asp.net zero给服务配置权限的步骤:
- 定义权限标识符 SIS.Core层 Authorization/AppPermissions.cs
- 创建权限 SIS.Core层 Authorization/AppAuthorizationProvider.cs
- 菜单权限配置 SIS.Web.Mvc层 Areas/app/Startup/appNavigationProviders.cs
- 对应服务及方法权限配置 AbpAuthorize()
- 权限测试及API访问 https://localhost:44302/api/TokenAuth/Authenticate
定义权限标识符
在SIS.Core项目的Authorization/AppPermissions.cs文件中,添加相应的权限
// demo
public const string Pages_Demo = "Pages.Demo";
public const string Pages_Demo_Create = "Pages.Demo.Create";
public const string Pages_Demo_Edit = "Pages.Demo.Edit";
public const string Pages_Demo_Delete = "Pages.Demo.Delete";
创建权限
在SIS.Core层的Authorization/AppAuthorizationProvider.cs中创建权限:
创建权限过程中,使用了字符串需要多语言配置,在SIS.Core项目下Localization>SIS目录下SIS-zh-Hans.xml配置对应字符串的中文
var demo = pages.CreateChildPermission(AppPermissions.Pages_Demo, L("Demo"));
demo.CreateChildPermission(AppPermissions.Pages_Demo_Create, L("CreatingNewDemo"));
demo.CreateChildPermission(AppPermissions.Pages_Demo_Edit, L("EditingDemo"));
demo.CreateChildPermission(AppPermissions.Pages_Demo_Delete, L("DeletingDemo"));
多语言配置:
<text name="Demo">测试页面</text>
<text name="DemoHeaderInfo">测试页面副标题</text>
<text name="CreatingNewDemo">创建测试实体</text>
<text name="EditingDemo">编辑测试实体</text>
<text name="DeletingDemo">删除测试实体</text>
分配权限
给菜单分配页面权限:
.AddItem(new MenuItemDefinition(
appPageNames.Common.Demo,
L("Demo"),
url: "app/Demo",
icon: "flaticon-line-graph",
permissionDependency: new SimplePermissionDependency(AppPermissions.Pages_Demo)
)
给服务类及方法配置权限
using Abp.Application.Services.Dto;
using Abp.Collections.Extensions;
using Abp.Domain.Repositories;
using EDU.SIS.Demo.Dtos;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.EntityFrameworkCore;
using Abp.Linq.Extensions;
using System.Linq.Dynamic.Core;
using Abp.Authorization;
using EDU.SIS.Authorization;
namespace EDU.SIS.Demo
{
/// <summary>
/// 测试页面服务
/// </summary>
[AbpAuthorize(AppPermissions.Pages_Demo)]
public class DemoObjectAppService : SISAppServiceBase, IDemoObjectAppService
{
private readonly IRepository<DemoObject> _demoObjectRepository;
public DemoObjectAppService(IRepository<DemoObject> demoObjectRepository)
{
_demoObjectRepository = demoObjectRepository;
}
/// <summary>
/// 创建和修改
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[AbpAuthorize(AppPermissions.Pages_Demo)]
public async Task CreateOrEdit(CreateOrEditDemoObjectDto input)
{
if (input.Id==null)
{
//创建
await Create(input);
}
else
{
//修改
await Update(input);
}
}
/// <summary>
/// 创建实体
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[AbpAuthorize(AppPermissions.Pages_Demo_Create)]
private async Task Create(CreateOrEditDemoObjectDto input)
{
var demoObject = ObjectMapper.Map<DemoObject>(input);
await _demoObjectRepository.InsertAsync(demoObject);
}
/// <summary>
/// 修改实体
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[AbpAuthorize(AppPermissions.Pages_Demo_Edit)]
private async Task Update(CreateOrEditDemoObjectDto input)
{
var demoObject = await _demoObjectRepository.FirstOrDefaultAsync((int)input.Id);
var demo = ObjectMapper.Map(input, demoObject);
//await _demoObjectRepository.UpdateAsync(demo);
}
/// <summary>
/// 数据删除
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[AbpAuthorize(AppPermissions.Pages_Demo_Delete)]
public async Task Delete(EntityDto input)
{
//先查询再修改
//var demoObject = await _demoObjectRepository.GetAsync(input.Id);
//await _demoObjectRepository.DeleteAsync(demoObject);
//直接删除实体,注意转换id,不转换则删不了
await _demoObjectRepository.DeleteAsync((int)input.Id);
}
/// <summary>
/// 分页查询所有实体
/// </summary>
/// <param name="input">分页排序筛选</param>
/// <returns></returns>
public async Task<PagedResultDto<GetDemoObjectForViewDto>> GetAll(GetAllDemoObjectInput input)
{
//注意这里要用Abp.Linq.Extensions,否则返回的是IEnumerable类型
var filter = _demoObjectRepository.GetAll()
.WhereIf(!string.IsNullOrWhiteSpace(input.Filter), e => e.Name.Contains(input.Filter))
.WhereIf(!string.IsNullOrWhiteSpace(input.NameFilter), e => e.Name.Equals(input.NameFilter));
//先排序,再映射
filter = filter.OrderBy(input.Sorting ?? "id asc");//OrderBy来自System.Linq.Dynamic.Core
var query = (from o in filter
orderby o.Id
select new GetDemoObjectForViewDto()
{
DemoObject = ObjectMapper.Map<DemoObjectDto>(o)
});
var totalCount = await query.CountAsync(); //CountAsync来自Abp.Linq.Extensions
var demoObject = await query
.PageBy(input)
.ToListAsync();
var result = new PagedResultDto<GetDemoObjectForViewDto>()
{
TotalCount = totalCount,
Items = demoObject
};
return result;
}
/// <summary>
/// 获取修改数据详情
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
public async Task<GetDemoObjectForEditOutput> GetDemoObjectForEdit(EntityDto input)
{
var demoObject = await _demoObjectRepository.GetAsync(input.Id);
var result = new GetDemoObjectForEditOutput()
{
DemoObject = ObjectMapper.Map<DemoObjectDto>(demoObject)
};
return result;
}
/// <summary>
/// 获取单条数据
/// </summary>
/// <param name="id"></param>
/// <returns></returns>
public async Task<GetDemoObjectForViewDto> GetDemoObjectForView(int id)
{
var demoObject = await _demoObjectRepository.GetAsync(id);
var result = new GetDemoObjectForViewDto()
{
DemoObject = ObjectMapper.Map<DemoObjectDto>(demoObject)
};
return result;
}
}
}
权限测试及API访问
###页面权限
运行应用程序,在管理->角色点击修改,能够看到我们定义的权限:
API请求token
由于我们加了权限,需要通过请求token,才能有权限访问服务,请求accesstoken地址:https://localhost:44302/api/TokenAuth/Authenticate 具体配置如下图:
header要加上租户ID,应为系统默认开启了多租户,可以在SIS.Core项目SISCoreModule.cs中查看到Configuration.MultiTenancy.IsEnabled = SISConsts.MultiTenancyEnabled;
body加上用户名和密码:
带token分页查询
查询需要复制上一步请求的accesstoken,在分页查询请求中的Header添加Authorization,具体如下图,添加accesstoken就可以请求成功:
同样带token添加实体也是与分页查询一样: