using System; using System.Collections.Generic; using System.Linq; using Sog; namespace Operation { public class AdminSvc : BaseReloadableService { private MySqlDB m_mySqlDb; private static AdminOperator _adminOperator; private static long _mLastTickTime; //缓存账号的菜单 private static volatile Dictionary> _accountMenus; //缓存账号的角色 private static volatile Dictionary> _accountRoles; private static volatile Dictionary> _accountPermissions; public static readonly string Administrator = "Administrator"; private static int Version = 1; public override int GetServiceType() { return OperationServiceType.AdminSvc; } public override void Dispose() { m_mySqlDb.Dispose(); m_mySqlDb = null; _accountMenus.Clear(); _accountRoles.Clear(); _accountPermissions.Clear(); } public AdminSvc() { var config = OperationServerUtils.GetServerConfig(); m_mySqlDb = new MySqlDB(config.dbname, config.dbip, config.dbuser, config.dbpassword); _adminOperator = new AdminOperator(m_mySqlDb); _accountMenus = new Dictionary>(); _accountRoles = new Dictionary>(); _accountPermissions = new Dictionary>(); } public static void OnTick(long nowMs) { //5分钟 if (nowMs - _mLastTickTime < 60000 * 5) { return; } _mLastTickTime = nowMs; if (_adminOperator == null) { return; } _adminOperator.KeepAlive(); } //是否是超级管理员 private static bool IsAdmin(string account) { if (string.IsNullOrEmpty(account)) { return false; } var roles = GetRoles(account); if (roles == null || roles.Count == 0) { return false; } foreach (var role in roles) { if (role.Name == Administrator) { return true; } } return false; } public static List GetRoles(string account) { if (_accountRoles.ContainsKey(account)) { return _accountRoles[account]; } var roles = _adminOperator.GetRole(account); if (roles != null && roles.Count > 0) { _accountRoles[account] = roles; } return roles; } public static List GetMenuList(string account) { var result = new List(); if (String.IsNullOrEmpty(account)) { return result; } if (_accountMenus != null && _accountMenus.Count > 0) { if (_accountMenus.ContainsKey(account)) { return _accountMenus[account]; } } Version++; List list = new List(); if (IsAdmin(account)) { list = _adminOperator.GetAllMenus(); } else { list = _adminOperator.GetMenus(account); } if (list == null || list.Count == 0) { return list; } _accountMenus[account] = FormatMenu(list); return _accountMenus[account]; } public static List GetAllMenus() { var list = _adminOperator.GetAllMenus(); return FormatMenu(list); } public static List GetAllRoles() { var list = _adminOperator.GetAllRoles(); return list; } public static List GetAllPermission() { var list = _adminOperator.GetAllPermissions(); return FormatPermission(list); } private static List FormatPermission(List list) { Dictionary templates = new Dictionary(); foreach (var permission in list) { if (permission.ParentId == 0) { templates[permission.Id] = permission; } } foreach (var permission in list) { if (permission.ParentId != 0 && templates.ContainsKey(permission.ParentId)) { templates[permission.ParentId].SubPermissions.Add(permission); } else { templates[permission.Id] = permission; //父权限不存在 } } return templates.Values.ToList(); } private static List FormatMenu(List list) { Dictionary templates = new Dictionary(); foreach (var menu in list) { if (menu.ParentId == 0) { menu.Version = Version; templates[menu.MenuId] = menu; } } foreach (var menu in list) { if (menu.ParentId != 0 && templates.ContainsKey(menu.ParentId)) { menu.Version = Version; templates[menu.ParentId].subMenus.Add(menu); } } return templates.Values.ToList(); } private static bool CheckToken(string token) { if (string.IsNullOrEmpty(token)) { return false; } var tokenList = OperationServerUtils.GetOperationServerData().m_tokenList; //服务器保存了所有token列表 if (!tokenList.ContainsKey(token)) { return false; } long now = OperationServerUtils.GetTimeSecond(); if (tokenList[token] + 30 * 60 < now) { return false; } tokenList[token] = now; return true; } /** * 检查是否有权限 */ public static bool HasPermission(string token, string url) { if (Resolver.IsIgnored(url)) { return true; } //需要登陆且正确的token if (!CheckToken(token)) { return false; } var account = OperationServerUtils.GetAccount(token); if (string.IsNullOrEmpty(account)) { return false; } //超管拥有所有权限 if (IsAdmin(account)) { return true; } var ps = GetPermissions(account); if (ps.Any(p => p.Urls.Contains(url))) { return true; } TraceLog.Trace("AdminSvc.HasPermission permission denied,account={0},url={1}", account, url); return false; } public static List GetPermissions(string account) { if (_accountPermissions.ContainsKey(account)) { return _accountPermissions[account]; } var ps = _adminOperator.GetPermissionList(account); if (ps != null && ps.Count > 0) { _accountPermissions[account] = ps; } return ps; } public static void InitMenus(Dictionary menus) { foreach (KeyValuePair kv in menus) { var menu = kv.Value; var parentId = _adminOperator.AddMenu(menu.Name, menu.Icon, menu.Order, menu.Url, menu.Permission, 0); if (parentId == -1) { continue; } foreach (var sub in menu.subMenus) { _adminOperator.AddMenu(sub.Name, sub.Icon, sub.Order, sub.Url, menu.Permission, parentId); } } } public static void InitPermissions(Dictionary permissions) { foreach (var permission in permissions) { var value = permission.Value; var urls = String.Join(";", value.Urls.ToArray()); _adminOperator.AddPermission(permission.Key, value.Name, urls, value.ParentId); } } public static void CreateRole(string name) { if (name == Administrator) { return; } var role = new Role(); role.Name = name; role.Permissions.AddRange(GetRoleDefaultPermissions()); _adminOperator.AddRole(role); } public static void UpdateRole(int id, string name, string menus, string permissions) { _adminOperator.UpdateRole(id, name, menus, permissions); ClearData(); } //所有角色都应该有的权限 private static IEnumerable GetRoleDefaultPermissions() { var list = new List { (int)PermissionCode.INDEX, (int)PermissionCode.SELF_MENUS, (int)PermissionCode.LANGUAGE_SEARCH, (int)PermissionCode.CHACK_AUTH_INFO, }; return list; } public static void UpdateAccountRole(string account, string roles) { _adminOperator.SaveAdminRole(account, roles); RemoveAccountData(account); } private static void RemoveAccountData(string account) { if (_accountMenus.ContainsKey(account)) { _accountMenus.Remove(account); } if (_accountRoles.ContainsKey(account)) { _accountRoles.Remove(account); } if (_accountPermissions.ContainsKey(account)) { _accountPermissions.Remove(account); } } private static void ClearData() { _accountMenus.Clear(); _accountRoles.Clear(); _accountPermissions.Clear(); } public static void DeleteAccountRole(string account) { _adminOperator.DeleteAdminRole(account); RemoveAccountData(account); } public static void DeleteRole(int roleId) { //系统管理角色不能删除 if (roleId == 1 || roleId == 0) { return; } _adminOperator.DeleteRole(roleId); ClearData(); } } }