增加账户帮助类。处理用户是否为管理员相关方法

2020-04-20 11:41:09 +08:00 · 2020-04-20 11:41:09 +08:00 · b97b2ddd09
commit b97b2ddd09
parent 9a046cf799
5 changed files with 139 additions and 4 deletions
--- a/FAuth/Controllers/api/AppController.cs
+++ b/FAuth/Controllers/api/AppController.cs
@ -44,6 +44,19 @@ namespace FAuth.Controllers.api
            return newApp;
        }

+        [HttpPost]
+        public bool RemoveApp(string appName) {
+            if(appName.IsNullOrEmpty()) {
+                throw new ArgumentNullException(nameof(appName));
+            }
+            var qu = this.Db.Apps.Where(m => m.Name == appName);
+            foreach(var item in qu) {
+                this.Db.Entry(item).State = EntityState.Deleted;
+            }
+            this.Db.SaveChangesAsync().Wait();
+            return true;
+        }
+
        /// <summary>
        /// 查询app是否注册
        /// </summary>
--- a/FAuth/Controllers/api/UserController.cs
+++ b/FAuth/Controllers/api/UserController.cs
@ -2,11 +2,13 @@
 using System.Linq;
 using Falcon.Extend;
 using FAuth.DataBase.Tables;
+using FAuth.Extensions.Account;
 using FAuth.Extensions.Decryptor;
 using FAuth.Models;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.ModelBinding;
 using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;

 namespace FAuth.Controllers.api
@ -17,11 +19,12 @@ namespace FAuth.Controllers.api
    public class UserController:ApiControllerBase<UserController>
    {
        public IUserTicketDryptor UserTicketDryptor { get; set; }
+        public AccountHelper Account { get; set; }

-        public UserController(ILogger<UserController> logger,IServiceProvider service,IUserTicketDryptor userTicketDryptor)
+        public UserController(ILogger<UserController> logger,IServiceProvider service)
            : base(logger,service) {
-
-            this.UserTicketDryptor = userTicketDryptor;
+            this.Account = service.GetRequiredService<AccountHelper>();
+            this.UserTicketDryptor = service.GetRequiredService<IUserTicketDryptor>();
        }

