asp.net zero给服务配置权限的步骤:
在SIS.Core项目的Authorization/AppPermissions.cs文件中,添加相应的权限
// demopublic const string Pages_Demo = "Pages.Demo";public const string Pages_Demo_Create = "Pages.Demo.Create";public const string Pages_Demo_Edit = "Pages.Demo.Edit";public const string Pages_Demo_Delete = "Pages.Demo.Delete";
在SIS.Core层的Authorization/AppAuthorizationProvider.cs中创建权限:
创建权限过程中,使用了字符串需要多语言配置,在SIS.Core项目下Localization>SIS目录下SIS-zh-Hans.xml配置对应字符串的中文
var demo = pages.CreateChildPermission(AppPermissions.Pages_Demo, L("Demo"));demo.CreateChildPermission(AppPermissions.Pages_Demo_Create, L("CreatingNewDemo"));demo.CreateChildPermission(AppPermissions.Pages_Demo_Edit, L("EditingDemo"));demo.CreateChildPermission(AppPermissions.Pages_Demo_Delete, L("DeletingDemo"));
多语言配置:
<text name="Demo">测试页面</text> <text name="DemoHeaderInfo">测试页面副标题</text> <text name="CreatingNewDemo">创建测试实体</text> <text name="EditingDemo">编辑测试实体</text> <text name="DeletingDemo">删除测试实体</text>
给菜单分配页面权限:
.AddItem(new MenuItemDefinition( appPageNames.Common.Demo, L("Demo"), url: "app/Demo", icon: "flaticon-line-graph", permissionDependency: new SimplePermissionDependency(AppPermissions.Pages_Demo) )
using Abp.Application.Services.Dto;using Abp.Collections.Extensions;using Abp.Domain.Repositories;using EDU.SIS.Demo.Dtos;using System.Linq;using System.Threading.Tasks;using Microsoft.EntityFrameworkCore;using Abp.Linq.Extensions;using System.Linq.Dynamic.Core;using Abp.Authorization;using EDU.SIS.Authorization;namespace EDU.SIS.Demo{ /// <summary> /// 测试页面服务 /// </summary> [AbpAuthorize(AppPermissions.Pages_Demo)] public class DemoObjectAppService : SISAppServiceBase, IDemoObjectAppService { private readonly IRepository<DemoObject> _demoObjectRepository; public DemoObjectAppService(IRepository<DemoObject> demoObjectRepository) { _demoObjectRepository = demoObjectRepository; } /// <summary> /// 创建和修改 /// </summary> /// <param name="input"></param> /// <returns></returns> [AbpAuthorize(AppPermissions.Pages_Demo)] public async Task CreateOrEdit(CreateOrEditDemoObjectDto input) { if (input.Id==null) { //创建 await Create(input); } else { //修改 await Update(input); } } /// <summary> /// 创建实体 /// </summary> /// <param name="input"></param> /// <returns></returns> [AbpAuthorize(AppPermissions.Pages_Demo_Create)] private async Task Create(CreateOrEditDemoObjectDto input) { var demoObject = ObjectMapper.Map<DemoObject>(input); await _demoObjectRepository.InsertAsync(demoObject); } /// <summary> /// 修改实体 /// </summary> /// <param name="input"></param> /// <returns></returns> [AbpAuthorize(AppPermissions.Pages_Demo_Edit)] private async Task Update(CreateOrEditDemoObjectDto input) { var demoObject = await _demoObjectRepository.FirstOrDefaultAsync((int)input.Id); var demo = ObjectMapper.Map(input, demoObject); //await _demoObjectRepository.UpdateAsync(demo); } /// <summary> /// 数据删除 /// </summary> /// <param name="input"></param> /// <returns></returns> [AbpAuthorize(AppPermissions.Pages_Demo_Delete)] public async Task Delete(EntityDto input) { //先查询再修改 //var demoObject = await _demoObjectRepository.GetAsync(input.Id); //await _demoObjectRepository.DeleteAsync(demoObject); //直接删除实体,注意转换id,不转换则删不了 await _demoObjectRepository.DeleteAsync((int)input.Id); } /// <summary> /// 分页查询所有实体 /// </summary> /// <param name="input">分页排序筛选</param> /// <returns></returns> public async Task<PagedResultDto<GetDemoObjectForViewDto>> GetAll(GetAllDemoObjectInput input) { //注意这里要用Abp.Linq.Extensions,否则返回的是IEnumerable类型 var filter = _demoObjectRepository.GetAll() .WhereIf(!string.IsNullOrWhiteSpace(input.Filter), e => e.Name.Contains(input.Filter)) .WhereIf(!string.IsNullOrWhiteSpace(input.NameFilter), e => e.Name.Equals(input.NameFilter)); //先排序,再映射 filter = filter.OrderBy(input.Sorting ?? "id asc");//OrderBy来自System.Linq.Dynamic.Core var query = (from o in filter orderby o.Id select new GetDemoObjectForViewDto() { DemoObject = ObjectMapper.Map<DemoObjectDto>(o) }); var totalCount = await query.CountAsync(); //CountAsync来自Abp.Linq.Extensions var demoObject = await query .PageBy(input) .ToListAsync(); var result = new PagedResultDto<GetDemoObjectForViewDto>() { TotalCount = totalCount, Items = demoObject }; return result; } /// <summary> /// 获取修改数据详情 /// </summary> /// <param name="input"></param> /// <returns></returns> public async Task<GetDemoObjectForEditOutput> GetDemoObjectForEdit(EntityDto input) { var demoObject = await _demoObjectRepository.GetAsync(input.Id); var result = new GetDemoObjectForEditOutput() { DemoObject = ObjectMapper.Map<DemoObjectDto>(demoObject) }; return result; } /// <summary> /// 获取单条数据 /// </summary> /// <param name="id"></param> /// <returns></returns> public async Task<GetDemoObjectForViewDto> GetDemoObjectForView(int id) { var demoObject = await _demoObjectRepository.GetAsync(id); var result = new GetDemoObjectForViewDto() { DemoObject = ObjectMapper.Map<DemoObjectDto>(demoObject) }; return result; } }}
运行应用程序,在管理->角色点击修改,能够看到我们定义的权限:
由于我们加了权限,需要通过请求token,才能有权限访问服务,请求accesstoken地址:https://localhost:44302/api/TokenAuth/Authenticate 具体配置如下图:
header要加上租户ID,应为系统默认开启了多租户,可以在SIS.Core项目SISCoreModule.cs中查看到Configuration.MultiTenancy.IsEnabled = SISConsts.MultiTenancyEnabled;
body加上用户名和密码:
查询需要复制上一步请求的accesstoken,在分页查询请求中的Header添加Authorization,具体如下图,添加accesstoken就可以请求成功:
同样带token添加实体也是与分页查询一样: