From d662ecdb6dbba0414a2326c4ca72a5feefff414e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=AE=97=E6=97=AD?= <1619917346@qq.com>
Date: Tue, 5 Aug 2025 15:06:15 +0800
Subject: [PATCH 01/24] =?UTF-8?q?=E7=8E=AF=E5=A2=83=E6=90=AD=E5=BB=BA?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
backend/UniversalAdminSystem.sln | 48 ++
.../Attributes/RequirePermissionAttribute.cs | 61 ++
.../Attributes/RequireRoleAttribute.cs | 46 ++
.../Controllers/AuthenticationController.cs | 97 ++++
.../Controllers/FileController.cs | 142 +++++
.../Controllers/K2ModelController.cs | 93 +++
.../Controllers/LogController.cs | 71 +++
.../Controllers/PermissionController.cs | 163 ++++++
.../Controllers/RoleController.cs | 225 ++++++++
.../Controllers/SystemSettingsController.cs | 63 +++
.../Controllers/UserManagementController.cs | 176 ++++++
.../Controllers/UserRoleController.cs | 122 ++++
.../K2ModelTests.http | 81 +++
.../K2Model_README.md | 133 +++++
.../Middleware/JwtAuthenticationMiddleware.cs | 126 +++++
.../PermissionRules.json | 10 +
.../src/UniversalAdminSystem.Api/Program.cs | 98 ++++
.../Properties/launchSettings.json | 41 ++
.../SystemPermissions.json | 89 +++
.../UniversalAdminSystem.Api.csproj | 23 +
.../UniversalAdminSystem.Api.http | 11 +
.../UniversalAdminSystem.Api/appsettings.json | 23 +
.../Authentication/DTOs/CredentialDto.cs | 3 +
.../Authentication/DTOs/LoginDto.cs | 3 +
.../Authentication/DTOs/LoginResultDto.cs | 5 +
.../Authentication/DTOs/RegisterDto.cs | 3 +
.../Authentication/DTOs/RegisterResultDto.cs | 3 +
.../Authentication/DTOs/TokenDto.cs | 26 +
.../Interfaces/IJwtTokenService.cs | 10 +
.../Interfaces/ILoginAppService.cs | 8 +
.../Interfaces/IRegisterAppService.cs | 8 +
.../Authentication/Service/LoginAppService.cs | 40 ++
.../Service/RegisterAppService.cs | 91 +++
.../Common/Exceptions/BusinessException.cs | 43 ++
.../Common/Results/Result.cs | 54 ++
.../Common/interfaces/IUnitOfWork.cs | 9 +
.../FileStorage/DTOs/FileDto.cs | 40 ++
.../FileStorage/Interfaces/IFileAppService.cs | 23 +
.../FileStorage/Services/FileAppService.cs | 84 +++
.../LogManagement/DTOs/LogEntryDto.cs | 21 +
.../Interfaces/ILogManagementAppService.cs | 52 ++
.../Services/LogManagementAppService.cs | 182 ++++++
.../DTOs/AssignPermissionDto.cs | 11 +
.../DTOs/PermissionCreateDto.cs | 15 +
.../DTOs/PermissionDto.cs | 13 +
.../PermissionManagement/DTOs/RoleDto.cs | 46 ++
.../Interfaces/IPermissionCheckService.cs | 46 ++
.../IPermissionManagementAppService.cs | 37 ++
.../Interfaces/IRoleManagementAppService.cs | 68 +++
.../Services/PermissionCheckService.cs | 349 ++++++++++++
.../PermissionManagementAppService.cs | 141 +++++
.../Services/RoleManagementAppService.cs | 301 ++++++++++
.../SystemSettings/DTOs/SystemSettingDto.cs | 23 +
.../Interfaces/ISystemSettingAppService.cs | 37 ++
.../Services/SystemSettingAppService.cs | 154 +++++
.../UniversalAdminSystem.Application.csproj | 13 +
.../UserManagement/Dtos/UserCreateDto.cs | 18 +
.../UserManagement/Dtos/UserDetailDto.cs | 26 +
.../UserManagement/Dtos/UserDto.cs | 24 +
.../UserManagement/Dtos/UserUpdateDto.cs | 8 +
.../Interface/IPasswordHelper.cs | 11 +
.../Interface/IUserManagementAppService.cs | 77 +++
.../Service/UserManagementAppService.cs | 386 +++++++++++++
.../UserPermissionIntegrationService.cs | 142 +++++
.../Core/AggregateRoot.cs | 8 +
.../Core/DomainEvent.cs | 23 +
.../Core/Events/PermissionEvents.cs | 78 +++
.../Core/Events/RoleEvents.cs | 50 ++
.../Core/Events/UserEvents.cs | 66 +++
.../Core/Exceptions/DomainException.cs} | 0
...6\345\237\237\345\274\202\345\270\270.txt" | 0
.../Core/Interfaces/IRepository.cs | 40 ++
.../Core/ValueObjects/PermissionId.cs | 22 +
.../Core/ValueObjects/RoleId.cs | 19 +
.../Core/ValueObjects/UserId.cs | 14 +
.../Core/ValueObjects/UserInfoId.cs | 50 ++
...0\345\200\274\345\257\271\350\261\241.txt" | 0
.../DomainServices.cs | 24 +
.../FileStorage/Aggregates/File.cs | 85 +++
.../IRepository/IFileRepository.cs | 14 +
.../Interface/IFileDomainService.cs | 6 +
.../FileStorage/Services/FileDomainService.cs | 19 +
.../ValueObjects/FileAccessLevel.cs | 8 +
.../FileStorage/ValueObjects/FileId.cs | 11 +
.../FileStorage/ValueObjects/FileName.cs | 16 +
.../FileStorage/ValueObjects/FilePath.cs | 16 +
.../FileStorage/ValueObjects/FileSize.cs | 17 +
.../FileStorage/ValueObjects/FileType.cs | 17 +
.../LogManagement/Aggregates/LogEntry.cs | 51 ++
.../IRepository/ILogEntryRepository.cs | 12 +
.../Aggregate/Permission.cs | 220 ++++++++
.../PermissionManagement/Aggregate/Role.cs | 186 ++++++
.../Exceptions/PermissionDomainException.cs | 8 +
.../IRepository/IPermissionRepository.cs | 55 ++
.../IRepository/IRoleRepository.cs | 52 ++
.../IAssignPermissionDomainService.cs | 42 ++
.../Services/AssignPermissionDomainService.cs | 87 +++
.../Services/ResourceActionValidator.cs | 52 ++
.../ValueObjects/PermissionAction.cs | 64 +++
.../ValueObjects/PermissionCode.cs | 89 +++
.../ValueObjects/PermissionName.cs | 54 ++
.../ValueObjects/PermissionResource.cs | 66 +++
.../ValueObjects/PermissionType.cs | 34 ++
.../ValueObjects/RoleDescription.cs | 14 +
.../ValueObjects/RoleName.cs | 18 +
...6\344\270\212\344\270\213\346\226\207.txt" | 0
.../Aggregates/SystemSetting.cs | 36 ++
.../IRepository/ISystemSettingRepository.cs | 10 +
.../ValueObjects/SettingDescription.cs | 14 +
.../SystemSettings/ValueObjects/SettingKey.cs | 16 +
.../ValueObjects/SettingValue.cs | 16 +
...6\344\270\212\344\270\213\346\226\207.txt" | 0
.../UniversalAdminSystem.Domian.csproj | 9 +
.../UserManagement/Aggregates/User.cs | 123 ++++
.../UserManagement/Entities/UserInfo.cs | 77 +++
.../IRepository/IUserInfoRepository.cs | 11 +
.../IRepository/IUserRepository.cs | 39 ++
.../UserManagement/ValueObj/UserAccount.cs | 16 +
.../UserManagement/ValueObj/UserEmail.cs | 16 +
.../UserManagement/ValueObj/UserGender.cs | 7 +
.../UserManagement/ValueObj/UsersStatus.cs | 9 +
...6\344\270\212\344\270\213\346\226\207.txt" | 0
.../Auth/JwtSettings.cs | 9 +
.../Auth/JwtTokenBuilder.cs | 49 ++
.../Auth/JwtTokenService.cs | 88 +++
...4\350\257\201\345\256\236\347\216\260.txt" | 0
.../Configs/K2Config.cs | 61 ++
.../Configs/SystemPermissionConfig.cs | 30 +
.../DependencyInject/AddApplicationService.cs | 97 ++++
.../DependencyInject/AddDomainService.cs | 26 +
.../AddInfrastructureService.cs | 131 +++++
.../ServiceCollectionExtensions.cs | 15 +
.../FileStorage/IFileStorageService.cs | 11 +
.../FileStorage/LocalFileStorageService.cs | 82 +++
.../UniversalAdminSystemDbContext.cs | 227 ++++++++
.../Repositories/BaseRepository.cs | 70 +++
.../Repositories/FileRepository.cs | 36 ++
.../Repositories/LogEntryRepository.cs | 42 ++
.../Repositories/PermissionRepository.cs | 109 ++++
.../Repositories/RoleRepository.cs | 78 +++
.../Repositories/SystemSettingRepository.cs | 27 +
.../Repositories/UserInfoRepository.cs | 21 +
.../Repositories/UserRepository.cs | 69 +++
.../Persistence/Transaction/UnitOfWork.cs | 40 ++
.../Services/K2ConfigService.cs | 19 +
.../Services/K2ModelService.cs | 86 +++
.../Services/PasswordHelper.cs | 62 ++
.../Services/PermissionCacheService.cs | 105 ++++
.../PermissionInitializationService.cs | 106 ++++
.../Services/PermissionRuleConfigService.cs | 112 ++++
.../Services/PermissionRuleFileService.cs | 155 +++++
.../Services/SystemInitializationService.cs | 529 ++++++++++++++++++
.../Services/SystemPermissionConfigLoader.cs | 83 +++
...UniversalAdminSystem.Infrastructure.csproj | 34 ++
154 files changed, 9311 insertions(+)
create mode 100644 backend/UniversalAdminSystem.sln
create mode 100644 backend/src/UniversalAdminSystem.Api/Attributes/RequirePermissionAttribute.cs
create mode 100644 backend/src/UniversalAdminSystem.Api/Attributes/RequireRoleAttribute.cs
create mode 100644 backend/src/UniversalAdminSystem.Api/Controllers/AuthenticationController.cs
create mode 100644 backend/src/UniversalAdminSystem.Api/Controllers/FileController.cs
create mode 100644 backend/src/UniversalAdminSystem.Api/Controllers/K2ModelController.cs
create mode 100644 backend/src/UniversalAdminSystem.Api/Controllers/LogController.cs
create mode 100644 backend/src/UniversalAdminSystem.Api/Controllers/PermissionController.cs
create mode 100644 backend/src/UniversalAdminSystem.Api/Controllers/RoleController.cs
create mode 100644 backend/src/UniversalAdminSystem.Api/Controllers/SystemSettingsController.cs
create mode 100644 backend/src/UniversalAdminSystem.Api/Controllers/UserManagementController.cs
create mode 100644 backend/src/UniversalAdminSystem.Api/Controllers/UserRoleController.cs
create mode 100644 backend/src/UniversalAdminSystem.Api/K2ModelTests.http
create mode 100644 backend/src/UniversalAdminSystem.Api/K2Model_README.md
create mode 100644 backend/src/UniversalAdminSystem.Api/Middleware/JwtAuthenticationMiddleware.cs
create mode 100644 backend/src/UniversalAdminSystem.Api/PermissionRules.json
create mode 100644 backend/src/UniversalAdminSystem.Api/Program.cs
create mode 100644 backend/src/UniversalAdminSystem.Api/Properties/launchSettings.json
create mode 100644 backend/src/UniversalAdminSystem.Api/SystemPermissions.json
create mode 100644 backend/src/UniversalAdminSystem.Api/UniversalAdminSystem.Api.csproj
create mode 100644 backend/src/UniversalAdminSystem.Api/UniversalAdminSystem.Api.http
create mode 100644 backend/src/UniversalAdminSystem.Api/appsettings.json
create mode 100644 backend/src/UniversalAdminSystem.Application/Authentication/DTOs/CredentialDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/Authentication/DTOs/LoginDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/Authentication/DTOs/LoginResultDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/Authentication/DTOs/RegisterDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/Authentication/DTOs/RegisterResultDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/Authentication/DTOs/TokenDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/Authentication/Interfaces/IJwtTokenService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/Authentication/Interfaces/ILoginAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/Authentication/Interfaces/IRegisterAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/Authentication/Service/LoginAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/Authentication/Service/RegisterAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/Common/Exceptions/BusinessException.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/Common/Results/Result.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/Common/interfaces/IUnitOfWork.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/FileStorage/DTOs/FileDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/FileStorage/Interfaces/IFileAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/FileStorage/Services/FileAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/LogManagement/DTOs/LogEntryDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/LogManagement/Interfaces/ILogManagementAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/LogManagement/Services/LogManagementAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/AssignPermissionDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/PermissionCreateDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/PermissionDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/RoleDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/PermissionManagement/Interfaces/IPermissionCheckService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/PermissionManagement/Interfaces/IPermissionManagementAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/PermissionManagement/Interfaces/IRoleManagementAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/PermissionManagement/Services/PermissionCheckService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/PermissionManagement/Services/PermissionManagementAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/PermissionManagement/Services/RoleManagementAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/SystemSettings/DTOs/SystemSettingDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/SystemSettings/Interfaces/ISystemSettingAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/SystemSettings/Services/SystemSettingAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/UniversalAdminSystem.Application.csproj
create mode 100644 backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserCreateDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserDetailDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserUpdateDto.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/UserManagement/Interface/IPasswordHelper.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/UserManagement/Interface/IUserManagementAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/UserManagement/Service/UserManagementAppService.cs
create mode 100644 backend/src/UniversalAdminSystem.Application/UserManagement/Service/UserPermissionIntegrationService.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/Core/AggregateRoot.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/Core/DomainEvent.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/Core/Events/PermissionEvents.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/Core/Events/RoleEvents.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/Core/Events/UserEvents.cs
rename backend/{txt.txt => src/UniversalAdminSystem.Domian/Core/Exceptions/DomainException.cs} (100%)
create mode 100644 "backend/src/UniversalAdminSystem.Domian/Core/Exceptions/\351\242\206\345\237\237\345\274\202\345\270\270.txt"
create mode 100644 backend/src/UniversalAdminSystem.Domian/Core/Interfaces/IRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/Core/ValueObjects/PermissionId.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/Core/ValueObjects/RoleId.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/Core/ValueObjects/UserId.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/Core/ValueObjects/UserInfoId.cs
create mode 100644 "backend/src/UniversalAdminSystem.Domian/Core/ValueObjects/\351\200\232\347\224\250\345\200\274\345\257\271\350\261\241.txt"
create mode 100644 backend/src/UniversalAdminSystem.Domian/DomainServices.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/FileStorage/Aggregates/File.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/FileStorage/IRepository/IFileRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/FileStorage/Interface/IFileDomainService.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/FileStorage/Services/FileDomainService.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/FileStorage/ValueObjects/FileAccessLevel.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/FileStorage/ValueObjects/FileId.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/FileStorage/ValueObjects/FileName.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/FileStorage/ValueObjects/FilePath.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/FileStorage/ValueObjects/FileSize.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/FileStorage/ValueObjects/FileType.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/LogManagement/Aggregates/LogEntry.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/LogManagement/IRepository/ILogEntryRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/Aggregate/Permission.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/Aggregate/Role.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/Exceptions/PermissionDomainException.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/IRepository/IPermissionRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/IRepository/IRoleRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/Interfaces/IAssignPermissionDomainService.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/Services/AssignPermissionDomainService.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/Services/ResourceActionValidator.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/ValueObjects/PermissionAction.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/ValueObjects/PermissionCode.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/ValueObjects/PermissionName.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/ValueObjects/PermissionResource.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/ValueObjects/PermissionType.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/ValueObjects/RoleDescription.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/PermissionManagement/ValueObjects/RoleName.cs
create mode 100644 "backend/src/UniversalAdminSystem.Domian/PermissionManagement/\346\235\203\351\231\220\347\256\241\347\220\206\344\270\212\344\270\213\346\226\207.txt"
create mode 100644 backend/src/UniversalAdminSystem.Domian/SystemSettings/Aggregates/SystemSetting.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/SystemSettings/IRepository/ISystemSettingRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/SystemSettings/ValueObjects/SettingDescription.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/SystemSettings/ValueObjects/SettingKey.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/SystemSettings/ValueObjects/SettingValue.cs