        /// <summary>
@ -82,7 +85,7 @@ namespace FAuth.Controllers.api
        /// </summary>
        /// <param name="ticket">登录票据</param>
        /// <returns>用户信息</returns>
-        [HttpPost]
+        [HttpGet]
        [ProducesResponseType(typeof(UserInfo),200)]
        public UserInfo GetUserByTicket([BindRequired]string ticket) {
            if(ticket.IsNullOrEmpty()) {
@ -146,6 +149,10 @@ namespace FAuth.Controllers.api
                throw new ArgumentException("用户姓名不能为空",nameof(name));
            if(string.IsNullOrEmpty(password))
                throw new ArgumentException("密码不能为空",nameof(password));
+
+            if(this.Account.IsNotSystemAdmin(adminTicket)) {
+                throw new Exception($"用户必须在应用FAuth中具有Admin角色！");
+            }
            var qu = this.Db.Users.Where(m => m.UserName == userName);
            if(qu.Any()) {
                throw new Exception("用户登录名已经存在，不能重复添加");
@ -160,5 +167,35 @@ namespace FAuth.Controllers.api
            this.Logger.LogInformation($"用户{nUser.Id}:{nUser.UserName}:{nUser.Name}添加成功！");
            return true;
        }
+
+        /// <summary>
+        /// 重置用户密码
+        /// </summary>
+        /// <param name="adminTicket">管理员票据</param>
+        /// <param name="userName">要重置密码的用户名</param>
+        /// <param name="newPassword">新密码</param>
+        /// <returns>是否成功。成功True 否则返回False</returns>
+        [HttpPost]
+        public bool ResetUserPassword(string adminTicket,string userName,string newPassword) {
+            if(string.IsNullOrEmpty(adminTicket))
+                throw new ArgumentException("必须提供管理票据",nameof(adminTicket));
+            if(string.IsNullOrEmpty(userName))
+                throw new ArgumentException("新用户登录名不能为空",nameof(userName));
+            if(string.IsNullOrEmpty(newPassword))
+                throw new ArgumentException("密码不能为空",nameof(newPassword));
+
+            if(this.Account.IsNotSystemAdmin(adminTicket)) {
+                throw new Exception($"用户必须在应用FAuth中具有Admin角色！");
+            }
+            var qu = this.Db.Users.Where(m => m.UserName == userName);
+            if(!qu.Any()) {
+                throw new Exception("用户登录名不存在");
+            }
+            foreach(var item in qu) {
+                item.Password = newPassword;
+            }
+            this.Db.SaveChangesAsync().Wait();
+            return true;
+        }
    }
 }
--- a/FAuth/Extensions/Account/AccountHelper.cs
+++ b/FAuth/Extensions/Account/AccountHelper.cs
@ -0,0 +1,63 @@
+using System.Collections.Generic;
+using System.Linq;
+using FAuth.DataBase;
+using FAuth.Extensions.Decryptor;
+
+namespace FAuth.Extensions.Account
+{
+    /// <summary>
+    /// 账号帮助类
+    /// </summary>
+    public class AccountHelper
+    {
+        /// <summary>
+        /// 数据库上下文
+        /// </summary>
+        public FAuthDb Db { get; set; }
+        /// <summary>
+        /// 用户凭据加密提供器
+        /// </summary>
+        public IUserTicketDryptor TicketDryptor { get; set; }
+
+        public AccountHelper(FAuthDb db,IUserTicketDryptor ticketDryptor) {
+            this.Db = db;
+            this.TicketDryptor = ticketDryptor;
+        }
+
+        /// <summary>
+        /// 查询用户是否为FAuth系统管理员
+        /// </summary>
+        /// <param name="userId">用户编号</param>
+        /// <returns>是否为FAuth系统管理员</returns>
+        public bool IsSystemAdmin(int userId) {
+            var qu =
+                from arg in this.Db.App_RoleGroups
+                join rgr in this.Db.RoleGroup_Roles on arg.RoleGroupId equals rgr.RoleGroupId
+                join ru in this.Db.Role_Users on rgr.RoleId equals ru.RoleId
+                where arg.AppId == 1 && arg.RoleGroupId == 1 && ru.UserId == userId
+                select 1;
+            return qu.Any();
+        }
+
+        /// <summary>
+        /// 用户是否不是系统管理员
+        /// </summary>
+        /// <param name="userId">用户编号</param>
+        /// <returns>是否不是管理员</returns>
+        public bool IsNotSystemAdmin(int userId) => !IsSystemAdmin(userId);
+
+        /// <summary>
+        /// 查询票据是否为系统管理员
+        /// </summary>
+        /// <param name="userTicket">用户票据</param>
+        /// <returns>是管理员True，否则false</returns>
+        public bool IsSystemAdmin(string userTicket) => IsSystemAdmin(this.TicketDryptor.Decrypt(userTicket).Id);
+
+        /// <summary>
+        /// 查询票据是否不是系统管理员
+        /// </summary>
+        /// <param name="userTicket">用户票据</param>
+        /// <returns>是管理员False，否则True</returns>
+        public bool IsNotSystemAdmin(string userTicket) => !IsSystemAdmin(userTicket);
+    }
+}
--- a/FAuth/Extensions/Account/ServiceCollectionExtend.cs
+++ b/FAuth/Extensions/Account/ServiceCollectionExtend.cs
@ -0,0 +1,20 @@
+using Microsoft.Extensions.DependencyInjection;
+
+namespace FAuth.Extensions.Account
+{
+    /// <summary>
+    /// 服务集合扩展
+    /// </summary>
+    public static class ServiceCollectionExtend
+    {
+        /// <summary>
+        /// 增加账号帮助类服务
+        /// </summary>
+        /// <param name="service">服务集合</param>
+        /// <returns>服务集合</returns>
+        public static IServiceCollection AddAccountHelper(this IServiceCollection service) {
+            service.AddTransient<AccountHelper>();
+            return service;
+        }
+    }
+}
--- a/FAuth/Startup.cs
+++ b/FAuth/Startup.cs
@ -5,6 +5,7 @@ using System.Text.Unicode;
 using Falcon.Extend;
 using FAuth.DataBase;
 using FAuth.Extensions;
+using FAuth.Extensions.Account;
 using FAuth.Extensions.Decryptor;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
@ -40,6 +41,7 @@ namespace FAuth
            services.AddDbContext<FAuthDb>(option => {
                option.UseSqlServer(Configuration.GetConnectionString("FAuthDb"));
            });
+            services.AddAccountHelper();
            //×¢²áRedis
            var rop = this.Configuration.GetSection("Redis").Get<RedisCacheOptions>();
            services.AddRedis(rop);