Skip to content

Commit 7398af6

Browse files
liaozbliaozb
committed
#权限优化 别名表优化#
1 parent a5da6ab commit 7398af6

File tree

11 files changed

+184
-73
lines changed

11 files changed

+184
-73
lines changed

APIJSON.NET/1.png

24.9 KB
Loading

APIJSON.NET/APIJSON.NET/APIJSON.NET.csproj

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,9 +15,10 @@
1515
<PackageReference Include="MySql.Data" Version="8.0.11" />
1616
<PackageReference Include="sqlSugarCore" Version="4.6.4.9" />
1717
<PackageReference Include="Swashbuckle.AspNetCore" Version="3.0.0" />
18+
<PackageReference Include="Swashbuckle.AspNetCore.Annotations" Version="3.0.0" />
1819
<PackageReference Include="Swashbuckle.AspNetCore.Swagger" Version="3.0.0" />
1920
</ItemGroup>
2021

21-
<ProjectExtensions><VisualStudio><UserProperties /></VisualStudio></ProjectExtensions>
22+
<ProjectExtensions><VisualStudio><UserProperties appsettings_1json__JSONSchema="http://json.schemastore.org/config" /></VisualStudio></ProjectExtensions>
2223

2324
</Project>

APIJSON.NET/APIJSON.NET/Controllers/JsonController.cs

Lines changed: 38 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,8 @@
1010
using SqlSugar;
1111
using System.Linq;
1212
using APIJSON.NET.Services;
13+
14+
1315
[Route("api/[controller]")]
1416
[ApiController]
1517
public class JsonController : ControllerBase
@@ -30,8 +32,8 @@ public JsonController(SelectTable _selectTable, DbContext _db,IIdentityService i
3032
/// </summary>
3133
/// <param name="json"></param>
3234
/// <returns></returns>
33-
[HttpGet("/get/{json}")]
34-
public ActionResult Query(string json)
35+
[HttpPost("/get")]
36+
public ActionResult Query([FromBody]string json)
3537
{
3638
json = HttpUtility.UrlDecode(json);
3739
JObject ht = new JObject();
@@ -40,14 +42,18 @@ public ActionResult Query(string json)
4042
try
4143
{
4244
JObject jobject = JObject.Parse(json);
45+
int page = 0, count = 0, query = 0, total = 0;
4346
foreach (var item in jobject)
4447
{
4548
string key = item.Key.Trim();
46-
var jb = JObject.Parse(item.Value.ToString());
47-
int page = jb["page"] == null ? 0 : int.Parse(jb["page"].ToString()), count = jb["count"] == null ? 0 : int.Parse(jb["count"].ToString()), query = jb["query"] == null ? 0 : int.Parse(jb["query"].ToString());
48-
jb.Remove("page"); jb.Remove("count");
49+
JObject jb;
4950
if (key.Equals("[]"))
5051
{
52+
jb = JObject.Parse(item.Value.ToString());
53+
page = jb["page"] == null ? 0 : int.Parse(jb["page"].ToString());
54+
count = jb["count"] == null ? 0 : int.Parse(jb["count"].ToString());
55+
query = jb["query"] == null ? 0 : int.Parse(jb["query"].ToString());
56+
jb.Remove("page"); jb.Remove("count"); jb.Remove("query");
5157
var htt = new JArray();
5258
List<string> tables = new List<string>(), where = new List<string>();
5359
foreach (var t in jb)
@@ -57,8 +63,13 @@ public ActionResult Query(string json)
5763
if (tables.Count > 0)
5864
{
5965
string table = tables[0];
60-
var template = selectTable.GetTableData(table, page, count, where[0], null);
61-
foreach (var dd in template)
66+
var temp = selectTable.GetTableData(table, page, count, where[0], null);
67+
if (query >0)
68+
{
69+
total = temp.Item2;
70+
}
71+
72+
foreach (var dd in temp.Item1)
6273
{
6374
var zht = new JObject();
6475
zht.Add(table, JToken.FromObject(dd));
@@ -73,7 +84,7 @@ public ActionResult Query(string json)
7384
count = jbb["count"] == null ? 0 : int.Parse(jbb["count"].ToString());
7485

