platform/Api/Api/TokenController.cs b/projects/Platform/Api/Api/TokenController.cs index 538786ec..98f0066a 100644 --- a/projects/Platform/Api/Api/TokenController.cs +++ b/projects/Platform/Api/Api/TokenController.cs @@ -48,7 +48,12 @@ namespace Platform.Apis { try { - var user = this._userRepo.Table().FirstOrDefault(o => o.UserName == model.UserName); + var user = this._userRepo.Table() + .Include(o => o.OrganUsers) + .ThenInclude(o => o.Organ) + .FirstOrDefault(o => o.UserName == model.UserName); + var userMainOrgan = user.OrganUsers.OrderByDescending(o => o.IsDefault).ThenBy(o => o.OrganId).FirstOrDefault(); + if (user == null) { return BadRequest(ModelState.AddModelError("用户名或密码错误")); @@ -100,7 +105,11 @@ namespace Platform.Apis } } } - return Ok(this.CreateToken(user.UserName)); + var claims = new List { + new Claim(this._parameters.NameClaimType, user.UserName), + new Claim("OrganId", userMainOrgan.OrganId.ToString()) + }; + return Ok(this.CreateToken(claims)); } catch (Exception ex) { @@ -130,7 +139,7 @@ namespace Platform.Apis new Claim(this._parameters.NameClaimType, userName), new Claim("OrganId", userMainOrgan.OrganId.ToString()) }; - return Ok(CreateToken(userName)); + return Ok(CreateToken(claims)); } catch (Exception ex) { @@ -139,12 +148,17 @@ namespace Platform.Apis } } - private object CreateToken(String userName) + private object CreateToken(List claims) { + if(User.Identity.IsAuthenticated) + { + this.HttpContext.JwtSignOut(); + this.HttpContext.JwtSignIn(claims, false); + } return new { - AccessToken = Request.HttpContext.CreateJwtToken(new List { new Claim(this._parameters.NameClaimType, userName) }, DateTime.Now.AddMinutes(Convert.ToDouble(_settingService.GetValue("AccessTokenTimeout")))), - RefreshToken = Request.HttpContext.CreateJwtToken(new List { new Claim(this._parameters.NameClaimType, userName) }, DateTime.Now.AddMinutes(Convert.ToDouble(_settingService.GetValue("RefreshTokenTimeout")))), + AccessToken = Request.HttpContext.CreateJwtToken(claims, DateTime.Now.AddMinutes(Convert.ToDouble(_settingService.GetValue("AccessTokenTimeout")))), + RefreshToken = Request.HttpContext.CreateJwtToken(claims, DateTime.Now.AddMinutes(Convert.ToDouble(_settingService.GetValue("RefreshTokenTimeout")))), }; } } diff --git a/projects/Platform/Controllers/AccountController.cs b/projects/Platform/Controllers/AccountController.cs index dd7588cc..47e9097c 100644 --- a/projects/Platform/Controllers/AccountController.cs +++ b/projects/Platform/Controllers/AccountController.cs @@ -207,7 +207,7 @@ namespace Platform.Controllers } if (this.IsJsonRequest()) { - return Json(this.CreateToken(claims)); + return Json(this.CreateToken(claims,model.RememberMe)); } else { @@ -1029,8 +1029,13 @@ namespace Platform.Controllers return Convert.ToInt32(this._settingService.GetValue("CaptchaSeconds")); } - private object CreateToken(List claims) + private object CreateToken(List claims,bool rememberMe=false) { + if(User.Identity.IsAuthenticated) + { + HttpContext.JwtSignOut(); + HttpContext.JwtSignIn(claims, rememberMe); + } return new { AccessToken = Request.HttpContext.CreateJwtToken(claims, DateTime.Now.AddMinutes(Convert.ToDouble(_settingService.GetValue("AccessTokenTimeout")))), diff --git a/projects/Platform/Data/PlatformDbContext.cs b/projects/Platform/Data/PlatformDbContext.cs index 6d811e0e..7fd321b7 100644 --- a/projects/Platform/Data/PlatformDbContext.cs +++ b/projects/Platform/Data/PlatformDbContext.cs @@ -255,7 +255,6 @@ namespace Platform.Data if (scopeAttribute != null) { var scope = scopeAttribute.Scope; - var isManyToMany = item.ClrType.GetCustomAttribute() != null; //平台权限 if (scope.HasFlag(ScopeType.PlatformRead)) { @@ -265,7 +264,7 @@ namespace Platform.Data { permissionCatgegory.Permissions.Add(new Permission { IsReadOnly = true, Type = PermissionType.Platform, Name = $"添加平台{name}", Number = $"Add-Platform-{number}" }); } - if (!isManyToMany && scope.HasFlag(ScopeType.PlatformEdit)) + if (scope.HasFlag(ScopeType.PlatformEdit)) { permissionCatgegory.Permissions.Add(new Permission { IsReadOnly = true, Type = PermissionType.Platform, Name = $"修改平台{name}", Number = $"Edit-Platform-{number}" }); } @@ -282,7 +281,7 @@ namespace Platform.Data { permissionCatgegory.Permissions.Add(new Permission { IsReadOnly = true, Type = PermissionType.Organ, Name = $"添加机构{name}", Number = $"Add-Organ-{number}" }); } - if (!isManyToMany && scope.HasFlag(ScopeType.OrganEdit)) + if (scope.HasFlag(ScopeType.OrganEdit)) { permissionCatgegory.Permissions.Add(new Permission { IsReadOnly = true, Type = PermissionType.Organ, Name = $"修改机构{name}", Number = $"Edit-Organ-{number}" }); } @@ -490,10 +489,10 @@ namespace Platform.Data db.Set().FirstOrDefault(o => o.Number == "root").Update(); db.SaveChanges(); - var defaultOrganId = db.Set().FirstOrDefault(o => o.IsReadOnly).Id; - var superRole = new Role { OrganId = defaultOrganId, Number = "super", Name = "超级管理员", IsReadOnly = true }; - var adminRole = new Role { OrganId = defaultOrganId, Number = "admin", Name = "管理员" }; - var organRole = new Role { OrganId = defaultOrganId, Number = "organ", Name = "机构管理员" }; + var platformOrganId = db.Set().FirstOrDefault(o => o.IsReadOnly).Id; + var superRole = new Role { OrganId = platformOrganId, Number = "super", Name = "超级管理员", IsReadOnly = true }; + var adminRole = new Role { OrganId = platformOrganId, Number = "admin", Name = "管理员" }; + var organRole = new Role { OrganId = platformOrganId, Number = "organ", Name = "机构管理员" }; //初始化角色 var skips = new string[] { @@ -529,7 +528,7 @@ namespace Platform.Data new OrganUser { IsReadOnly=true, Type= "", - OrganId=defaultOrganId, + OrganId=platformOrganId, UserRoles=new List { new OrganUserRole{ @@ -557,7 +556,7 @@ namespace Platform.Data OrganUsers = new List { new OrganUser { Type= "其他", - OrganId=defaultOrganId, + OrganId=platformOrganId, UserRoles=new List { new OrganUserRole{ OrganRoleId=adminRole.Id} @@ -577,7 +576,7 @@ namespace Platform.Data OrganUsers = new List { new OrganUser { Type= "其他", - OrganId=defaultOrganId, + OrganId=platformOrganId, UserRoles=new List { new OrganUserRole{ OrganRoleId=organRole.Id}