开发ERP/OA/MES等企业管理系统,会要求具有强大的数据权限控制需求
例如:员工有张三和李四,主管是王五
需求1:张三和李四的单据只能自己看到,王五可以看到张三和李四的单据
需求2:张三离职后,李四代理,李四也要能看到张三的单据
需求3:由于张三的业务很多,一个人忙不来,某种单据暂时转李四处理(例如收货单)
需求4:主管王五能力比较强,同时兼管其他部门,需要看到其他部门的单据(例如人事部)
需求太多,此处省略一万字。。。
系统需求要能跨数据库(支持主流数据库oracle mysql sqlserver posgresql)
ORM:支持EF Core/FreeSql/sqlsugar
前端Vue
先上图,数据角色配置
数据表
FreeSql
protected DynamicFilterInfo GetDataAuth(string actionPath, string empColumnName = "CreatorId", string deptColumnName = null, string orgaColumnName = null)
{
#region 定义返回值
DynamicFilterInfo dynamicFilterInfo = null;
List<DynamicFilterInfo> dynamicFilterInfos = null;
#endregion
long? userId = SimpleFactory.User?.Id ?? 1;
var queryResult = context.Select<DataAuthEntity>()
.Distinct()
.ToList(t => new { DataAuthCode = t.Code, DataAuthRule = t.Rule });
var checkResult = queryResult.Any(x => x.DataAuthCode.Equals("All"));
if (!checkResult && queryResult.Count > 0)
{
dynamicFilterInfo = new() { Logic = DynamicFilterLogic.And, Filters = new() };
dynamicFilterInfos = new();
queryResult.ForEach(item =>
{
DataRuleViewModel idsNamesViewModel = new();
if (!string.IsNullOrEmpty(item.DataAuthRule))
{
idsNamesViewModel = JsonConvert.DeserializeObject<DataRuleViewModel>(item.DataAuthRule);
}
switch (item.DataAuthCode)
{
default:
break;
case "EmpId":
if (item.DataAuthRule == null)
{
empColumnName.Split(",").ToList().ForEach(item =>
{
dynamicFilterInfos.Add(new() { Field = item, Operator = DynamicFilterOperator.Equal, Value = userId });
});
}
else
{
empColumnName.Split(",").ToList().ForEach(item =>
{
dynamicFilterInfos.Add(new() { Field = item, Operator = DynamicFilterOperator.Any, Value = string.Join(",", idsNamesViewModel.Ids) });
});
}
break;
case "DeptId":
if (deptColumnName != null)
{
if (item.DataAuthRule == null)
{
var user = context.Queryable<UserEntity>().Where(t => t.Id.Equals(userId)).ToOne();
dynamicFilterInfos.Add(new() { Field = deptColumnName, Operator = DynamicFilterOperator.Equal, Value = user.DeptId });
}
else
{
dynamicFilterInfos.Add(new() { Field = deptColumnName, Operator = DynamicFilterOperator.Any, Value = string.Join(",", idsNamesViewModel.Ids) });
}
}
break;
case "OrgId":
if (orgaColumnName != null)
{
if (item.DataAuthRule == null)
{
var user = context.Queryable<UserEntity>().Where(t => t.Id.Equals(userId)).First();
dynamicFilterInfos.Add(new() { Field = orgaColumnName, Operator = DynamicFilterOperator.Equal, Value = user.Department.OrgId });
}
else
{
dynamicFilterInfos.Add(new() { Field = orgaColumnName, Operator = DynamicFilterOperator.Any, Value = string.Join(",", idsNamesViewModel.Ids) });
}
}
break;
}
});
dynamicFilterInfo.Filters = dynamicFilterInfos;
}
return dynamicFilterInfo;
}调用方式
Sqlsugar
EFCore
版权声明:本文为mansai原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。