7586
var lt = new JArray();
76-
foreach (var d in selectTable.GetTableData(subtable, page, count, jbb[subtable].ToString(), zht))
87+
foreach (var d in selectTable.GetTableData(subtable, page, count, jbb[subtable].ToString(), zht).Item1)
7788
{
7889
lt.Add(JToken.FromObject(d));
7990
}
@@ -82,38 +93,50 @@ public ActionResult Query(string json)
8293
else
8394
{
8495
var ddf = selectTable.GetTableData(subtable, 0, 0, where[i].ToString(), zht);
85-
if (ddf != null)
96+
if (ddf.Item1 != null)
8697
{
87-
zht.Add(subtable, JToken.FromObject(ddf));
98+
zht.Add(subtable, JToken.FromObject(ddf.Item1));
8899
}
89-
90100
}
91101
}
92102
htt.Add(zht);
93103
}
104+
105+
}
106+
if (query != 1)
107+
{
108+
ht.Add("[]", htt);
94109
}
95-
ht.Add("[]", htt);
96110
}
97111
else if (key.EndsWith("[]"))
98112
{
113+
jb = JObject.Parse(item.Value.ToString());
114+
page = jb["page"] == null ? 0 : int.Parse(jb["page"].ToString());
115+
count = jb["count"] == null ? 0 : int.Parse(jb["count"].ToString());
116+
query = jb["query"] == null ? 0 : int.Parse(jb["query"].ToString());
117+
jb.Remove("page"); jb.Remove("count"); jb.Remove("query");
99118
var htt = new JArray();
100119
foreach (var t in jb)
101120
{
102-
foreach (var d in selectTable.GetTableData(t.Key, page, count, t.Value.ToString(), null))
121+
foreach (var d in selectTable.GetTableData(t.Key, page, count, t.Value.ToString(), null).Item1)
103122
{
104123
htt.Add(JToken.FromObject(d));
105124
}
106125
}
107126
ht.Add(key, htt);
108127
}
109-
else
128+
else if (key.IsTable())
110129
{
111-
var template = selectTable.GetTableData(key, 0, 0, item.Value.ToString(), ht);
130+
var template = selectTable.GetTableData(key, 0, 0, item.Value.ToString(), ht).Item1;
112131
if (template != null)
113132
{
114133
ht.Add(key, JToken.FromObject(template));
115134
}
116135
}
136+
else if (key.Equals("total@"))
137+
{
138+
ht.Add("total", total);
139+
}
117140
}
118141
}
119142
catch (Exception ex)

