using System.Text.Json;
using FoodLabeling.Application.Contracts.Constants;
using SqlSugar;
namespace FoodLabeling.Application.Helpers;
///
/// 当前用户角色上的「访问权限」勾选项(Role.AccessPermissionCodes JSON 数组)。
///
public static class UserRoleAccessPermissionHelper
{
public static async Task> ResolveMergedAccessPermissionCodesAsync(
ISqlSugarClient db,
Guid userId)
{
if (!await RoleAccessPermissionSchemaHelper.HasColumnAsync(db))
{
return new List();
}
var col = RoleAccessPermissionSchemaHelper.ColumnName;
var jsonRows = await db.Ado.SqlQueryAsync(
$@"SELECT r.`{col}`
FROM UserRole ur
INNER JOIN Role r ON ur.RoleId = r.Id
WHERE ur.UserId = @UserId AND r.IsDeleted = 0 AND r.State = 1
AND r.`{col}` IS NOT NULL AND TRIM(r.`{col}`) <> ''",
new { UserId = userId });
var merged = new HashSet(StringComparer.Ordinal);
foreach (var json in jsonRows)
{
foreach (var code in DeserializeAccessPermissionCodes(json))
{
merged.Add(code);
}
}
return merged.OrderBy(x => x, StringComparer.Ordinal).ToList();
}
public static bool HasManagePeoplePermission(IReadOnlyList codes) =>
codes.Any(c => string.Equals(c.Trim(), RoleAccessPermissionCodes.ManagePeople, StringComparison.Ordinal));
public static bool HasAllKnownAccessPermissions(IReadOnlyList codes)
{
if (codes.Count == 0)
{
return false;
}
var set = new HashSet(codes.Select(x => x.Trim()), StringComparer.Ordinal);
return RoleAccessPermissionCodes.All.All(set.Contains);
}
public static bool CanManageRegionAndLocationByAccessPermissions(IReadOnlyList codes) =>
HasManagePeoplePermission(codes) || HasAllKnownAccessPermissions(codes);
private static List DeserializeAccessPermissionCodes(string? json)
{
if (string.IsNullOrWhiteSpace(json))
{
return new List();
}
try
{
var raw = JsonSerializer.Deserialize>(json);
if (raw is null)
{
return new List();
}
return raw
.Select(x => x?.Trim() ?? "")
.Where(x => x.Length > 0 && RoleAccessPermissionCodes.IsKnown(x))
.Distinct(StringComparer.Ordinal)
.ToList();
}
catch
{
return new List();
}
}
}