diff --git a/.env.example b/.env.example
index ec34523b416f003159509cf039ba40b3dd7f2329..f08c4a0fefdb105f090b9d0c6e8dab7557660c92 100644
--- a/.env.example
+++ b/.env.example
@@ -31,6 +31,14 @@ JobKeys__2=RedisServiceCheckJob
ExpirationSettings__NotifyDaysBefore=3
ExpirationSettings__CheckIntervalMinutes=5
+# Idempotency
+Idempotency__Enabled=true
+Idempotency__EnforceKey=false
+Idempotency__MaxKeyLength=128
+Idempotency__InProgressTtlSeconds=120
+Idempotency__CompletedTtlHours=24
+Idempotency__PersistFailureResponse=false
+
# Mail service
Mail__Enabled=false
Mail__Host=smtp.example.com
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000000000000000000000000000000000000..239c7996e69bbf7e22a461e468b556d102a24ea0
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,18 @@
+# Normalize text files and keep line endings consistent in the repository.
+* text=auto eol=lf
+
+# Keep Windows command scripts in CRLF for best compatibility.
+*.bat text eol=crlf
+*.cmd text eol=crlf
+
+# Common binary assets.
+*.png binary
+*.jpg binary
+*.jpeg binary
+*.gif binary
+*.ico binary
+*.pdf binary
+*.zip binary
+*.7z binary
+*.dll binary
+*.exe binary
diff --git a/EOM.TSHotelManagement.API/Authorization/CustomAuthorizationMiddlewareResultHandler.cs b/EOM.TSHotelManagement.API/Authorization/CustomAuthorizationMiddlewareResultHandler.cs
index 729578de7f426b183fc4c7d38213900e3cbc7201..b952fc362644e766dcc0abadc1669efbd8af623f 100644
--- a/EOM.TSHotelManagement.API/Authorization/CustomAuthorizationMiddlewareResultHandler.cs
+++ b/EOM.TSHotelManagement.API/Authorization/CustomAuthorizationMiddlewareResultHandler.cs
@@ -16,7 +16,7 @@ namespace EOM.TSHotelManagement.WebApi.Authorization
{
if (authorizeResult.Challenged || authorizeResult.Forbidden)
{
- var response = new BaseResponse(BusinessStatusCode.Unauthorized,
+ var response = new BaseResponse(BusinessStatusCode.PermissionDenied,
LocalizationHelper.GetLocalizedString("PermissionDenied", "该账户缺少权限,请联系管理员添加"));
context.Response.StatusCode = StatusCodes.Status200OK;
@@ -35,4 +35,4 @@ namespace EOM.TSHotelManagement.WebApi.Authorization
await _defaultHandler.HandleAsync(next, context, policy, authorizeResult);
}
}
-}
\ No newline at end of file
+}
diff --git a/EOM.TSHotelManagement.API/Controllers/Application/NavBar/NavBarController.cs b/EOM.TSHotelManagement.API/Controllers/Application/NavBar/NavBarController.cs
index 55060f86f38bbe281bf880d5e787d70fed4000be..57b813db3841eda46cbef96b141570180b401a1b 100644
--- a/EOM.TSHotelManagement.API/Controllers/Application/NavBar/NavBarController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Application/NavBar/NavBarController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -28,7 +28,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 导航控件列表
///
///
- [RequirePermission("navbar.view")]
+ [RequirePermission("navbar.navbarlist")]
[HttpGet]
public ListOutputDto NavBarList()
{
@@ -39,7 +39,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("navbar.create")]
+ [RequirePermission("navbar.addnavbar")]
[HttpPost]
public BaseResponse AddNavBar([FromBody] CreateNavBarInputDto input)
{
@@ -50,7 +50,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("navbar.update")]
+ [RequirePermission("navbar.updatenavbar")]
[HttpPost]
public BaseResponse UpdateNavBar([FromBody] UpdateNavBarInputDto input)
{
@@ -61,7 +61,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("navbar.delete")]
+ [RequirePermission("navbar.deletenavbar")]
[HttpPost]
public BaseResponse DeleteNavBar([FromBody] DeleteNavBarInputDto input)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Business/Asset/AssetController.cs b/EOM.TSHotelManagement.API/Controllers/Business/Asset/AssetController.cs
index dc322ea2b8d6466a69e3cf25e647360ed8955932..b4f37412436d742b4dea294e6351366501c2e606 100644
--- a/EOM.TSHotelManagement.API/Controllers/Business/Asset/AssetController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Business/Asset/AssetController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -29,7 +29,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("internalfinance.create")]
+ [RequirePermission("internalfinance.addassetinfo")]
[HttpPost]
public BaseResponse AddAssetInfo([FromBody] CreateAssetInputDto asset)
{
@@ -40,7 +40,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询资产信息
///
///
- [RequirePermission("internalfinance.view")]
+ [RequirePermission("internalfinance.selectassetinfoall")]
[HttpGet]
public ListOutputDto SelectAssetInfoAll([FromQuery] ReadAssetInputDto asset)
{
@@ -52,7 +52,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("internalfinance.update")]
+ [RequirePermission("internalfinance.updassetinfo")]
[HttpPost]
public BaseResponse UpdAssetInfo([FromBody] UpdateAssetInputDto asset)
{
@@ -64,7 +64,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("internalfinance.delete")]
+ [RequirePermission("internalfinance.delassetinfo")]
[HttpPost]
public BaseResponse DelAssetInfo([FromBody] DeleteAssetInputDto asset)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Business/Customer/CustomerController.cs b/EOM.TSHotelManagement.API/Controllers/Business/Customer/CustomerController.cs
index 68cf567c87f89fa5ca7c9b36909fa9d6989c293c..67fb2b8fcd1e18ff33772c994b61949e1baeab45 100644
--- a/EOM.TSHotelManagement.API/Controllers/Business/Customer/CustomerController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Business/Customer/CustomerController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -29,7 +29,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("customer.create")]
+ [RequirePermission("customer.insertcustomerinfo")]
[HttpPost]
public BaseResponse InsertCustomerInfo([FromBody] CreateCustomerInputDto custo)
{
@@ -41,7 +41,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("customer.update")]
+ [RequirePermission("customer.updcustomerinfo")]
[HttpPost]
public BaseResponse UpdCustomerInfo([FromBody] UpdateCustomerInputDto custo)
{
@@ -53,7 +53,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("customer.delete")]
+ [RequirePermission("customer.delcustomerinfo")]
[HttpPost]
public BaseResponse DelCustomerInfo([FromBody] DeleteCustomerInputDto custo)
{
@@ -65,7 +65,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("customer.update")]
+ [RequirePermission("customer.updcustomertypebycustono")]
[HttpPost]
public BaseResponse UpdCustomerTypeByCustoNo([FromBody] UpdateCustomerInputDto updateCustomerInputDto)
{
@@ -76,7 +76,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询所有客户信息
///
///
- [RequirePermission("customer.view")]
+ [RequirePermission("customer.selectcustomers")]
[HttpGet]
public ListOutputDto SelectCustomers(ReadCustomerInputDto custo)
{
@@ -87,7 +87,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询指定客户信息
///
///
- [RequirePermission("customer.view")]
+ [RequirePermission("customer.selectcustobyinfo")]
[HttpGet]
public SingleOutputDto SelectCustoByInfo([FromQuery] ReadCustomerInputDto custo)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Business/EnergyManagement/EnergyManagementController.cs b/EOM.TSHotelManagement.API/Controllers/Business/EnergyManagement/EnergyManagementController.cs
index 4de9ff34804a6b72a61b939e16c59415b7aedfb3..8400acbc378046e457e51745b203296e497261e1 100644
--- a/EOM.TSHotelManagement.API/Controllers/Business/EnergyManagement/EnergyManagementController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Business/EnergyManagement/EnergyManagementController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -29,7 +29,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// Dto
/// 符合条件的水电费信息列表
- [RequirePermission("hydroelectricinformation.view")]
+ [RequirePermission("hydroelectricinformation.selectenergymanagementinfo")]
[HttpGet]
public ListOutputDto SelectEnergyManagementInfo([FromQuery] ReadEnergyManagementInputDto readEnergyManagementInputDto)
{
@@ -42,7 +42,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("hydroelectricinformation.create")]
+ [RequirePermission("hydroelectricinformation.insertenergymanagementinfo")]
[HttpPost]
public BaseResponse InsertEnergyManagementInfo([FromBody] CreateEnergyManagementInputDto w)
{
@@ -55,7 +55,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 包含要修改的数据,以及WtiNo作为查询条件
///
- [RequirePermission("hydroelectricinformation.update")]
+ [RequirePermission("hydroelectricinformation.updateenergymanagementinfo")]
[HttpPost]
public BaseResponse UpdateEnergyManagementInfo([FromBody] UpdateEnergyManagementInputDto w)
{
@@ -69,7 +69,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("hydroelectricinformation.delete")]
+ [RequirePermission("hydroelectricinformation.deleteenergymanagementinfo")]
[HttpPost]
public BaseResponse DeleteEnergyManagementInfo([FromBody] DeleteEnergyManagementInputDto deleteEnergyManagementInputDto)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Business/PromotionContent/PromotionContentController.cs b/EOM.TSHotelManagement.API/Controllers/Business/PromotionContent/PromotionContentController.cs
index 56fb09bfa186ef41bdd68bd68717a25d837532f8..df89586595bb7675671d2bf0b74cdbb3571437e9 100644
--- a/EOM.TSHotelManagement.API/Controllers/Business/PromotionContent/PromotionContentController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Business/PromotionContent/PromotionContentController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -28,7 +28,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询所有宣传联动内容
///
///
- [RequirePermission("promotioncontent.view")]
+ [RequirePermission("promotioncontent.selectpromotioncontentall")]
[HttpGet]
public ListOutputDto SelectPromotionContentAll([FromQuery] ReadPromotionContentInputDto readPromotionContentInputDto)
{
@@ -39,7 +39,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询所有宣传联动内容(跑马灯)
///
///
- [RequirePermission("promotioncontent.view")]
+ [RequirePermission("promotioncontent.selectpromotioncontents")]
[HttpGet]
public ListOutputDto SelectPromotionContents()
{
@@ -51,7 +51,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("promotioncontent.create")]
+ [RequirePermission("promotioncontent.addpromotioncontent")]
[HttpPost]
public BaseResponse AddPromotionContent([FromBody] CreatePromotionContentInputDto createPromotionContentInputDto)
{
@@ -63,7 +63,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("promotioncontent.delete")]
+ [RequirePermission("promotioncontent.deletepromotioncontent")]
[HttpPost]
public BaseResponse DeletePromotionContent([FromBody] DeletePromotionContentInputDto deletePromotionContentInputDto)
{
@@ -75,7 +75,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("promotioncontent.update")]
+ [RequirePermission("promotioncontent.updatepromotioncontent")]
[HttpPost]
public BaseResponse UpdatePromotionContent([FromBody] UpdatePromotionContentInputDto updatePromotionContentInputDto)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Business/Reser/ReserController.cs b/EOM.TSHotelManagement.API/Controllers/Business/Reser/ReserController.cs
index 0f0f0f9327363853978106018f37045202e33515..06d75583e318f4b0faaad149337566a5b0f1a28e 100644
--- a/EOM.TSHotelManagement.API/Controllers/Business/Reser/ReserController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Business/Reser/ReserController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -28,7 +28,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 获取所有预约信息
///
///
- [RequirePermission("resermanagement.view")]
+ [RequirePermission("resermanagement.selectreserall")]
[HttpGet]
public ListOutputDto SelectReserAll(ReadReserInputDto readReserInputDto)
{
@@ -40,7 +40,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("resermanagement.view")]
+ [RequirePermission("resermanagement.selectreserinfobyroomno")]
[HttpGet]
public SingleOutputDto SelectReserInfoByRoomNo([FromQuery] ReadReserInputDto readReserInputDto)
{
@@ -52,7 +52,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("resermanagement.delete")]
+ [RequirePermission("resermanagement.deletereserinfo")]
[HttpPost]
public BaseResponse DeleteReserInfo([FromBody] DeleteReserInputDto reser)
{
@@ -64,7 +64,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("resermanagement.update")]
+ [RequirePermission("resermanagement.updatereserinfo")]
[HttpPost]
public BaseResponse UpdateReserInfo([FromBody] UpdateReserInputDto r)
{
@@ -76,7 +76,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("resermanagement.create")]
+ [RequirePermission("resermanagement.inserreserinfo")]
[HttpPost]
public BaseResponse InserReserInfo([FromBody] CreateReserInputDto r)
{
@@ -87,7 +87,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询所有预约类型
///
///
- [RequirePermission("resermanagement.view")]
+ [RequirePermission("resermanagement.selectresertypeall")]
[HttpGet]
public ListOutputDto SelectReserTypeAll()
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Business/Room/RoomController.cs b/EOM.TSHotelManagement.API/Controllers/Business/Room/RoomController.cs
index 63796c000596bc0672ee8c78ea5286a086edeb48..5d85905d13667946ca0123b1bf49aa483c69651a 100644
--- a/EOM.TSHotelManagement.API/Controllers/Business/Room/RoomController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Business/Room/RoomController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -22,7 +22,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.view")]
+ [RequirePermission("roommanagement.selectroombyroomstate")]
[HttpGet]
public ListOutputDto SelectRoomByRoomState([FromQuery] ReadRoomInputDto inputDto)
{
@@ -33,7 +33,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 根据房间状态来查询可使用的房间
///
///
- [RequirePermission("roommanagement.view")]
+ [RequirePermission("roommanagement.selectcanuseroomall")]
[HttpGet]
public ListOutputDto SelectCanUseRoomAll()
{
@@ -44,7 +44,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 获取所有房间信息
///
///
- [RequirePermission("roommanagement.view")]
+ [RequirePermission("roommanagement.selectroomall")]
[HttpGet]
public ListOutputDto SelectRoomAll([FromQuery] ReadRoomInputDto readRoomInputDto)
{
@@ -56,7 +56,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.view")]
+ [RequirePermission("roommanagement.selectroombytypename")]
[HttpGet]
public ListOutputDto SelectRoomByTypeName([FromQuery] ReadRoomInputDto inputDto)
{
@@ -68,7 +68,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.view")]
+ [RequirePermission("roommanagement.selectroombyroomno")]
[HttpGet]
public SingleOutputDto SelectRoomByRoomNo([FromQuery] ReadRoomInputDto inputDto)
{
@@ -80,7 +80,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.view")]
+ [RequirePermission("roommanagement.daybyroomno")]
[HttpGet]
public SingleOutputDto DayByRoomNo([FromQuery] ReadRoomInputDto inputDto)
{
@@ -92,7 +92,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.update")]
+ [RequirePermission("roommanagement.updateroominfo")]
[HttpPost]
public BaseResponse UpdateRoomInfo([FromBody] UpdateRoomInputDto inputDto)
{
@@ -104,7 +104,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.update")]
+ [RequirePermission("roommanagement.updateroominfowithreser")]
[HttpPost]
public BaseResponse UpdateRoomInfoWithReser([FromBody] UpdateRoomInputDto inputDto)
{
@@ -115,7 +115,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询可入住房间数量
///
///
- [RequirePermission("roommanagement.view")]
+ [RequirePermission("roommanagement.selectcanuseroomallbyroomstate")]
[HttpGet]
public SingleOutputDto SelectCanUseRoomAllByRoomState()
{
@@ -126,7 +126,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询已入住房间数量
///
///
- [RequirePermission("roommanagement.view")]
+ [RequirePermission("roommanagement.selectnotuseroomallbyroomstate")]
[HttpGet]
public SingleOutputDto SelectNotUseRoomAllByRoomState()
{
@@ -138,7 +138,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.view")]
+ [RequirePermission("roommanagement.selectroombyroomprice")]
[HttpGet]
public object SelectRoomByRoomPrice([FromQuery] ReadRoomInputDto inputDto)
{
@@ -149,7 +149,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询脏房数量
///
///
- [RequirePermission("roommanagement.view")]
+ [RequirePermission("roommanagement.selectnotclearroomallbyroomstate")]
[HttpGet]
public SingleOutputDto SelectNotClearRoomAllByRoomState()
{
@@ -160,7 +160,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询维修房数量
///
///
- [RequirePermission("roommanagement.view")]
+ [RequirePermission("roommanagement.selectfixingroomallbyroomstate")]
[HttpGet]
public SingleOutputDto SelectFixingRoomAllByRoomState()
{
@@ -171,7 +171,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询预约房数量
///
///
- [RequirePermission("roommanagement.view")]
+ [RequirePermission("roommanagement.selectreservedroomallbyroomstate")]
[HttpGet]
public SingleOutputDto SelectReservedRoomAllByRoomState()
{
@@ -183,7 +183,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.update")]
+ [RequirePermission("roommanagement.updateroomstatebyroomno")]
[HttpPost]
public BaseResponse UpdateRoomStateByRoomNo([FromBody] UpdateRoomInputDto inputDto)
{
@@ -195,7 +195,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.create")]
+ [RequirePermission("roommanagement.insertroom")]
[HttpPost]
public BaseResponse InsertRoom([FromBody] CreateRoomInputDto inputDto)
{
@@ -207,7 +207,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.update")]
+ [RequirePermission("roommanagement.updateroom")]
[HttpPost]
public BaseResponse UpdateRoom([FromBody] UpdateRoomInputDto inputDto)
{
@@ -219,7 +219,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.delete")]
+ [RequirePermission("roommanagement.deleteroom")]
[HttpPost]
public BaseResponse DeleteRoom([FromBody] DeleteRoomInputDto inputDto)
{
@@ -231,7 +231,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.update")]
+ [RequirePermission("roommanagement.transferroom")]
[HttpPost]
public BaseResponse TransferRoom([FromBody] TransferRoomDto transferRoomDto)
{
@@ -243,7 +243,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.update")]
+ [RequirePermission("roommanagement.checkoutroom")]
[HttpPost]
public BaseResponse CheckoutRoom([FromBody] CheckoutRoomDto checkoutRoomDto)
{
@@ -255,7 +255,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roommanagement.update")]
+ [RequirePermission("roommanagement.checkinroombyreservation")]
[HttpPost]
public BaseResponse CheckinRoomByReservation([FromBody] CheckinRoomByReservationDto checkinRoomByReservationDto)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Business/Room/RoomTypeController.cs b/EOM.TSHotelManagement.API/Controllers/Business/Room/RoomTypeController.cs
index 4574853d43609c04b3e026a18a562edaf111f0af..0d6e7fe109ed665374349de4eff02303b92b5cea 100644
--- a/EOM.TSHotelManagement.API/Controllers/Business/Room/RoomTypeController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Business/Room/RoomTypeController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -22,7 +22,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roomconfig.view")]
+ [RequirePermission("roomconfig.selectroomtypesall")]
[HttpGet]
public ListOutputDto SelectRoomTypesAll([FromQuery] ReadRoomTypeInputDto inputDto)
{
@@ -34,7 +34,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roomconfig.view")]
+ [RequirePermission("roomconfig.selectroomtypebyroomno")]
[HttpGet]
public SingleOutputDto SelectRoomTypeByRoomNo([FromQuery] ReadRoomTypeInputDto inputDto)
{
@@ -46,7 +46,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roomconfig.create")]
+ [RequirePermission("roomconfig.insertroomtype")]
[HttpPost]
public BaseResponse InsertRoomType([FromBody] CreateRoomTypeInputDto inputDto)
{
@@ -58,7 +58,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roomconfig.update")]
+ [RequirePermission("roomconfig.updateroomtype")]
[HttpPost]
public BaseResponse UpdateRoomType([FromBody] UpdateRoomTypeInputDto inputDto)
{
@@ -70,7 +70,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("roomconfig.delete")]
+ [RequirePermission("roomconfig.deleteroomtype")]
[HttpPost]
public BaseResponse DeleteRoomType([FromBody] DeleteRoomTypeInputDto inputDto)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Business/Sellthing/SellthingController.cs b/EOM.TSHotelManagement.API/Controllers/Business/Sellthing/SellthingController.cs
index 6ece820020ef7f22c59fa85365a67ed9f764d55d..85d0125bd8ee3c9d2cf35846c4cc41a8e58e640e 100644
--- a/EOM.TSHotelManagement.API/Controllers/Business/Sellthing/SellthingController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Business/Sellthing/SellthingController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -22,7 +22,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("goodsmanagement.view")]
+ [RequirePermission("goodsmanagement.selectsellthingall")]
[HttpGet]
public ListOutputDto SelectSellThingAll([FromQuery] ReadSellThingInputDto sellThing = null)
{
@@ -34,7 +34,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("goodsmanagement.update")]
+ [RequirePermission("goodsmanagement.updatesellthing")]
[HttpPost]
public BaseResponse UpdateSellThing([FromBody] UpdateSellThingInputDto updateSellThingInputDto)
{
@@ -42,11 +42,11 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
}
///
- /// 撤回客户消费信息
+ /// 删除商品信息
///
///
///
- [RequirePermission("goodsmanagement.delete")]
+ [RequirePermission("goodsmanagement.deletesellthing")]
[HttpPost]
public BaseResponse DeleteSellthing([FromBody] DeleteSellThingInputDto deleteSellThingInputDto)
{
@@ -58,7 +58,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("goodsmanagement.view")]
+ [RequirePermission("goodsmanagement.selectsellthingbynameandprice")]
[HttpGet]
public SingleOutputDto SelectSellThingByNameAndPrice([FromQuery] ReadSellThingInputDto readSellThingInputDto)
{
@@ -70,7 +70,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("goodsmanagement.create")]
+ [RequirePermission("goodsmanagement.insertsellthing")]
[HttpPost]
public BaseResponse InsertSellThing([FromBody] CreateSellThingInputDto st)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Business/Spend/SpendController.cs b/EOM.TSHotelManagement.API/Controllers/Business/Spend/SpendController.cs
index ed91fddab292566f3316f1e5a8fcc67060776c60..1cf5bfd797b3b149a9538b344fa2979aa26cf6d2 100644
--- a/EOM.TSHotelManagement.API/Controllers/Business/Spend/SpendController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Business/Spend/SpendController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -22,7 +22,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("customerspend.view")]
+ [RequirePermission("customerspend.selectspendbyroomno")]
[HttpGet]
public ListOutputDto SelectSpendByRoomNo([FromQuery] ReadSpendInputDto inputDto)
{
@@ -34,7 +34,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("customerspend.view")]
+ [RequirePermission("customerspend.selethistoryspendinfoall")]
[HttpGet]
public ListOutputDto SeletHistorySpendInfoAll([FromQuery] ReadSpendInputDto inputDto)
{
@@ -45,7 +45,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询消费的所有信息
///
///
- [RequirePermission("customerspend.view")]
+ [RequirePermission("customerspend.selectspendinfoall")]
[HttpGet]
public ListOutputDto SelectSpendInfoAll([FromQuery] ReadSpendInputDto readSpendInputDto)
{
@@ -57,7 +57,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("customerspend.view")]
+ [RequirePermission("customerspend.sumconsumptionamount")]
[HttpGet]
public SingleOutputDto SumConsumptionAmount([FromQuery] ReadSpendInputDto inputDto)
{
@@ -69,7 +69,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("customerspend.delete")]
+ [RequirePermission("customerspend.undocustomerspend")]
[HttpPost]
public BaseResponse UndoCustomerSpend([FromBody] UpdateSpendInputDto updateSpendInputDto)
{
@@ -81,7 +81,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("customerspend.create")]
+ [RequirePermission("customerspend.addcustomerspend")]
[HttpPost]
public BaseResponse AddCustomerSpend([FromBody] AddCustomerSpendInputDto addCustomerSpendInputDto)
{
@@ -93,7 +93,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("customerspend.update")]
+ [RequirePermission("customerspend.updspendinfo")]
[HttpPost]
public BaseResponse UpdSpendInfo([FromBody] UpdateSpendInputDto inputDto)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Dashboard/DashboardController.cs b/EOM.TSHotelManagement.API/Controllers/Dashboard/DashboardController.cs
index 13bb8ccf64a766e850278ad9828eed6ecead5362..5268b049b9b9be6ba5d4fc3680c24f00c6daa85b 100644
--- a/EOM.TSHotelManagement.API/Controllers/Dashboard/DashboardController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Dashboard/DashboardController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -18,7 +18,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 获取房间统计信息
///
///
- [RequirePermission("dashboard.view")]
+ [RequirePermission("dashboard.roomstatistics")]
[HttpGet]
public SingleOutputDto RoomStatistics()
{
@@ -29,7 +29,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 获取业务统计信息
///
///
- [RequirePermission("dashboard.view")]
+ [RequirePermission("dashboard.businessstatistics")]
[HttpGet]
public SingleOutputDto BusinessStatistics()
{
@@ -40,7 +40,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 获取后勤统计信息
///
///
- [RequirePermission("dashboard.view")]
+ [RequirePermission("dashboard.logisticsstatistics")]
[HttpGet]
public SingleOutputDto LogisticsStatistics()
{
@@ -51,7 +51,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 获取人事统计信息
///
///
- [RequirePermission("dashboard.view")]
+ [RequirePermission("dashboard.humanresourcesstatistics")]
[HttpGet]
public SingleOutputDto HumanResourcesStatistics()
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Employee/Check/EmployeeCheckController.cs b/EOM.TSHotelManagement.API/Controllers/Employee/Check/EmployeeCheckController.cs
index da0585b8d05d0b49234fc46fa1e3f6bb6bb2cea2..175e481df3c3fda63772eb6e6620cad308328902 100644
--- a/EOM.TSHotelManagement.API/Controllers/Employee/Check/EmployeeCheckController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Employee/Check/EmployeeCheckController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -22,7 +22,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.view")]
+ [RequirePermission("staffmanagement.selectcheckinfobyemployeeid")]
[HttpGet]
public ListOutputDto SelectCheckInfoByEmployeeId([FromQuery] ReadEmployeeCheckInputDto inputDto)
{
@@ -34,7 +34,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.view")]
+ [RequirePermission("staffmanagement.selectworkercheckdaysumbyemployeeid")]
[HttpGet]
public SingleOutputDto SelectWorkerCheckDaySumByEmployeeId([FromQuery] ReadEmployeeCheckInputDto inputDto)
{
@@ -46,7 +46,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.view")]
+ [RequirePermission("staffmanagement.selecttodaycheckinfobyworkerno")]
[HttpGet]
public SingleOutputDto SelectToDayCheckInfoByWorkerNo([FromQuery] ReadEmployeeCheckInputDto inputDto)
{
@@ -58,7 +58,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.create")]
+ [RequirePermission("staffmanagement.addcheckinfo")]
[HttpPost]
public BaseResponse AddCheckInfo([FromBody] CreateEmployeeCheckInputDto workerCheck)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Employee/EmployeeController.cs b/EOM.TSHotelManagement.API/Controllers/Employee/EmployeeController.cs
index 85007ae45cb6eff0b0d43a61ac97666aaffc1cc1..4d8a9227c9ecf6efb8849d86aaf07fe43a80fa1b 100644
--- a/EOM.TSHotelManagement.API/Controllers/Employee/EmployeeController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Employee/EmployeeController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Authorization;
@@ -24,7 +24,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.update")]
+ [RequirePermission("staffmanagement.updateemployee")]
[HttpPost]
public BaseResponse UpdateEmployee([FromBody] UpdateEmployeeInputDto worker)
{
@@ -36,7 +36,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.status")]
+ [RequirePermission("staffmanagement.manageremployeeaccount")]
[HttpPost]
public BaseResponse ManagerEmployeeAccount([FromBody] UpdateEmployeeInputDto worker)
{
@@ -48,7 +48,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.create")]
+ [RequirePermission("staffmanagement.addemployee")]
[HttpPost]
public BaseResponse AddEmployee([FromBody] CreateEmployeeInputDto worker)
{
@@ -60,7 +60,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.view")]
+ [RequirePermission("staffmanagement.selectemployeeall")]
[HttpGet]
public ListOutputDto SelectEmployeeAll([FromQuery] ReadEmployeeInputDto inputDto)
{
@@ -72,7 +72,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.view")]
+ [RequirePermission("staffmanagement.selectemployeeinfobyemployeeid")]
[HttpGet]
public SingleOutputDto SelectEmployeeInfoByEmployeeId([FromQuery] ReadEmployeeInputDto inputDto)
{
@@ -96,7 +96,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 获取当前员工账号的 2FA 状态
///
///
- [RequirePermission("staffmanagement.get2fa")]
+ [RequirePermission("staffmanagement.gettwofactorstatus")]
[HttpGet]
public SingleOutputDto GetTwoFactorStatus()
{
@@ -107,7 +107,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 生成当前员工账号的 2FA 绑定信息
///
///
- [RequirePermission("staffmanagement.generate2fa")]
+ [RequirePermission("staffmanagement.generatetwofactorsetup")]
[HttpPost]
public SingleOutputDto GenerateTwoFactorSetup()
{
@@ -119,7 +119,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.enable2fa")]
+ [RequirePermission("staffmanagement.enabletwofactor")]
[HttpPost]
public SingleOutputDto EnableTwoFactor([FromBody] TwoFactorCodeInputDto inputDto)
{
@@ -131,7 +131,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.disable2fa")]
+ [RequirePermission("staffmanagement.disabletwofactor")]
[HttpPost]
public BaseResponse DisableTwoFactor([FromBody] TwoFactorCodeInputDto inputDto)
{
@@ -143,7 +143,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.recovery2fa")]
+ [RequirePermission("staffmanagement.regeneratetwofactorrecoverycodes")]
[HttpPost]
public SingleOutputDto RegenerateTwoFactorRecoveryCodes([FromBody] TwoFactorCodeInputDto inputDto)
{
@@ -155,7 +155,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.reset")]
+ [RequirePermission("staffmanagement.updateemployeeaccountpassword")]
[HttpPost]
public BaseResponse UpdateEmployeeAccountPassword([FromBody] UpdateEmployeeInputDto updateEmployeeInputDto)
{
@@ -166,7 +166,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.update")]
+ [RequirePermission("staffmanagement.resetemployeeaccountpassword")]
[HttpPost]
public BaseResponse ResetEmployeeAccountPassword([FromBody] UpdateEmployeeInputDto updateEmployeeInputDto)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Employee/History/EmployeeHistoryController.cs b/EOM.TSHotelManagement.API/Controllers/Employee/History/EmployeeHistoryController.cs
index 68ddde5fe49a7e1f7f83c4895d0ce1ae3cc31b94..26c4c8b1da808f09dd0bef2f2404f72e26eb0f08 100644
--- a/EOM.TSHotelManagement.API/Controllers/Employee/History/EmployeeHistoryController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Employee/History/EmployeeHistoryController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -22,7 +22,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.create")]
+ [RequirePermission("staffmanagement.addhistorybyemployeeid")]
[HttpPost]
public BaseResponse AddHistoryByEmployeeId([FromBody] CreateEmployeeHistoryInputDto workerHistory)
{
@@ -34,7 +34,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.view")]
+ [RequirePermission("staffmanagement.selecthistorybyemployeeid")]
[HttpGet]
public ListOutputDto SelectHistoryByEmployeeId([FromQuery] ReadEmployeeHistoryInputDto inputDto)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Employee/Photo/EmployeePhotoController.cs b/EOM.TSHotelManagement.API/Controllers/Employee/Photo/EmployeePhotoController.cs
index 4583b993a3ff74db20a6922f54571689a7a9d0cf..3f39185d41cfabf44d180dfa32a7df3d27cd28b2 100644
--- a/EOM.TSHotelManagement.API/Controllers/Employee/Photo/EmployeePhotoController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Employee/Photo/EmployeePhotoController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Http;
@@ -23,7 +23,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.view")]
+ [RequirePermission("staffmanagement.employeephoto")]
[HttpGet]
public SingleOutputDto EmployeePhoto([FromQuery] ReadEmployeePhotoInputDto inputDto)
{
@@ -36,7 +36,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.create")]
+ [RequirePermission("staffmanagement.insertworkerphoto")]
[HttpPost]
public SingleOutputDto InsertWorkerPhoto([FromForm] CreateEmployeePhotoInputDto inputDto, IFormFile file)
{
@@ -48,7 +48,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.delete")]
+ [RequirePermission("staffmanagement.deleteworkerphoto")]
[HttpPost]
public BaseResponse DeleteWorkerPhoto([FromBody] DeleteEmployeePhotoInputDto inputDto)
{
@@ -60,7 +60,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("staffmanagement.update")]
+ [RequirePermission("staffmanagement.updateworkerphoto")]
[HttpPost]
public BaseResponse UpdateWorkerPhoto([FromBody] UpdateEmployeePhotoInputDto inputDto)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/SystemManagement/Administrator/AdminController.cs b/EOM.TSHotelManagement.API/Controllers/SystemManagement/Administrator/AdminController.cs
index 15e0112f0088aef526cb439638129970d2c5a546..936525e118bba37380f802bcb6cfd1739ce09b52 100644
--- a/EOM.TSHotelManagement.API/Controllers/SystemManagement/Administrator/AdminController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/SystemManagement/Administrator/AdminController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Contract.SystemManagement.Dto.Permission;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
@@ -44,7 +44,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 获取当前管理员账号的 2FA 状态
///
///
- [RequirePermission("system:admin:get2fa")]
+ [RequirePermission("system:admin:gettwofactorstatus")]
[HttpGet]
public SingleOutputDto GetTwoFactorStatus()
{
@@ -55,7 +55,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 生成当前管理员账号的 2FA 绑定信息
///
///
- [RequirePermission("system:admin:generate2fa")]
+ [RequirePermission("system:admin:generatetwofactorsetup")]
[HttpPost]
public SingleOutputDto GenerateTwoFactorSetup()
{
@@ -67,7 +67,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:admin:enable2fa")]
+ [RequirePermission("system:admin:enabletwofactor")]
[HttpPost]
public SingleOutputDto EnableTwoFactor([FromBody] TwoFactorCodeInputDto inputDto)
{
@@ -79,7 +79,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:admin:disable2fa")]
+ [RequirePermission("system:admin:disabletwofactor")]
[HttpPost]
public BaseResponse DisableTwoFactor([FromBody] TwoFactorCodeInputDto inputDto)
{
@@ -91,7 +91,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:admin:recovery2fa")]
+ [RequirePermission("system:admin:regeneratetwofactorrecoverycodes")]
[HttpPost]
public SingleOutputDto RegenerateTwoFactorRecoveryCodes([FromBody] TwoFactorCodeInputDto inputDto)
{
@@ -102,7 +102,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 获取所有管理员列表
///
///
- [RequirePermission("system:admin:list")]
+ [RequirePermission("system:admin:getalladminlist")]
[HttpGet]
public ListOutputDto GetAllAdminList(ReadAdministratorInputDto readAdministratorInputDto)
{
@@ -114,7 +114,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:admin:create")]
+ [RequirePermission("system:admin:addadmin")]
[HttpPost]
public BaseResponse AddAdmin([FromBody] CreateAdministratorInputDto admin)
{
@@ -126,7 +126,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:admin:update")]
+ [RequirePermission("system:admin:updadmin")]