APIJSON.NET/APIJSON.NET/SelectTable.cs

Lines changed: 23 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -1,66 +1,34 @@
11
namespace APIJSON.NET
22
{
3-
using APIJSON.NET.Models;
43
using APIJSON.NET.Services;
54
using Microsoft.Extensions.Options;
6-
using Newtonsoft.Json;
75
using Newtonsoft.Json.Linq;
86
using SqlSugar;
97
using System;
108
using System.Collections.Generic;
11-
using System.IO;
129
using System.Linq;
13-
1410
public class SelectTable: DbContext
1511
{
16-
1712
private readonly IIdentityService _identitySvc;
18-
public SelectTable(IOptions<DbOptions> options, IIdentityService identityService) : base(options)
13+
private readonly ITableMapper _tableMapper;
14+
public SelectTable(IOptions<DbOptions> options, IIdentityService identityService, ITableMapper tableMapper) : base(options)
1915
{
20-
2116
_identitySvc = identityService;
17+
_tableMapper = tableMapper;
2218
}
23-
/// <summary>
24-
/// 对应数据表
25-
/// </summary>
26-
static Dictionary<string, string> dict = new Dictionary<string, string>
27-
{
28-
{"user", "apijson_user"},
29-
};
30-
31-
public (bool, string) GetSelectRole(string table)
32-
{
33-
var role = _identitySvc.GetRole();
34-
if (role == null || role.Select == null || role.Select.Table == null)
35-
{
36-
return (false, $"select.json权限配置不正确!");
37-
}
38-
string tablerole = role.Select.Table.FirstOrDefault(it => it.Equals(table, StringComparison.CurrentCultureIgnoreCase));
39-
40-
if (string.IsNullOrEmpty(tablerole))
41-
{
42-
return (false, $"表名{table}没权限查询!");
43-
}
44-
int index = Array.IndexOf(role.Select.Table, tablerole);
45-
string selectrole = role.Select.Column[index];
46-
return (true, selectrole);
47-
}
48-
public dynamic GetTableData(string subtable, int page, int count, string json, JObject dd)
49-
{
19+
public (dynamic,int) GetTableData(string subtable, int page, int count, string json, JObject dd)
20+
{
5021
if (!subtable.IsTable())
5122
{
5223
throw new Exception($"表名{subtable}不正确!");
5324
}
54-
var role = GetSelectRole(subtable);
55-
if (!role.Item1)
25+
var role = _identitySvc.GetSelectRole(subtable);
26+
if (!role.Item1)//没有权限返回异常
5627
{
5728
throw new Exception(role.Item2);
5829
}
5930
string selectrole = role.Item2;
60-
if (dict.ContainsKey(subtable.ToLower()))
61-
{
62-
subtable = dict.GetValueOrDefault(subtable.ToLower());
63-
}
31+
subtable = _tableMapper.GetTableName(subtable);
6432
JObject values = JObject.Parse(json);
6533
var tb = Db.Queryable(subtable, "tb");
6634
if (values["@column"].IsValue())
@@ -71,20 +39,24 @@ public dynamic GetTableData(string subtable, int page, int count, string json, J
7139
string[] ziduan = item.Split(":");
7240
if (ziduan.Length > 1)
7341
{
74-
if (ziduan[0].IsField() && ziduan[1].IsTable()&&(selectrole =="*"|| selectrole.Split(',').Contains(ziduan[0],StringComparer.CurrentCultureIgnoreCase)))
42+
if (_identitySvc.ColIsRole(ziduan[0], selectrole.Split(",")))
7543
{
7644

7745
str.Append(ziduan[0] + " as " + ziduan[1] + ",");
7846
}
7947
}
8048
else
8149
{
82-
if (item.IsField() && (selectrole == "*" || selectrole.Split(',').Contains(item, StringComparer.CurrentCultureIgnoreCase)))
50+
if (_identitySvc.ColIsRole(item, selectrole.Split(",")))
8351
{
8452
str.Append(item + ",");
8553
}
8654
}
8755
}
56+
if (string.IsNullOrEmpty(str.ToString()))
57+
{
58+
throw new Exception($"表名{subtable}没有可查询的字段!");
59+
}
8860
tb.Select(str.ToString().TrimEnd(','));
8961
}
9062
else
@@ -103,12 +75,12 @@ public dynamic GetTableData(string subtable, int page, int count, string json, J
10375
{
10476
if (vakey.TrimEnd('$').IsTable())
10577
{
106-
conModels.Add(new ConditionalModel() { FieldName = va.Key.TrimEnd('$'), ConditionalType = ConditionalType.Like, FieldValue = va.Value.ToString() });
78+
conModels.Add(new ConditionalModel() { FieldName = vakey.TrimEnd('$'), ConditionalType = ConditionalType.Like, FieldValue = va.Value.ToString() });
10779
}
10880
}
10981
else if (vakey.EndsWith("{}"))//逻辑运算
11082
{
111-
string field = va.Key.TrimEnd("{}".ToCharArray());
83+
string field = vakey.TrimEnd("{}".ToCharArray());
11284
if (va.Value.HasValues)
11385
{
11486
conModels.Add(new ConditionalModel() { FieldName = field, ConditionalType = field.EndsWith("!") ? ConditionalType.NotIn : ConditionalType.In, FieldValue = va.Value.ToString() });
@@ -189,7 +161,10 @@ public dynamic GetTableData(string subtable, int page, int count, string json, J
189161
}
190162
else
191163
{
192-
tb.OrderBy("id");
164+
if (count>0)
165+
{
166+
tb.OrderBy("id");
167+
}
193168
}
194169
if (values["@group"].IsValue())
195170
{
@@ -209,11 +184,12 @@ public dynamic GetTableData(string subtable, int page, int count, string json, J
209184
}
210185
if (count > 0)
211186
{
212-
return tb.ToPageList(page, count);
187+
int total = 0;
188+
return (tb.ToPageList(page, count,ref total),total);
213189
}
214190
else
215191
{
216-
return tb.ToList();
192+
return (tb.ToList(),tb.Count());
217193
}
218194