create mode 100644 "backend/src/UniversalAdminSystem.Domian/SystemSettings/\347\263\273\347\273\237\350\256\276\347\275\256\344\270\212\344\270\213\346\226\207.txt"
create mode 100644 backend/src/UniversalAdminSystem.Domian/UniversalAdminSystem.Domian.csproj
create mode 100644 backend/src/UniversalAdminSystem.Domian/UserManagement/Aggregates/User.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/UserManagement/Entities/UserInfo.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/UserManagement/IRepository/IUserInfoRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/UserManagement/IRepository/IUserRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/UserManagement/ValueObj/UserAccount.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/UserManagement/ValueObj/UserEmail.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/UserManagement/ValueObj/UserGender.cs
create mode 100644 backend/src/UniversalAdminSystem.Domian/UserManagement/ValueObj/UsersStatus.cs
create mode 100644 "backend/src/UniversalAdminSystem.Domian/UserManagement/\347\224\250\346\210\267\347\256\241\347\220\206\344\270\212\344\270\213\346\226\207.txt"
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Auth/JwtSettings.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Auth/JwtTokenBuilder.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Auth/JwtTokenService.cs
create mode 100644 "backend/src/UniversalAdminSystem.Infrastructure/Auth/\350\256\244\350\257\201\345\256\236\347\216\260.txt"
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Configs/K2Config.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Configs/SystemPermissionConfig.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/DependencyInject/AddApplicationService.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/DependencyInject/AddDomainService.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/DependencyInject/AddInfrastructureService.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/DependencyInject/ServiceCollectionExtensions.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/FileStorage/IFileStorageService.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/FileStorage/LocalFileStorageService.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Persistence/DbContexts/UniversalAdminSystemDbContext.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Persistence/Repositories/BaseRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Persistence/Repositories/FileRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Persistence/Repositories/LogEntryRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Persistence/Repositories/PermissionRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Persistence/Repositories/RoleRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Persistence/Repositories/SystemSettingRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Persistence/Repositories/UserInfoRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Persistence/Repositories/UserRepository.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Persistence/Transaction/UnitOfWork.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Services/K2ConfigService.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Services/K2ModelService.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Services/PasswordHelper.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Services/PermissionCacheService.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Services/PermissionInitializationService.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Services/PermissionRuleConfigService.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Services/PermissionRuleFileService.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Services/SystemInitializationService.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/Services/SystemPermissionConfigLoader.cs
create mode 100644 backend/src/UniversalAdminSystem.Infrastructure/UniversalAdminSystem.Infrastructure.csproj
diff --git a/backend/UniversalAdminSystem.sln b/backend/UniversalAdminSystem.sln
new file mode 100644
index 0000000..c65262f
--- /dev/null
+++ b/backend/UniversalAdminSystem.sln
@@ -0,0 +1,48 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.0.31903.59
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{9032CBF4-BB53-4E64-9978-E90FEB71CC7C}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "UniversalAdminSystem.Api", "src\UniversalAdminSystem.Api\UniversalAdminSystem.Api.csproj", "{2AD39004-1226-419A-946B-72964C31CFF2}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "UniversalAdminSystem.Application", "src\UniversalAdminSystem.Application\UniversalAdminSystem.Application.csproj", "{1B84D865-ECF7-4F61-A45C-81641308405F}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "UniversalAdminSystem.Domian", "src\UniversalAdminSystem.Domian\UniversalAdminSystem.Domian.csproj", "{6430BA75-BA96-4EED-9F4E-D7DB30C583A3}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "UniversalAdminSystem.Infrastructure", "src\UniversalAdminSystem.Infrastructure\UniversalAdminSystem.Infrastructure.csproj", "{D497ABDA-6594-4364-9BE7-90AB35E2B194}"
+EndProject
+Global
+ GlobalSection(SolutionConfigurationPlatforms) = preSolution
+ Debug|Any CPU = Debug|Any CPU
+ Release|Any CPU = Release|Any CPU
+ EndGlobalSection
+ GlobalSection(SolutionProperties) = preSolution
+ HideSolutionNode = FALSE
+ EndGlobalSection
+ GlobalSection(ProjectConfigurationPlatforms) = postSolution
+ {2AD39004-1226-419A-946B-72964C31CFF2}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+ {2AD39004-1226-419A-946B-72964C31CFF2}.Debug|Any CPU.Build.0 = Debug|Any CPU
+ {2AD39004-1226-419A-946B-72964C31CFF2}.Release|Any CPU.ActiveCfg = Release|Any CPU
+ {2AD39004-1226-419A-946B-72964C31CFF2}.Release|Any CPU.Build.0 = Release|Any CPU
+ {1B84D865-ECF7-4F61-A45C-81641308405F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+ {1B84D865-ECF7-4F61-A45C-81641308405F}.Debug|Any CPU.Build.0 = Debug|Any CPU
+ {1B84D865-ECF7-4F61-A45C-81641308405F}.Release|Any CPU.ActiveCfg = Release|Any CPU
+ {1B84D865-ECF7-4F61-A45C-81641308405F}.Release|Any CPU.Build.0 = Release|Any CPU
+ {6430BA75-BA96-4EED-9F4E-D7DB30C583A3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+ {6430BA75-BA96-4EED-9F4E-D7DB30C583A3}.Debug|Any CPU.Build.0 = Debug|Any CPU
+ {6430BA75-BA96-4EED-9F4E-D7DB30C583A3}.Release|Any CPU.ActiveCfg = Release|Any CPU
+ {6430BA75-BA96-4EED-9F4E-D7DB30C583A3}.Release|Any CPU.Build.0 = Release|Any CPU
+ {D497ABDA-6594-4364-9BE7-90AB35E2B194}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+ {D497ABDA-6594-4364-9BE7-90AB35E2B194}.Debug|Any CPU.Build.0 = Debug|Any CPU
+ {D497ABDA-6594-4364-9BE7-90AB35E2B194}.Release|Any CPU.ActiveCfg = Release|Any CPU
+ {D497ABDA-6594-4364-9BE7-90AB35E2B194}.Release|Any CPU.Build.0 = Release|Any CPU
+ EndGlobalSection
+ GlobalSection(NestedProjects) = preSolution
+ {2AD39004-1226-419A-946B-72964C31CFF2} = {9032CBF4-BB53-4E64-9978-E90FEB71CC7C}
+ {1B84D865-ECF7-4F61-A45C-81641308405F} = {9032CBF4-BB53-4E64-9978-E90FEB71CC7C}
+ {6430BA75-BA96-4EED-9F4E-D7DB30C583A3} = {9032CBF4-BB53-4E64-9978-E90FEB71CC7C}
+ {D497ABDA-6594-4364-9BE7-90AB35E2B194} = {9032CBF4-BB53-4E64-9978-E90FEB71CC7C}
+ EndGlobalSection
+EndGlobal
diff --git a/backend/src/UniversalAdminSystem.Api/Attributes/RequirePermissionAttribute.cs b/backend/src/UniversalAdminSystem.Api/Attributes/RequirePermissionAttribute.cs
new file mode 100644
index 0000000..5a56330
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Attributes/RequirePermissionAttribute.cs
@@ -0,0 +1,61 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+using System.Security.Claims;
+using UniversalAdminSystem.Application.PermissionManagement.Interfaces;
+
+namespace UniversalAdminSystem.Api.Attributes;
+
+///
+/// 权限验证特性
+/// 用于标记需要特定权限的API接口
+///
+[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)] //指定该特性可用于 类(Controller) 或 方法(Action) 级别。
+public class RequirePermissionAttribute : Attribute, IAsyncAuthorizationFilter
+{
+ private readonly string _permissionCode;
+
+ public RequirePermissionAttribute(string permissionCode)
+ {
+ _permissionCode = permissionCode;
+ }
+
+ public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
+ {
+ try
+ {
+
+ // 获取用户ID
+ var userId = context.HttpContext.User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
+ System.Console.WriteLine($"userId: {userId}" ?? "null");
+ if (string.IsNullOrEmpty(userId))
+ {
+ Console.WriteLine($"userId: {context.HttpContext.User.Identity?.Name}");
+ context.Result = new UnauthorizedResult();
+ return;
+ }
+
+ // 获取权限检查服务
+ var service = context.HttpContext.RequestServices.GetService();
+ if (service == null)
+ {
+ context.Result = new StatusCodeResult(500);
+ return;
+ }
+
+ // 检查用户是否有指定权限
+ var hasPermission = await service.CheckUserPermissionAsync(Guid.Parse(userId), _permissionCode);
+ System.Console.WriteLine($"hasPermission: {hasPermission}");
+ if (!hasPermission)
+ {
+ context.Result = new StatusCodeResult(401);
+ return;
+ }
+ }
+ catch (Exception ex)
+ {
+ // 记录错误并返回500
+ Console.WriteLine($"权限验证错误: {ex.Message}");
+ context.Result = new StatusCodeResult(500);
+ }
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Api/Attributes/RequireRoleAttribute.cs b/backend/src/UniversalAdminSystem.Api/Attributes/RequireRoleAttribute.cs
new file mode 100644
index 0000000..66a24bd
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Attributes/RequireRoleAttribute.cs
@@ -0,0 +1,46 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+using System.Security.Claims;
+
+namespace UniversalAdminSystem.Api.Attributes;
+
+///
+/// 角色验证特性
+/// 用于标记需要特定角色的API接口
+///
+[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
+public class RequireRoleAttribute : Attribute, IAsyncAuthorizationFilter
+{
+ private readonly string _roleName;
+
+ public RequireRoleAttribute(string roleName)
+ {
+ _roleName = roleName;
+ }
+
+ public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
+ {
+ try
+ {
+ // 获取用户角色
+ var userRole = context.HttpContext.User.FindFirst(ClaimTypes.Role)?.Value;
+ if (string.IsNullOrEmpty(userRole))
+ {
+ context.Result = new UnauthorizedResult();
+ return;
+ }
+
+ // 检查用户角色是否匹配
+ if (userRole != _roleName)
+ {
+ context.Result = new ForbidResult();
+ return;
+ }
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine($"角色验证错误: {ex.Message}");
+ context.Result = new StatusCodeResult(500);
+ }
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Api/Controllers/AuthenticationController.cs b/backend/src/UniversalAdminSystem.Api/Controllers/AuthenticationController.cs
new file mode 100644
index 0000000..dd1e8cd
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Controllers/AuthenticationController.cs
@@ -0,0 +1,97 @@
+using Microsoft.AspNetCore.Mvc;
+using UniversalAdminSystem.Application.Authentication.DTOs;
+using UniversalAdminSystem.Application.Authentication.Interfaces;
+using UniversalAdminSystem.Application.Common.Results;
+using UniversalAdminSystem.Domian.UserManagement.ValueObj;
+
+namespace UniversalAdminSystem.Api.Controllers;
+
+[ApiController]
+[Route("api/auth")]
+public class AuthenticationController : ControllerBase
+{
+ private readonly ILoginAppService _loginAppService;
+ private readonly IRegisterAppService _registerAppService;
+ private readonly IJwtTokenService _jwtTokenService;
+
+ public AuthenticationController(
+ ILoginAppService loginAppService,
+ IRegisterAppService registerAppService,
+ IJwtTokenService jwtTokenService)
+ {
+ _loginAppService = loginAppService;
+ _registerAppService = registerAppService;
+ _jwtTokenService = jwtTokenService;
+ }
+
+ [HttpPost("login")]
+ public async Task Login([FromBody] LoginDto loginDto)
+ {
+ try
+ {
+ if (string.IsNullOrEmpty(loginDto.Account) || string.IsNullOrEmpty(loginDto.Password))
+ {
+ return BadRequest(Result.Failure("账号和密码不能为空"));
+ }
+
+ var result = await _loginAppService.LoginAsync(loginDto);
+ return Ok(Result.Success(result));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+
+ [HttpPost("register")]
+ public async Task Register([FromBody] RegisterDto registerDto)
+ {
+ try
+ {
+ if (string.IsNullOrEmpty(registerDto.Account) ||
+ string.IsNullOrEmpty(registerDto.Password) ||
+ string.IsNullOrEmpty(registerDto.Email))
+ {
+ return BadRequest(Result.Failure("账号、密码和邮箱不能为空"));
+ }
+
+ var result = await _registerAppService.RegisterAsync(registerDto);
+ return Ok(Result.Success(result));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+
+ [HttpPost("refresh-token")]
+ public IActionResult RefreshToken([FromBody] RefreshTokenDto refreshTokenDto)
+ {
+ try
+ {
+ if (string.IsNullOrEmpty(refreshTokenDto.Token))
+ {
+ return BadRequest(Result.Failure("Token不能为空"));
+ }
+
+ var newToken = _jwtTokenService.RefreshToken(
+ refreshTokenDto.Token,
+ out string userId,
+ out string roleId,
+ out UserStatus status);
+
+ var result = new RefreshTokenResultDto(newToken, userId, roleId);
+ return Ok(Result.Success(result));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+
+ [HttpPost("logout")]
+ public IActionResult Logout()
+ {
+ return Ok(Result.Success("登出成功"));
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Api/Controllers/FileController.cs b/backend/src/UniversalAdminSystem.Api/Controllers/FileController.cs
new file mode 100644
index 0000000..98f6832
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Controllers/FileController.cs
@@ -0,0 +1,142 @@
+using Microsoft.AspNetCore.Mvc;
+using UniversalAdminSystem.Application.FileStorage.DTOs;
+using UniversalAdminSystem.Application.FileStorage.Interfaces;
+using UniversalAdminSystem.Api.Attributes;
+using UniversalAdminSystem.Domian.FileStorage.ValueObjects;
+using UniversalAdminSystem.Application.Common.Results;
+using UniversalAdminSystem.Infrastructure.FileStorage;
+using UniversalAdminSystem.Application.Common.Interfaces;
+
+namespace UniversalAdminSystem.Api.Controllers;
+
+[ApiController]
+[Route("api/files")]
+public class FileController : ControllerBase
+{
+ private readonly IFileAppService _fileAppService;
+ private readonly IFileStorageService _fileStorageService;
+ private readonly IUnitOfWork _unitOfWork;
+
+ public FileController(IFileAppService fileAppService, IFileStorageService fileStorageService, IUnitOfWork unitOfWork)
+ {
+ _unitOfWork = unitOfWork;
+ _fileAppService = fileAppService;
+ _fileStorageService = fileStorageService;
+ }
+
+ [HttpPost("upload")]
+ [RequirePermission("file:Create")] // 临时注释掉权限检查
+ public async Task Upload(IFormFile file, Guid? parentId = null)
+ {
+ if (file == null || file.Length == 0)
+ {
+ return BadRequest(Result.Failure("请选择要上传的文件"));
+ }
+
+ try
+ {
+ await _unitOfWork.BeginTransactionAsync();
+ var filePath = await _fileStorageService.UploadAsync(file, file.OpenReadStream());
+ var fileUploadDto = new FileUploadDto(
+ file.FileName,
+ filePath,
+ file.Length,
+ file.ContentType,
+ parentId.HasValue ? (FileId)parentId.Value : Guid.Empty);
+
+ var res = await _fileAppService.UploadAsync(fileUploadDto);
+ await _unitOfWork.CommitAsync();
+ return Ok(Result.Success(res));
+
+ }
+ catch (Exception ex)
+ {
+ await _unitOfWork.RollbackAsync();
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+
+ [HttpGet("test-permission")]
+ [RequirePermission("file:Create")]
+ public IActionResult TestPermission()
+ {
+ return Ok(Result.Success("权限检查通过"));
+ }
+
+ // [HttpGet("download/{fileId}")]
+ // [RequirePermission("file:download")]
+ // public async Task Download(Guid fileId)
+ // {
+ // var result = await _fileAppService.DownloadAsync((FileId)fileId);
+ // return result.IsSuccess ? Ok(result) : BadRequest(result);
+ // }
+
+ [HttpGet("list")]
+ [RequirePermission("file:Read")]
+ public async Task List()
+ {
+ var result = await _fileAppService.GetList();
+ return Ok(result);
+ }
+
+ // [HttpPost("folder")]
+ // [RequirePermission("file:create")]
+ // public async Task CreateFolder([FromBody] string name, [FromQuery] Guid? parentId)
+ // {
+ // var result = await _fileAppService.CreateFolderAsync(name, parentId.HasValue ? (FileId)parentId.Value : null);
+ // return result.IsSuccess ? Ok(result) : BadRequest(result);
+ // }
+
+ // [HttpDelete("{fileId}")]
+ // [RequirePermission("file:delete")]
+ // public async Task Delete(Guid fileId)
+ // {
+ // var result = await _fileAppService.DeleteAsync((FileId)fileId);
+ // return result.IsSuccess ? Ok(result) : BadRequest(result);
+ // }
+
+ // [HttpGet("{fileId}")]
+ // [RequirePermission("file:read")]
+ // public async Task GetFileById(Guid fileId)
+ // {
+ // var result = await _fileAppService.GetFileByIdAsync((FileId)fileId);
+ // return result.IsSuccess ? Ok(result) : BadRequest(result);
+ // }
+
+ [HttpGet("{id}")]
+ [RequirePermission("file:Read")]
+ public async Task Download(Guid id)
+ {
+ try
+ {
+
+ var entity = await _fileAppService.GetFileById(id);
+ var file = await _fileStorageService.DownloadAsync(entity.Name);
+ return new FileStreamResult(file, entity.Type);
+ }
+ catch (System.Exception)
+ {
+ return BadRequest(Result.Failure(""));
+ }
+ }
+
+ [HttpDelete("{id}")]
+ [RequirePermission("file:Delete")]
+ public async Task RemoveFile(Guid id)
+ {
+ try
+ {
+ await _unitOfWork.BeginTransactionAsync();
+ var entity = await _fileAppService.GetFileById(id);
+ await _fileStorageService.DeleteAsync(entity.Name);
