asp.net zero給服務配置權限的步驟:
- 定義權限標識符 SIS.Core層 Authorization/AppPermissions.cs
- 創建權限 SIS.Core層 Authorization/AppAuthorizationProvider.cs
- 菜單權限配置 SIS.Web.Mvc層 Areas/app/Startup/appNavigationProviders.cs
- 對應服務及方法權限配置 AbpAuthorize()
- 權限測試及API訪問 https://localhost:44302/api/TokenAuth/Authenticate
定義權限標識符
在SIS.Core項目的Authorization/AppPermissions.cs文件中,添加相應的權限
// demo
public const string Pages_Demo = "Pages.Demo";
public const string Pages_Demo_Create = "Pages.Demo.Create";
public const string Pages_Demo_Edit = "Pages.Demo.Edit";
public const string Pages_Demo_Delete = "Pages.Demo.Delete";
創建權限
在SIS.Core層的Authorization/AppAuthorizationProvider.cs中創建權限:
創建權限過程中,使用了字符串需要多語言配置,在SIS.Core項目下Localization>SIS目錄下SIS-zh-Hans.xml配置對應字符串的中文
var demo = pages.CreateChildPermission(AppPermissions.Pages_Demo, L("Demo"));
demo.CreateChildPermission(AppPermissions.Pages_Demo_Create, L("CreatingNewDemo"));
demo.CreateChildPermission(AppPermissions.Pages_Demo_Edit, L("EditingDemo"));
demo.CreateChildPermission(AppPermissions.Pages_Demo_Delete, L("DeletingDemo"));
多語言配置:
<text name="Demo">測試頁面</text>
<text name="DemoHeaderInfo">測試頁面副標題</text>
<text name="CreatingNewDemo">創建測試實體</text>
<text name="EditingDemo">編輯測試實體</text>
<text name="DeletingDemo">刪除測試實體</text>
分配權限
給菜單分配頁面權限:
.AddItem(new MenuItemDefinition(
appPageNames.Common.Demo,
L("Demo"),
url: "app/Demo",
icon: "flaticon-line-graph",
permissionDependency: new SimplePermissionDependency(AppPermissions.Pages_Demo)
)
給服務類及方法配置權限
using Abp.Application.Services.Dto;
using Abp.Collections.Extensions;
using Abp.Domain.Repositories;
using EDU.SIS.Demo.Dtos;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.EntityFrameworkCore;
using Abp.Linq.Extensions;
using System.Linq.Dynamic.Core;
using Abp.Authorization;
using EDU.SIS.Authorization;
namespace EDU.SIS.Demo
{
/// <summary>
/// 測試頁面服務
/// </summary>
[AbpAuthorize(AppPermissions.Pages_Demo)]
public class DemoObjectAppService : SISAppServiceBase, IDemoObjectAppService
{
private readonly IRepository<DemoObject> _demoObjectRepository;
public DemoObjectAppService(IRepository<DemoObject> demoObjectRepository)
{
_demoObjectRepository = demoObjectRepository;
}
/// <summary>
/// 創建和修改
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[AbpAuthorize(AppPermissions.Pages_Demo)]
public async Task CreateOrEdit(CreateOrEditDemoObjectDto input)
{
if (input.Id==null)
{
//創建
await Create(input);
}
else
{
//修改
await Update(input);
}
}
/// <summary>
/// 創建實體
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[AbpAuthorize(AppPermissions.Pages_Demo_Create)]
private async Task Create(CreateOrEditDemoObjectDto input)
{
var demoObject = ObjectMapper.Map<DemoObject>(input);
await _demoObjectRepository.InsertAsync(demoObject);
}
/// <summary>
/// 修改實體
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[AbpAuthorize(AppPermissions.Pages_Demo_Edit)]
private async Task Update(CreateOrEditDemoObjectDto input)
{
var demoObject = await _demoObjectRepository.FirstOrDefaultAsync((int)input.Id);
var demo = ObjectMapper.Map(input, demoObject);
//await _demoObjectRepository.UpdateAsync(demo);
}
/// <summary>
/// 數據刪除
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[AbpAuthorize(AppPermissions.Pages_Demo_Delete)]
public async Task Delete(EntityDto input)
{
//先查詢再修改
//var demoObject = await _demoObjectRepository.GetAsync(input.Id);
//await _demoObjectRepository.DeleteAsync(demoObject);
//直接刪除實體,注意轉換id,不轉換則刪不了
await _demoObjectRepository.DeleteAsync((int)input.Id);
}
/// <summary>
/// 分頁查詢所有實體
/// </summary>
/// <param name="input">分頁排序篩選</param>
/// <returns></returns>
public async Task<PagedResultDto<GetDemoObjectForViewDto>> GetAll(GetAllDemoObjectInput input)
{
//注意這裏要用Abp.Linq.Extensions,否則返回的是IEnumerable類型
var filter = _demoObjectRepository.GetAll()
.WhereIf(!string.IsNullOrWhiteSpace(input.Filter), e => e.Name.Contains(input.Filter))
.WhereIf(!string.IsNullOrWhiteSpace(input.NameFilter), e => e.Name.Equals(input.NameFilter));
//先排序,再映射
filter = filter.OrderBy(input.Sorting ?? "id asc");//OrderBy來自System.Linq.Dynamic.Core
var query = (from o in filter
orderby o.Id
select new GetDemoObjectForViewDto()
{
DemoObject = ObjectMapper.Map<DemoObjectDto>(o)
});
var totalCount = await query.CountAsync(); //CountAsync來自Abp.Linq.Extensions
var demoObject = await query
.PageBy(input)
.ToListAsync();
var result = new PagedResultDto<GetDemoObjectForViewDto>()
{
TotalCount = totalCount,
Items = demoObject
};
return result;
}
/// <summary>
/// 獲取修改數據詳情
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
public async Task<GetDemoObjectForEditOutput> GetDemoObjectForEdit(EntityDto input)
{
var demoObject = await _demoObjectRepository.GetAsync(input.Id);
var result = new GetDemoObjectForEditOutput()
{
DemoObject = ObjectMapper.Map<DemoObjectDto>(demoObject)
};
return result;
}
/// <summary>
/// 獲取單條數據
/// </summary>
/// <param name="id"></param>
/// <returns></returns>
public async Task<GetDemoObjectForViewDto> GetDemoObjectForView(int id)
{
var demoObject = await _demoObjectRepository.GetAsync(id);
var result = new GetDemoObjectForViewDto()
{
DemoObject = ObjectMapper.Map<DemoObjectDto>(demoObject)
};
return result;
}
}
}
權限測試及API訪問
###頁面權限
運行應用程序,在管理->角色點擊修改,能夠看到我們定義的權限:
API請求token
由於我們加了權限,需要通過請求token,纔能有權限訪問服務,請求accesstoken地址:https://localhost:44302/api/TokenAuth/Authenticate 具體配置如下圖:
header要加上租戶ID,應爲系統默認開啓了多租戶,可以在SIS.Core項目SISCoreModule.cs中查看到Configuration.MultiTenancy.IsEnabled = SISConsts.MultiTenancyEnabled;
body加上用戶名和密碼:
帶token分頁查詢
查詢需要複製上一步請求的accesstoken,在分頁查詢請求中的Header添加Authorization,具體如下圖,添加accesstoken就可以請求成功:
同樣帶token添加實體也是與分頁查詢一樣: