增加账户帮助类。处理用户是否为管理员相关方法

This commit is contained in:
falcon 2020-04-20 11:41:09 +08:00
parent 9a046cf799
commit b97b2ddd09
5 changed files with 139 additions and 4 deletions

View File

@ -44,6 +44,19 @@ namespace FAuth.Controllers.api
return newApp;
}
[HttpPost]
public bool RemoveApp(string appName) {
if(appName.IsNullOrEmpty()) {
throw new ArgumentNullException(nameof(appName));
}
var qu = this.Db.Apps.Where(m => m.Name == appName);
foreach(var item in qu) {
this.Db.Entry(item).State = EntityState.Deleted;
}
this.Db.SaveChangesAsync().Wait();
return true;
}
/// <summary>
/// 查询app是否注册
/// </summary>

View File

@ -2,11 +2,13 @@
using System.Linq;
using Falcon.Extend;
using FAuth.DataBase.Tables;
using FAuth.Extensions.Account;
using FAuth.Extensions.Decryptor;
using FAuth.Models;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.ModelBinding;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
namespace FAuth.Controllers.api
@ -17,11 +19,12 @@ namespace FAuth.Controllers.api
public class UserController:ApiControllerBase<UserController>
{
public IUserTicketDryptor UserTicketDryptor { get; set; }
public AccountHelper Account { get; set; }
public UserController(ILogger<UserController> logger,IServiceProvider service,IUserTicketDryptor userTicketDryptor)
public UserController(ILogger<UserController> logger,IServiceProvider service)
: base(logger,service) {
this.UserTicketDryptor = userTicketDryptor;
this.Account = service.GetRequiredService<AccountHelper>();
this.UserTicketDryptor = service.GetRequiredService<IUserTicketDryptor>();
}
/// <summary>
@ -82,7 +85,7 @@ namespace FAuth.Controllers.api
/// </summary>
/// <param name="ticket">登录票据</param>
/// <returns>用户信息</returns>
[HttpPost]
[HttpGet]
[ProducesResponseType(typeof(UserInfo),200)]
public UserInfo GetUserByTicket([BindRequired]string ticket) {
if(ticket.IsNullOrEmpty()) {
@ -146,6 +149,10 @@ namespace FAuth.Controllers.api
throw new ArgumentException("用户姓名不能为空",nameof(name));
if(string.IsNullOrEmpty(password))
throw new ArgumentException("密码不能为空",nameof(password));
if(this.Account.IsNotSystemAdmin(adminTicket)) {
throw new Exception($"用户必须在应用FAuth中具有Admin角色");
}
var qu = this.Db.Users.Where(m => m.UserName == userName);
if(qu.Any()) {
throw new Exception("用户登录名已经存在,不能重复添加");
@ -160,5 +167,35 @@ namespace FAuth.Controllers.api
this.Logger.LogInformation($"用户{nUser.Id}:{nUser.UserName}:{nUser.Name}添加成功!");
return true;
}
/// <summary>
/// 重置用户密码
/// </summary>
/// <param name="adminTicket">管理员票据</param>
/// <param name="userName">要重置密码的用户名</param>
/// <param name="newPassword">新密码</param>
/// <returns>是否成功。成功True 否则返回False</returns>
[HttpPost]
public bool ResetUserPassword(string adminTicket,string userName,string newPassword) {
if(string.IsNullOrEmpty(adminTicket))
throw new ArgumentException("必须提供管理票据",nameof(adminTicket));
if(string.IsNullOrEmpty(userName))
throw new ArgumentException("新用户登录名不能为空",nameof(userName));
if(string.IsNullOrEmpty(newPassword))
throw new ArgumentException("密码不能为空",nameof(newPassword));
if(this.Account.IsNotSystemAdmin(adminTicket)) {
throw new Exception($"用户必须在应用FAuth中具有Admin角色");
}
var qu = this.Db.Users.Where(m => m.UserName == userName);
if(!qu.Any()) {
throw new Exception("用户登录名不存在");
}
foreach(var item in qu) {
item.Password = newPassword;
}
this.Db.SaveChangesAsync().Wait();
return true;
}
}
}

View File

@ -0,0 +1,63 @@
using System.Collections.Generic;
using System.Linq;
using FAuth.DataBase;
using FAuth.Extensions.Decryptor;
namespace FAuth.Extensions.Account
{
/// <summary>
/// 账号帮助类
/// </summary>
public class AccountHelper
{
/// <summary>
/// 数据库上下文
/// </summary>
public FAuthDb Db { get; set; }
/// <summary>
/// 用户凭据加密提供器
/// </summary>
public IUserTicketDryptor TicketDryptor { get; set; }
public AccountHelper(FAuthDb db,IUserTicketDryptor ticketDryptor) {
this.Db = db;
this.TicketDryptor = ticketDryptor;
}
/// <summary>
/// 查询用户是否为FAuth系统管理员
/// </summary>
/// <param name="userId">用户编号</param>
/// <returns>是否为FAuth系统管理员</returns>
public bool IsSystemAdmin(int userId) {
var qu =
from arg in this.Db.App_RoleGroups
join rgr in this.Db.RoleGroup_Roles on arg.RoleGroupId equals rgr.RoleGroupId
join ru in this.Db.Role_Users on rgr.RoleId equals ru.RoleId
where arg.AppId == 1 && arg.RoleGroupId == 1 && ru.UserId == userId
select 1;
return qu.Any();
}
/// <summary>
/// 用户是否不是系统管理员
/// </summary>
/// <param name="userId">用户编号</param>
/// <returns>是否不是管理员</returns>
public bool IsNotSystemAdmin(int userId) => !IsSystemAdmin(userId);
/// <summary>
/// 查询票据是否为系统管理员
/// </summary>
/// <param name="userTicket">用户票据</param>
/// <returns>是管理员True否则false</returns>
public bool IsSystemAdmin(string userTicket) => IsSystemAdmin(this.TicketDryptor.Decrypt(userTicket).Id);
/// <summary>
/// 查询票据是否不是系统管理员
/// </summary>
/// <param name="userTicket">用户票据</param>
/// <returns>是管理员False否则True</returns>
public bool IsNotSystemAdmin(string userTicket) => !IsSystemAdmin(userTicket);
}
}

View File

@ -0,0 +1,20 @@
using Microsoft.Extensions.DependencyInjection;
namespace FAuth.Extensions.Account
{
/// <summary>
/// 服务集合扩展
/// </summary>
public static class ServiceCollectionExtend
{
/// <summary>
/// 增加账号帮助类服务
/// </summary>
/// <param name="service">服务集合</param>
/// <returns>服务集合</returns>
public static IServiceCollection AddAccountHelper(this IServiceCollection service) {
service.AddTransient<AccountHelper>();
return service;
}
}
}

View File

@ -5,6 +5,7 @@ using System.Text.Unicode;
using Falcon.Extend;
using FAuth.DataBase;
using FAuth.Extensions;
using FAuth.Extensions.Account;
using FAuth.Extensions.Decryptor;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
@ -40,6 +41,7 @@ namespace FAuth
services.AddDbContext<FAuthDb>(option => {
option.UseSqlServer(Configuration.GetConnectionString("FAuthDb"));
});
services.AddAccountHelper();
//×¢²áRedis
var rop = this.Configuration.GetSection("Redis").Get<RedisCacheOptions>();
services.AddRedis(rop);