+ await _fileAppService.RemoveFile(entity.Id);
+ await _unitOfWork.CommitAsync();
+ return Ok(Result.Success());
+ }
+ catch (System.Exception)
+ {
+ await _unitOfWork.RollbackAsync();
+ return BadRequest(Result.Failure("操作错误"));
+ }
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Api/Controllers/K2ModelController.cs b/backend/src/UniversalAdminSystem.Api/Controllers/K2ModelController.cs
new file mode 100644
index 0000000..0138549
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Controllers/K2ModelController.cs
@@ -0,0 +1,93 @@
+// using Microsoft.AspNetCore.Mvc;
+// using UniversalAdminSystem.Infrastructure.Services;
+
+// namespace UniversalAdminSystem.Api.Controllers;
+
+// [ApiController]
+// [Route("api/[controller]")]
+// public class K2ModelController : ControllerBase
+// {
+// private readonly K2ModelService _k2ModelService;
+// private readonly ILogger _logger;
+
+// public K2ModelController(K2ModelService k2ModelService, ILogger logger)
+// {
+// _k2ModelService = k2ModelService;
+// _logger = logger;
+// }
+
+// ///
+// /// 发送简单文本请求到K2模型
+// ///
+// /// 请求模型
+// /// 模型响应
+// [HttpPost("chat")]
+// public async Task SendChatRequest([FromBody] K2ChatRequest request)
+// {
+// try
+// {2
+// _logger.LogInformation("收到K2模型聊天请求: {Prompt}", request.Prompt);
+
+// var response = await _k2ModelService.SendSimpleRequestAsync(
+// request.Prompt,
+// request.Model ?? "qwen-turbo");
+
+// return Ok(new { response = response });
+// }
+// catch (Exception ex)
+// {
+// _logger.LogError(ex, "K2模型请求失败");
+// return StatusCode(500, new { error = "K2模型请求失败", message = ex.Message });
+// }
+// }
+
+// ///
+// /// 发送多轮对话请求到K2模型
+// ///
+// /// 多轮对话请求
+// /// 模型响应
+// [HttpPost("conversation")]
+// public async Task SendConversationRequest([FromBody] K2ConversationRequest request)
+// {
+// try
+// {
+// _logger.LogInformation("收到K2模型多轮对话请求,消息数量: {MessageCount}", request.Messages.Count);
+
+// var response = await _k2ModelService.SendChatRequestAsync(
+// request.Messages,
+// request.Model ?? "qwen-turbo",
+// request.Temperature ?? 0.7f,
+// request.MaxTokens ?? 1000);
+
+// return Ok(response);
+// }
+// catch (Exception ex)
+// {
+// _logger.LogError(ex, "K2模型多轮对话请求失败");
+// return StatusCode(500, new { error = "K2模型请求失败", message = ex.Message });
+// }
+// }
+
+// ///
+// /// 获取K2模型配置信息
+// ///
+// /// 配置信息
+// [HttpGet("config")]
+// public IActionResult GetConfig([FromServices] K2ConfigService configService)
+// {
+// try
+// {
+// var config = configService.GetK2Config();
+// return Ok(new
+// {
+// baseUrl = config.BaseUrl,
+// hasApiKey = !string.IsNullOrEmpty(config.ApiKey)
+// });
+// }
+// catch (Exception ex)
+// {
+// _logger.LogError(ex, "获取K2配置失败");
+// return StatusCode(500, new { error = "获取配置失败", message = ex.Message });
+// }
+// }
+// }
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Api/Controllers/LogController.cs b/backend/src/UniversalAdminSystem.Api/Controllers/LogController.cs
new file mode 100644
index 0000000..62ca15e
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Controllers/LogController.cs
@@ -0,0 +1,71 @@
+using Microsoft.AspNetCore.Mvc;
+using UniversalAdminSystem.Application.LogManagement.DTOs;
+using UniversalAdminSystem.Application.LogManagement.Interfaces;
+using UniversalAdminSystem.Api.Attributes;
+using UniversalAdminSystem.Application.Common.Results;
+
+namespace UniversalAdminSystem.Api.Controllers;
+
+[ApiController]
+[Route("api/logs")]
+public class LogController : ControllerBase
+{
+ private readonly ILogManagementAppService _logService;
+ public LogController(ILogManagementAppService logService) => _logService = logService;
+
+ [HttpGet]
+ //[RequirePermission("log:read")]
+ public async Task GetAllLogsAsync()
+ {
+ var result = await _logService.GetAllLogsAsync();
+ return result.IsSuccess ? Ok(result) : BadRequest(result);
+ }
+
+ [HttpGet("{id}")]
+ //[RequirePermission("log:read")]
+ public async Task GetLogByIdAsync(Guid id)
+ {
+ var result = await _logService.GetLogByIdAsync(id);
+ return result.IsSuccess ? Ok(result) : BadRequest(result);
+ }
+
+ [HttpPost]
+ //[RequirePermission("log:create")]
+ public async Task CreateLogAsync([FromBody] LogCreateDto dto)
+ {
+ var result = await _logService.CreateLogAsync(dto);
+ return result.IsSuccess ? Ok(result) : BadRequest(result);
+ }
+
+ [HttpGet("level/{level}")]
+ //[RequirePermission("log:read")]
+ public async Task GetLogsByLevelAsync(string level)
+ {
+ var result = await _logService.GetLogsByLevelAsync(level);
+ return result.IsSuccess ? Ok(result) : BadRequest(result);
+ }
+
+ [HttpGet("user/{userId}")]
+ //[RequirePermission("log:read")]
+ public async Task GetLogsByUserAsync(Guid userId)
+ {
+ var result = await _logService.GetLogsByUserAsync(userId);
+ return result.IsSuccess ? Ok(result) : BadRequest(result);
+ }
+
+ [HttpGet("date")]
+ //[RequirePermission("log:read")]
+ public async Task GetLogsByDateRangeAsync([FromQuery] DateTime start, [FromQuery] DateTime end)
+ {
+ var result = await _logService.GetLogsByDateRangeAsync(start, end);
+ return result.IsSuccess ? Ok(result) : BadRequest(result);
+ }
+
+ [HttpGet("source/{source}")]
+ //[RequirePermission("log:read")]
+ public async Task GetLogsBySourceAsync(string source)
+ {
+ var result = await _logService.GetLogsBySourceAsync(source);
+ return result.IsSuccess ? Ok(result) : BadRequest(result);
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Api/Controllers/PermissionController.cs b/backend/src/UniversalAdminSystem.Api/Controllers/PermissionController.cs
new file mode 100644
index 0000000..d4bea70
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Controllers/PermissionController.cs
@@ -0,0 +1,163 @@
+using Microsoft.AspNetCore.Mvc;
+using UniversalAdminSystem.Application.PermissionManagement.DTOs;
+using UniversalAdminSystem.Application.PermissionManagement.Interfaces;
+using UniversalAdminSystem.Infrastructure.Services;
+using UniversalAdminSystem.Api.Attributes;
+using UniversalAdminSystem.Application.Common.Results;
+
+namespace UniversalAdminSystem.Api.Controllers;
+
+///
+/// 权限管理控制器
+///
+[ApiController]
+[Route("api/permissions")]
+public class PermissionController : ControllerBase
+{
+ private readonly IPermissionManagementAppService _permissionAppService;
+ private readonly PermissionRuleConfigService _permissionRuleConfigService;
+
+ public PermissionController(IPermissionManagementAppService permissionAppService, PermissionRuleConfigService permissionRuleConfigService)
+ {
+ _permissionAppService = permissionAppService;
+ _permissionRuleConfigService = permissionRuleConfigService;
+ }
+
+ ///
+ /// 获取所有权限列表
+ ///
+ [HttpGet]
+ [RequirePermission("permission:Read")]
+ public async Task GetAllPermissionsAsync()
+ {
+ try
+ {
+ var permissions = await _permissionAppService.GetAllPermissionAsync();
+ return Ok(Result>.Success(permissions));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result>.Failure(ex.Message));
+ }
+ }
+
+ ///
+ /// 创建新权限
+ ///
+ [HttpPost("create")]
+ [RequirePermission("permission:Create")]
+ public async Task CreatePermissionAsync([FromBody] PermissionCreateDto createDto)
+ {
+ try
+ {
+ var permission = await _permissionAppService.CreatePermissionAsync(createDto);
+ return Ok(Result.Success(permission));
+ }
+ catch (InvalidOperationException ex)
+ {
+ // 检查是否是重复权限错误
+ if (ex.Message.Contains("已存在"))
+ {
+ return Conflict(Result.Failure(ex.Message));
+ }
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure($"创建权限失败: {ex.Message}"));
+ }
+ }
+
+ ///
+ /// 删除权限
+ ///
+ [HttpDelete("{permissionId}")]
+ [RequirePermission("permission:Delete")]
+ public async Task DeletePermissionAsync(Guid permissionId)
+ {
+ try
+ {
+ await _permissionAppService.RemovePermissionAsync(permissionId);
+ return Ok(Result.Success("权限删除成功"));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+
+
+ // 已废弃(请使用Role Controller的分配api)
+ // ///
+ // /// 为角色分配权限
+ // ///
+ // [HttpPost("assign")]
+ // [RequirePermission("permission:Update")]
+ // public async Task AssignPermissionToRoleAsync([FromBody] AssignPermissionDto assignDto)
+ // {
+ // try
+ // {
+ // await _permissionAppService.AssignPermissionToRoleAsync(assignDto);
+ // return Ok(Result.Success("权限分配成功"));
+ // }
+ // catch (Exception ex)
+ // {
+ // return BadRequest(Result.Failure(ex.Message));
+ // }
+ // }
+
+ ///
+ /// 获取权限规则配置
+ ///
+ [HttpGet("rules")]
+ [RequirePermission("permission:Read")]
+ public IActionResult GetPermissionRulesAsync()
+ {
+ try
+ {
+ var rules = _permissionRuleConfigService.GetCurrentConfig();
+ return Ok(Result>>.Success(rules));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result>>.Failure(ex.Message));
+ }
+ }
+
+ ///
+ /// 更新权限规则配置
+ ///
+ [HttpPut("rules")]
+ [RequirePermission("permission:Update")]
+ public IActionResult UpdatePermissionRulesAsync([FromBody] Dictionary> newRules)
+ {
+ try
+ {
+ // TODO: 这里应该校验当前用户是否为超级管理员
+ _permissionRuleConfigService.UpdateConfig(newRules);
+ return Ok(Result.Success("权限规则更新成功"));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+
+ ///
+ /// 刷新权限规则配置
+ ///
+ [HttpPost("rules/refresh")]
+ [RequirePermission("permission:Update")]
+ public IActionResult RefreshPermissionRulesAsync()
+ {
+ try
+ {
+ _permissionRuleConfigService.RefreshConfig();
+ return Ok(Result.Success("权限规则刷新成功"));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Api/Controllers/RoleController.cs b/backend/src/UniversalAdminSystem.Api/Controllers/RoleController.cs
new file mode 100644
index 0000000..b975d81
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Controllers/RoleController.cs
@@ -0,0 +1,225 @@
+using Microsoft.AspNetCore.Mvc;
+using UniversalAdminSystem.Application.PermissionManagement.DTOs;
+using UniversalAdminSystem.Application.PermissionManagement.Interfaces;
+using UniversalAdminSystem.Api.Attributes;
+using UniversalAdminSystem.Application.Common.Results;
+
+namespace UniversalAdminSystem.Api.Controllers;
+
+///
+/// 角色管理控制器
+/// 提供角色的创建、查询、权限分配等操作
+///
+[ApiController]
+[Route("api/roles")]
+public class RoleController : ControllerBase
+{
+ private readonly IRoleManagementAppService _roleManagementAppService;
+ private readonly IPermissionManagementAppService _permissionAppService;
+
+ public RoleController(
+ IRoleManagementAppService roleManagementAppService,
+ IPermissionManagementAppService permissionAppService)
+ {
+ _roleManagementAppService = roleManagementAppService;
+ _permissionAppService = permissionAppService;
+ }
+
+ ///
+ /// 获取所有角色列表
+ ///
+ [HttpGet]
+ [RequirePermission("role:Read")]
+ public async Task GetAllRolesAsync()
+ {
+ try
+ {
+ var roles = await _roleManagementAppService.GetAllRolesAsync();
+ return Ok(Result>.Success(roles));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result>.Failure(ex.Message));
+ }
+ }
+
+ ///
+ /// 根据ID获取角色
+ ///
+ [HttpGet("{roleId}")]
+ [RequirePermission("role:Read")]
+ public async Task GetRoleByIdAsync(Guid roleId)
+ {
+ try
+ {
+ var role = await _roleManagementAppService.GetRoleByIdAsync(roleId);
+ if (role == null)
+ {
+ return NotFound(Result.Failure("角色不存在"));
+ }
+ return Ok(Result.Success(role));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+
+ ///
+ /// 创建新角色
+ ///
+ [HttpPost]
+ [RequirePermission("role:Create")]
+ public async Task CreateRoleAsync([FromBody] RoleCreateDto createDto)
+ {
+ try
+ {
+ var role = await _roleManagementAppService.CreateRoleAsync(createDto);
+ return Ok(Result.Success(role));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+
+ ///
+ /// 更新角色信息
+ ///
+ [HttpPut("{roleId}")]
+ [RequirePermission("role:Update")]
+ public async Task UpdateRoleAsync(Guid roleId, [FromBody] RoleUpdateDto updateDto)
+ {
+ try
+ {
+ var role = await _roleManagementAppService.UpdateRoleAsync(roleId, updateDto);
+ return Ok(Result.Success(role));
+ }
+ catch (KeyNotFoundException)
+ {
+ return NotFound(Result.Failure("角色不存在"));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+
+ ///
+ /// 删除角色
+ ///
+ [HttpDelete("{roleId}")]
+ [RequirePermission("role:Delete")]
+ public async Task DeleteRoleAsync(Guid roleId)
+ {
+ try
+ {
+ await _roleManagementAppService.DeleteRoleAsync(roleId);
+ return Ok(Result.Success("角色删除成功"));
+ }
+ catch (KeyNotFoundException)
+ {
+ return NotFound(Result.Failure("角色不存在"));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+
+ ///
+ /// 为角色分配权限
+ ///
+ [HttpPost("{roleId}/permissions")]
+ [RequirePermission("role:Update")]
+ public async Task AssignPermissionsToRoleAsync(
+ Guid roleId,
+ [FromBody] List permissionCodes)
+ {
+ try
+ {
+ // 将权限编码转换为权限ID(这里需要根据实际需求调整)
+
+ foreach (var permissionCode in permissionCodes)
+ {
+ var assignDto = new AssignPermissionDto(permissionCode, roleId);
+ await _permissionAppService.AssignPermissionToRoleAsync(assignDto);
+ }
+ return Ok(Result.Success("角色权限分配成功"));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+
+ ///
+ /// 为角色分配权限(使用权限ID)
+ ///
+ [HttpPost("{roleId}/permissions/ids")]
+ [RequirePermission("role:Update")]
+ public async Task AssignPermissionsToRoleByIdsAsync(
+ Guid roleId,
+ [FromBody] List permissionIds)
+ {
+ try
+ {
+ await _roleManagementAppService.AssignPermissionsToRoleAsync(roleId, permissionIds);
+ return Ok(Result.Success("角色权限分配成功"));
+ }
+ catch (KeyNotFoundException)
+ {
+ return NotFound(Result.Failure("角色不存在"));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+
+ ///
+ /// 移除角色的权限
+ ///
+ [HttpDelete("{roleId}/permissions")]
+ [RequirePermission("role:Update")]
+ public async Task RemovePermissionsFromRoleAsync(
+ Guid roleId,
+ [FromBody] List permissionIds)
+ {
+ try
+ {
+ await _roleManagementAppService.RemovePermissionsFromRoleAsync(roleId, permissionIds);
+ return Ok(Result.Success("角色权限移除成功"));
+ }
+ catch (KeyNotFoundException)
+ {
+ return NotFound(Result.Failure("角色不存在"));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result.Failure(ex.Message));
+ }
+ }
+
+ ///
+ /// 获取角色的所有权限
+ ///
+ [HttpGet("{roleId}/permissions")]
+ [RequirePermission("role:Read")]
+ public async Task GetRolePermissionsAsync(Guid roleId)
+ {
+ try
+ {
+ var permissions = await _roleManagementAppService.GetRolePermissionsAsync(roleId);
+ return Ok(Result>.Success(permissions));
+ }
+ catch (KeyNotFoundException)
+ {
+ return NotFound(Result>.Failure("角色不存在"));
+ }
+ catch (Exception ex)
+ {
+ return BadRequest(Result>.Failure(ex.Message));
+ }
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Api/Controllers/SystemSettingsController.cs b/backend/src/UniversalAdminSystem.Api/Controllers/SystemSettingsController.cs
new file mode 100644
index 0000000..57b42c9
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Controllers/SystemSettingsController.cs
@@ -0,0 +1,63 @@
+using Microsoft.AspNetCore.Mvc;
+using UniversalAdminSystem.Application.SystemSettings.DTOs;
+using UniversalAdminSystem.Application.SystemSettings.Interfaces;
+using UniversalAdminSystem.Api.Attributes;
+using UniversalAdminSystem.Application.Common.Results;
+
+namespace UniversalAdminSystem.Api.Controllers;
+
+[ApiController]
+[Route("api/system-settings")]
+public class SystemSettingsController : ControllerBase
+{
+ private readonly ISystemSettingAppService _settingService;
+ public SystemSettingsController(ISystemSettingAppService settingService) => _settingService = settingService;
+
+ [HttpGet]
+ //[RequirePermission("systemsetting:read")]
+ public async Task GetAllSettingsAsync()
+ {
+ var result = await _settingService.GetAllSettingsAsync();
+ return result.IsSuccess ? Ok(result) : BadRequest(result);
+ }
+
+ [HttpGet("key/{key}")]
+ //[RequirePermission("systemsetting:read")]
+ public async Task GetSettingByKeyAsync(string key)
+ {
+ var result = await _settingService.GetSettingByKeyAsync(key);
+ return result.IsSuccess ? Ok(result) : BadRequest(result);
+ }
+
+ [HttpGet("group/{group}")]
+ //[RequirePermission("systemsetting:read")]
+ public async Task GetSettingsByGroupAsync(string group)
+ {
+ var result = await _settingService.GetSettingsByGroupAsync(group);
+ return result.IsSuccess ? Ok(result) : BadRequest(result);
+ }
+
+ [HttpPost]
+ //[RequirePermission("systemsetting:create")]
+ public async Task CreateSettingAsync([FromBody] SystemSettingCreateDto dto)
+ {
+ var result = await _settingService.CreateSettingAsync(dto);
+ return result.IsSuccess ? Ok(result) : BadRequest(result);
+ }
+
+ [HttpPut("{id}")]
+ //[RequirePermission("systemsetting:update")]
+ public async Task UpdateSetting(Guid id, [FromBody] SystemSettingUpdateDto updateDto)
+ {
+ var result = await _settingService.UpdateSettingAsync(id, updateDto);
+ return result.IsSuccess ? Ok(result) : BadRequest(result);
+ }
+
+ [HttpDelete("{id}")]
+ //[RequirePermission("systemsetting:delete")]
+ public async Task DeleteSettingAsync(Guid id)
+ {
+ var result = await _settingService.DeleteSettingAsync(id);
+ return result.IsSuccess ? Ok(result) : BadRequest(result);
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Api/Controllers/UserManagementController.cs b/backend/src/UniversalAdminSystem.Api/Controllers/UserManagementController.cs
new file mode 100644
index 0000000..b4b75f7
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Controllers/UserManagementController.cs
@@ -0,0 +1,176 @@
+using Microsoft.AspNetCore.Mvc;
+using UniversalAdminSystem.Application.Common.Results;
