using Microsoft.Extensions.Logging;
using OrpaonVision.Core.Results;
using OrpaonVision.Core.Security;
using OrpaonVision.Model.Security;
using OrpaonVision.ConfigApp.Infrastructure.Services;
namespace OrpaonVision.ConfigApp.Infrastructure.Services;
///
/// 用户角色管理服务实现。
///
public sealed class UserRoleService : IUserRoleService
{
private readonly ILogger _logger;
private readonly IUserRoleStore _userRoleStore;
private readonly IUserStore _userStore;
private readonly IRoleStore _roleStore;
///
/// 构造函数。
///
public UserRoleService(
ILogger logger,
IUserRoleStore userRoleStore,
IUserStore userStore,
IRoleStore roleStore)
{
_logger = logger;
_userRoleStore = userRoleStore;
_userStore = userStore;
_roleStore = roleStore;
}
///
public async Task AssignRoleToUser(Guid userId, Guid roleId, string assignedBy)
{
try
{
_logger.LogInformation("正在为用户分配角色: {UserId} - {RoleId}", userId, roleId);
// 检查用户是否存在
var userResult = await _userStore.GetByIdAsync(userId);
if (!userResult.Succeeded || userResult.Data == null)
{
return Result.Fail("USER_NOT_FOUND", "用户不存在");
}
// 检查角色是否存在
var roleResult = await _roleStore.GetByIdAsync(roleId);
if (!roleResult.Succeeded || roleResult.Data == null)
{
return Result.Fail("ROLE_NOT_FOUND", "角色不存在");
}
// 检查是否已存在
var existingResult = await _userRoleStore.GetAssignmentAsync(userId, roleId);
if (existingResult.Succeeded && existingResult.Data != null)
{
return Result.Fail("USER_ROLE_ALREADY_EXISTS", "用户已拥有该角色");
}
// 分配角色
var assignmentResult = await _userRoleStore.AssignAsync(userId, roleId, assignedBy);
if (!assignmentResult.Succeeded)
{
return assignmentResult;
}
_logger.LogInformation("用户角色分配成功: {UserId} - {RoleId}", userId, roleId);
return Result.Success("用户角色分配成功");
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "分配用户角色失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "USER_ROLE_ASSIGN_FAILED", "分配用户角色失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task UnassignRoleFromUser(Guid userId, Guid roleId)
{
try
{
_logger.LogInformation("正在取消用户角色分配: {UserId} - {RoleId}", userId, roleId);
// 检查分配是否存在
var existingResult = await _userRoleStore.GetAssignmentAsync(userId, roleId);
if (!existingResult.Succeeded || existingResult.Data == null)
{
return Result.Fail("USER_ROLE_NOT_FOUND", "用户角色分配不存在");
}
// 取消分配
var unassignResult = await _userRoleStore.UnassignAsync(userId, roleId);
if (!unassignResult.Succeeded)
{
return unassignResult;
}
_logger.LogInformation("用户角色分配取消成功: {UserId} - {RoleId}", userId, roleId);
return Result.Success("用户角色分配取消成功");
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "取消用户角色分配失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "USER_ROLE_UNASSIGN_FAILED", "取消用户角色分配失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task>> GetUserRoles(Guid userId)
{
try
{
_logger.LogDebug("获取用户角色: {UserId}", userId);
var rolesResult = await _userRoleStore.GetUserRolesAsync(userId);
if (!rolesResult.Succeeded)
{
return Result>.Fail(rolesResult.Code, rolesResult.Message, rolesResult.Errors.ToArray());
}
_logger.LogDebug("获取用户角色成功: {UserId} - {Count}个角色", userId, rolesResult.Data?.Count ?? 0);
return Result>.Success(rolesResult.Data ?? new List().AsReadOnly());
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "获取用户角色失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "USER_ROLES_GET_FAILED", "获取用户角色失败", traceId);
return Result>.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task>> GetRoleUsers(Guid roleId)
{
try
{
_logger.LogDebug("获取角色用户: {RoleId}", roleId);
var usersResult = await _userRoleStore.GetRoleUsersAsync(roleId);
if (!usersResult.Succeeded)
{
return Result>.Fail(usersResult.Code, usersResult.Message, usersResult.Errors.ToArray());
}
_logger.LogDebug("获取角色用户成功: {RoleId} - {Count}个用户", roleId, usersResult.Data?.Count ?? 0);
return Result>.Success(usersResult.Data ?? new List().AsReadOnly());