[HttpPost]
public BaseResponse UpdAdmin([FromBody] UpdateAdministratorInputDto updateAdministratorInputDto)
{
@@ -138,7 +138,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:admin:delete")]
+ [RequirePermission("system:admin:deladmin")]
[HttpPost]
public BaseResponse DelAdmin([FromBody] DeleteAdministratorInputDto deleteAdministratorInputDto)
{
@@ -149,7 +149,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 获取所有管理员类型
///
///
- [RequirePermission("system:admintype:list")]
+ [RequirePermission("system:admintype:getalladmintypes")]
[HttpGet]
public ListOutputDto GetAllAdminTypes(ReadAdministratorTypeInputDto readAdministratorTypeInputDto)
{
@@ -161,7 +161,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:admintype:create")]
+ [RequirePermission("system:admintype:addadmintype")]
[HttpPost]
public BaseResponse AddAdminType([FromBody] CreateAdministratorTypeInputDto createAdministratorTypeInputDto)
{
@@ -173,7 +173,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:admintype:update")]
+ [RequirePermission("system:admintype:updadmintype")]
[HttpPost]
public BaseResponse UpdAdminType([FromBody] UpdateAdministratorTypeInputDto updateAdministratorTypeInputDto)
{
@@ -185,7 +185,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:admintype:delete")]
+ [RequirePermission("system:admintype:deladmintype")]
[HttpPost]
public BaseResponse DelAdminType([FromBody] DeleteAdministratorTypeInputDto deleteAdministratorTypeInputDto)
{
@@ -197,7 +197,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:user:assign")]
+ [RequirePermission("system:user:admin:assignuserroles")]
[HttpPost]
public BaseResponse AssignUserRoles([FromBody] AssignUserRolesInputDto input)
{
@@ -207,31 +207,31 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 读取指定用户已分配的角色编码集合
///
- /// 用户编码
+ /// 用户编码请求体
/// 角色编码集合(RoleNumber 列表)
- [RequirePermission("system:user:assign.view")]
- [HttpGet]
- public ListOutputDto ReadUserRoles([FromQuery] string userNumber)
+ [RequirePermission("system:user:admin.readuserroles")]
+ [HttpPost]
+ public ListOutputDto ReadUserRoles([FromBody] ReadByUserNumberInputDto input)
{
- return adminService.ReadUserRoles(userNumber);
+ return adminService.ReadUserRoles(input.UserNumber);
}
///
/// 读取指定用户的“角色-权限”明细(来自 RolePermission 关联,并联到 Permission 得到权限码与名称)
///
- /// 用户编码
+ /// 用户编码请求体
/// 明细列表(包含 RoleNumber、PermissionNumber、PermissionName、MenuKey)
- [RequirePermission("system:user:assign.view")]
- [HttpGet]
- public ListOutputDto ReadUserRolePermissions([FromQuery] string userNumber)
+ [RequirePermission("system:user:admin.readuserrolepermissions")]
+ [HttpPost]
+ public ListOutputDto ReadUserRolePermissions([FromBody] ReadByUserNumberInputDto input)
{
- return adminService.ReadUserRolePermissions(userNumber);
+ return adminService.ReadUserRolePermissions(input.UserNumber);
}
///
/// 为指定用户分配“直接权限”(通过专属角色 R-USER-{UserNumber} 写入 RolePermission,全量覆盖)
///
- [RequirePermission("system:user:assign")]
+ [RequirePermission("system:user:admin:assignuserpermissions")]
[HttpPost]
public BaseResponse AssignUserPermissions([FromBody] AssignUserPermissionsInputDto input)
{
@@ -241,11 +241,11 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 读取指定用户的“直接权限”(仅来自专属角色 R-USER-{UserNumber} 的权限编码列表)
///
- [RequirePermission("system:user:assign.view")]
- [HttpGet]
- public ListOutputDto ReadUserDirectPermissions([FromQuery] string userNumber)
+ [RequirePermission("system:user:admin.readuserdirectpermissions")]
+ [HttpPost]
+ public ListOutputDto ReadUserDirectPermissions([FromBody] ReadByUserNumberInputDto input)
{
- return adminService.ReadUserDirectPermissions(userNumber);
+ return adminService.ReadUserDirectPermissions(input.UserNumber);
}
///
diff --git a/EOM.TSHotelManagement.API/Controllers/SystemManagement/Base/BaseController.cs b/EOM.TSHotelManagement.API/Controllers/SystemManagement/Base/BaseController.cs
index 5d299c779130f3c3bf5133c306c7acc554fe6102..7c626b89c7ec33d81b35b25d79174771cda3c6b5 100644
--- a/EOM.TSHotelManagement.API/Controllers/SystemManagement/Base/BaseController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/SystemManagement/Base/BaseController.cs
@@ -1,5 +1,6 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
+using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace EOM.TSHotelManagement.WebApi.Controllers
@@ -67,6 +68,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
#region 职位模块
+ [RequirePermission("position.view")]
[HttpGet]
public ListOutputDto SelectPositionAll([FromQuery] ReadPositionInputDto position = null)
{
@@ -79,18 +81,21 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
return baseService.SelectPosition(position);
}
+ [RequirePermission("position.create")]
[HttpPost]
public BaseResponse AddPosition([FromBody] CreatePositionInputDto position)
{
return baseService.AddPosition(position);
}
+ [RequirePermission("position.delete")]
[HttpPost]
public BaseResponse DelPosition([FromBody] DeletePositionInputDto position)
{
return baseService.DelPosition(position);
}
+ [RequirePermission("position.update")]
[HttpPost]
public BaseResponse UpdPosition([FromBody] UpdatePositionInputDto position)
{
@@ -101,6 +106,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
#region 民族模块
+ [RequirePermission("nation.view")]
[HttpGet]
public ListOutputDto SelectNationAll([FromQuery] ReadNationInputDto nation = null)
{
@@ -113,18 +119,21 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
return baseService.SelectNation(nation);
}
+ [RequirePermission("nation.create")]
[HttpPost]
public BaseResponse AddNation([FromBody] CreateNationInputDto nation)
{
return baseService.AddNation(nation);
}
+ [RequirePermission("nation.delete")]
[HttpPost]
public BaseResponse DelNation([FromBody] DeleteNationInputDto nation)
{
return baseService.DelNation(nation);
}
+ [RequirePermission("nation.update")]
[HttpPost]
public BaseResponse UpdNation([FromBody] UpdateNationInputDto nation)
{
@@ -135,6 +144,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
#region 学历模块
+ [RequirePermission("qualification.view")]
[HttpGet]
public ListOutputDto SelectEducationAll([FromQuery] ReadEducationInputDto education = null)
{
@@ -147,18 +157,21 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
return baseService.SelectEducation(education);
}
+ [RequirePermission("qualification.create")]
[HttpPost]
public BaseResponse AddEducation([FromBody] CreateEducationInputDto education)
{
return baseService.AddEducation(education);
}
+ [RequirePermission("qualification.delete")]
[HttpPost]
public BaseResponse DelEducation([FromBody] DeleteEducationInputDto education)
{
return baseService.DelEducation(education);
}
+ [RequirePermission("qualification.update")]
[HttpPost]
public BaseResponse UpdEducation([FromBody] UpdateEducationInputDto education)
{
@@ -169,6 +182,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
#region 部门模块
+ [RequirePermission("department.view")]
[HttpGet]
public ListOutputDto SelectDeptAllCanUse()
{
@@ -181,24 +195,28 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
return baseService.SelectDeptAll(readDepartmentInputDto);
}
+ [RequirePermission("department.view")]
[HttpGet]
public SingleOutputDto SelectDept([FromQuery] ReadDepartmentInputDto dept)
{
return baseService.SelectDept(dept);
}
+ [RequirePermission("department.create")]
[HttpPost]
public BaseResponse AddDept([FromBody] CreateDepartmentInputDto dept)
{
return baseService.AddDept(dept);
}
+ [RequirePermission("department.delete")]
[HttpPost]
public BaseResponse DelDept([FromBody] DeleteDepartmentInputDto dept)
{
return baseService.DelDept(dept);
}
+ [RequirePermission("department.update")]
[HttpPost]
public BaseResponse UpdDept([FromBody] UpdateDepartmentInputDto dept)
{
@@ -209,6 +227,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
#region 客户类型模块
+ [RequirePermission("customertype.view")]
[HttpGet]
public ListOutputDto SelectCustoTypeAllCanUse()
{
@@ -221,24 +240,28 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
return baseService.SelectCustoTypeAll(readCustoTypeInputDto);
}
+ [RequirePermission("customertype.view")]
[HttpGet]
public SingleOutputDto SelectCustoTypeByTypeId([FromQuery] ReadCustoTypeInputDto custoType)
{
return baseService.SelectCustoTypeByTypeId(custoType);
}
+ [RequirePermission("customertype.create")]
[HttpPost]
public BaseResponse InsertCustoType([FromBody] CreateCustoTypeInputDto custoType)
{
return baseService.InsertCustoType(custoType);
}
+ [RequirePermission("customertype.delete")]
[HttpPost]
public BaseResponse DeleteCustoType([FromBody] DeleteCustoTypeInputDto custoType)
{
return baseService.DeleteCustoType(custoType);
}
+ [RequirePermission("customertype.update")]
[HttpPost]
public BaseResponse UpdateCustoType([FromBody] UpdateCustoTypeInputDto custoType)
{
@@ -249,6 +272,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
#region 证件类型模块
+ [RequirePermission("passport.view")]
[HttpGet]
public ListOutputDto SelectPassPortTypeAllCanUse()
{
@@ -261,24 +285,28 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
return baseService.SelectPassPortTypeAll(readPassportTypeInputDto);
}
+ [RequirePermission("passport.view")]
[HttpGet]
public SingleOutputDto SelectPassPortTypeByTypeId([FromQuery] ReadPassportTypeInputDto passPortType)
{
return baseService.SelectPassPortTypeByTypeId(passPortType);
}
+ [RequirePermission("passport.create")]
[HttpPost]
public BaseResponse InsertPassPortType([FromBody] CreatePassportTypeInputDto passPortType)
{
return baseService.InsertPassPortType(passPortType);
}
+ [RequirePermission("passport.delete")]
[HttpPost]
public BaseResponse DeletePassPortType([FromBody] DeletePassportTypeInputDto portType)
{
return baseService.DeletePassPortType(portType);
}
+ [RequirePermission("passport.update")]
[HttpPost]
public BaseResponse UpdatePassPortType([FromBody] UpdatePassportTypeInputDto portType)
{
@@ -333,6 +361,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询所有公告类型
///
///
+ [RequirePermission("noticetype.view")]
[HttpGet]
public ListOutputDto SelectAppointmentNoticeTypeAll([FromQuery] ReadAppointmentNoticeTypeInputDto readAppointmentNoticeTypeInputDto)
{
@@ -344,6 +373,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
+ [RequirePermission("noticetype.create")]
[HttpPost]
public BaseResponse CreateAppointmentNoticeType([FromBody] CreateAppointmentNoticeTypeInputDto createAppointmentNoticeTypeInputDto)
{
@@ -355,6 +385,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
+ [RequirePermission("noticetype.delete")]
[HttpPost]
public BaseResponse DeleteAppointmentNoticeType([FromBody] DeleteAppointmentNoticeTypeInputDto deleteAppointmentNoticeTypeInputDto)
{
@@ -366,6 +397,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
+ [RequirePermission("noticetype.update")]
[HttpPost]
public BaseResponse UpdateAppointmentNoticeType([FromBody] UpdateAppointmentNoticeTypeInputDto updateAppointmentNoticeTypeInputDto)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/SystemManagement/CustomerPermission/CustomerPermissionController.cs b/EOM.TSHotelManagement.API/Controllers/SystemManagement/CustomerPermission/CustomerPermissionController.cs
index 8595ee3de1eac64aaee39f685c3a10e70325cb30..d10377924aad9985b6c9b76ef398e24b120b8fee 100644
--- a/EOM.TSHotelManagement.API/Controllers/SystemManagement/CustomerPermission/CustomerPermissionController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/SystemManagement/CustomerPermission/CustomerPermissionController.cs
@@ -11,11 +11,11 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 客户组权限分配接口(与管理员一致的 5 个接口)
/// 前端将调用:
- /// - POST /Customer/AssignUserRoles
- /// - GET /Customer/ReadUserRoles?userNumber=...
- /// - GET /Customer/ReadUserRolePermissions?userNumber=...
- /// - POST /Customer/AssignUserPermissions
- /// - GET /Customer/ReadUserDirectPermissions?userNumber=...