+using UniversalAdminSystem.Application.UserManagement.Dtos;
+using UniversalAdminSystem.Application.UserManagement.Interface;
+using UniversalAdminSystem.Api.Attributes;
+
+namespace UniversalAdminSystem.Api.Controllers;
+
+///
+/// 用户管理控制器
+///
+[ApiController]
+[Route("api/user")]
+public class UserManagementController : ControllerBase
+{
+ private readonly IUserManagementAppService _userRepoService;
+
+ public UserManagementController(IUserManagementAppService userService)
+ {
+ _userRepoService = userService;
+ }
+
+ [HttpGet]
+ [RequirePermission("user:Read")]
+ public async Task GetUsersAsync()
+ {
+ var result = await _userRepoService.GetUsersAsync();
+
+ if (result.IsSuccess)
+ {
+ return Ok(result);
+ }
+ else
+ {
+ return BadRequest(result);
+ }
+ }
+
+ [HttpPost("create")]
+ [RequirePermission("user:Create")]
+ public async Task CreateUserAsync([FromBody] UserCreateDto userCreate)
+ {
+ var result = await _userRepoService.CreateUserAsync(userCreate);
+
+ if (result.IsSuccess)
+ {
+ return Ok(result);
+ }
+ else
+ {
+ return BadRequest(result);
+ }
+ }
+
+ [HttpDelete("{id}")]
+ [RequirePermission("user:Delete")]
+ public async Task DeleteUserAsync(Guid id)
+ {
+ var result = await _userRepoService.DeleteUserAsync(id);
+
+ if (result.IsSuccess)
+ {
+ return Ok(result);
+ }
+ else
+ {
+ return BadRequest(result);
+ }
+ }
+
+ [HttpGet("{id}")]
+ [RequirePermission("user:Read")]
+ public async Task GetUserByIdAsync(Guid id)
+ {
+ var result = await _userRepoService.GetUserByIdAsync(id);
+
+ if (result.IsSuccess)
+ {
+ return Ok(result);
+ }
+ else
+ {
+ return BadRequest(result);
+ }
+ }
+
+ [HttpPut("{id}")]
+ [RequirePermission("user:Update")]
+ public async Task UpdateUserAsync(Guid id, [FromBody] UserUpdateDto updateDto)
+ {
+ var result = await _userRepoService.UpdateUserAsync(id, updateDto);
+
+ if (result.IsSuccess)
+ {
+ return Ok(result);
+ }
+ else
+ {
+ return BadRequest(result);
+ }
+ }
+
+ // 已废弃(批量获取角色)
+ // [HttpPost("{id}/role")]
+ // [RequirePermission("user:Update")]
+ // public async Task AssignRoleAsync(Guid id, [FromBody] List roleIds)
+ // {
+ // var result = await _userRepoService.AssignRoleAsync(id, roleIds);
+
+ // if (result.IsSuccess)
+ // {
+ // return Ok(result);
+ // }
+ // else
+ // {
+ // return BadRequest(result);
+ // }
+ // }
+
+ ///
+ /// 移除用户角色
+ ///
+ [HttpDelete("{id}/roles/{roleId}")]
+ [RequirePermission("user:Update")]
+ public async Task RemoveRoleAsync(Guid id, Guid roleId)
+ {
+ var result = await _userRepoService.RemoveRoleAsync(id, roleId);
+
+ if (result.IsSuccess)
+ {
+ return Ok(result);
+ }
+ else
+ {
+ return BadRequest(result);
+ }
+ }
+
+ ///
+ /// 获取用户的所有权限
+ ///
+ [HttpGet("{id}/permissions")]
+ [RequirePermission("user:Read")]
+ public async Task GetUserPermissionsAsync(Guid id)
+ {
+ var result = await _userRepoService.GetUserPermissionsAsync(id);
+
+ if (result.IsSuccess)
+ {
+ return Ok(result);
+ }
+ else
+ {
+ return BadRequest(result);
+ }
+ }
+
+ ///
+ /// 检查用户是否有指定权限
+ ///
+ [HttpPost("{id}/permissions/check")]
+ [RequirePermission("user:Read")]
+ public async Task CheckUserPermissionAsync(Guid id, [FromBody] string permissionCode)
+ {
+ var result = await _userRepoService.CheckUserPermissionAsync(id, permissionCode);
+
+ if (result.IsSuccess)
+ {
+ return Ok(result);
+ }
+ else
+ {
+ return BadRequest(result);
+ }
+ }
+}
diff --git a/backend/src/UniversalAdminSystem.Api/Controllers/UserRoleController.cs b/backend/src/UniversalAdminSystem.Api/Controllers/UserRoleController.cs
new file mode 100644
index 0000000..935fd99
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Controllers/UserRoleController.cs
@@ -0,0 +1,122 @@
+using Microsoft.AspNetCore.Mvc;
+using UniversalAdminSystem.Application.Common.Results;
+using UniversalAdminSystem.Application.PermissionManagement.Interfaces;
+using UniversalAdminSystem.Api.Attributes;
+
+namespace UniversalAdminSystem.Api.Controllers;
+
+///
+/// 用户角色管理控制器
+/// 提供用户角色分配和管理功能
+///
+[ApiController]
+[Route("api/users")]
+public class UserRoleController : ControllerBase
+{
+ private readonly IPermissionCheckService _permissionCheckService;
+
+ public UserRoleController(IPermissionCheckService permissionCheckService)
+ {
+ _permissionCheckService = permissionCheckService;
+ }
+
+ ///
+ /// 获取用户的所有权限
+ ///
+ [HttpGet("{userId}/permissions")]
+ [RequirePermission("user:Read")]
+ public async Task GetUserPermissionsAsync(Guid userId)
+ {
+ try
+ {
+ var permissions = await _permissionCheckService.GetUserPermissionsAsync(userId);
+ var result = Result>.Success(permissions);
+ return Ok(result);
+ }
+ catch (Exception ex)
+ {
+ var result = Result>.Failure($"获取用户权限失败: {ex.Message}");
+ return BadRequest(result);
+ }
+ }
+
+ ///
+ /// 获取用户的所有角色
+ ///
+ [HttpGet("{userId}/roles")]
+ [RequirePermission("user:Read")]
+ public async Task GetUserRolesAsync(Guid userId)
+ {
+ try
+ {
+ var roles = await _permissionCheckService.GetUserRoleAsync(userId);
+ var result = Result>.Success(roles);
+ return Ok(result);
+ }
+ catch (Exception ex)
+ {
+ var result = Result>.Failure($"获取用户角色失败: {ex.Message}");
+ return BadRequest(result);
+ }
+ }
+
+ ///
+ /// 检查用户是否有指定权限
+ ///
+ [HttpPost("{userId}/permissions/check")]
+ [RequirePermission("user:Read")]
+ public async Task CheckUserPermissionAsync(Guid userId, [FromBody] string permissionCode)
+ {
+ try
+ {
+ var hasPermission = await _permissionCheckService.CheckUserPermissionAsync(userId, permissionCode);
+ var result = Result.Success(hasPermission);
+ return Ok(result);
+ }
+ catch (Exception ex)
+ {
+ var result = Result.Failure($"检查用户权限失败: {ex.Message}");
+ return BadRequest(result);
+ }
+ }
+
+ ///
+ /// 检查用户是否有任意一个指定权限
+ ///
+ [HttpPost("{userId}/permissions/check-any")]
+ [RequirePermission("user:Read")]
+ public async Task CheckUserAnyPermissionAsync(Guid userId, [FromBody] List permissionCodes)
+ {
+ try
+ {
+ var hasPermission = await _permissionCheckService.CheckUserAnyPermissionAsync(userId, permissionCodes);
+ var result = Result.Success(hasPermission);
+ return Ok(result);
+ }
+ catch (Exception ex)
+ {
+ var result = Result.Failure($"检查用户权限失败: {ex.Message}");
+ return BadRequest(result);
+ }
+ }
+
+ ///
+ /// 检查用户是否有所有指定权限
+ ///
+ [HttpPost("{userId}/permissions/check-all")]
+ [RequirePermission("user:Read")]
+ public async Task CheckUserAllPermissionsAsync(Guid userId, [FromBody] List permissionCodes)
+ {
+ try
+ {
+ var hasPermission = await _permissionCheckService.CheckUserAllPermissionsAsync(userId, permissionCodes);
+ var result = Result.Success(hasPermission);
+ return Ok(result);
+ }
+ catch (Exception ex)
+ {
+ var result = Result.Failure($"检查用户权限失败: {ex.Message}");
+ return BadRequest(result);
+ }
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Api/K2ModelTests.http b/backend/src/UniversalAdminSystem.Api/K2ModelTests.http
new file mode 100644
index 0000000..26e23ce
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/K2ModelTests.http
@@ -0,0 +1,81 @@
+@baseUrl = https://localhost:7001
+
+### 获取K2模型配置
+GET {{baseUrl}}/api/K2Model/config
+Content-Type: application/json
+
+###
+
+### 发送简单聊天请求
+POST {{baseUrl}}/api/K2Model/chat
+Content-Type: application/json
+
+{
+ "prompt": "你好,请介绍一下你自己",
+ "model": "qwen-turbo"
+}
+
+###
+
+### 发送多轮对话请求
+POST {{baseUrl}}/api/K2Model/conversation
+Content-Type: application/json
+
+{
+ "messages": [
+ {
+ "role": "system",
+ "content": "你是一个有用的AI助手"
+ },
+ {
+ "role": "user",
+ "content": "请帮我写一个简单的C#函数来计算两个数的和"
+ }
+ ],
+ "model": "qwen-turbo",
+ "temperature": 0.7,
+ "maxTokens": 1000
+}
+
+###
+
+### 测试复杂对话
+POST {{baseUrl}}/api/K2Model/conversation
+Content-Type: application/json
+
+{
+ "messages": [
+ {
+ "role": "system",
+ "content": "你是一个专业的软件工程师,擅长C#和.NET开发"
+ },
+ {
+ "role": "user",
+ "content": "请解释一下依赖注入模式在ASP.NET Core中的应用"
+ }
+ ],
+ "model": "qwen-turbo",
+ "temperature": 0.5,
+ "maxTokens": 1500
+}
+
+###
+POST https://dashscope.aliyuncs.com/compatible-mode/v1/chat/completions
+Content-Type: application/json
+Authorization: Bearer sk-a31163f6b59e44dcbdb87c668482ce96
+
+{
+ "model": "Moonshot-Kimi-K2-Instruct",
+ "messages": [
+ {
+ "role": "user",
+ "content": "你好,请介绍一下你自己"
+ }
+ ],
+ "temperature": 0.7,
+ "max_tokens": 1000,
+ "stream": true,
+ "stream_options": {
+ "include_usage": true
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Api/K2Model_README.md b/backend/src/UniversalAdminSystem.Api/K2Model_README.md
new file mode 100644
index 0000000..f3d93bc
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/K2Model_README.md
@@ -0,0 +1,133 @@
+# K2模型集成指南
+
+## 概述
+
+本项目已集成K2模型(基于阿里云DashScope的兼容模式),提供了完整的AI对话功能。
+
+## 配置说明
+
+### 1. 配置文件设置
+
+在 `appsettings.json` 中配置K2模型参数:
+
+```json
+{
+ "K2": {
+ "BaseUrl": "https://dashscope.aliyuncs.com/compatible-mode/v1",
+ "ApiKey": "your-api-key-here"
+ }
+}
+```
+
+### 2. 配置参数说明
+
+- **BaseUrl**: K2模型的API基础URL
+- **ApiKey**: 阿里云DashScope的API密钥
+
+## API接口
+
+### 1. 获取配置信息
+
+```
+GET /api/K2Model/config
+```
+
+返回配置信息(不包含敏感数据)。
+
+### 2. 简单聊天请求
+
+```
+POST /api/K2Model/chat
+```
+
+请求体:
+```json
+{
+ "prompt": "你好,请介绍一下你自己",
+ "model": "qwen-turbo"
+}
+```
+
+### 3. 多轮对话请求
+
+```
+POST /api/K2Model/conversation
+```
+
+请求体:
+```json
+{
+ "messages": [
+ {
+ "role": "system",
+ "content": "你是一个有用的AI助手"
+ },
+ {
+ "role": "user",
+ "content": "请帮我写一个简单的C#函数"
+ }
+ ],
+ "model": "qwen-turbo",
+ "temperature": 0.7,
+ "maxTokens": 1000
+}
+```
+
+## 使用示例
+
+### 1. 简单对话
+
+```csharp
+// 在控制器中注入服务
+private readonly K2ModelService _k2ModelService;
+
+// 发送简单请求
+var response = await _k2ModelService.SendSimpleRequestAsync("你好");
+```
+
+### 2. 多轮对话
+
+```csharp
+var messages = new List
+{
+ new K2Message { Role = "system", Content = "你是一个专业的程序员" },
+ new K2Message { Role = "user", Content = "请解释一下依赖注入" }
+};
+
+var response = await _k2ModelService.SendChatRequestAsync(messages);
+```
+
+## 测试方法
+
+1. 启动应用程序
+2. 使用提供的 `K2ModelTests.http` 文件进行API测试
+3. 在Swagger UI中查看和测试API接口
+
+## 注意事项
+
+1. **API密钥安全**: 确保API密钥的安全性,不要在客户端代码中暴露
+2. **错误处理**: 服务已包含完整的错误处理和日志记录
+3. **性能优化**: 使用HttpClient工厂模式,支持连接池和重试机制
+4. **配置验证**: 启动时会验证配置的有效性
+
+## 支持的模型
+
+- `qwen-turbo`: 通义千问Turbo模型
+- `qwen-plus`: 通义千问Plus模型
+- `qwen-max`: 通义千问Max模型
+
+## 故障排除
+
+1. **401错误**: 检查API密钥是否正确
+2. **404错误**: 检查BaseUrl配置是否正确
+3. **网络错误**: 检查网络连接和防火墙设置
+
+## 扩展功能
+
+可以根据需要扩展以下功能:
+
+1. 流式响应支持
+2. 模型参数缓存
+3. 请求限流
+4. 响应内容过滤
+5. 多模型支持
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Api/Middleware/JwtAuthenticationMiddleware.cs b/backend/src/UniversalAdminSystem.Api/Middleware/JwtAuthenticationMiddleware.cs
new file mode 100644
index 0000000..c528bfa
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Middleware/JwtAuthenticationMiddleware.cs
@@ -0,0 +1,126 @@
+using System.Security.Claims;
+using UniversalAdminSystem.Application.Authentication.Interfaces;
+using UniversalAdminSystem.Domian.UserManagement.ValueObj;
+
+namespace UniversalAdminSystem.Api.Middleware;
+
+public class JwtAuthenticationMiddleware
+{
+ private readonly RequestDelegate _next;
+ private readonly IJwtTokenService _jwtService;
+ private readonly ILogger _logger;
+
+ public JwtAuthenticationMiddleware(
+ RequestDelegate next,
+ IJwtTokenService jwtService,
+ ILogger logger)
+ {
+ _next = next;
+ _jwtService = jwtService;
+ _logger = logger;
+ }
+
+ public async Task InvokeAsync(HttpContext context)
+ {
+ try
+ {
+ var token = ExtractTokenFromHeader(context);
+ Console.WriteLine($"提取到的Token: {(token != null ? "存在" : "不存在")}");
+ if (!string.IsNullOrEmpty(token))
+ {
+ Console.WriteLine($"Token内容: {token.Substring(0, Math.Min(50, token.Length))}...");
+ var userInfo = await AuthenticateTokenAsync(token);
+ if (userInfo.HasValue)
+ {
+ Console.WriteLine($"Token解析结果 - 用户ID: {userInfo.Value.UserId}, 角色ID: {userInfo.Value.RoleId}, 状态: {userInfo.Value.status}");
+ SetUserClaims(context, userInfo.Value);
+ _logger.LogInformation("用户 {UserId} 认证成功", userInfo.Value.UserId);
+ }
+ else
+ {
+ Console.WriteLine("Token解析失败");
+ }
+ }
+ else
+ {
+ Console.WriteLine("Token不存在");
+ }
+ }
+ catch (Exception ex)
+ {
+ _logger.LogWarning("JWT认证中间件异常: {Message}", ex.Message);
+ }
+
+ await _next(context);
+ }
+
+ private string? ExtractTokenFromHeader(HttpContext context)
+ {
+ var authHeader = context.Request.Headers["Authorization"].FirstOrDefault();
+ Console.WriteLine($"Authorization头: {authHeader ?? "null"}");
+
+ if (string.IsNullOrEmpty(authHeader) || !authHeader.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase))
+ {
+ Console.WriteLine("Authorization头为空或不以Bearer开头");
+ return null;
+ }
+
+ var token = authHeader.Substring("Bearer ".Length).Trim();
+ Console.WriteLine($"提取的Token长度: {token.Length}");
+ Console.WriteLine($"Token前50个字符: {token.Substring(0, Math.Min(50, token.Length))}");
+
+ // 检查token格式
+ if (string.IsNullOrEmpty(token))
+ {
+ Console.WriteLine("Token为空");
+ return null;
+ }
+
+ // JWT应该包含两个点,格式为: header.payload.signature
+ var parts = token.Split('.');
+ if (parts.Length != 3)
+ {
+ Console.WriteLine($"Token格式错误,包含{parts.Length}个部分,应该是3个部分");
+ return null;
+ }
+
+ Console.WriteLine("Token格式检查通过");
+ return token;
+ }
+
+ private async Task<(string UserId, string RoleId, UserStatus status)?> AuthenticateTokenAsync(string token)
+ {
+ try
+ {
+ var (userId, roleId, status) = _jwtService.ParseToken(token);
+ Console.WriteLine($"Token解析结果 - 用户ID: {userId}, 角色ID: {roleId}, 状态: {status}");
+ return (userId, roleId, status);
+ }
+ catch (Exception ex)
+ {
+ _logger.LogWarning("Token解析失败: {Message}", ex.Message);
+ return null;
+ }
+ }
+
+ private void SetUserClaims(HttpContext context, (string UserId, string RoleId, UserStatus status) userInfo)
+ {
+ var claims = new List
+ {
+ new Claim(ClaimTypes.NameIdentifier, userInfo.UserId),
+ new Claim(ClaimTypes.Role, userInfo.RoleId),
+ new Claim(ClaimTypes.StateOrProvince, userInfo.status.ToString()),
+ };
+
+ var identity = new ClaimsIdentity(claims, "jwt");
+ context.User = new ClaimsPrincipal(identity);
+ }
+}
+
+public static class JwtAuthenticationMiddlewareExtensions
+{
+ public static IApplicationBuilder UseJwtAuthentication(this IApplicationBuilder builder)
+ {
+ return builder.UseMiddleware();
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Api/PermissionRules.json b/backend/src/UniversalAdminSystem.Api/PermissionRules.json
new file mode 100644
index 0000000..234271e
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/PermissionRules.json
@@ -0,0 +1,10 @@
+{
+ "Read": ["data", "file", "user", "role", "permission", "config", "system", "report"],
+ "Create": ["data", "user", "file", "role", "permission"],
+ "Update": ["data", "user", "config", "role", "permission"],
+ "Delete": ["data", "user", "file", "role", "permission"],
+ "Manage": ["system", "user"],
+ "Execute": ["job", "script"],
+ "Import": ["data", "file"],
+ "Export": ["data", "file", "report"]
+}
diff --git a/backend/src/UniversalAdminSystem.Api/Program.cs b/backend/src/UniversalAdminSystem.Api/Program.cs
new file mode 100644
index 0000000..d580a5b
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Program.cs
@@ -0,0 +1,98 @@
+using UniversalAdminSystem.Infrastructure.DependencyInject;
+using UniversalAdminSystem.Infrastructure.Services;
+using UniversalAdminSystem.Api.Middleware;
+using Microsoft.OpenApi.Models;
+using UniversalAdminSystem.Infrastructure.Configs;
+
+var builder = WebApplication.CreateBuilder(args);
+
+// 添加CORS服务
+builder.Services.AddCors(options =>
+{
+ // 开发环境策略 - 允许所有来源
+ options.AddPolicy("AllowAll", policy =>
+ {
+ policy.AllowAnyOrigin()
+ .AllowAnyMethod()
+ .AllowAnyHeader();
+ });
+
+ // 生产环境策略 - 指定允许的来源
+ options.AddPolicy("AllowSpecific", policy =>
+ {
+ policy.WithOrigins(
+ "http://localhost:5173",
+ "http://localhost:3000", // React开发服务器
+ "http://localhost:8080", // Vue开发服务器
+ "http://localhost:4200", // Angular开发服务器
+ "https://mikuslittlenest.cn", // 生产域名
+ "http://www.mikuslittlenest.cn"
+ )
+ .AllowAnyMethod()
+ .AllowAnyHeader()
+ .AllowCredentials();
+ });
+});
+
+builder.Services.Configure(builder.Configuration.GetSection("K2"));
+
+// Add services to the container.
+builder.Services.AddEndpointsApiExplorer();
+builder.Services.AddSwaggerGen(c =>
+{
+ c.SwaggerDoc("v1", new OpenApiInfo { Title = "Universal Admin System API", Version = "v1" });
+
+ // 添加JWT认证配置
+ c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
+ {
+ Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"",
+ Name = "Authorization",
+ In = ParameterLocation.Header,
+ Type = SecuritySchemeType.ApiKey,
+ Scheme = "Bearer"
+ });
+
+ c.AddSecurityRequirement(new OpenApiSecurityRequirement
+ {
+ {
+ new OpenApiSecurityScheme
+ {
+ Reference = new OpenApiReference
+ {
+ Type = ReferenceType.SecurityScheme,
+ Id = "Bearer"
+ }
+ },
+ new string[] {}
+ }
+ });
+});
+
+// 在应用启动时初始化权限规则配置
+var configPath = Path.Combine(Directory.GetCurrentDirectory(), "PermissionRules.json");
+var permissionRuleConfigService = new PermissionRuleConfigService(configPath);
+permissionRuleConfigService.Initialize();
+
+// 注册为单例服务,供后续使用
+builder.Services.AddSingleton(permissionRuleConfigService);
+builder.Services.AddAllServiceRegistrations(builder.Configuration);
+builder.Services.AddControllers();
+
+var app = builder.Build();
+
+// Configure the HTTP request pipeline.