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "获取角色用户失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "ROLE_USERS_GET_FAILED", "获取角色用户失败", traceId);
return Result>.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task> UserHasRole(Guid userId, Guid roleId)
{
try
{
_logger.LogDebug("检查用户角色: {UserId} - {RoleId}", userId, roleId);
var hasRoleResult = await _userRoleStore.UserHasRoleAsync(userId, roleId);
if (!hasRoleResult.Succeeded)
{
return Result.Fail(hasRoleResult.Code, hasRoleResult.Message, hasRoleResult.Errors.ToArray());
}
_logger.LogDebug("用户角色检查结果: {UserId} - {RoleId} - {HasRole}", userId, roleId, hasRoleResult.Data);
return hasRoleResult;
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "检查用户角色失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "USER_ROLE_CHECK_FAILED", "检查用户角色失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task RemoveRoleFromUser(Guid userId, Guid roleId, string operatedBy)
{
try
{
_logger.LogDebug("从用户移除角色: {UserId} - {RoleId} - {OperatedBy}", userId, roleId, operatedBy);
var unassignResult = await _userRoleStore.UnassignAsync(userId, roleId);
if (!unassignResult.Succeeded)
{
return Result.Fail(unassignResult.Code, unassignResult.Message, unassignResult.Errors.ToArray());
}
_logger.LogInformation("用户角色移除成功: {UserId} - {RoleId}", userId, roleId);
return Result.Success(message: "用户角色移除成功");
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "从用户移除角色失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "REMOVE_ROLE_FROM_USER_FAILED", "从用户移除角色失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task AssignRolesToUser(Guid userId, List roleIds, string operatedBy)
{
try
{
_logger.LogDebug("为用户分配多个角色: {UserId} - {RoleCount} - {OperatedBy}", userId, roleIds.Count, operatedBy);
var results = new List();
foreach (var roleId in roleIds)
{
var assignResult = await _userRoleStore.AssignAsync(userId, roleId, operatedBy);
results.Add(assignResult);
if (!assignResult.Succeeded)
{
_logger.LogWarning("分配角色失败: {UserId} - {RoleId} - {Error}", userId, roleId, assignResult.Message);
}
}
var failedCount = results.Count(r => !r.Succeeded);
if (failedCount > 0)
{
return Result.Fail("ASSIGN_ROLES_PARTIAL_FAILED", $"部分角色分配失败,失败数量: {failedCount}/{roleIds.Count}");
}
_logger.LogInformation("用户多角色分配成功: {UserId} - {RoleCount}", userId, roleIds.Count);
return Result.Success(message: "用户多角色分配成功");
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "为用户分配多个角色失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "ASSIGN_ROLES_TO_USER_FAILED", "为用户分配多个角色失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task RemoveRolesFromUser(Guid userId, List roleIds, string operatedBy)
{
try
{
_logger.LogDebug("从用户移除多个角色: {UserId} - {RoleCount} - {OperatedBy}", userId, roleIds.Count, operatedBy);
var results = new List();
foreach (var roleId in roleIds)
{
var unassignResult = await _userRoleStore.UnassignAsync(userId, roleId);
results.Add(unassignResult);
if (!unassignResult.Succeeded)
{
_logger.LogWarning("移除角色失败: {UserId} - {RoleId} - {Error}", userId, roleId, unassignResult.Message);
}
}
var failedCount = results.Count(r => !r.Succeeded);
if (failedCount > 0)
{
return Result.Fail("REMOVE_ROLES_PARTIAL_FAILED", $"部分角色移除失败,失败数量: {failedCount}/{roleIds.Count}");
}
_logger.LogInformation("用户多角色移除成功: {UserId} - {RoleCount}", userId, roleIds.Count);
return Result.Success(message: "用户多角色移除成功");
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "从用户移除多个角色失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "REMOVE_ROLES_FROM_USER_FAILED", "从用户移除多个角色失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task> CheckUserHasRole(Guid userId, Guid roleId)
{
try
{
_logger.LogDebug("检查用户角色: {UserId} - {RoleId}", userId, roleId);
var hasRoleResult = await _userRoleStore.UserHasRoleAsync(userId, roleId);
if (!hasRoleResult.Succeeded)
{