+ /// - POST /CustomerPermission/AssignUserRoles
+ /// - POST /CustomerPermission/ReadUserRoles
+ /// - POST /CustomerPermission/ReadUserRolePermissions
+ /// - POST /CustomerPermission/AssignUserPermissions
+ /// - POST /CustomerPermission/ReadUserDirectPermissions
///
public class CustomerPermissionController : ControllerBase
{
@@ -31,7 +31,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 为客户分配角色(全量覆盖)
///
- [RequirePermission("system:user:assign")]
+ [RequirePermission("system:user:customer:assignuserroles")]
[HttpPost]
public BaseResponse AssignUserRoles([FromBody] AssignUserRolesInputDto input)
{
@@ -43,11 +43,11 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 读取客户已分配的角色编码集合
///
- [RequirePermission("system:user:assign.view")]
- [HttpGet]
- public ListOutputDto ReadUserRoles([FromQuery] string userNumber)
+ [RequirePermission("system:user:customer.readuserroles")]
+ [HttpPost]
+ public ListOutputDto ReadUserRoles([FromBody] ReadByUserNumberInputDto input)
{
- return customerPermService.ReadUserRoles(userNumber);
+ return customerPermService.ReadUserRoles(input.UserNumber);
}
/// filename OR language.declaration()
@@ -55,11 +55,11 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 读取客户“角色-权限”明细
///
- [RequirePermission("system:user:assign.view")]
- [HttpGet]
- public ListOutputDto ReadUserRolePermissions([FromQuery] string userNumber)
+ [RequirePermission("system:user:customer.readuserrolepermissions")]
+ [HttpPost]
+ public ListOutputDto ReadUserRolePermissions([FromBody] ReadByUserNumberInputDto input)
{
- return customerPermService.ReadUserRolePermissions(userNumber);
+ return customerPermService.ReadUserRolePermissions(input.UserNumber);
}
/// filename OR language.declaration()
@@ -67,7 +67,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 为客户分配“直接权限”(R-USER-{UserNumber} 全量覆盖)
///
- [RequirePermission("system:user:assign")]
+ [RequirePermission("system:user:customer:assignuserpermissions")]
[HttpPost]
public BaseResponse AssignUserPermissions([FromBody] AssignUserPermissionsInputDto input)
{
@@ -79,11 +79,11 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 读取客户“直接权限”权限编码集合(来自 R-USER-{UserNumber})
///
- [RequirePermission("system:user:assign.view")]
- [HttpGet]
- public ListOutputDto ReadUserDirectPermissions([FromQuery] string userNumber)
+ [RequirePermission("system:user:customer.readuserdirectpermissions")]
+ [HttpPost]
+ public ListOutputDto ReadUserDirectPermissions([FromBody] ReadByUserNumberInputDto input)
{
- return customerPermService.ReadUserDirectPermissions(userNumber);
+ return customerPermService.ReadUserDirectPermissions(input.UserNumber);
}
}
-}
\ No newline at end of file
+}
diff --git a/EOM.TSHotelManagement.API/Controllers/SystemManagement/EmployeePermission/EmployeeController.cs b/EOM.TSHotelManagement.API/Controllers/SystemManagement/EmployeePermission/EmployeeController.cs
index 24ee02060222cb5415bcc3649b49445d56b30341..05f3b05ae6e7fd09b91cc346cff28d114cd905a0 100644
--- a/EOM.TSHotelManagement.API/Controllers/SystemManagement/EmployeePermission/EmployeeController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/SystemManagement/EmployeePermission/EmployeeController.cs
@@ -11,11 +11,11 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 员工组权限分配接口(与管理员一致的 5 个接口)
/// 前端将调用:
- /// - POST /Employee/AssignUserRoles
- /// - GET /Employee/ReadUserRoles?userNumber=...
- /// - GET /Employee/ReadUserRolePermissions?userNumber=...
- /// - POST /Employee/AssignUserPermissions
- /// - GET /Employee/ReadUserDirectPermissions?userNumber=...
+ /// - POST /EmployeePermission/AssignUserRoles
+ /// - POST /EmployeePermission/ReadUserRoles
+ /// - POST /EmployeePermission/ReadUserRolePermissions
+ /// - POST /EmployeePermission/AssignUserPermissions
+ /// - POST /EmployeePermission/ReadUserDirectPermissions
///
public class EmployeePermissionController : ControllerBase
{
@@ -31,7 +31,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 为员工分配角色(全量覆盖)
///
- [RequirePermission("system:user:assign")]
+ [RequirePermission("system:user:employee:assignuserroles")]
[HttpPost]
public BaseResponse AssignUserRoles([FromBody] AssignUserRolesInputDto input)
{
@@ -43,11 +43,11 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 读取员工已分配的角色编码集合
///
- [RequirePermission("system:user:assign.view")]
- [HttpGet]
- public ListOutputDto ReadUserRoles([FromQuery] string userNumber)
+ [RequirePermission("system:user:employee.readuserroles")]
+ [HttpPost]
+ public ListOutputDto ReadUserRoles([FromBody] ReadByUserNumberInputDto input)
{
- return employeePermService.ReadUserRoles(userNumber);
+ return employeePermService.ReadUserRoles(input.UserNumber);
}
/// filename OR language.declaration()
@@ -55,11 +55,11 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 读取员工“角色-权限”明细
///
- [RequirePermission("system:user:assign.view")]
- [HttpGet]
- public ListOutputDto ReadUserRolePermissions([FromQuery] string userNumber)
+ [RequirePermission("system:user:employee.readuserrolepermissions")]
+ [HttpPost]
+ public ListOutputDto ReadUserRolePermissions([FromBody] ReadByUserNumberInputDto input)
{
- return employeePermService.ReadUserRolePermissions(userNumber);
+ return employeePermService.ReadUserRolePermissions(input.UserNumber);
}
/// filename OR language.declaration()
@@ -67,7 +67,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 为员工分配“直接权限”(R-USER-{UserNumber} 全量覆盖)
///
- [RequirePermission("system:user:assign")]
+ [RequirePermission("system:user:employee:assignuserpermissions")]
[HttpPost]
public BaseResponse AssignUserPermissions([FromBody] AssignUserPermissionsInputDto input)
{
@@ -79,11 +79,11 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 读取员工“直接权限”权限编码集合(来自 R-USER-{UserNumber})
///
- [RequirePermission("system:user:assign.view")]
- [HttpGet]
- public ListOutputDto ReadUserDirectPermissions([FromQuery] string userNumber)
+ [RequirePermission("system:user:employee.readuserdirectpermissions")]
+ [HttpPost]
+ public ListOutputDto ReadUserDirectPermissions([FromBody] ReadByUserNumberInputDto input)
{
- return employeePermService.ReadUserDirectPermissions(userNumber);
+ return employeePermService.ReadUserDirectPermissions(input.UserNumber);
}
}
-}
\ No newline at end of file
+}
diff --git a/EOM.TSHotelManagement.API/Controllers/SystemManagement/Menu/MenuController.cs b/EOM.TSHotelManagement.API/Controllers/SystemManagement/Menu/MenuController.cs
index b191d5a57290b6a0756f9c2912a9e3d9dc60e20d..3e3fdb0378891def4d99d03be5169dec8b77a34e 100644
--- a/EOM.TSHotelManagement.API/Controllers/SystemManagement/Menu/MenuController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/SystemManagement/Menu/MenuController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -21,7 +21,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询所有菜单信息
///
///
- [RequirePermission("menumanagement.view")]
+ [RequirePermission("menumanagement.selectmenuall")]
[HttpGet]
public ListOutputDto SelectMenuAll(ReadMenuInputDto readMenuInputDto)
{
@@ -32,7 +32,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 构建菜单树
///
///
- [RequirePermission("menumanagement.view")]
+ [RequirePermission("menumanagement.buildmenuall")]
[HttpPost]
public ListOutputDto BuildMenuAll([FromBody] BaseInputDto baseInputDto)
{
@@ -44,7 +44,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("menumanagement.create")]
+ [RequirePermission("menumanagement.insertmenu")]
[HttpPost]
public BaseResponse InsertMenu([FromBody] CreateMenuInputDto menu)
{
@@ -56,7 +56,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("menumanagement.update")]
+ [RequirePermission("menumanagement.updatemenu")]
[HttpPost]
public BaseResponse UpdateMenu([FromBody] UpdateMenuInputDto menu)
{
@@ -68,7 +68,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("menumanagement.delete")]
+ [RequirePermission("menumanagement.deletemenu")]
[HttpPost]
public BaseResponse DeleteMenu([FromBody] DeleteMenuInputDto menu)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/SystemManagement/Permission/PermissionController.cs b/EOM.TSHotelManagement.API/Controllers/SystemManagement/Permission/PermissionController.cs
index cb317314ce9cfd42779162b32a8f7743015ffe31..26e414bbba4c94e03be936d7623b6d019a637521 100644
--- a/EOM.TSHotelManagement.API/Controllers/SystemManagement/Permission/PermissionController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/SystemManagement/Permission/PermissionController.cs
@@ -22,11 +22,11 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 查询条件
/// 权限列表
- [RequirePermission("system:user:assign.view")]
- [HttpGet]
- public ListOutputDto SelectPermissionList([FromQuery] ReadPermissionInputDto input)
+ [RequirePermission("system:user:assign.selectpermissionlist")]
+ [HttpPost]
+ public ListOutputDto SelectPermissionList([FromBody] ReadPermissionInputDto input)
{
return _permissionAppService.SelectPermissionList(input);
}
}
-}
\ No newline at end of file
+}
diff --git a/EOM.TSHotelManagement.API/Controllers/SystemManagement/Role/RoleController.cs b/EOM.TSHotelManagement.API/Controllers/SystemManagement/Role/RoleController.cs
index 312e9f1737daa3e32b16e27c8414c3977394537d..fd271e2d3675c9899459762a7c9ed377c2c38dbf 100644
--- a/EOM.TSHotelManagement.API/Controllers/SystemManagement/Role/RoleController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/SystemManagement/Role/RoleController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Contract.SystemManagement.Dto.Permission;
using EOM.TSHotelManagement.Contract.SystemManagement.Dto.Role;
using EOM.TSHotelManagement.Service;
@@ -21,7 +21,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:role:list")]
+ [RequirePermission("system:role:selectrolelist")]
[HttpGet]
public ListOutputDto SelectRoleList([FromQuery] ReadRoleInputDto readRoleInputDto)
{
@@ -33,7 +33,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:role:create")]
+ [RequirePermission("system:role:insertrole")]
[HttpPost]
public BaseResponse InsertRole([FromBody] CreateRoleInputDto createRoleInputDto)
{
@@ -45,7 +45,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:role:update")]
+ [RequirePermission("system:role:updaterole")]
[HttpPost]
public BaseResponse UpdateRole([FromBody] UpdateRoleInputDto updateRoleInputDto)
{
@@ -57,7 +57,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:role:delete")]
+ [RequirePermission("system:role:deleterole")]
[HttpPost]
public BaseResponse DeleteRole([FromBody] DeleteRoleInputDto deleteRoleInputDto)