+if (app.Environment.IsDevelopment())
+{
+ app.UseSwagger();
+ app.UseSwaggerUI();
+}
+
+app.UseCors("AllowSpecific");
+
+// 添加JWT认证中间件
+Console.WriteLine("正在注册JWT认证中间件...");
+app.UseJwtAuthentication();
+Console.WriteLine("JWT认证中间件注册完成");
+
+app.MapControllers();
+app.Run();
diff --git a/backend/src/UniversalAdminSystem.Api/Properties/launchSettings.json b/backend/src/UniversalAdminSystem.Api/Properties/launchSettings.json
new file mode 100644
index 0000000..db61601
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/Properties/launchSettings.json
@@ -0,0 +1,41 @@
+{
+ "$schema": "http://json.schemastore.org/launchsettings.json",
+ "iisSettings": {
+ "windowsAuthentication": false,
+ "anonymousAuthentication": true,
+ "iisExpress": {
+ "applicationUrl": "http://localhost:56387",
+ "sslPort": 44340
+ }
+ },
+ "profiles": {
+ "http": {
+ "commandName": "Project",
+ "dotnetRunMessages": true,
+ "launchBrowser": true,
+ "launchUrl": "swagger",
+ "applicationUrl": "http://localhost:5101",
+ "environmentVariables": {
+ "ASPNETCORE_ENVIRONMENT": "Development"
+ }
+ },
+ "https": {
+ "commandName": "Project",
+ "dotnetRunMessages": true,
+ "launchBrowser": true,
+ "launchUrl": "swagger",
+ "applicationUrl": "https://localhost:7242;http://localhost:5101",
+ "environmentVariables": {
+ "ASPNETCORE_ENVIRONMENT": "Development"
+ }
+ },
+ "IIS Express": {
+ "commandName": "IISExpress",
+ "launchBrowser": true,
+ "launchUrl": "swagger",
+ "environmentVariables": {
+ "ASPNETCORE_ENVIRONMENT": "Development"
+ }
+ }
+ }
+}
diff --git a/backend/src/UniversalAdminSystem.Api/SystemPermissions.json b/backend/src/UniversalAdminSystem.Api/SystemPermissions.json
new file mode 100644
index 0000000..7aa7b88
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/SystemPermissions.json
@@ -0,0 +1,89 @@
+{
+ "SystemPermissions": [
+ {
+ "Resource": "file",
+ "Action": "Create",
+ "Name": "文件上传"
+ },
+ {
+ "Resource": "file",
+ "Action": "Read",
+ "Name": "文件下载"
+ },
+ {
+ "Resource": "file",
+ "Action": "Delete",
+ "Name": "文件删除"
+ },
+ {
+ "Resource": "user",
+ "Action": "Create",
+ "Name": "创建用户"
+ },
+ {
+ "Resource": "user",
+ "Action": "Read",
+ "Name": "查看用户"
+ },
+ {
+ "Resource": "user",
+ "Action": "Update",
+ "Name": "更新用户"
+ },
+ {
+ "Resource": "user",
+ "Action": "Delete",
+ "Name": "删除用户"
+ },
+ {
+ "Resource": "role",
+ "Action": "Create",
+ "Name": "创建角色"
+ },
+ {
+ "Resource": "role",
+ "Action": "Read",
+ "Name": "查看角色"
+ },
+ {
+ "Resource": "role",
+ "Action": "Update",
+ "Name": "更新角色"
+ },
+ {
+ "Resource": "role",
+ "Action": "Delete",
+ "Name": "删除角色"
+ },
+ {
+ "Resource": "permission",
+ "Action": "Create",
+ "Name": "创建权限"
+ },
+ {
+ "Resource": "permission",
+ "Action": "Read",
+ "Name": "查看权限"
+ },
+ {
+ "Resource": "permission",
+ "Action": "Update",
+ "Name": "更新权限"
+ },
+ {
+ "Resource": "permission",
+ "Action": "Delete",
+ "Name": "删除权限"
+ },
+ {
+ "Resource": "config",
+ "Action": "Update",
+ "Name": "更新系统配置"
+ },
+ {
+ "Resource": "system",
+ "Action": "Manage",
+ "Name": "管理安全策略"
+ }
+ ]
+}
diff --git a/backend/src/UniversalAdminSystem.Api/UniversalAdminSystem.Api.csproj b/backend/src/UniversalAdminSystem.Api/UniversalAdminSystem.Api.csproj
new file mode 100644
index 0000000..5e7a731
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/UniversalAdminSystem.Api.csproj
@@ -0,0 +1,23 @@
+
+
+
+ net8.0
+ enable
+ enable
+
+
+
+
+
+ runtime; build; native; contentfiles; analyzers; buildtransitive
+ all
+
+
+
+
+
+
+
+
+
+
diff --git a/backend/src/UniversalAdminSystem.Api/UniversalAdminSystem.Api.http b/backend/src/UniversalAdminSystem.Api/UniversalAdminSystem.Api.http
new file mode 100644
index 0000000..cb7770f
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/UniversalAdminSystem.Api.http
@@ -0,0 +1,11 @@
+@url = http://localhost:5101
+
+POST {{url}}/api/auth/login
+Content-Type: application/json
+
+{
+ "account": "manager",
+ "password": "manager123"
+}
+
+###
diff --git a/backend/src/UniversalAdminSystem.Api/appsettings.json b/backend/src/UniversalAdminSystem.Api/appsettings.json
new file mode 100644
index 0000000..5a0c1dd
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Api/appsettings.json
@@ -0,0 +1,23 @@
+{
+ "Logging": {
+ "LogLevel": {
+ "Default": "Information",
+ "Microsoft.AspNetCore": "Warning",
+ "UniversalAdminSystem.Infrastructure.Services.SystemPermissionConfigLoader": "Debug"
+ }
+ },
+ "AllowedHosts": "*",
+ "ConnectionStrings": {
+ "pgSql": "server=127.0.0.1;port=5432;uid=postgres;password=031028@yue;database=universal_admin"
+ },
+ "Jwt": {
+ "Key": "YourSuperSecretKey1232347509872093oiqewupori",
+ "Issuer": "UniversalAdminSystem",
+ "Audience": "api-web-admin",
+ "ExpireHours": 2
+ },
+ "K2": {
+ "BaseUrl": "https://dashscope.aliyuncs.com/compatible-mode/v1/",
+ "ApiKey": "sk-a31163f6b59e44dcbdb87c668482ce96"
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/CredentialDto.cs b/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/CredentialDto.cs
new file mode 100644
index 0000000..bd00463
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/CredentialDto.cs
@@ -0,0 +1,3 @@
+namespace UniversalAdminSystem.Application.Authentication.DTOs;
+
+public record CredentialDto(string Message, string? Account = null, string? Token = null);
diff --git a/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/LoginDto.cs b/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/LoginDto.cs
new file mode 100644
index 0000000..14bb597
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/LoginDto.cs
@@ -0,0 +1,3 @@
+namespace UniversalAdminSystem.Application.Authentication.DTOs;
+
+public record LoginDto(string Account, string Password);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/LoginResultDto.cs b/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/LoginResultDto.cs
new file mode 100644
index 0000000..742c9c1
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/LoginResultDto.cs
@@ -0,0 +1,5 @@
+using UniversalAdminSystem.Domian.UserManagement.Entities;
+
+namespace UniversalAdminSystem.Application.Authentication.DTOs;
+
+public record LoginResultDto(string Token, string UserId, string RoleId, string UserName,UserInfo UserInfo);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/RegisterDto.cs b/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/RegisterDto.cs
new file mode 100644
index 0000000..8006203
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/RegisterDto.cs
@@ -0,0 +1,3 @@
+namespace UniversalAdminSystem.Application.Authentication.DTOs;
+
+public record RegisterDto(string Account, string Password, string Email);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/RegisterResultDto.cs b/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/RegisterResultDto.cs
new file mode 100644
index 0000000..00c7d44
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/RegisterResultDto.cs
@@ -0,0 +1,3 @@
+namespace UniversalAdminSystem.Application.Authentication.DTOs;
+
+public record RegisterResultDto(string UserId, string Account, string Message);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/TokenDto.cs b/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/TokenDto.cs
new file mode 100644
index 0000000..e91dd4d
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Authentication/DTOs/TokenDto.cs
@@ -0,0 +1,26 @@
+namespace UniversalAdminSystem.Application.Authentication.DTOs;
+
+///
+/// 刷新Token请求DTO
+///
+public record RefreshTokenDto(string Token);
+
+///
+/// 刷新Token结果DTO
+///
+public record RefreshTokenResultDto(string Token, string UserId, string RoleId);
+
+///
+/// 验证Token请求DTO
+///
+public record ValidateTokenDto(string Token);
+
+///
+/// Token验证结果DTO
+///
+public record TokenValidationResultDto(bool IsValid, string UserId, string RoleId);
+
+///
+/// 登出响应DTO
+///
+public record LogoutResultDto(string Message);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/Authentication/Interfaces/IJwtTokenService.cs b/backend/src/UniversalAdminSystem.Application/Authentication/Interfaces/IJwtTokenService.cs
new file mode 100644
index 0000000..b9413a3
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Authentication/Interfaces/IJwtTokenService.cs
@@ -0,0 +1,10 @@
+using UniversalAdminSystem.Domian.UserManagement.ValueObj;
+
+namespace UniversalAdminSystem.Application.Authentication.Interfaces;
+
+public interface IJwtTokenService
+{
+ string GenerateToken(string userId, string roleId, UserStatus status);
+ (string userId, string roleId, UserStatus status) ParseToken(string token);
+ string RefreshToken(string oldToken, out string userId, out string roleId, out UserStatus status);
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/Authentication/Interfaces/ILoginAppService.cs b/backend/src/UniversalAdminSystem.Application/Authentication/Interfaces/ILoginAppService.cs
new file mode 100644
index 0000000..80adb82
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Authentication/Interfaces/ILoginAppService.cs
@@ -0,0 +1,8 @@
+using UniversalAdminSystem.Application.Authentication.DTOs;
+
+namespace UniversalAdminSystem.Application.Authentication.Interfaces;
+
+public interface ILoginAppService
+{
+ Task LoginAsync(LoginDto dto);
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/Authentication/Interfaces/IRegisterAppService.cs b/backend/src/UniversalAdminSystem.Application/Authentication/Interfaces/IRegisterAppService.cs
new file mode 100644
index 0000000..7070f3a
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Authentication/Interfaces/IRegisterAppService.cs
@@ -0,0 +1,8 @@
+using UniversalAdminSystem.Application.Authentication.DTOs;
+
+namespace UniversalAdminSystem.Application.Authentication.Interfaces;
+
+public interface IRegisterAppService
+{
+ Task RegisterAsync(RegisterDto dto);
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/Authentication/Service/LoginAppService.cs b/backend/src/UniversalAdminSystem.Application/Authentication/Service/LoginAppService.cs
new file mode 100644
index 0000000..70edb56
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Authentication/Service/LoginAppService.cs
@@ -0,0 +1,40 @@
+using UniversalAdminSystem.Application.Authentication.DTOs;
+using UniversalAdminSystem.Application.Authentication.Interfaces;
+using UniversalAdminSystem.Domian.UserManagement.IRepository;
+using UniversalAdminSystem.Application.UserManagement.Interface;
+using UniversalAdminSystem.Domian.UserManagement.ValueObj;
+
+namespace UniversalAdminSystem.Application.Authentication.Service;
+
+public class LoginAppService : ILoginAppService
+{
+ private readonly IUserRepository _userRepository;
+ private readonly IJwtTokenService _jwtService;
+ private readonly IPasswordHelper _passwordHelper;
+ private readonly IUserInfoRepository _userInfoRepository;
+
+ public LoginAppService(
+ IUserRepository userRepository,
+ IJwtTokenService jwtService,
+ IPasswordHelper passwordHelper,
+ IUserInfoRepository userInfoRepository)
+ {
+ _userRepository = userRepository;
+ _jwtService = jwtService;
+ _passwordHelper = passwordHelper;
+ _userInfoRepository = userInfoRepository;
+ }
+
+ public async Task LoginAsync(LoginDto dto)
+ {
+
+ var user = await _userRepository.GetUserByAccountAsync(dto.Account) ?? throw new Exception("账号不存在");
+ var userinfo = await _userInfoRepository.GetByGuidAsync(user.UserInfoId ?? throw new Exception("用户信息未绑定")) ?? throw new Exception("用户信息不存在");
+ // 使用密码验证服务进行安全比对
+ if (!_passwordHelper.VerifyPasswordWithSeparateSalt(dto.Password, user.Password, user.Salt)) throw new Exception("密码错误");
+ // 生成JWT令牌
+ var token = _jwtService.GenerateToken(user.UserId.Value.ToString(), user.RoleId?.Value.ToString() ?? "", user.Status);
+ // 返回登录结果
+ return new LoginResultDto(token, user.UserId.Value.ToString(), user.RoleId?.Value.ToString() ?? "", user.Account.Value.ToString(),userinfo);
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/Authentication/Service/RegisterAppService.cs b/backend/src/UniversalAdminSystem.Application/Authentication/Service/RegisterAppService.cs
new file mode 100644
index 0000000..5577a52
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Authentication/Service/RegisterAppService.cs
@@ -0,0 +1,91 @@
+using UniversalAdminSystem.Application.Authentication.DTOs;
+using UniversalAdminSystem.Application.Authentication.Interfaces;
+using UniversalAdminSystem.Domian.UserManagement.Aggregates;
+using UniversalAdminSystem.Domian.UserManagement.IRepository;
+using UniversalAdminSystem.Domian.UserManagement.ValueObj;
+using UniversalAdminSystem.Application.UserManagement.Interface;
+using UniversalAdminSystem.Domian.UserManagement.Entities;
+using UniversalAdminSystem.Application.Common.Interfaces;
+using UniversalAdminSystem.Domian.PermissionManagement.IRepository;
+
+namespace UniversalAdminSystem.Application.Authentication.Service;
+
+public class RegisterAppService : IRegisterAppService
+{
+ private readonly IUserRepository _userRepository;
+ private readonly IPasswordHelper _passwordHelper;
+ private readonly IUnitOfWork _unitOfWork;
+
+ private readonly IRoleRepository _RoleRepo;
+
+ public RegisterAppService(
+ IUserRepository userRepository,
+ IPasswordHelper passwordHelper,
+ IUnitOfWork unitOfWork,
+ IRoleRepository roleRepository)
+ {
+ _userRepository = userRepository;
+ _passwordHelper = passwordHelper;
+ _unitOfWork = unitOfWork;
+ _RoleRepo = roleRepository;
+ }
+
+ public async Task RegisterAsync(RegisterDto dto)
+ {
+ try
+ {
+ // 开始事务
+ await _unitOfWork.BeginTransactionAsync();
+
+ // 检查账号是否已存在
+ var existingUser = await _userRepository.GetUserByAccountAsync(dto.Account);
+ if (existingUser != null)
+ {
+ throw new Exception("账号已存在");
+ }
+
+ // 检查邮箱是否已存在
+ var existingUserByEmail = await _userRepository.GetUserByEmailAsync(dto.Email);
+ if (existingUserByEmail != null)
+ {
+ throw new Exception("邮箱已被注册");
+ }
+
+ // 密码加密
+ var (hashedPassword, salt) = _passwordHelper.HashPasswordWithSeparateSalt(dto.Password);
+
+ // 创建用户信息
+ var userInfo = UserInfo.CreateUserInfo();
+ await _userRepository.AddUserInfoAsync(userInfo);
+ var Role = await _RoleRepo.GetByNameAsync("普通用户") ?? throw new Exception("用户创建失败");
+ // 创建用户
+ var user = User.CreateUser(
+ userInfo.UserInfoId,
+ dto.Account,
+ hashedPassword,
+ dto.Email,
+ salt,
+ UserStatus.Normal,
+ Role.RoleId.Value
+
+ );
+
+ await _userRepository.AddAsync(user);
+
+ // 提交事务
+ await _unitOfWork.CommitAsync();
+
+ return new RegisterResultDto(
+ user.UserId.Value.ToString(),
+ user.Account.Value.ToString(),
+ "注册成功"
+ );
+ }
+ catch (Exception)
+ {
+ // 回滚事务
+ await _unitOfWork.RollbackAsync();
+ throw;
+ }
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/Common/Exceptions/BusinessException.cs b/backend/src/UniversalAdminSystem.Application/Common/Exceptions/BusinessException.cs
new file mode 100644
index 0000000..ef09cbe
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Common/Exceptions/BusinessException.cs
@@ -0,0 +1,43 @@
+namespace UniversalAdminSystem.Application.Common.Exceptions;
+
+///
+/// 业务异常基类
+///
+public class BusinessException : Exception
+{
+ public string ErrorCode { get; }
+
+ public BusinessException(string message, string errorCode = "BUSINESS_ERROR") : base(message)
+ {
+ ErrorCode = errorCode;
+ }
+
+ public BusinessException(string message, Exception innerException, string errorCode = "BUSINESS_ERROR") : base(message, innerException)
+ {
+ ErrorCode = errorCode;
+ }
+}
+
+///
+/// 菜单相关业务异常
+///
+public class MenuBusinessException : BusinessException
+{
+ public MenuBusinessException(string message, string errorCode = "MENU_ERROR") : base(message, errorCode) { }
+}
+
+///
+/// 未找到异常
+///
+public class NotFoundException : BusinessException
+{
+ public NotFoundException(string message) : base(message, "NOT_FOUND") { }
+}
+
+///
+/// 验证异常
+///
+public class ValidationException : BusinessException
+{
