using System.Text.Json;
using FoodLabeling.Application.Contracts.Constants;
using SqlSugar;
using Volo.Abp.Users;
namespace FoodLabeling.Application.Helpers;
///
/// 当前用户角色上的「访问权限」勾选项(Role.AccessPermissionCodesJson)。
///
public static class UserRoleAccessPermissionHelper
{
public static async Task> ResolveMergedAccessPermissionCodesAsync(
ISqlSugarClient db,
Guid userId)
{
var jsonRows = await db.Ado.SqlQueryAsync(
@"SELECT r.AccessPermissionCodesJson
FROM UserRole ur
INNER JOIN Role r ON ur.RoleId = r.Id
WHERE ur.UserId = @UserId AND r.IsDeleted = 0 AND r.State = 1
AND r.AccessPermissionCodesJson IS NOT NULL AND TRIM(r.AccessPermissionCodesJson) <> ''",
new { UserId = userId });
var merged = new HashSet(StringComparer.Ordinal);
foreach (var json in jsonRows)
{
foreach (var code in DeserializeAccessPermissionCodes(json))
{
merged.Add(code);
}
}
return merged.OrderBy(x => x, StringComparer.Ordinal).ToList();
}
public static bool HasManagePeoplePermission(IReadOnlyList codes) =>
codes.Any(c => string.Equals(c.Trim(), RoleAccessPermissionCodes.ManagePeople, StringComparison.Ordinal));
public static bool HasAllKnownAccessPermissions(IReadOnlyList codes)
{
if (codes.Count == 0)
{
return false;
}
var set = new HashSet(codes.Select(x => x.Trim()), StringComparer.Ordinal);
return RoleAccessPermissionCodes.All.All(set.Contains);
}
public static bool CanManageRegionAndLocationByAccessPermissions(IReadOnlyList codes) =>
HasManagePeoplePermission(codes) || HasAllKnownAccessPermissions(codes);
private static List DeserializeAccessPermissionCodes(string? json)
{
if (string.IsNullOrWhiteSpace(json))
{
return new List();
}
try
{
var raw = JsonSerializer.Deserialize>(json);
if (raw is null)
{
return new List();
}
return raw
.Select(x => x?.Trim() ?? "")
.Where(x => x.Length > 0 && RoleAccessPermissionCodes.IsKnown(x))
.Distinct(StringComparer.Ordinal)
.ToList();
}
catch
{
return new List();
}
}
}