{
@@ -69,7 +69,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("system:role:grant")]
+ [RequirePermission("system:role:grantrolepermissions")]
[HttpPost]
public BaseResponse GrantRolePermissions([FromBody] GrantRolePermissionsInputDto input)
{
@@ -79,30 +79,30 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
/// 读取指定角色已授予的权限编码集合
///
- /// 角色编码
- [RequirePermission("system:role:list")]
- [HttpGet]
- public ListOutputDto ReadRolePermissions([FromQuery] string roleNumber)
+ /// 角色编码请求体
+ [RequirePermission("system:role:readrolepermissions")]
+ [HttpPost]
+ public ListOutputDto ReadRolePermissions([FromBody] ReadByRoleNumberInputDto input)
{
- return _roleAppService.ReadRolePermissions(roleNumber);
+ return _roleAppService.ReadRolePermissions(input.RoleNumber);
}
///
/// 读取隶属于指定角色的管理员用户编码集合
///
- /// 角色编码
- [RequirePermission("system:role:list")]
- [HttpGet]
- public ListOutputDto ReadRoleUsers([FromQuery] string roleNumber)
+ /// 角色编码请求体
+ [RequirePermission("system:role:readroleusers")]
+ [HttpPost]
+ public ListOutputDto ReadRoleUsers([FromBody] ReadByRoleNumberInputDto input)
{
- return _roleAppService.ReadRoleUsers(roleNumber);
+ return _roleAppService.ReadRoleUsers(input.RoleNumber);
}
///
/// 为角色分配管理员(全量覆盖)
///
/// 包含角色编码与管理员编码集合
- [RequirePermission("system:role:grant")]
+ [RequirePermission("system:role:assignroleusers")]
[HttpPost]
public BaseResponse AssignRoleUsers([FromBody] AssignRoleUsersInputDto input)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/SystemManagement/SupervisionStatistics/SupervisionStatisticsController.cs b/EOM.TSHotelManagement.API/Controllers/SystemManagement/SupervisionStatistics/SupervisionStatisticsController.cs
index 21c43568c883103f141863611327fade076d616d..b9351b7dd1e9ae70e4c9111e60b4b328c969228e 100644
--- a/EOM.TSHotelManagement.API/Controllers/SystemManagement/SupervisionStatistics/SupervisionStatisticsController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/SystemManagement/SupervisionStatistics/SupervisionStatisticsController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -22,7 +22,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("supervisioninfo.view")]
+ [RequirePermission("supervisioninfo.selectsupervisionstatisticsall")]
[HttpGet]
public ListOutputDto SelectSupervisionStatisticsAll([FromQuery] ReadSupervisionStatisticsInputDto inputDto)
{
@@ -34,7 +34,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("supervisioninfo.create")]
+ [RequirePermission("supervisioninfo.insertsupervisionstatistics")]
[HttpPost]
public BaseResponse InsertSupervisionStatistics([FromBody] CreateSupervisionStatisticsInputDto inputDto)
{
@@ -46,7 +46,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("supervisioninfo.update")]
+ [RequirePermission("supervisioninfo.updatesupervisionstatistics")]
[HttpPost]
public BaseResponse UpdateSupervisionStatistics([FromBody] UpdateSupervisionStatisticsInputDto inputDto)
{
@@ -58,7 +58,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("supervisioninfo.delete")]
+ [RequirePermission("supervisioninfo.deletesupervisionstatistics")]
[HttpPost]
public BaseResponse DeleteSupervisionStatistics([FromBody] DeleteSupervisionStatisticsInputDto inputDto)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/SystemManagement/VipRule/VipRuleController.cs b/EOM.TSHotelManagement.API/Controllers/SystemManagement/VipRule/VipRuleController.cs
index e1ace8be91be11c221d4d150330ec881ddcfe94c..460c37fb084ec54e9b5fe70dd2a6ead2c20776b6 100644
--- a/EOM.TSHotelManagement.API/Controllers/SystemManagement/VipRule/VipRuleController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/SystemManagement/VipRule/VipRuleController.cs
@@ -1,4 +1,4 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
@@ -22,7 +22,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("viplevel.view")]
+ [RequirePermission("viplevel.selectviprulelist")]
[HttpGet]
public ListOutputDto SelectVipRuleList([FromQuery] ReadVipLevelRuleInputDto inputDto)
{
@@ -34,7 +34,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("viplevel.view")]
+ [RequirePermission("viplevel.selectviprule")]
[HttpGet]
public SingleOutputDto SelectVipRule([FromQuery] ReadVipLevelRuleInputDto inputDto)
{
@@ -46,7 +46,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("viplevel.create")]
+ [RequirePermission("viplevel.addviprule")]
[HttpPost]
public BaseResponse AddVipRule([FromBody] CreateVipLevelRuleInputDto inputDto)
{
@@ -58,7 +58,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("viplevel.delete")]
+ [RequirePermission("viplevel.delviprule")]
[HttpPost]
public BaseResponse DelVipRule([FromBody] DeleteVipLevelRuleInputDto inputDto)
{
@@ -70,7 +70,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
- [RequirePermission("viplevel.update")]
+ [RequirePermission("viplevel.updviprule")]
[HttpPost]
public BaseResponse UpdVipRule([FromBody] UpdateVipLevelRuleInputDto inputDto)
{
diff --git a/EOM.TSHotelManagement.API/Controllers/Util/UtilityController.cs b/EOM.TSHotelManagement.API/Controllers/Util/UtilityController.cs
index ad71e1ce22ac5b8e6989ddb56a103e88be123904..e89edacbe94723ce3fab4d8d1905da409cd864dc 100644
--- a/EOM.TSHotelManagement.API/Controllers/Util/UtilityController.cs
+++ b/EOM.TSHotelManagement.API/Controllers/Util/UtilityController.cs
@@ -1,5 +1,6 @@
-using EOM.TSHotelManagement.Contract;
+using EOM.TSHotelManagement.Contract;
using EOM.TSHotelManagement.Service;
+using EOM.TSHotelManagement.WebApi.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace EOM.TSHotelManagement.WebApi.Controllers
@@ -42,6 +43,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
/// 查询所有操作日志
///
///
+ [RequirePermission("operationlog.view")]
[HttpGet]
public ListOutputDto SelectOperationlogAll([FromQuery] ReadOperationLogInputDto readOperationLogInputDto)
{
@@ -53,6 +55,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
+ [RequirePermission("requestlog.view")]
[HttpGet]
public ListOutputDto SelectRequestlogAll([FromQuery] ReadRequestLogInputDto readRequestLogInputDto)
{
@@ -64,6 +67,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
+ [RequirePermission("requestlog.delete")]
[HttpPost]
public BaseResponse DeleteRequestlogByRange([FromBody] ReadRequestLogInputDto readRequestLogInputDto)
{
@@ -75,6 +79,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
+ [RequirePermission("operationlog.delete")]
[HttpPost]
public BaseResponse DeleteOperationlogByRange([FromBody] ReadOperationLogInputDto readOperationLogInputDto)
{
@@ -86,6 +91,7 @@ namespace EOM.TSHotelManagement.WebApi.Controllers
///
///
///
+ [RequirePermission("operationlog.delete")]
[HttpPost]
public BaseResponse DeleteOperationlog([FromBody] DeleteOperationLogInputDto deleteOperationLogInputDto)
{
diff --git a/EOM.TSHotelManagement.API/Extensions/ApplicationExtensions.cs b/EOM.TSHotelManagement.API/Extensions/ApplicationExtensions.cs
index 590b5a5fa9929a1dca59989cbf7ada95e35cf8d3..f3342a52482ace48f38036a44b7503bd6eb1b8d0 100644
--- a/EOM.TSHotelManagement.API/Extensions/ApplicationExtensions.cs
+++ b/EOM.TSHotelManagement.API/Extensions/ApplicationExtensions.cs
@@ -33,6 +33,7 @@ namespace EOM.TSHotelManagement.WebApi
app.UseAuthorization();
app.UseAntiforgery();
app.UseRequestLogging();
+ app.UseIdempotencyKey();
}
///
@@ -103,4 +104,4 @@ namespace EOM.TSHotelManagement.WebApi
});
}
}
-}
\ No newline at end of file
+}
diff --git a/EOM.TSHotelManagement.API/Extensions/AutofacConfigExtensions.cs b/EOM.TSHotelManagement.API/Extensions/AutofacConfigExtensions.cs
index cc3ded21df517902e120b2591ffb5c33e5b9a224..84ce7c60f661ee206e2d9435ab7d3e8cdfd624ad 100644
--- a/EOM.TSHotelManagement.API/Extensions/AutofacConfigExtensions.cs
+++ b/EOM.TSHotelManagement.API/Extensions/AutofacConfigExtensions.cs
@@ -27,6 +27,8 @@ namespace EOM.TSHotelManagement.WebApi
builder.RegisterType()
.InstancePerDependency();
+ builder.RegisterType()
+ .InstancePerDependency();
builder.RegisterType().AsSelf().SingleInstance();
builder.RegisterType().AsSelf().InstancePerLifetimeScope();
diff --git a/EOM.TSHotelManagement.API/Extensions/MiddlewareExtensions.cs b/EOM.TSHotelManagement.API/Extensions/MiddlewareExtensions.cs
index 7e7f5d4774e745563d235ed5a2af40704b8f6153..c895ba40a813dc498bb531ac762448f09eb765d0 100644
--- a/EOM.TSHotelManagement.API/Extensions/MiddlewareExtensions.cs
+++ b/EOM.TSHotelManagement.API/Extensions/MiddlewareExtensions.cs
@@ -4,6 +4,12 @@ namespace EOM.TSHotelManagement.WebApi
{
public static class MiddlewareExtensions
{
+ public static IApplicationBuilder UseIdempotencyKey(
+ this IApplicationBuilder builder)
+ {
+ return builder.UseMiddleware();
+ }
+
public static IApplicationBuilder UseRequestLogging(
this IApplicationBuilder builder)
{
diff --git a/EOM.TSHotelManagement.API/Extensions/ServiceExtensions.cs b/EOM.TSHotelManagement.API/Extensions/ServiceExtensions.cs
index a753ecefa627196a74486ca673ec3bba508556b2..f5239ed9280e3fc87d6b215de4be00008c8784c0 100644
--- a/EOM.TSHotelManagement.API/Extensions/ServiceExtensions.cs
+++ b/EOM.TSHotelManagement.API/Extensions/ServiceExtensions.cs
@@ -1,5 +1,6 @@
-using EOM.TSHotelManagement.Common;
+using EOM.TSHotelManagement.Common;
using EOM.TSHotelManagement.Infrastructure;
+using EOM.TSHotelManagement.Service;
using EOM.TSHotelManagement.WebApi.Authorization;
using EOM.TSHotelManagement.WebApi.Filters;
using jvncorelib.CodeLib;
@@ -13,6 +14,7 @@ using Microsoft.AspNetCore.HttpOverrides;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Hosting;
using Microsoft.IdentityModel.Tokens;
using NSwag;
using NSwag.Generation.Processors.Security;
@@ -22,6 +24,8 @@ using System.IO;
using System.Linq;
using System.Text;
using System.Text.Json.Serialization;
+using System.Threading;
+using System.Threading.Tasks;
namespace EOM.TSHotelManagement.WebApi
{
@@ -136,6 +140,8 @@ namespace EOM.TSHotelManagement.WebApi
services.Configure(configuration.GetSection("CsrfToken"));
services.AddSingleton();
services.AddSingleton();
+ services.AddSingleton();
+ services.AddHostedService();
// RBAC: 注册基于权限码的动态策略提供者与处理器
services.AddSingleton();
@@ -268,4 +274,20 @@ namespace EOM.TSHotelManagement.WebApi
});
}
}
+ internal sealed class DeleteConcurrencyHelperWarmupService : IHostedService
+ {
+ public DeleteConcurrencyHelperWarmupService(DeleteConcurrencyHelper helper)
+ {
+ }
+
+ public Task StartAsync(CancellationToken cancellationToken)
+ {
+ return Task.CompletedTask;
+ }
+