+ public ValidationException(string message) : base(message, "VALIDATION_ERROR") { }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/Common/Results/Result.cs b/backend/src/UniversalAdminSystem.Application/Common/Results/Result.cs
new file mode 100644
index 0000000..b725103
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Common/Results/Result.cs
@@ -0,0 +1,54 @@
+namespace UniversalAdminSystem.Application.Common.Results;
+
+///
+/// 统一响应结果基类
+///
+public class Result
+{
+ public bool IsSuccess { get; }
+ public string Message { get; }
+ public string[] Errors { get; }
+
+ protected Result(bool isSuccess, string message, string[]? errors = null)
+ {
+ IsSuccess = isSuccess;
+ Message = message;
+ Errors = errors ?? Array.Empty();
+ }
+
+ public static Result Success(string message = "操作成功")
+ {
+ return new Result(true, message);
+ }
+
+ public static Result Failure(string message, string[]? errors = null)
+ {
+ return new Result(false, message, errors);
+ }
+}
+
+///
+/// 带数据的响应结果
+///
+public class Result : Result
+{
+ public T? Data { get; }
+
+ protected Result(bool isSuccess, string message, T? data, string[]? errors = null)
+ : base(isSuccess, message, errors)
+ {
+ Data = data;
+ }
+
+ public static Result Success(T data, string message = "操作成功")
+ {
+ return new Result(true, message, data);
+ }
+
+ public static new Result Failure(string message, string[]? errors = null)
+ {
+ return new Result(false, message, default, errors);
+ }
+
+ public static implicit operator Result(T data) => Success(data);
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/Common/interfaces/IUnitOfWork.cs b/backend/src/UniversalAdminSystem.Application/Common/interfaces/IUnitOfWork.cs
new file mode 100644
index 0000000..c4f6fab
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/Common/interfaces/IUnitOfWork.cs
@@ -0,0 +1,9 @@
+namespace UniversalAdminSystem.Application.Common.Interfaces;
+
+public interface IUnitOfWork
+{
+ Task BeginTransactionAsync();
+ Task CommitAsync();
+ Task RollbackAsync();
+ Task SaveChangesAsync(CancellationToken cancellationToken = default);
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/FileStorage/DTOs/FileDto.cs b/backend/src/UniversalAdminSystem.Application/FileStorage/DTOs/FileDto.cs
new file mode 100644
index 0000000..79c8621
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/FileStorage/DTOs/FileDto.cs
@@ -0,0 +1,40 @@
+using UniversalAdminSystem.Domian.Core.ValueObjects;
+using UniversalAdminSystem.Domian.FileStorage.ValueObjects;
+using UniversalAdminSystem.Domian.UserManagement.ValueObj;
+
+namespace UniversalAdminSystem.Application.FileStorage.DTOs;
+
+public record FileDto(
+ Guid Id,
+ string Name,
+ string Path,
+ long Size,
+ string Type,
+ Guid OwnerId,
+ DateTime UploadTime,
+ bool IsFolder,
+ Guid? ParentId,
+ string AccessLevel
+);
+
+public record FileUploadDto(
+ string Name,
+ string Path,
+ long Size,
+ string Type,
+ Guid? ParentId = null
+);
+
+public record FileDownloadDto(
+ Guid Id,
+ string Name,
+ string Path,
+ string Type
+);
+
+public record FileUploadResultDto(
+ Guid Id,
+ string Name,
+ string Path,
+ string Type
+);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/FileStorage/Interfaces/IFileAppService.cs b/backend/src/UniversalAdminSystem.Application/FileStorage/Interfaces/IFileAppService.cs
new file mode 100644
index 0000000..ef8a47b
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/FileStorage/Interfaces/IFileAppService.cs
@@ -0,0 +1,23 @@
+using UniversalAdminSystem.Domian.FileStorage.ValueObjects;
+using UniversalAdminSystem.Domian.UserManagement.ValueObj;
+using UniversalAdminSystem.Application.FileStorage.DTOs;
+using UniversalAdminSystem.Domian.Core.ValueObjects;
+using UniversalAdminSystem.Application.Common.Results;
+
+namespace UniversalAdminSystem.Application.FileStorage.Interfaces;
+
+public interface IFileAppService
+{
+ Task UploadAsync(FileUploadDto dto);
+
+ Task> GetList();
+ // Task> DownloadAsync(FileId fileId);
+ // Task>> ListAsync(FileId? parentId);
+ // Task> CreateFolderAsync(string name, FileId? parentId);
+ // Task DeleteAsync(FileId fileId);
+ // Task> GetFileByIdAsync(FileId fileId);
+
+ Task GetFileById(Guid id);
+
+ Task RemoveFile(Guid id);
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/FileStorage/Services/FileAppService.cs b/backend/src/UniversalAdminSystem.Application/FileStorage/Services/FileAppService.cs
new file mode 100644
index 0000000..f4ae062
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/FileStorage/Services/FileAppService.cs
@@ -0,0 +1,84 @@
+using UniversalAdminSystem.Application.FileStorage.DTOs;
+using UniversalAdminSystem.Application.FileStorage.Interfaces;
+using UniversalAdminSystem.Domian.Core.ValueObjects;
+using UniversalAdminSystem.Domian.FileStorage.IRepository;
+using UniversalAdminSystem.Domian.FileStorage.Services;
+using UniversalAdminSystem.Domian.FileStorage.ValueObjects;
+using UniversalAdminSystem.Application.Common.Results;
+using UniversalAdminSystem.Application.Common.Interfaces;
+using UniversalAdminSystem.Application.PermissionManagement.Interfaces;
+using File = UniversalAdminSystem.Domian.FileStorage.Aggregates.File;
+using UniversalAdminSystem.Domian.FileStorage.Interface;
+
+namespace UniversalAdminSystem.Application.FileStorage.Services;
+
+public class FileAppService : IFileAppService
+{
+ private readonly IFileRepository _fileRepository;
+
+ public FileAppService(IFileRepository fileRepository)
+ {
+ _fileRepository = fileRepository;
+ }
+
+ public async Task UploadAsync(FileUploadDto dto)
+ {
+ try
+ {
+ var file = File.Create(
+ FileName.Create(dto.Name),
+ FilePath.Create(dto.Path),
+ FileSize.Create(dto.Size),
+ FileType.Create(dto.Type),
+ (UserId)Guid.NewGuid(),
+ false,
+ dto.ParentId.HasValue ? (FileId)dto.ParentId.Value : null);
+ await _fileRepository.AddAsync(file);
+ return new FileUploadResultDto(
+ file.Id.Value,
+ file.Name.Value,
+ file.Path.Value,
+ file.Type.Value
+ );
+ }
+ catch (Exception ex)
+ {
+ throw new InvalidOperationException($"上传文件失败: {ex.Message}");
+ }
+ }
+
+ public async Task> GetList()
+ {
+ var files = await _fileRepository.GetAllAsync();
+ return files.Select(file => new FileUploadResultDto(
+ file.Id,
+ file.Name,
+ file.Path,
+ file.Type
+ ));
+ }
+
+ public async Task GetFileById(Guid id)
+ {
+ var file = await _fileRepository.GetByGuidAsync(id);
+ if (file == null)
+ {
+ throw new FileNotFoundException();
+ }
+ return new FileDownloadDto(file.Id, file.Name, file.Path, file.Type);
+ }
+
+ public async Task RemoveFile(Guid id)
+ {
+ try
+ {
+ await _fileRepository.RemoveAsync(id);
+ }
+ catch (System.Exception)
+ {
+
+ throw new Exception("删除异常");
+ }
+
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/LogManagement/DTOs/LogEntryDto.cs b/backend/src/UniversalAdminSystem.Application/LogManagement/DTOs/LogEntryDto.cs
new file mode 100644
index 0000000..0883fcd
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/LogManagement/DTOs/LogEntryDto.cs
@@ -0,0 +1,21 @@
+namespace UniversalAdminSystem.Application.LogManagement.DTOs;
+
+public record LogEntryDto(
+ Guid Id,
+ string Level,
+ string Message,
+ string Source,
+ Guid? UserId,
+ DateTime Timestamp,
+ string? Context,
+ string? Exception
+);
+
+public record LogCreateDto(
+ string Level,
+ string Message,
+ string Source,
+ Guid? UserId = null,
+ string? Context = null,
+ string? Exception = null
+);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/LogManagement/Interfaces/ILogManagementAppService.cs b/backend/src/UniversalAdminSystem.Application/LogManagement/Interfaces/ILogManagementAppService.cs
new file mode 100644
index 0000000..61b7d96
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/LogManagement/Interfaces/ILogManagementAppService.cs
@@ -0,0 +1,52 @@
+using UniversalAdminSystem.Application.LogManagement.DTOs;
+using UniversalAdminSystem.Application.Common.Results;
+
+namespace UniversalAdminSystem.Application.LogManagement.Interfaces;
+
+public interface ILogManagementAppService
+{
+ ///
+ /// 获取所有日志
+ ///
+ Task>> GetAllLogsAsync();
+
+ ///
+ /// 根据ID获取日志
+ ///
+ Task> GetLogByIdAsync(Guid id);
+
+ ///
+ /// 创建日志
+ ///
+ Task> CreateLogAsync(LogCreateDto createDto);
+
+ ///
+ /// 根据级别获取日志
+ ///
+ Task>> GetLogsByLevelAsync(string level);
+
+ ///
+ /// 根据用户获取日志
+ ///
+ Task>> GetLogsByUserAsync(Guid userId);
+
+ ///
+ /// 根据日期范围获取日志
+ ///
+ Task>> GetLogsByDateRangeAsync(DateTime start, DateTime end);
+
+ ///
+ /// 根据来源获取日志
+ ///
+ Task>> GetLogsBySourceAsync(string source);
+
+ ///
+ /// 删除日志
+ ///
+ Task DeleteLogAsync(Guid id);
+
+ ///
+ /// 清空所有日志
+ ///
+ Task ClearLogsAsync();
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/LogManagement/Services/LogManagementAppService.cs b/backend/src/UniversalAdminSystem.Application/LogManagement/Services/LogManagementAppService.cs
new file mode 100644
index 0000000..0b81223
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/LogManagement/Services/LogManagementAppService.cs
@@ -0,0 +1,182 @@
+using UniversalAdminSystem.Application.LogManagement.DTOs;
+using UniversalAdminSystem.Application.LogManagement.Interfaces;
+using UniversalAdminSystem.Domian.LogManagement.Aggregates;
+using UniversalAdminSystem.Domian.Core.Interfaces;
+using UniversalAdminSystem.Application.Common.Results;
+using UniversalAdminSystem.Domian.Core.ValueObjects;
+using UniversalAdminSystem.Application.Common.Interfaces;
+
+namespace UniversalAdminSystem.Application.LogManagement.Services;
+
+public class LogManagementAppService : ILogManagementAppService
+{
+ private readonly IRepository _logRepository;
+ private readonly IUnitOfWork _unitOfWork;
+
+ public LogManagementAppService(
+ IRepository logRepository,
+ IUnitOfWork unitOfWork)
+ {
+ _logRepository = logRepository;
+ _unitOfWork = unitOfWork;
+ }
+
+ public async Task>> GetAllLogsAsync()
+ {
+ try
+ {
+ var logs = await _logRepository.GetAllAsync();
+ var logDtos = logs.Select(MapToDto);
+ return Result>.Success(logDtos);
+ }
+ catch (Exception ex)
+ {
+ return Result>.Failure($"获取日志列表失败: {ex.Message}");
+ }
+ }
+
+ public async Task> GetLogByIdAsync(Guid id)
+ {
+ try
+ {
+ var log = await _logRepository.GetByGuidAsync(id);
+ if (log == null)
+ {
+ return Result.Success(null);
+ }
+
+ return Result.Success(MapToDto(log));
+ }
+ catch (Exception ex)
+ {
+ return Result.Failure($"获取日志详情失败: {ex.Message}");
+ }
+ }
+
+ public async Task> CreateLogAsync(LogCreateDto createDto)
+ {
+ try
+ {
+ var log = LogEntry.Create(
+ createDto.Level,
+ createDto.Message,
+ createDto.Source,
+ createDto.UserId.HasValue ? (UserId)createDto.UserId.Value : null,
+ createDto.Context,
+ createDto.Exception
+ );
+
+ await _logRepository.AddAsync(log);
+ await _unitOfWork.SaveChangesAsync();
+ return Result.Success(MapToDto(log));
+ }
+ catch (Exception ex)
+ {
+ return Result.Failure($"创建日志失败: {ex.Message}");
+ }
+ }
+
+ public async Task>> GetLogsByLevelAsync(string level)
+ {
+ try
+ {
+ var logs = await _logRepository.GetAllAsync();
+ var filteredLogs = logs.Where(l => l.Level == level).Select(MapToDto);
+ return Result>.Success(filteredLogs);
+ }
+ catch (Exception ex)
+ {
+ return Result>.Failure($"获取日志失败: {ex.Message}");
+ }
+ }
+
+ public async Task>> GetLogsByUserAsync(Guid userId)
+ {
+ try
+ {
+ var logs = await _logRepository.GetAllAsync();
+ var userLogs = logs.Where(l => l.UserId != null && l.UserId.Value == userId);
+
+ var logDtos = userLogs.Select(MapToDto);
+ return Result>.Success(logDtos);
+ }
+ catch (Exception ex)
+ {
+ return Result>.Failure($"获取用户日志失败: {ex.Message}");
+ }
+ }
+
+ public async Task>> GetLogsByDateRangeAsync(DateTime start, DateTime end)
+ {
+ try
+ {
+ var logs = await _logRepository.GetAllAsync();
+ var dateRangeLogs = logs.Where(l => l.Timestamp >= start && l.Timestamp <= end);
+
+ var logDtos = dateRangeLogs.Select(MapToDto);
+ return Result>.Success(logDtos);
+ }
+ catch (Exception ex)
+ {
+ return Result>.Failure($"获取日志失败: {ex.Message}");
+ }
+ }
+
+ public async Task>> GetLogsBySourceAsync(string source)
+ {
+ try
+ {
+ var logs = await _logRepository.GetAllAsync();
+ var sourceLogs = logs.Where(l => l.Source == source);
+
+ var logDtos = sourceLogs.Select(MapToDto);
+ return Result>.Success(logDtos);
+ }
+ catch (Exception ex)
+ {
+ return Result>.Failure($"获取日志失败: {ex.Message}");
+ }
+ }
+
+ public async Task DeleteLogAsync(Guid id)
+ {
+ try
+ {
+ var log = await _logRepository.GetByGuidAsync(id);
+ if (log == null)
+ {
+ return Result.Failure("日志不存在");
+ }
+
+ await _logRepository.RemoveAsync(id);
+ await _unitOfWork.SaveChangesAsync();
+ return Result.Success("日志删除成功");
+ }
+ catch (Exception ex)
+ {
+ return Result.Failure($"删除日志失败: {ex.Message}");
+ }
+ }
+
+ public async Task ClearLogsAsync()
+ {
+ try
+ {
+ var logs = await _logRepository.GetAllAsync();
+ foreach (var log in logs)
+ {
+ await _logRepository.RemoveAsync(log.Id);
+ }
+ await _unitOfWork.SaveChangesAsync();
+ return Result.Success("日志清空成功");
+ }
+ catch (Exception ex)
+ {
+ return Result.Failure($"清空日志失败: {ex.Message}");
+ }
+ }
+
+ private static LogEntryDto MapToDto(LogEntry l) => new(
+ l.Id, l.Level, l.Message, l.Source, l.UserId?.Value, l.Timestamp, l.Context, l.Exception
+ );
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/AssignPermissionDto.cs b/backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/AssignPermissionDto.cs
new file mode 100644
index 0000000..a875638
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/AssignPermissionDto.cs
@@ -0,0 +1,11 @@
+namespace UniversalAdminSystem.Application.PermissionManagement.DTOs;
+
+///
+/// 权限分配数据传输对象
+///
+/// 权限编码
+/// 角色ID
+public record AssignPermissionDto(
+ string PermissionCode,
+ Guid RoleId
+);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/PermissionCreateDto.cs b/backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/PermissionCreateDto.cs
new file mode 100644
index 0000000..79124ba
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/PermissionCreateDto.cs
@@ -0,0 +1,15 @@
+namespace UniversalAdminSystem.Application.PermissionManagement.DTOs;
+
+///
+/// 权限创建数据传输对象
+///
+/// 权限名称
+/// 权限作用资源
+/// 权限操作类型值
+/// 权限描述
+public record PermissionCreateDto(
+ string Name,
+ string Resource,
+ int ActionValue,
+ string? Description = null
+);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/PermissionDto.cs b/backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/PermissionDto.cs
new file mode 100644
index 0000000..3c8cf10
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/PermissionDto.cs
@@ -0,0 +1,13 @@
+namespace UniversalAdminSystem.Application.PermissionManagement.DTOs;
+
+///
+/// 权限数据传输对象
+///
+/// 权限名称
+/// 权限编码
+/// 权限描述
+public record PermissionDto(
+ string Name,
+ string Code,
+ string Description
+);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/RoleDto.cs b/backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/RoleDto.cs
new file mode 100644
index 0000000..a72356d
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/PermissionManagement/DTOs/RoleDto.cs
@@ -0,0 +1,46 @@
+namespace UniversalAdminSystem.Application.PermissionManagement.DTOs;
+
+///
+/// 角色数据传输对象
+///
+/// 角色ID
+/// 角色名称
+/// 角色描述
+/// 是否为系统角色
+/// 是否为超级管理员
+/// 创建时间
+/// 更新时间
+/// 权限数量
+public record RoleDto(
+ Guid RoleId,
+ string Name,
+ string? Description,
+ bool IsSystem,
+ bool IsSupper,
+ DateTime CreateTime,
+ DateTime UpdateTime,
+ int PermissionCount = 0
+);
+
+///
+/// 角色创建数据传输对象
+///
+/// 角色名称
+/// 角色描述
+/// 是否为系统角色
+/// 是否为超级管理员
+public record RoleCreateDto(
+ string Name,
+ string? Description = null,
+ bool IsSupper = false
+);
+
+///
+/// 角色更新数据传输对象
+///
+/// 角色名称
+/// 角色描述
+public record RoleUpdateDto(
+ string Name,
+ string? Description = null
+);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/PermissionManagement/Interfaces/IPermissionCheckService.cs b/backend/src/UniversalAdminSystem.Application/PermissionManagement/Interfaces/IPermissionCheckService.cs
new file mode 100644
index 0000000..f355206
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/PermissionManagement/Interfaces/IPermissionCheckService.cs
@@ -0,0 +1,46 @@
+namespace UniversalAdminSystem.Application.PermissionManagement.Interfaces;
+
+///
+/// 权限检查服务接口
+/// 提供用户权限验证功能
+///
+public interface IPermissionCheckService
+{
+ ///
+ /// 检查用户是否有指定权限
+ ///
+ /// 用户ID
+ /// 权限编码
+ /// 是否有权限
+ Task CheckUserPermissionAsync(Guid userId, string permissionCode);
+
+ ///
+ /// 检查用户是否有任意一个指定权限
+ ///
+ /// 用户ID
+ /// 权限编码列表
+ /// 是否有权限
+ Task CheckUserAnyPermissionAsync(Guid userId, IEnumerable permissionCodes);
+
+ ///
+ /// 检查用户是否有所有指定权限
+ ///
+ /// 用户ID
+ /// 权限编码列表
+ /// 是否有权限
+ Task CheckUserAllPermissionsAsync(Guid userId, IEnumerable permissionCodes);
+
+ ///
+ /// 获取用户的所有权限
+ ///
+ /// 用户ID
+ /// 权限编码列表
+ Task> GetUserPermissionsAsync(Guid userId);
+
+ ///
+ /// 获取用户的所有角色
+ ///
+ /// 用户ID
+ /// 角色名称列表
+ Task> GetUserRoleAsync(Guid userId);
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/PermissionManagement/Interfaces/IPermissionManagementAppService.cs b/backend/src/UniversalAdminSystem.Application/PermissionManagement/Interfaces/IPermissionManagementAppService.cs
new file mode 100644
index 0000000..9d3caa5
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/PermissionManagement/Interfaces/IPermissionManagementAppService.cs
@@ -0,0 +1,37 @@
+using UniversalAdminSystem.Application.PermissionManagement.DTOs;
+
+namespace UniversalAdminSystem.Application.PermissionManagement.Interfaces;
+
+///
+/// 权限管理应用服务接口
+/// 提供权限的创建、查询、分配等业务操作
+///
+public interface IPermissionManagementAppService
+{
+ ///
+ /// 获取所有权限列表
+ ///
+ /// 权限列表
+ Task> GetAllPermissionAsync();
+
+ ///
+ /// 创建新权限
+ ///
+ /// 权限创建数据传输对象
+ /// 创建的权限信息
+ Task CreatePermissionAsync(PermissionCreateDto createDto);
+
+ ///
+ /// 删除权限
+ ///
+ /// 权限ID
+ /// 删除操作结果
+ Task RemovePermissionAsync(Guid permissionId);
+
+ ///
+ /// 为角色分配权限
+ ///
+ /// 权限分配数据传输对象
+ /// 分配操作结果
+ Task AssignPermissionToRoleAsync(AssignPermissionDto assignDto);
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/PermissionManagement/Interfaces/IRoleManagementAppService.cs b/backend/src/UniversalAdminSystem.Application/PermissionManagement/Interfaces/IRoleManagementAppService.cs
new file mode 100644
index 0000000..6667c1e
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/PermissionManagement/Interfaces/IRoleManagementAppService.cs
@@ -0,0 +1,68 @@
+using UniversalAdminSystem.Application.PermissionManagement.DTOs;
+
+namespace UniversalAdminSystem.Application.PermissionManagement.Interfaces;
+
+///
+/// 角色管理应用服务接口
+/// 提供角色的创建、查询、更新、删除等业务操作
+///
+public interface IRoleManagementAppService
+{
+ ///
+ /// 获取所有角色列表
+ ///
+ /// 角色列表
+ Task> GetAllRolesAsync();
+
+ ///
+ /// 根据ID获取角色
+ ///
+ /// 角色ID
+ /// 角色信息
+ Task GetRoleByIdAsync(Guid roleId);
+
+ ///
+ /// 创建新角色
+ ///
+ /// 角色创建数据传输对象
+ /// 创建的角色信息
+ Task CreateRoleAsync(RoleCreateDto createDto);
+
+ ///
+ /// 更新角色信息
+ ///
+ /// 角色ID
+ /// 角色更新数据传输对象
+ /// 更新后的角色信息
+ Task UpdateRoleAsync(Guid roleId, RoleUpdateDto updateDto);
+
+ ///
+ /// 删除角色
+ ///
+ /// 角色ID
+ /// 删除操作结果
+ Task DeleteRoleAsync(Guid roleId);
+
+ ///
+ /// 为角色分配权限
+ ///
+ /// 角色ID
+ /// 权限ID列表
+ /// 分配操作结果
+ Task AssignPermissionsToRoleAsync(Guid roleId, IEnumerable permissionIds);
+
+ ///
+ /// 移除角色的权限
+ ///
+ /// 角色ID
+ /// 权限ID列表
+ /// 移除操作结果
+ Task RemovePermissionsFromRoleAsync(Guid roleId, IEnumerable permissionIds);
+
+ ///
+ /// 获取角色的所有权限
+ ///
+ /// 角色ID
+ /// 权限列表
+ Task> GetRolePermissionsAsync(Guid roleId);
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/PermissionManagement/Services/PermissionCheckService.cs b/backend/src/UniversalAdminSystem.Application/PermissionManagement/Services/PermissionCheckService.cs
new file mode 100644
index 0000000..022244f
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/PermissionManagement/Services/PermissionCheckService.cs
@@ -0,0 +1,349 @@
+using UniversalAdminSystem.Application.PermissionManagement.Interfaces;
+using UniversalAdminSystem.Domian.PermissionManagement.IRepository;
+using UniversalAdminSystem.Domian.UserManagement.IRepository;
+using UniversalAdminSystem.Domian.PermissionManagement.ValueObjects;
+
+namespace UniversalAdminSystem.Application.PermissionManagement.Services;
+
+///
+/// 权限检查服务实现
+/// 提供用户权限验证的具体逻辑
+///
+public class PermissionCheckService : IPermissionCheckService
+{
+ private readonly IUserRepository _userRepository;
+ private readonly IRoleRepository _roleRepository;
+ private readonly IPermissionRepository _permissionRepository;
+
+ public PermissionCheckService(
+ IUserRepository userRepository,
+ IRoleRepository roleRepository,
+ IPermissionRepository permissionRepository)
+ {
+ _userRepository = userRepository;
+ _roleRepository = roleRepository;
+ _permissionRepository = permissionRepository;
+ }
+
+ public async Task CheckUserPermissionAsync(Guid userId, string permissionCode)
+ {
+ try
+ {
+ var user = await _userRepository.GetByGuidAsync(userId);
+ if (user == null || user.RoleId == null) return false;
+ var role = await _roleRepository.GetByGuidAsync(user.RoleId.Value);
+ if (role == null) return false;
+ var permission = await _permissionRepository.GetByCodeAsync(PermissionCode.Create(permissionCode));
+ if (permission == null) return false;
+
+ Console.WriteLine($"检查权限: {permissionCode}");
+ Console.WriteLine($"角色权限数量: {role.Permissions.Count}");
+
+ // 打印角色拥有的所有权限
+ foreach (var perm in role.Permissions)
+ {
+ Console.WriteLine($"角色权限: {perm.Code} (类型: {perm.Code.GetType().Name})");
+ }
+
+ // 修复比较逻辑:使用值对象比较
+ var hasPermission = role.Permissions.Any(p => p.Code == PermissionCode.Create(permissionCode));
+ Console.WriteLine($"权限检查结果: {hasPermission}");
+
+ return hasPermission;
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine($"权限检查错误: {ex.Message}");
+ return false;
+ }
+ }
+
+ ///
+ /// 检查用户是否有任意一个指定权限
+ ///
+ public async Task CheckUserAnyPermissionAsync(Guid userId, IEnumerable permissionCodes)
+ {
+ foreach (var permissionCode in permissionCodes)
+ {
+ if (await CheckUserPermissionAsync(userId, permissionCode)) return true;
+ }
+ return false;
+ }
+
+ ///
+ /// 检查用户是否有所有指定权限
+ ///
+ public async Task CheckUserAllPermissionsAsync(Guid userId, IEnumerable permissionCodes)
+ {
+ foreach (var permissionCode in permissionCodes)
+ {
+ if (!await CheckUserPermissionAsync(userId, permissionCode)) return false;
+ }
+ return true;
+ }
+
+ ///
+ /// 获取用户的所有权限编码
+ ///
+ public async Task> GetUserPermissionsAsync(Guid userId)
+ {
+ try
+ {
+ if (userId == Guid.Empty) throw new ArgumentException("用户ID为空", nameof(userId));
+ var user = await _userRepository.GetByGuidAsync(userId) ?? throw new InvalidOperationException("用户不存在");
+ if (user.RoleId == null) return Enumerable.Empty();
+ var role = await _roleRepository.GetByGuidAsync(user.RoleId.Value) ?? throw new InvalidDataException("用户角色不存在");
+ return role.Permissions.Select(p => p.Code.Value);
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine($"获取用户权限错误: {ex.Message}");
+ return Enumerable.Empty();
+ }
+ }
+
+ ///
+ /// 获取用户的所有角色
+ ///
+ public async Task> GetUserRoleAsync(Guid userId)
+ {
+ try
+ {
+ var user = await _userRepository.GetByGuidAsync(userId);
+ if (user == null) return Enumerable.Empty();
+ if (user.RoleId == null) return Enumerable.Empty();
+ var role = await _roleRepository.GetByGuidAsync(user.RoleId.Value);
+ if (role == null) return Enumerable.Empty();
+ return new[] { role.Name.Value };
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine($"获取用户角色错误: {ex.Message}");
+ return Enumerable.Empty();
+ }
+ }
+
+ ///
+ /// 检查用户是否有菜单访问权限
+ ///
+ public async Task CheckMenuPermissionAsync(Guid userId, string? menuPermissionCode)
+ {
+ // 如果菜单没有设置权限要求,则所有用户都可以访问
+ if (string.IsNullOrEmpty(menuPermissionCode))
+ {
+ return true;
+ }
+
+ return await CheckUserPermissionAsync(userId, menuPermissionCode);
+ }
+
+ ///
+ /// 检查用户是否有文件访问权限
+ ///
+ public async Task CheckFilePermissionAsync(Guid userId, string fileAccessLevel, Guid? fileOwnerId = null)
+ {
+ try
+ {
+ // 超级管理员可以访问所有文件
+ if (await IsSuperAdminAsync(userId))
+ {
+ return true;
+ }
+
+ // 管理员可以访问除超级管理员文件外的所有文件
+ if (await IsAdminAsync(userId))
+ {
+ if (fileOwnerId.HasValue)
+ {
+ var fileOwner = await _userRepository.GetByGuidAsync(fileOwnerId.Value);
+ return fileOwner == null || !await IsSuperAdminAsync(fileOwnerId.Value);
+ }
+ return true;
+ }
+
+ // 普通用户只能访问自己的文件或公开文件
+ switch (fileAccessLevel.ToLower())
+ {
+ case "public":
+ return true;
+ case "private":
+ return fileOwnerId.HasValue && fileOwnerId.Value == userId;
+ case "restricted":
+ return false;
+ default:
+ return false;
+ }
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine($"文件权限检查错误: {ex.Message}");
+ return false;
+ }
+ }
+
+ ///
+ /// 检查用户是否有日志查看权限
+ ///
+ public async Task CheckLogPermissionAsync(Guid userId, string logLevel)
+ {
+ try
+ {
+ // 超级管理员可以查看所有日志
+ if (await IsSuperAdminAsync(userId))
+ {
+ return true;
+ }
+
+ // 管理员可以查看除系统级日志外的所有日志
+ if (await IsAdminAsync(userId))
+ {
+ return logLevel.ToLower() != "system";
+ }
+
+ // 普通用户只能查看基本日志
+ return logLevel.ToLower() == "basic" || logLevel.ToLower() == "info";
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine($"日志权限检查错误: {ex.Message}");
+ return false;
+ }
+ }
+
+ ///
+ /// 检查用户是否有系统设置管理权限
+ ///
+ public async Task CheckSystemSettingPermissionAsync(Guid userId, string settingKey)
+ {
+ try
+ {
+ // 超级管理员可以管理所有设置
+ if (await IsSuperAdminAsync(userId))
+ {
+ return true;
+ }
+
+ // 管理员可以管理除系统核心设置外的所有设置
+ if (await IsAdminAsync(userId))
+ {
+ var restrictedSettings = new[] { "system.core", "security", "database" };
+ return !restrictedSettings.Any(s => settingKey.StartsWith(s));
+ }
+
+ // 普通用户只能查看基本设置
+ var basicSettings = new[] { "ui", "theme", "language" };
+ return basicSettings.Any(s => settingKey.StartsWith(s));
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine($"系统设置权限检查错误: {ex.Message}");
+ return false;
+ }
+ }
+
+
+ ///
+ /// 检查用户是否为超级管理员
+ ///
+ public async Task IsSuperAdminAsync(Guid userId)
+ {
+ try
+ {
+ var permissions = await GetUserPermissionsAsync(userId);
+ return permissions.Any(p => p.Contains("super") || p.Contains("system"));
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine($"超级管理员检查错误: {ex.Message}");
+ return false;
+ }
+ }
+
+ ///
+ /// 检查用户是否为管理员
+ ///
+ public async Task IsAdminAsync(Guid userId)
+ {
+ try
+ {
+ var user = await _userRepository.GetByGuidAsync(userId);
+ if (user == null || user.RoleId == null) return false;
+ var role = await _roleRepository.GetByGuidAsync(user.RoleId.Value);
+ if (role == null) return false;
+ return role.IsSupper;
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine($"管理员检查错误: {ex.Message}");
+ return false;
+ }
+ }
+
+ ///
+ /// 获取用户可访问的菜单权限列表
+ ///
+ public async Task> GetUserMenuPermissionsAsync(Guid userId)
+ {
+ try
+ {
+ var allPermissions = await GetUserPermissionsAsync(userId);
+ return allPermissions.Where(p => p.StartsWith("menu:"));
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine($"获取菜单权限错误: {ex.Message}");
+ return Enumerable.Empty();
+ }
+ }
+
+ ///
+ /// 获取用户可访问的文件权限列表
+ ///
+ public async Task> GetUserFilePermissionsAsync(Guid userId)
+ {
+ try
+ {
+ var allPermissions = await GetUserPermissionsAsync(userId);
+ return allPermissions.Where(p => p.StartsWith("file:"));
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine($"获取文件权限错误: {ex.Message}");
+ return Enumerable.Empty();
+ }
+ }
+
+ ///
+ /// 获取用户可访问的日志权限列表
+ ///
+ public async Task> GetUserLogPermissionsAsync(Guid userId)
+ {
+ try
+ {
+ var allPermissions = await GetUserPermissionsAsync(userId);
+ return allPermissions.Where(p => p.StartsWith("log:"));
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine($"获取日志权限错误: {ex.Message}");
+ return Enumerable.Empty();
+ }
+ }
+
+ ///
+ /// 获取用户可访问的系统设置权限列表
+ ///
+ public async Task> GetUserSystemSettingPermissionsAsync(Guid userId)
+ {
+ try
+ {
+ var allPermissions = await GetUserPermissionsAsync(userId);
+ return allPermissions.Where(p => p.StartsWith("setting:"));
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine($"获取系统设置权限错误: {ex.Message}");
+ return Enumerable.Empty();
+ }
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/PermissionManagement/Services/PermissionManagementAppService.cs b/backend/src/UniversalAdminSystem.Application/PermissionManagement/Services/PermissionManagementAppService.cs
new file mode 100644
index 0000000..f6b7ee2
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/PermissionManagement/Services/PermissionManagementAppService.cs
@@ -0,0 +1,141 @@
+using UniversalAdminSystem.Application.Common.Interfaces;
+using UniversalAdminSystem.Application.PermissionManagement.DTOs;
+using UniversalAdminSystem.Application.PermissionManagement.Interfaces;
+using UniversalAdminSystem.Domian.PermissionManagement.Aggregate;
+using UniversalAdminSystem.Domian.PermissionManagement.Interfaces;
+using UniversalAdminSystem.Domian.PermissionManagement.IRepository;
+using UniversalAdminSystem.Domian.PermissionManagement.ValueObjects;
+
+namespace UniversalAdminSystem.Application.PermissionManagement.Services;
+
+///
+/// 权限管理应用服务实现
+/// 提供权限的创建、查询、分配等业务操作的具体实现
+///
+public class PermissionManagementAppService : IPermissionManagementAppService
+{
+ private readonly IUnitOfWork _unitOfWork;
+ private readonly IPermissionRepository _permissionRepository;
+ private readonly IRoleRepository _roleRepository;
+ private readonly IAssignPermissionDomainService _assignPermissionDomainService;
+
+ public PermissionManagementAppService(
+ IUnitOfWork unitOfWork,
+ IPermissionRepository permissionRepository,
+ IRoleRepository roleRepository,
+ IAssignPermissionDomainService assignPermissionDomainService
+ )
+ {
+ _unitOfWork = unitOfWork;
+ _permissionRepository = permissionRepository;
+ _roleRepository = roleRepository;
+ _assignPermissionDomainService = assignPermissionDomainService;
+ }
+
+ ///
+ /// 为角色分配权限
+ ///
+ public async Task AssignPermissionToRoleAsync(AssignPermissionDto assignDto)
+ {
+ try
+ {
+ await _unitOfWork.BeginTransactionAsync();
+ var permission = await _permissionRepository.GetByCodeAsync((PermissionCode)assignDto.PermissionCode)
+ ?? throw new KeyNotFoundException("未找到对应的权限");
+ var role = await _roleRepository.GetByGuidAsync(assignDto.RoleId)
+ ?? throw new KeyNotFoundException("未找到对应的角色");
+ var state = _assignPermissionDomainService.AssignPermission(permission, role);
+ if (state)
+ {
+ await _roleRepository.Update(role);
+
+ }
+ await _unitOfWork.CommitAsync();
+ }
+ catch (KeyNotFoundException)
+ {
+ await _unitOfWork.RollbackAsync();
+ throw;
+ }
+ }
+
+ ///
+ /// 创建新权限
+ ///
+ public async Task CreatePermissionAsync(PermissionCreateDto createDto)
+ {
+ try
+ {
+ if (!Enum.IsDefined(typeof(PermissionAction), createDto.ActionValue))
+ {
+ throw new InvalidOperationException($"无效的操作类型值: {createDto.ActionValue}");
+ }
+ PermissionAction enumValue = (PermissionAction)createDto.ActionValue;
+ // 检查权限代码是否已存在
+ var existingPermission = await _permissionRepository.GetByCodeAsync(PermissionCode.Create($"{createDto.Resource}:{enumValue}"));
+ if (existingPermission != null)
+ {
+ throw new InvalidOperationException($"权限代码 '{createDto.Resource}:{enumValue}' 已存在,无法创建重复权限");
+ }
+
+ // 开启事务
+ await _unitOfWork.BeginTransactionAsync();
+
+ // 创建权限并保存
+ var permission = Permission.CreateStandardPermission(
+ createDto.Name,
+ createDto.Resource,
+ createDto.ActionValue,
+ createDto.Description
+ );
+
+ try
+ {
+ var savedPermission = await _permissionRepository.AddAsync(permission);
+ await _unitOfWork.CommitAsync();
+ return new PermissionDto(
+ savedPermission.Name,
+ savedPermission.Code,
+ savedPermission.Description!