return Result.Fail(hasRoleResult.Code, hasRoleResult.Message, hasRoleResult.Errors.ToArray());
}
_logger.LogDebug("用户角色检查结果: {UserId} - {RoleId} - {HasRole}", userId, roleId, hasRoleResult.Data);
return hasRoleResult;
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "检查用户角色失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "USER_ROLE_CHECK_FAILED", "检查用户角色失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task> CheckUserHasRole(Guid userId, string roleName)
{
try
{
_logger.LogDebug("检查用户角色名称: {UserId} - {RoleName}", userId, roleName);
var hasRoleResult = await _userRoleStore.UserHasRoleAsync(userId, roleName);
if (!hasRoleResult.Succeeded)
{
return Result.Fail(hasRoleResult.Code, hasRoleResult.Message, hasRoleResult.Errors.ToArray());
}
_logger.LogDebug("用户角色名称检查结果: {UserId} - {RoleName} - {HasRole}", userId, roleName, hasRoleResult.Data);
return hasRoleResult;
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "检查用户角色名称失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "USER_ROLE_NAME_CHECK_FAILED", "检查用户角色名称失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
}
///
/// 角色权限管理服务实现。
///
public sealed class RolePermissionService : IRolePermissionService
{
private readonly ILogger _logger;
private readonly IRolePermissionStore _rolePermissionStore;
private readonly IRoleStore _roleStore;
private readonly IPermissionStore _permissionStore;
///
/// 构造函数。
///
public RolePermissionService(
ILogger logger,
IRolePermissionStore rolePermissionStore,
IRoleStore roleStore,
IPermissionStore permissionStore)
{
_logger = logger;
_rolePermissionStore = rolePermissionStore;
_roleStore = roleStore;
_permissionStore = permissionStore;
}
///
public async Task AssignPermissionToRole(Guid roleId, Guid permissionId, string assignedBy)
{
try
{
_logger.LogInformation("正在为角色分配权限: {RoleId} - {PermissionId}", roleId, permissionId);
// 检查角色是否存在
var roleResult = await _roleStore.GetByIdAsync(roleId);
if (!roleResult.Succeeded || roleResult.Data == null)
{
return Result.Fail("ROLE_NOT_FOUND", "角色不存在");
}
// 检查权限是否存在
var permissionResult = await _permissionStore.GetByIdAsync(permissionId);
if (!permissionResult.Succeeded || permissionResult.Data == null)
{
return Result.Fail("PERMISSION_NOT_FOUND", "权限不存在");
}
// 检查是否已存在
var existingResult = await _rolePermissionStore.GetAssignmentAsync(roleId, permissionId);
if (existingResult.Succeeded && existingResult.Data != null)
{
return Result.Fail("ROLE_PERMISSION_ALREADY_EXISTS", "角色已拥有该权限");
}
// 分配权限
var assignmentResult = await _rolePermissionStore.AssignAsync(roleId, permissionId, assignedBy);
if (!assignmentResult.Succeeded)
{
return assignmentResult;
}
_logger.LogInformation("角色权限分配成功: {RoleId} - {PermissionId}", roleId, permissionId);
return Result.Success("角色权限分配成功");
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "分配角色权限失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "ROLE_PERMISSION_ASSIGN_FAILED", "分配角色权限失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task UnassignPermissionFromRole(Guid roleId, Guid permissionId)
{
try
{
_logger.LogInformation("正在取消角色权限分配: {RoleId} - {PermissionId}", roleId, permissionId);
// 检查分配是否存在
var existingResult = await _rolePermissionStore.GetAssignmentAsync(roleId, permissionId);
if (!existingResult.Succeeded || existingResult.Data == null)
{
return Result.Fail("ROLE_PERMISSION_NOT_FOUND", "角色权限分配不存在");
}
// 取消分配
var unassignResult = await _rolePermissionStore.UnassignAsync(roleId, permissionId);
if (!unassignResult.Succeeded)
{
return unassignResult;
}
_logger.LogInformation("角色权限分配取消成功: {RoleId} - {PermissionId}", roleId, permissionId);
return Result.Success("角色权限分配取消成功");
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "取消角色权限分配失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "ROLE_PERMISSION_UNASSIGN_FAILED", "取消角色权限分配失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task>> GetRolePermissions(Guid roleId)
{
try
{
_logger.LogDebug("获取角色权限: {RoleId}", roleId);
var permissionsResult = await _rolePermissionStore.GetRolePermissionsAsync(roleId);
if (!permissionsResult.Succeeded)
{
return Result>.Fail(permissionsResult.Code, permissionsResult.Message, permissionsResult.Errors.ToArray());
}
_logger.LogDebug("获取角色权限成功: {RoleId} - {Count}个权限", roleId, permissionsResult.Data?.Count ?? 0);
return Result>.Success(permissionsResult.Data ?? new List().AsReadOnly());
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "获取角色权限失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "ROLE_PERMISSIONS_GET_FAILED", "获取角色权限失败", traceId);
return Result>.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task>> GetPermissionRoles(Guid permissionId)
{
try
{
_logger.LogDebug("获取权限角色: {PermissionId}", permissionId);
var rolesResult = await _rolePermissionStore.GetPermissionRolesAsync(permissionId);
if (!rolesResult.Succeeded)
{
return Result>.Fail(rolesResult.Code, rolesResult.Message, rolesResult.Errors.ToArray());
}
_logger.LogDebug("获取权限角色成功: {PermissionId} - {Count}个角色", permissionId, rolesResult.Data?.Count ?? 0);
return Result>.Success(rolesResult.Data ?? new List().AsReadOnly());
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "获取权限角色失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "PERMISSION_ROLES_GET_FAILED", "获取权限角色失败", traceId);
return Result>.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task> RoleHasPermission(Guid roleId, Guid permissionId)
{
try
{
_logger.LogDebug("检查角色权限: {RoleId} - {PermissionId}", roleId, permissionId);
var hasPermissionResult = await _rolePermissionStore.RoleHasPermissionAsync(roleId, permissionId);
if (!hasPermissionResult.Succeeded)
{
return Result.Fail(hasPermissionResult.Code, hasPermissionResult.Message, hasPermissionResult.Errors.ToArray());
}
_logger.LogDebug("角色权限检查结果: {RoleId} - {PermissionId} - {HasPermission}", roleId, permissionId, hasPermissionResult.Data);
return hasPermissionResult;
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "检查角色权限失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "ROLE_PERMISSION_CHECK_FAILED", "检查角色权限失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task> RoleHasPermission(Guid roleId, string permissionCode)
{
try
{
_logger.LogDebug("检查角色权限编码: {RoleId} - {PermissionCode}", roleId, permissionCode);
var hasPermissionResult = await _rolePermissionStore.RoleHasPermissionAsync(roleId, permissionCode);
if (!hasPermissionResult.Succeeded)
{
return Result.Fail(hasPermissionResult.Code, hasPermissionResult.Message, hasPermissionResult.Errors.ToArray());
}
_logger.LogDebug("角色权限编码检查结果: {RoleId} - {PermissionCode} - {HasPermission}", roleId, permissionCode, hasPermissionResult.Data);
return hasPermissionResult;
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "检查角色权限编码失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "ROLE_PERMISSION_CODE_CHECK_FAILED", "检查角色权限编码失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task RemovePermissionFromRole(Guid roleId, Guid permissionId, string removedBy)
{
try
{
_logger.LogDebug("从角色移除权限: {RoleId} - {PermissionId} - {RemovedBy}", roleId, permissionId, removedBy);
var unassignResult = await _rolePermissionStore.UnassignAsync(roleId, permissionId);
if (!unassignResult.Succeeded)
{
return Result.Fail(unassignResult.Code, unassignResult.Message, unassignResult.Errors.ToArray());
}
_logger.LogInformation("角色权限移除成功: {RoleId} - {PermissionId}", roleId, permissionId);
return Result.Success(message: "角色权限移除成功");
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "从角色移除权限失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "REMOVE_PERMISSION_FROM_ROLE_FAILED", "从角色移除权限失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task AssignPermissionsToRole(Guid roleId, List permissionIds, string assignedBy)