+ public Task StopAsync(CancellationToken cancellationToken)
+ {
+ return Task.CompletedTask;
+ }
+ }
}
diff --git a/EOM.TSHotelManagement.API/Filters/IdempotencyKeyMiddleware.cs b/EOM.TSHotelManagement.API/Filters/IdempotencyKeyMiddleware.cs
new file mode 100644
index 0000000000000000000000000000000000000000..c343372b8888e1718d6d02b52696b675171e00b8
--- /dev/null
+++ b/EOM.TSHotelManagement.API/Filters/IdempotencyKeyMiddleware.cs
@@ -0,0 +1,643 @@
+using EOM.TSHotelManagement.Common;
+using EOM.TSHotelManagement.Contract;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.Logging;
+using StackExchange.Redis;
+using System;
+using System.Collections.Concurrent;
+using System.IO;
+using System.Linq;
+using System.Security.Claims;
+using System.Security.Cryptography;
+using System.Text;
+using System.Text.Json;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace EOM.TSHotelManagement.WebApi
+{
+ public class IdempotencyKeyMiddleware
+ {
+ private const string IdempotencyHeaderName = "Idempotency-Key";
+ private const string TenantHeaderName = "X-Tenant-Id";
+ private const string ReplayHeaderName = "X-Idempotent-Replay";
+ private const string InProgressStatus = "IN_PROGRESS";
+ private const string CompletedStatus = "COMPLETED";
+ private const string DefaultContentType = "application/json; charset=utf-8";
+
+ private static readonly ConcurrentDictionary MemoryStore = new();
+ private static long _memoryRequestCount;
+
+ private readonly RequestDelegate _next;
+ private readonly ILogger _logger;
+ private readonly RedisHelper _redisHelper;
+ private readonly bool _enabled;
+ private readonly bool _enforceKey;
+ private readonly bool _persistFailureResponse;
+ private readonly int _maxKeyLength;
+ private readonly TimeSpan _inProgressTtl;
+ private readonly TimeSpan _completedTtl;
+ private readonly bool _useRedis;
+
+ public IdempotencyKeyMiddleware(
+ RequestDelegate next,
+ IConfiguration configuration,
+ ILogger logger,
+ RedisHelper redisHelper)
+ {
+ _next = next;
+ _logger = logger;
+ _redisHelper = redisHelper;
+
+ var section = configuration.GetSection("Idempotency");
+ _enabled = section.GetValue("Enabled") ?? true;
+ _enforceKey = section.GetValue("EnforceKey") ?? false;
+ _persistFailureResponse = section.GetValue("PersistFailureResponse") ?? false;
+ _maxKeyLength = Math.Max(16, section.GetValue("MaxKeyLength") ?? 128);
+
+ var inProgressSeconds = section.GetValue("InProgressTtlSeconds") ?? 120;
+ var completedHours = section.GetValue("CompletedTtlHours") ?? 24;
+ _inProgressTtl = TimeSpan.FromSeconds(Math.Clamp(inProgressSeconds, 30, 600));
+ _completedTtl = TimeSpan.FromHours(Math.Clamp(completedHours, 1, 168));
+
+ _useRedis = ResolveRedisEnabled(configuration);
+ }
+
+ public async Task InvokeAsync(HttpContext context)
+ {
+ if (!_enabled || !IsWriteMethod(context.Request.Method))
+ {
+ await _next(context);
+ return;
+ }
+
+ var idempotencyKey = context.Request.Headers[IdempotencyHeaderName].ToString().Trim();
+ if (string.IsNullOrWhiteSpace(idempotencyKey))
+ {
+ if (_enforceKey)
+ {
+ await WriteBusinessErrorAsync(
+ context,
+ StatusCodes.Status428PreconditionRequired,
+ BusinessStatusCode.IdempotencyKeyMissing,
+ LocalizationHelper.GetLocalizedString(
+ "Missing Idempotency-Key header.",
+ "缺少 Idempotency-Key 请求头。"));
+ return;
+ }
+
+ _logger.LogWarning("Write request missing Idempotency-Key. Method={Method}, Path={Path}", context.Request.Method, context.Request.Path);
+ await _next(context);
+ return;
+ }
+
+ if (idempotencyKey.Length > _maxKeyLength)
+ {
+ await WriteBusinessErrorAsync(
+ context,
+ StatusCodes.Status400BadRequest,
+ BusinessStatusCode.IdempotencyKeyMissing,
+ LocalizationHelper.GetLocalizedString(
+ $"Idempotency-Key exceeds max length {_maxKeyLength}.",
+ $"Idempotency-Key 长度超过最大限制 {_maxKeyLength}。"));
+ return;
+ }
+
+ var requestHash = await ComputeRequestHashAsync(context.Request);
+ var scopeKey = BuildScopeKey(context, idempotencyKey);
+
+ var acquireResult = await AcquireAsync(scopeKey, requestHash);
+ if (acquireResult.Decision == IdempotencyDecision.PayloadConflict)
+ {
+ await WriteBusinessErrorAsync(
+ context,
+ StatusCodes.Status409Conflict,
+ BusinessStatusCode.IdempotencyKeyPayloadConflict,
+ LocalizationHelper.GetLocalizedString(
+ "Idempotency-Key was reused with a different payload.",
+ "Idempotency-Key 被复用且请求体不一致。"));
+ return;
+ }
+
+ if (acquireResult.Decision == IdempotencyDecision.InProgress)
+ {
+ await WriteBusinessErrorAsync(
+ context,
+ StatusCodes.Status409Conflict,
+ BusinessStatusCode.IdempotencyRequestInProgress,
+ LocalizationHelper.GetLocalizedString(
+ "A request with the same Idempotency-Key is still in progress.",
+ "相同 Idempotency-Key 的请求仍在处理中。"));
+ return;
+ }
+
+ if (acquireResult.Decision == IdempotencyDecision.Replay && acquireResult.Record != null)
+ {
+ await ReplayResponseAsync(context, acquireResult.Record);
+ return;
+ }
+
+ await ExecuteAndStoreAsync(context, scopeKey, requestHash);
+ }
+
+ private async Task ExecuteAndStoreAsync(HttpContext context, string scopeKey, string requestHash)
+ {
+ var originalResponseBody = context.Response.Body;
+
+ try
+ {
+ using var responseBuffer = new MemoryStream();
+ context.Response.Body = responseBuffer;
+
+ await _next(context);
+
+ responseBuffer.Seek(0, SeekOrigin.Begin);
+ var responseBody = await new StreamReader(responseBuffer, Encoding.UTF8, leaveOpen: true).ReadToEndAsync();
+ responseBuffer.Seek(0, SeekOrigin.Begin);
+ await responseBuffer.CopyToAsync(originalResponseBody);
+
+ var shouldPersist = _persistFailureResponse || IsSuccessStatusCode(context.Response.StatusCode);
+ if (shouldPersist)
+ {
+ var completedRecord = new IdempotencyRecord
+ {
+ Status = CompletedStatus,
+ RequestHash = requestHash,
+ HttpStatus = context.Response.StatusCode,
+ ResponseBody = responseBody,
+ ContentType = context.Response.ContentType,
+ CreatedAt = DateTimeOffset.UtcNow,
+ UpdatedAt = DateTimeOffset.UtcNow
+ };
+
+ await SaveCompletedAsync(scopeKey, completedRecord);
+ }
+ else
+ {
+ await ReleaseAsync(scopeKey);
+ }
+ }
+ catch
+ {
+ await ReleaseAsync(scopeKey);
+ throw;
+ }
+ finally
+ {
+ context.Response.Body = originalResponseBody;
+ }
+ }
+
+ private async Task ReplayResponseAsync(HttpContext context, IdempotencyRecord record)
+ {
+ context.Response.Headers[ReplayHeaderName] = "true";
+ context.Response.StatusCode = record.HttpStatus ?? StatusCodes.Status200OK;
+ context.Response.ContentType = string.IsNullOrWhiteSpace(record.ContentType) ? DefaultContentType : record.ContentType;
+
+ if (!string.IsNullOrEmpty(record.ResponseBody))
+ {
+ await context.Response.WriteAsync(record.ResponseBody);
+ }
+ }
+
+ private async Task AcquireAsync(string scopeKey, string requestHash)
+ {
+ if (_useRedis)
+ {
+ try
+ {
+ return await AcquireFromRedisAsync(scopeKey, requestHash);
+ }
+ catch (Exception ex)
+ {
+ _logger.LogError(ex, "Idempotency acquire failed on Redis, fallback to memory store. Scope={Scope}", scopeKey);
+ }
+ }
+
+ return AcquireFromMemory(scopeKey, requestHash);
+ }
+
+ private async Task SaveCompletedAsync(string scopeKey, IdempotencyRecord record)
+ {
+ if (_useRedis)
+ {
+ try
+ {
+ await SaveCompletedToRedisAsync(scopeKey, record);
+ return;
+ }
+ catch (Exception ex)
+ {
+ _logger.LogError(ex, "Idempotency save-completed failed on Redis, fallback to memory store. Scope={Scope}", scopeKey);
+ }
+ }
+
+ SaveCompletedToMemory(scopeKey, record);
+ }
+
+ private async Task ReleaseAsync(string scopeKey)
+ {
+ if (_useRedis)
+ {
+ try
+ {
+ await ReleaseFromRedisAsync(scopeKey);
+ return;
+ }
+ catch (Exception ex)
+ {
+ _logger.LogError(ex, "Idempotency release failed on Redis, fallback to memory store. Scope={Scope}", scopeKey);
+ }
+ }
+
+ ReleaseFromMemory(scopeKey);
+ }
+
+ private async Task AcquireFromRedisAsync(string scopeKey, string requestHash)
+ {
+ var now = DateTimeOffset.UtcNow;
+ var inProgressRecord = new IdempotencyRecord
+ {
+ Status = InProgressStatus,
+ RequestHash = requestHash,
+ CreatedAt = now,
+ UpdatedAt = now
+ };
+
+ var db = _redisHelper.GetDatabase();
+ var inserted = await db.StringSetAsync(
+ scopeKey,
+ JsonSerializer.Serialize(inProgressRecord),
+ _inProgressTtl,
+ when: When.NotExists);
+
+ if (inserted)
+ {
+ return AcquireResult.Proceed();
+ }
+
+ var existingValue = await db.StringGetAsync(scopeKey);
+ if (existingValue.IsNullOrEmpty)
+ {
+ inserted = await db.StringSetAsync(
+ scopeKey,
+ JsonSerializer.Serialize(inProgressRecord),
+ _inProgressTtl,
+ when: When.NotExists);
+
+ return inserted ? AcquireResult.Proceed() : AcquireResult.InProgress();
+ }
+
+ var existingRecord = DeserializeRecord(existingValue);
+ return ResolveDecision(existingRecord, requestHash);
+ }
+
+ private async Task SaveCompletedToRedisAsync(string scopeKey, IdempotencyRecord record)
+ {
+ var db = _redisHelper.GetDatabase();
+ await db.StringSetAsync(scopeKey, JsonSerializer.Serialize(record), _completedTtl);
+ }
+
+ private async Task ReleaseFromRedisAsync(string scopeKey)
+ {
+ var db = _redisHelper.GetDatabase();
+ await db.KeyDeleteAsync(scopeKey);
+ }
+
+ private AcquireResult AcquireFromMemory(string scopeKey, string requestHash)
+ {
+ PruneMemoryStoreIfNeeded();
+
+ while (true)
+ {
+ var now = DateTimeOffset.UtcNow;
+ if (!MemoryStore.TryGetValue(scopeKey, out var cacheItem))
+ {
+ var inProgressRecord = new IdempotencyRecord
+ {
+ Status = InProgressStatus,
+ RequestHash = requestHash,
+ CreatedAt = now,
+ UpdatedAt = now
+ };
+
+ var inserted = MemoryStore.TryAdd(scopeKey, new IdempotencyCacheItem
+ {
+ Record = inProgressRecord,
+ ExpiresAt = now.Add(_inProgressTtl)
+ });
+
+ if (inserted)
+ {
+ return AcquireResult.Proceed();
+ }
+
+ continue;
+ }
+
+ if (cacheItem.ExpiresAt <= now)
+ {
+ MemoryStore.TryRemove(scopeKey, out _);
+ continue;
+ }
+
+ return ResolveDecision(cacheItem.Record, requestHash);
+ }
+ }
+
+ private void SaveCompletedToMemory(string scopeKey, IdempotencyRecord record)
+ {
+ var expiresAt = DateTimeOffset.UtcNow.Add(_completedTtl);
+ MemoryStore.AddOrUpdate(
+ scopeKey,
+ _ => new IdempotencyCacheItem
+ {
+ Record = record,
+ ExpiresAt = expiresAt
+ },
+ (_, _) => new IdempotencyCacheItem
+ {
+ Record = record,
+ ExpiresAt = expiresAt
+ });
+ }
+
+ private void ReleaseFromMemory(string scopeKey)
+ {
+ MemoryStore.TryRemove(scopeKey, out _);
+ }
+
+ private static AcquireResult ResolveDecision(IdempotencyRecord record, string requestHash)