+ );
+ }
+ catch (System.Exception ex)
+ {
+ throw new InvalidOperationException(ex.Message);
+ }
+ }
+ catch (System.Exception ex)
+ {
+ await _unitOfWork.RollbackAsync();
+ throw new InvalidOperationException(ex.Message);
+ }
+ }
+
+ ///
+ /// 获取所有权限列表
+ ///
+ public async Task> GetAllPermissionAsync()
+ {
+ var permissions = await _permissionRepository.GetAllAsync();
+ var permissionList = permissions.Select(p => new PermissionDto(p.Name, p.Code, p.Description!));
+ return permissionList;
+ }
+
+ ///
+ /// 删除权限
+ ///
+ public async Task RemovePermissionAsync(Guid permissionId)
+ {
+ try
+ {
+ await _unitOfWork.BeginTransactionAsync();
+ await _permissionRepository.RemoveAsync(permissionId);
+ await _unitOfWork.CommitAsync();
+ }
+ catch (System.Exception ex)
+ {
+ await _unitOfWork.RollbackAsync();
+ throw new System.Exception(ex.Message);
+ }
+ }
+}
diff --git a/backend/src/UniversalAdminSystem.Application/PermissionManagement/Services/RoleManagementAppService.cs b/backend/src/UniversalAdminSystem.Application/PermissionManagement/Services/RoleManagementAppService.cs
new file mode 100644
index 0000000..2603384
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/PermissionManagement/Services/RoleManagementAppService.cs
@@ -0,0 +1,301 @@
+using UniversalAdminSystem.Application.Common.Interfaces;
+using UniversalAdminSystem.Application.PermissionManagement.DTOs;
+using UniversalAdminSystem.Application.PermissionManagement.Interfaces;
+using UniversalAdminSystem.Domian.PermissionManagement.Aggregate;
+using UniversalAdminSystem.Domian.PermissionManagement.IRepository;
+using UniversalAdminSystem.Domian.PermissionManagement.ValueObjects;
+
+namespace UniversalAdminSystem.Application.PermissionManagement.Services;
+
+///
+/// 角色管理应用服务实现
+/// 提供角色的创建、查询、更新、删除等业务操作的具体实现
+///
+public class RoleManagementAppService : IRoleManagementAppService
+{
+ private readonly IUnitOfWork _unitOfWork;
+ private readonly IRoleRepository _roleRepository;
+ private readonly IPermissionRepository _permissionRepository;
+
+ public RoleManagementAppService(
+ IUnitOfWork unitOfWork,
+ IRoleRepository roleRepository,
+ IPermissionRepository permissionRepository)
+ {
+ _unitOfWork = unitOfWork;
+ _roleRepository = roleRepository;
+ _permissionRepository = permissionRepository;
+ }
+
+ ///
+ /// 获取所有角色列表
+ ///
+ public async Task> GetAllRolesAsync()
+ {
+ try
+ {
+ var roles = await _roleRepository.GetAllRolesWithPermissionsAsync();
+ return roles.Select(r => new RoleDto(
+ r.RoleId,
+ r.Name,
+ r.Description ?? string.Empty,
+ r.IsSystem,
+ r.IsSupper,
+ r.CreateTime,
+ r.UpdateTime,
+ r.PermissionCount
+ ));
+ }
+ catch (Exception ex)
+ {
+ throw new InvalidOperationException($"获取角色列表失败: {ex.Message}");
+ }
+ }
+
+ ///
+ /// 根据ID获取角色
+ ///
+ public async Task GetRoleByIdAsync(Guid roleId)
+ {
+ try
+ {
+ var role = await _roleRepository.GetRoleWithPermissionsAsync(roleId);
+ if (role == null) return null;
+
+ return new RoleDto(
+ role.RoleId,
+ role.Name,
+ role.Description ?? string.Empty,
+ role.IsSystem,
+ role.IsSupper,
+ role.CreateTime,
+ role.UpdateTime,
+ role.PermissionCount
+ );
+ }
+ catch (Exception ex)
+ {
+ throw new InvalidOperationException($"获取角色失败: {ex.Message}");
+ }
+ }
+
+ ///
+ /// 创建新角色
+ ///
+ public async Task CreateRoleAsync(RoleCreateDto createDto)
+ {
+ try
+ {
+ await _unitOfWork.BeginTransactionAsync();
+
+ // 检查角色名称是否已存在
+ if (await _roleRepository.ExistsAsync(createDto.Name))
+ {
+ throw new InvalidOperationException($"角色名称 '{createDto.Name}' 已存在");
+ }
+
+ // 创建角色
+ var role = Role.Create(
+ createDto.Name,
+ createDto.Description,
+ false,
+ createDto.IsSupper
+ );
+
+ var savedRole = await _roleRepository.AddAsync(role);
+ await _unitOfWork.CommitAsync();
+
+ return new RoleDto(
+ savedRole.RoleId,
+ savedRole.Name,
+ savedRole.Description,
+ savedRole.IsSystem,
+ savedRole.IsSupper,
+ savedRole.CreateTime,
+ savedRole.UpdateTime
+ );
+ }
+ catch (Exception ex)
+ {
+ await _unitOfWork.RollbackAsync();
+ throw new InvalidOperationException($"创建角色失败: {ex.Message}");
+ }
+ }
+
+ ///
+ /// 更新角色信息
+ ///
+ public async Task UpdateRoleAsync(Guid roleId, RoleUpdateDto updateDto)
+ {
+ try
+ {
+ await _unitOfWork.BeginTransactionAsync();
+
+ var role = await _roleRepository.GetByGuidAsync(roleId);
+ if (role == null)
+ {
+ throw new KeyNotFoundException($"角色ID '{roleId}' 不存在");
+ }
+
+ // 检查是否为系统角色
+ if (role.IsSystem)
+ {
+ throw new InvalidOperationException("系统角色不允许修改");
+ }
+
+ // 检查角色名称是否已存在(排除当前角色)
+ var existingRole = await _roleRepository.GetByNameAsync(updateDto.Name);
+ if (existingRole != null && existingRole.RoleId != roleId)
+ {
+ throw new InvalidOperationException($"角色名称 '{updateDto.Name}' 已存在");
+ }
+
+ // 更新角色信息
+ role.SetName(updateDto.Name);
+ role.SetDescription(updateDto.Description);
+
+ await _roleRepository.Update(role);
+ await _unitOfWork.CommitAsync();
+
+ return new RoleDto(
+ role.RoleId,
+ role.Name,
+ role.Description,
+ role.IsSystem,
+ role.IsSupper,
+ role.CreateTime,
+ role.UpdateTime
+ );
+ }
+ catch (Exception ex)
+ {
+ await _unitOfWork.RollbackAsync();
+ throw new InvalidOperationException($"更新角色失败: {ex.Message}");
+ }
+ }
+
+ ///
+ /// 删除角色
+ ///
+ public async Task DeleteRoleAsync(Guid roleId)
+ {
+ try
+ {
+ await _unitOfWork.BeginTransactionAsync();
+
+ var role = await _roleRepository.GetByGuidAsync(roleId);
+ if (role == null)
+ {
+ throw new KeyNotFoundException($"角色ID '{roleId}' 不存在");
+ }
+
+ // 检查是否为系统角色
+ if (role.IsSystem)
+ {
+ throw new InvalidOperationException("系统角色不允许删除");
+ }
+
+ // 检查是否为超级管理员角色
+ if (role.IsSupper)
+ {
+ throw new InvalidOperationException("超级管理员角色不允许删除");
+ }
+
+ await _roleRepository.RemoveAsync(roleId);
+ await _unitOfWork.CommitAsync();
+ }
+ catch (Exception ex)
+ {
+ await _unitOfWork.RollbackAsync();
+ throw new InvalidOperationException($"删除角色失败: {ex.Message}");
+ }
+ }
+
+ ///
+ /// 为角色分配权限
+ ///
+ public async Task AssignPermissionsToRoleAsync(Guid roleId, IEnumerable permissionIds)
+ {
+ try
+ {
+ await _unitOfWork.BeginTransactionAsync();
+
+ var role = await _roleRepository.GetByGuidAsync(roleId);
+ if (role == null)
+ {
+ throw new KeyNotFoundException($"角色ID '{roleId}' 不存在");
+ }
+
+ // 验证权限是否存在
+ var permissions = await _permissionRepository.GetByIdsAsync(permissionIds);
+ var validPermissionIds = permissions.Select(p => p.PermissionId).ToHashSet();
+ var invalidPermissionIds = permissionIds.Except(validPermissionIds).ToList();
+
+ if (invalidPermissionIds.Any())
+ {
+ throw new InvalidOperationException($"以下权限ID不存在: {string.Join(", ", invalidPermissionIds)}");
+ }
+
+ // 为角色分配权限(使用Permission实体)
+ role.AddPermissions(permissions);
+
+ await _roleRepository.Update(role);
+ await _unitOfWork.CommitAsync();
+ }
+ catch (Exception ex)
+ {
+ await _unitOfWork.RollbackAsync();
+ throw new InvalidOperationException($"为角色分配权限失败: {ex.Message}");
+ }
+ }
+
+ ///
+ /// 移除角色的权限
+ ///
+ public async Task RemovePermissionsFromRoleAsync(Guid roleId, IEnumerable permissionIds)
+ {
+ try
+ {
+ await _unitOfWork.BeginTransactionAsync();
+
+ var role = await _roleRepository.GetByGuidAsync(roleId);
+ if (role == null)
+ {
+ throw new KeyNotFoundException($"角色ID '{roleId}' 不存在");
+ }
+
+ // 获取要移除的权限实体
+ var permissionsToRemove = await _permissionRepository.GetByIdsAsync(permissionIds);
+
+ // 移除角色权限(使用Permission实体)
+ role.RemovePermissions(permissionsToRemove);
+
+ await _roleRepository.Update(role);
+ await _unitOfWork.CommitAsync();
+ }
+ catch (Exception ex)
+ {
+ await _unitOfWork.RollbackAsync();
+ throw new InvalidOperationException($"移除角色权限失败: {ex.Message}");
+ }
+ }
+
+ ///
+ /// 获取角色的所有权限
+ ///
+ public async Task> GetRolePermissionsAsync(Guid roleId)
+ {
+ var role = await _roleRepository.GetByGuidAsync(roleId);
+ if (role == null)
+ {
+ throw new KeyNotFoundException($"角色ID '{roleId}' 不存在");
+ }
+
+ // 直接使用角色的权限导航属性
+ return role.Permissions.Select(p => new PermissionDto(
+ p.Name,
+ p.Code,
+ p.Description ?? string.Empty
+ ));
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/SystemSettings/DTOs/SystemSettingDto.cs b/backend/src/UniversalAdminSystem.Application/SystemSettings/DTOs/SystemSettingDto.cs
new file mode 100644
index 0000000..fc2982d
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/SystemSettings/DTOs/SystemSettingDto.cs
@@ -0,0 +1,23 @@
+namespace UniversalAdminSystem.Application.SystemSettings.DTOs;
+
+public record SystemSettingDto(
+ Guid Id,
+ string Key,
+ string Value,
+ string? Description,
+ string? Group,
+ DateTime CreateTime,
+ DateTime UpdateTime
+);
+
+public record SystemSettingCreateDto(
+ string Key,
+ string Value,
+ string? Description = null,
+ string? Group = null
+);
+
+public record SystemSettingUpdateDto(
+ string Value,
+ string? Description = null
+);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/SystemSettings/Interfaces/ISystemSettingAppService.cs b/backend/src/UniversalAdminSystem.Application/SystemSettings/Interfaces/ISystemSettingAppService.cs
new file mode 100644
index 0000000..1fa2935
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/SystemSettings/Interfaces/ISystemSettingAppService.cs
@@ -0,0 +1,37 @@
+using UniversalAdminSystem.Application.SystemSettings.DTOs;
+using UniversalAdminSystem.Application.Common.Results;
+
+namespace UniversalAdminSystem.Application.SystemSettings.Interfaces;
+
+public interface ISystemSettingAppService
+{
+ ///
+ /// 获取所有系统设置
+ ///
+ Task>> GetAllSettingsAsync();
+
+ ///
+ /// 根据键获取系统设置
+ ///
+ Task> GetSettingByKeyAsync(string key);
+
+ ///
+ /// 根据组获取系统设置
+ ///
+ Task>> GetSettingsByGroupAsync(string group);
+
+ ///
+ /// 创建系统设置
+ ///
+ Task> CreateSettingAsync(SystemSettingCreateDto createDto);
+
+ ///
+ /// 更新系统设置
+ ///
+ Task> UpdateSettingAsync(Guid id, SystemSettingUpdateDto updateDto);
+
+ ///
+ /// 删除系统设置
+ ///
+ Task DeleteSettingAsync(Guid id);
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/SystemSettings/Services/SystemSettingAppService.cs b/backend/src/UniversalAdminSystem.Application/SystemSettings/Services/SystemSettingAppService.cs
new file mode 100644
index 0000000..66951bc
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/SystemSettings/Services/SystemSettingAppService.cs
@@ -0,0 +1,154 @@
+using UniversalAdminSystem.Application.SystemSettings.DTOs;
+using UniversalAdminSystem.Application.SystemSettings.Interfaces;
+using UniversalAdminSystem.Domian.SystemSettings.Aggregates;
+using UniversalAdminSystem.Domian.Core.Interfaces;
+using UniversalAdminSystem.Application.Common.Results;
+using UniversalAdminSystem.Domian.SystemSettings.ValueObjects;
+using UniversalAdminSystem.Application.Common.Interfaces;
+
+namespace UniversalAdminSystem.Application.SystemSettings.Services;
+
+public class SystemSettingAppService : ISystemSettingAppService
+{
+ private readonly IRepository _settingRepository;
+ private readonly IUnitOfWork _unitOfWork;
+
+ public SystemSettingAppService(
+ IRepository settingRepository,
+ IUnitOfWork unitOfWork)
+ {
+ _settingRepository = settingRepository;
+ _unitOfWork = unitOfWork;
+ }
+
+ public async Task>> GetAllSettingsAsync()
+ {
+ try
+ {
+ var settings = await _settingRepository.GetAllAsync();
+ var settingDtos = settings.Select(MapToDto);
+ return Result>.Success(settingDtos);
+ }
+ catch (Exception ex)
+ {
+ return Result>.Failure($"获取系统设置失败: {ex.Message}");
+ }
+ }
+
+ public async Task> GetSettingByKeyAsync(string key)
+ {
+ try
+ {
+ var setting = (await _settingRepository.GetAllAsync()).FirstOrDefault(s => s.Key.Value == key);
+ if (setting == null)
+ {
+ return Result.Failure("设置不存在");
+ }
+
+ return Result.Success(MapToDto(setting));
+ }
+ catch (Exception ex)
+ {
+ return Result.Failure($"获取系统设置失败: {ex.Message}");
+ }
+ }
+
+ public async Task>> GetSettingsByGroupAsync(string group)
+ {
+ try
+ {
+ var settings = await _settingRepository.GetAllAsync();
+ var groupSettings = settings.Where(s => s.Key.Value.StartsWith(group));
+ var settingDtos = groupSettings.Select(MapToDto);
+ return Result>.Success(settingDtos);
+ }
+ catch (Exception ex)
+ {
+ return Result>.Failure($"获取系统设置失败: {ex.Message}");
+ }
+ }
+
+ public async Task> CreateSettingAsync(SystemSettingCreateDto createDto)
+ {
+ try
+ {
+ await _unitOfWork.BeginTransactionAsync();
+
+ var setting = SystemSetting.Create(
+ SettingKey.Create(createDto.Key),
+ SettingValue.Create(createDto.Value),
+ SettingDescription.Create(createDto.Description ?? "")
+ );
+
+ var savedSetting = await _settingRepository.AddAsync(setting);
+ await _unitOfWork.CommitAsync();
+
+ return Result.Success(MapToDto(savedSetting));
+ }
+ catch (Exception ex)
+ {
+ await _unitOfWork.RollbackAsync();
+ return Result.Failure($"创建系统设置失败: {ex.Message}");
+ }
+ }
+
+ public async Task> UpdateSettingAsync(Guid id, SystemSettingUpdateDto updateDto)
+ {
+ try
+ {
+ await _unitOfWork.BeginTransactionAsync();
+
+ var setting = await _settingRepository.GetByGuidAsync(id);
+ if (setting == null)
+ {
+ return Result.Failure("设置不存在");
+ }
+
+ setting.UpdateValue(SettingValue.Create(updateDto.Value));
+
+ await _settingRepository.Update(setting);
+ await _unitOfWork.CommitAsync();
+
+ return Result.Success(MapToDto(setting));
+ }
+ catch (Exception ex)
+ {
+ await _unitOfWork.RollbackAsync();
+ return Result.Failure($"更新系统设置失败: {ex.Message}");
+ }
+ }
+
+ public async Task DeleteSettingAsync(Guid id)
+ {
+ try
+ {
+ await _unitOfWork.BeginTransactionAsync();
+
+ var setting = await _settingRepository.GetByGuidAsync(id);
+ if (setting == null)
+ {
+ return Result.Failure("设置不存在");
+ }
+
+ await _settingRepository.RemoveAsync(id);
+ await _unitOfWork.CommitAsync();
+
+ return Result.Success("删除成功");
+ }
+ catch (Exception ex)
+ {
+ await _unitOfWork.RollbackAsync();
+ return Result.Failure($"删除系统设置失败: {ex.Message}");
+ }
+ }
+
+ private static SystemSettingDto MapToDto(SystemSetting s) => new(
+ s.Id,
+ s.Key.Value,
+ s.Value.Value,
+ s.Description?.Value,
+ s.Group,
+ s.CreateTime,
+ s.UpdateTime
+ );
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/UniversalAdminSystem.Application.csproj b/backend/src/UniversalAdminSystem.Application/UniversalAdminSystem.Application.csproj
new file mode 100644
index 0000000..3491141
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/UniversalAdminSystem.Application.csproj
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+ net8.0
+ enable
+ enable
+
+
+
diff --git a/backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserCreateDto.cs b/backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserCreateDto.cs
new file mode 100644
index 0000000..4c7fc36
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserCreateDto.cs
@@ -0,0 +1,18 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace UniversalAdminSystem.Application.UserManagement.Dtos;
+
+public record UserCreateDto(
+ [Required]
+ [MinLength(1)]
+ [MaxLength(20)]
+ string Account,
+
+ [Required]
+ [MinLength(6)]
+ [MaxLength(20)]
+ string Password,
+
+ [Required]
+ [EmailAddress]
+ string Email);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserDetailDto.cs b/backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserDetailDto.cs
new file mode 100644
index 0000000..3468760
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserDetailDto.cs
@@ -0,0 +1,26 @@
+using UniversalAdminSystem.Domian.UserManagement.Entities;
+using UniversalAdminSystem.Domian.UserManagement.ValueObj;
+
+namespace UniversalAdminSystem.Application.UserManagement.Dtos;
+
+
+public record UserDetailDto
+{
+ public Guid Id { get; set; }
+ public string Account { get; set; }
+ public string Email { get; set; }
+ public UserStatus UserStatus { get; set; }
+
+ public string? RoleName { get; set; }
+ public UserInfo? UserInfo { get; set; }
+
+ public UserDetailDto(Guid id, string account, string email, UserStatus userStatus, UserInfo? userInfo = null, string? rolename = null)
+ {
+ Id = id;
+ Account = account;
+ Email = email;
+ UserStatus = userStatus;
+ RoleName = rolename;
+ UserInfo = userInfo;
+ }
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserDto.cs b/backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserDto.cs
new file mode 100644
index 0000000..f8151c8
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserDto.cs
@@ -0,0 +1,24 @@
+using UniversalAdminSystem.Domian.UserManagement.ValueObj;
+
+namespace UniversalAdminSystem.Application.UserManagement.Dtos;
+
+public record UserDto
+{
+ public Guid Id { get; set; }
+ public string Account { get; set; }
+ public string Email { get; set; }
+ public UserStatus UserStatus { get; set; }
+
+ public string? RoleName { get; set; }
+
+
+ public UserDto(Guid id, string account, string email, UserStatus userStatus, string? rolename = null)
+ {
+ Id = id;
+ Account = account;
+ Email = email;
+ UserStatus = userStatus;
+ RoleName = rolename;
+ }
+}
+
diff --git a/backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserUpdateDto.cs b/backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserUpdateDto.cs
new file mode 100644
index 0000000..b4a34fc
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/UserManagement/Dtos/UserUpdateDto.cs
@@ -0,0 +1,8 @@
+namespace UniversalAdminSystem.Application.UserManagement.Dtos;
+
+public record UserUpdateDto(
+ string Account,
+ string Email,
+ int StatusCode,
+ string? Password = null
+);
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/UserManagement/Interface/IPasswordHelper.cs b/backend/src/UniversalAdminSystem.Application/UserManagement/Interface/IPasswordHelper.cs
new file mode 100644
index 0000000..af0c2c0
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/UserManagement/Interface/IPasswordHelper.cs
@@ -0,0 +1,11 @@
+namespace UniversalAdminSystem.Application.UserManagement.Interface;
+
+public interface IPasswordHelper
+{
+
+ (string hashedPassword, string salt) HashPasswordWithSeparateSalt(string password);
+ bool VerifyPasswordWithSeparateSalt(
+ string password,
+ string storedHashedPassword,
+ string storedSalt);
+}
\ No newline at end of file
diff --git a/backend/src/UniversalAdminSystem.Application/UserManagement/Interface/IUserManagementAppService.cs b/backend/src/UniversalAdminSystem.Application/UserManagement/Interface/IUserManagementAppService.cs
new file mode 100644
index 0000000..376a00a
--- /dev/null
+++ b/backend/src/UniversalAdminSystem.Application/UserManagement/Interface/IUserManagementAppService.cs
@@ -0,0 +1,77 @@
+using UniversalAdminSystem.Application.Common.Results;
+using UniversalAdminSystem.Application.UserManagement.Dtos;
+
+namespace UniversalAdminSystem.Application.UserManagement.Interface;
+
+///
+/// 用户管理应用服务接口
+/// 提供用户的基本CRUD操作和权限管理功能
+///
+public interface IUserManagementAppService
+{
+ ///
+ /// 获取所有用户列表
+ ///
+ /// 用户列表
+ Task>> GetUsersAsync();
+
+ ///
+ /// 创建新用户
+ ///
+ /// 用户创建数据传输对象
+ /// 创建的用户信息
+ Task> CreateUserAsync(UserCreateDto createDto);
+
+ ///
+ /// 删除用户
+ ///
+ /// 用户ID
+ /// 删除操作结果
+ Task DeleteUserAsync(Guid id);
+
+ ///
+ /// 获取用户详情
+ ///
+ /// 用户ID
+ /// 用户详情
+ Task> GetUserByIdAsync(Guid userId);
+
+ ///
+ /// 更新用户信息
+ ///
+ /// 用户ID
+ /// 用户更新数据传输对象
+ /// 更新操作结果
+ Task UpdateUserAsync(Guid userId, UserUpdateDto updateDto);
+
+ ///
+ /// 为用户分配角色
+ ///
+ /// 用户ID
+ /// 角色ID列表
+ /// 分配操作结果
+ Task AssignRoleAsync(Guid userId, List roleIds);
+
+ ///
+ /// 移除用户角色
+ ///
+ /// 用户ID
+ /// 角色ID
+ /// 移除操作结果
+ Task RemoveRoleAsync(Guid userId, Guid roleId);
+
+ ///