{
try
{
_logger.LogDebug("为角色分配多个权限: {RoleId} - {PermissionCount} - {AssignedBy}", roleId, permissionIds.Count, assignedBy);
var results = new List();
foreach (var permissionId in permissionIds)
{
var assignResult = await _rolePermissionStore.AssignAsync(roleId, permissionId, assignedBy);
results.Add(assignResult);
if (!assignResult.Succeeded)
{
_logger.LogWarning("分配权限失败: {RoleId} - {PermissionId} - {Error}", roleId, permissionId, assignResult.Message);
}
}
var failedCount = results.Count(r => !r.Succeeded);
if (failedCount > 0)
{
return Result.Fail("ASSIGN_PERMISSIONS_PARTIAL_FAILED", $"部分权限分配失败,失败数量: {failedCount}/{permissionIds.Count}");
}
_logger.LogInformation("角色多权限分配成功: {RoleId} - {PermissionCount}", roleId, permissionIds.Count);
return Result.Success(message: "角色多权限分配成功");
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "为角色分配多个权限失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "ASSIGN_PERMISSIONS_TO_ROLE_FAILED", "为角色分配多个权限失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task RemovePermissionsFromRole(Guid roleId, List permissionIds, string removedBy)
{
try
{
_logger.LogDebug("从角色移除多个权限: {RoleId} - {PermissionCount} - {RemovedBy}", roleId, permissionIds.Count, removedBy);
var results = new List();
foreach (var permissionId in permissionIds)
{
var unassignResult = await _rolePermissionStore.UnassignAsync(roleId, permissionId);
results.Add(unassignResult);
if (!unassignResult.Succeeded)
{
_logger.LogWarning("移除权限失败: {RoleId} - {PermissionId} - {Error}", roleId, permissionId, unassignResult.Message);
}
}
var failedCount = results.Count(r => !r.Succeeded);
if (failedCount > 0)
{
return Result.Fail("REMOVE_PERMISSIONS_PARTIAL_FAILED", $"部分权限移除失败,失败数量: {failedCount}/{permissionIds.Count}");
}
_logger.LogInformation("角色多权限移除成功: {RoleId} - {PermissionCount}", roleId, permissionIds.Count);
return Result.Success(message: "角色多权限移除成功");
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "从角色移除多个权限失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "REMOVE_PERMISSIONS_FROM_ROLE_FAILED", "从角色移除多个权限失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task> CheckRoleHasPermission(Guid roleId, Guid permissionId)
{
try
{
_logger.LogDebug("检查角色权限: {RoleId} - {PermissionId}", roleId, permissionId);
var hasPermissionResult = await _rolePermissionStore.RoleHasPermissionAsync(roleId, permissionId);
if (!hasPermissionResult.Succeeded)
{
return Result.Fail(hasPermissionResult.Code, hasPermissionResult.Message, hasPermissionResult.Errors.ToArray());
}
_logger.LogDebug("角色权限检查结果: {RoleId} - {PermissionId} - {HasPermission}", roleId, permissionId, hasPermissionResult.Data);
return hasPermissionResult;
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "检查角色权限失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "ROLE_PERMISSION_CHECK_FAILED", "检查角色权限失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
///
public async Task> CheckRoleHasPermission(Guid roleId, string permissionCode)
{
try
{
_logger.LogDebug("检查角色权限编码: {RoleId} - {PermissionCode}", roleId, permissionCode);
var hasPermissionResult = await _rolePermissionStore.RoleHasPermissionAsync(roleId, permissionCode);
if (!hasPermissionResult.Succeeded)
{
return Result.Fail(hasPermissionResult.Code, hasPermissionResult.Message, hasPermissionResult.Errors.ToArray());
}
_logger.LogDebug("角色权限编码检查结果: {RoleId} - {PermissionCode} - {HasPermission}", roleId, permissionCode, hasPermissionResult.Data);
return hasPermissionResult;
}
catch (Exception ex)
{
var traceId = Guid.NewGuid().ToString("N");
_logger.LogError(ex, "检查角色权限编码失败。TraceId: {TraceId}", traceId);
var result = Result.FromException(ex, "ROLE_PERMISSION_CODE_CHECK_FAILED", "检查角色权限编码失败", traceId);
return Result.FailWithTrace(result.Code, result.Message, result.TraceId ?? traceId, result.Errors.ToArray());
}
}
}