219195
}

APIJSON.NET/APIJSON.NET/Services/IIdentityService.cs

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,8 +4,29 @@ namespace APIJSON.NET.Services
44
{
55
public interface IIdentityService
66
{
7+
/// <summary>
8+
/// 获取当前用户id
9+
/// </summary>
10+
/// <returns></returns>
711
string GetUserIdentity();
12+
/// <summary>
13+
/// 获取当前用户权限组名称
14+
/// </summary>
15+
/// <returns></returns>
816
string GetUserRoleName();
17+
/// <summary>
18+
/// 获取当前用户权限
19+
/// </summary>
20+
/// <returns></returns>
921
Role GetRole();
22+
/// <summary>
23+
/// 获取当前表的可查询字段
24+
/// </summary>
25+
/// <param name="table"></param>
26+
/// <returns></returns>
27+
(bool, string) GetSelectRole(string table);
28+
29+
30+
bool ColIsRole(string col, string[] selectrole);
1031
}
1132
}

APIJSON.NET/APIJSON.NET/Services/ITableMapper.cs

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
namespace APIJSON.NET.Services
2+
{
3+
public interface ITableMapper
4+
{
5+
/// <summary>
6+
/// 表别名获取
7+
/// </summary>
8+
/// <param name="oldname"></param>
9+
/// <returns></returns>
10+
string GetTableName(string oldname);
11+
}
12+
}

APIJSON.NET/APIJSON.NET/Services/IdentityService.cs

Lines changed: 53 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
using System.Collections.Generic;
66
using System.Linq;
77
using System.Security.Claims;
8+
using System.Text.RegularExpressions;
89
using System.Threading.Tasks;
910

1011
namespace APIJSON.NET.Services
@@ -23,7 +24,7 @@ public string GetUserIdentity()
2324
{
2425
return _context.HttpContext.User.FindFirstValue(ClaimTypes.NameIdentifier);
2526
}
26-
27+
2728
public string GetUserRoleName()
2829
{
2930
return _context.HttpContext.User.FindFirstValue(ClaimTypes.Role);
@@ -42,5 +43,56 @@ public Role GetRole()
4243
}
4344
return role;
4445
}
46+
public (bool, string) GetSelectRole(string table)
47+
{
48+
var role = GetRole();
49+
if (role == null || role.Select == null || role.Select.Table == null)
50+
{
51+
return (false, $"select.json权限配置不正确!");
52+
}
53+
string tablerole = role.Select.Table.FirstOrDefault(it => it.Equals(table, StringComparison.CurrentCultureIgnoreCase));
54+
55+
if (string.IsNullOrEmpty(tablerole))
56+
{
57+
return (false, $"表名{table}没权限查询!");
58+
}
59+
int index = Array.IndexOf(role.Select.Table, tablerole);
60+
string selectrole = role.Select.Column[index];
61+
return (true, selectrole);
62+
}
63+
public bool ColIsRole(string col, string[] selectrole)
64+
{
65+
if (selectrole.Contains("*"))
66+
{
67+
return true;
68+
}
69+
else
70+
{
71+
if (col.Contains("(") && col.Contains(")"))
72+
{
73+
Regex reg = new Regex(@"\(([^)]*)\)");
74+
Match m = reg.Match(col);
75+
if (selectrole.Contains(m.Result("$1"), StringComparer.CurrentCultureIgnoreCase))
76+
{
77+
return true;
78+
}
79+
else
80+
{
81+
return false;
82+
}
83+
}
84+
else
85+
{
86+
if (selectrole.Contains(col, StringComparer.CurrentCultureIgnoreCase))
87+
{
88+
return true;
89+
}
90+
else
91+
{
92+
return false;
93+
}
94+
}
95+
}
96+
}
4597
}
4698
}

0 commit comments

Comments
 (0)