+ {
+ if (record == null)
+ {
+ return AcquireResult.InProgress();
+ }
+
+ if (!string.Equals(record.RequestHash, requestHash, StringComparison.Ordinal))
+ {
+ return AcquireResult.PayloadConflict();
+ }
+
+ if (string.Equals(record.Status, CompletedStatus, StringComparison.OrdinalIgnoreCase))
+ {
+ return AcquireResult.Replay(record);
+ }
+
+ return AcquireResult.InProgress();
+ }
+
+ private static async Task ComputeRequestHashAsync(HttpRequest request)
+ {
+ if (!IsJsonContentType(request.ContentType))
+ {
+ return ComputeSha256Hex(string.Empty);
+ }
+
+ if (request.ContentLength.HasValue && request.ContentLength.Value == 0)
+ {
+ return ComputeSha256Hex(string.Empty);
+ }
+
+ request.EnableBuffering();
+ request.Body.Seek(0, SeekOrigin.Begin);
+ using var reader = new StreamReader(request.Body, Encoding.UTF8, detectEncodingFromByteOrderMarks: false, leaveOpen: true);
+ var body = await reader.ReadToEndAsync();
+ request.Body.Seek(0, SeekOrigin.Begin);
+
+ var canonicalBody = CanonicalizeBody(body);
+ return ComputeSha256Hex(canonicalBody);
+ }
+
+ private static string CanonicalizeBody(string body)
+ {
+ if (string.IsNullOrWhiteSpace(body))
+ {
+ return string.Empty;
+ }
+
+ try
+ {
+ using var document = JsonDocument.Parse(body);
+ using var buffer = new MemoryStream();
+ using (var writer = new Utf8JsonWriter(buffer))
+ {
+ WriteCanonicalJson(writer, document.RootElement);
+ }
+
+ return Encoding.UTF8.GetString(buffer.ToArray());
+ }
+ catch
+ {
+ return body.Trim();
+ }
+ }
+
+ private static void WriteCanonicalJson(Utf8JsonWriter writer, JsonElement element)
+ {
+ switch (element.ValueKind)
+ {
+ case JsonValueKind.Object:
+ writer.WriteStartObject();
+ foreach (var property in element.EnumerateObject().OrderBy(p => p.Name, StringComparer.Ordinal))
+ {
+ writer.WritePropertyName(property.Name);
+ WriteCanonicalJson(writer, property.Value);
+ }
+ writer.WriteEndObject();
+ return;
+ case JsonValueKind.Array:
+ writer.WriteStartArray();
+ foreach (var item in element.EnumerateArray())
+ {
+ WriteCanonicalJson(writer, item);
+ }
+ writer.WriteEndArray();
+ return;
+ default:
+ element.WriteTo(writer);
+ return;
+ }
+ }
+
+ private static string BuildScopeKey(HttpContext context, string idempotencyKey)
+ {
+ var tenantId = ResolveTenantId(context);
+ var userId = ResolveUserId(context);
+ var method = context.Request.Method.ToUpperInvariant();
+ var normalizedPath = NormalizePath(context.Request.Path.Value);
+
+ var scope = $"{tenantId}:{userId}:{method}:{normalizedPath}:{idempotencyKey}";
+ return $"idem:{ComputeSha256Hex(scope)}";
+ }
+
+ private static string ResolveTenantId(HttpContext context)
+ {
+ var tenantId = context.Request.Headers[TenantHeaderName].ToString();
+ if (!string.IsNullOrWhiteSpace(tenantId))
+ {
+ return tenantId.Trim().ToLowerInvariant();
+ }
+
+ var tenantClaim = context.User?.FindFirst("tenantId")?.Value
+ ?? context.User?.FindFirst("tid")?.Value
+ ?? "default";
+
+ return tenantClaim.Trim().ToLowerInvariant();
+ }
+
+ private static string ResolveUserId(HttpContext context)
+ {
+ var userId = context.User?.FindFirst(ClaimTypes.SerialNumber)?.Value
+ ?? context.User?.FindFirst(ClaimTypes.NameIdentifier)?.Value
+ ?? context.User?.Identity?.Name
+ ?? "anonymous";
+
+ return userId.Trim().ToLowerInvariant();
+ }
+
+ private static string NormalizePath(string path)
+ {
+ if (string.IsNullOrWhiteSpace(path))
+ {
+ return "/";
+ }
+
+ var normalized = path.Trim().ToLowerInvariant();
+ if (normalized.Length > 1)
+ {
+ normalized = normalized.TrimEnd('/');
+ }
+
+ return string.IsNullOrWhiteSpace(normalized) ? "/" : normalized;
+ }
+
+ private static bool ResolveRedisEnabled(IConfiguration configuration)
+ {
+ var redisSection = configuration.GetSection("Redis");
+ var enable = redisSection.GetValue("Enable");
+ if (enable.HasValue)
+ {
+ return enable.Value;
+ }
+
+ return redisSection.GetValue("Enabled");
+ }
+
+ private static bool IsWriteMethod(string method)
+ {
+ return HttpMethods.IsPost(method)
+ || HttpMethods.IsPut(method)
+ || HttpMethods.IsPatch(method);
+ }
+
+ private static bool IsSuccessStatusCode(int statusCode)
+ {
+ return statusCode >= 200 && statusCode < 300;
+ }
+
+ private static bool IsJsonContentType(string contentType)
+ {
+ return !string.IsNullOrWhiteSpace(contentType)
+ && contentType.Contains("json", StringComparison.OrdinalIgnoreCase);
+ }
+
+ private static string ComputeSha256Hex(string input)
+ {
+ var bytes = SHA256.HashData(Encoding.UTF8.GetBytes(input));
+ return Convert.ToHexString(bytes).ToLowerInvariant();
+ }
+
+ private static IdempotencyRecord DeserializeRecord(RedisValue value)
+ {
+ if (value.IsNullOrEmpty)
+ {
+ return null;
+ }
+
+ try
+ {
+ return JsonSerializer.Deserialize(value.ToString());
+ }
+ catch
+ {
+ return null;
+ }
+ }
+
+ private static void PruneMemoryStoreIfNeeded()
+ {
+ if (Interlocked.Increment(ref _memoryRequestCount) % 200 != 0)
+ {
+ return;
+ }
+
+ var now = DateTimeOffset.UtcNow;
+ foreach (var kvp in MemoryStore)
+ {
+ if (kvp.Value.ExpiresAt <= now)
+ {
+ MemoryStore.TryRemove(kvp.Key, out _);
+ }
+ }
+ }
+
+ private static async Task WriteBusinessErrorAsync(HttpContext context, int httpStatus, int businessCode, string message)
+ {
+ context.Response.StatusCode = httpStatus;
+ context.Response.ContentType = DefaultContentType;
+
+ var response = new BaseResponse(businessCode, message);
+ var payload = JsonSerializer.Serialize(response, new JsonSerializerOptions
+ {
+ PropertyNamingPolicy = null,
+ DictionaryKeyPolicy = null
+ });
+
+ await context.Response.WriteAsync(payload);
+ }
+
+ private sealed class IdempotencyCacheItem
+ {
+ public IdempotencyRecord Record { get; set; }
+ public DateTimeOffset ExpiresAt { get; set; }
+ }
+
+ private sealed class IdempotencyRecord
+ {
+ public string Status { get; set; }
+ public string RequestHash { get; set; }
+ public int? HttpStatus { get; set; }
+ public string ResponseBody { get; set; }
+ public string ContentType { get; set; }
+ public DateTimeOffset CreatedAt { get; set; }
+ public DateTimeOffset UpdatedAt { get; set; }
+ }
+
+ private enum IdempotencyDecision
+ {
+ Proceed = 0,
+ Replay = 1,
+ InProgress = 2,
+ PayloadConflict = 3
+ }
+
+ private sealed class AcquireResult
+ {
+ private AcquireResult(IdempotencyDecision decision, IdempotencyRecord record = null)
+ {
+ Decision = decision;
+ Record = record;
+ }
+
+ public IdempotencyDecision Decision { get; }
+ public IdempotencyRecord Record { get; }
+
+ public static AcquireResult Proceed() => new AcquireResult(IdempotencyDecision.Proceed);
+ public static AcquireResult Replay(IdempotencyRecord record) => new AcquireResult(IdempotencyDecision.Replay, record);
+ public static AcquireResult InProgress() => new AcquireResult(IdempotencyDecision.InProgress);
+ public static AcquireResult PayloadConflict() => new AcquireResult(IdempotencyDecision.PayloadConflict);
+ }
+ }
+}
diff --git a/EOM.TSHotelManagement.API/appsettings.Application.json b/EOM.TSHotelManagement.API/appsettings.Application.json
index 8fd1da27f0554832b0a122d5f4409662a2f469da..b77796a8dd15e4a5d466c257ffb92b47f94e8cc8 100644
--- a/EOM.TSHotelManagement.API/appsettings.Application.json
+++ b/EOM.TSHotelManagement.API/appsettings.Application.json
@@ -20,5 +20,13 @@
"NotifyDaysBefore": 3,
"CheckIntervalMinutes": 5
},
+ "Idempotency": {
+ "Enabled": true,
+ "EnforceKey": false,
+ "MaxKeyLength": 128,
+ "InProgressTtlSeconds": 120,
+ "CompletedTtlHours": 24,
+ "PersistFailureResponse": false
+ },
"SoftwareVersion": "1.0.0"
-}
\ No newline at end of file
+}
diff --git a/EOM.TSHotelManagement.Contract/Business/News/Dto/ReadNewsOuputDto.cs b/EOM.TSHotelManagement.Contract/Business/News/Dto/ReadNewsOuputDto.cs
index 07bc449c37fa8ca13b20b2f67c585c32dd7e0f0d..eab1283c75be207580078517f5f0e6be44a20da4 100644
--- a/EOM.TSHotelManagement.Contract/Business/News/Dto/ReadNewsOuputDto.cs
+++ b/EOM.TSHotelManagement.Contract/Business/News/Dto/ReadNewsOuputDto.cs
@@ -1,8 +1,7 @@
-namespace EOM.TSHotelManagement.Contract
+namespace EOM.TSHotelManagement.Contract
{
- public class ReadNewsOuputDto : BaseDto
+ public class ReadNewsOuputDto : BaseOutputDto
{
- public int? Id { get; set; }
public string NewId { get; set; }
public string NewsTitle { get; set; }
@@ -18,4 +17,4 @@
public string NewsStatusDescription { get; set; }
public string NewsImage { get; set; }
}
-}
\ No newline at end of file
+}
diff --git a/EOM.TSHotelManagement.Contract/Common/Dto/BusinessStatusCode.cs b/EOM.TSHotelManagement.Contract/Common/Dto/BusinessStatusCode.cs
index 81618cac3623e1eee5c5f102268fe9a910d52807..70fda34ac4f3ce03e1c3caf4fb497ce8640fe743 100644
--- a/EOM.TSHotelManagement.Contract/Common/Dto/BusinessStatusCode.cs
+++ b/EOM.TSHotelManagement.Contract/Common/Dto/BusinessStatusCode.cs
@@ -1,4 +1,4 @@
-namespace EOM.TSHotelManagement.Contract
+namespace EOM.TSHotelManagement.Contract
{
public static class BusinessStatusCode
{
@@ -55,6 +55,11 @@
///
public const int Unauthorized = 1401;
+ ///
+ /// 权限不足
+ ///
+ public const int PermissionDenied = 1402;
+
///
/// 禁止访问(无权限)
///
@@ -80,6 +85,22 @@
///
public const int Conflict = 1409;
+ // 16xx Idempotency
+ ///
+ /// 缺少幂等键
+ ///
+ public const int IdempotencyKeyMissing = 1601;
+
+ ///
+ /// 幂等键复用但请求体不一致
+ ///
+ public const int IdempotencyKeyPayloadConflict = 1602;
+
+ ///
+ /// 相同幂等键请求正在处理中
+ ///
+ public const int IdempotencyRequestInProgress = 1603;
+
// 5xx Server Errors
///
/// 服务器内部错误
diff --git a/EOM.TSHotelManagement.Contract/Common/Dto/DeleteDto.cs b/EOM.TSHotelManagement.Contract/Common/Dto/DeleteDto.cs
index 021f809fa2221dee35612a3a0520e6443f2bd8a6..f3d1fa313234b771dac7a5cf1576bf7c89cb657a 100644
--- a/EOM.TSHotelManagement.Contract/Common/Dto/DeleteDto.cs
+++ b/EOM.TSHotelManagement.Contract/Common/Dto/DeleteDto.cs
@@ -4,6 +4,12 @@ namespace EOM.TSHotelManagement.Contract
{
public abstract class DeleteDto
{
- public List DelIds { get; set; }
+ public List DelIds { get; set; }
}
-}
\ No newline at end of file
+
+ public class DeleteItemDto
+ {
+ public int Id { get; set; }
+ public int RowVersion { get; set; }
+ }
+}
diff --git a/EOM.TSHotelManagement.Contract/SystemManagement/Dto/Permission/SensitiveReadInputDtos.cs b/EOM.TSHotelManagement.Contract/SystemManagement/Dto/Permission/SensitiveReadInputDtos.cs
new file mode 100644
index 0000000000000000000000000000000000000000..bb5d7efe081c38f1ad78a6bc299f1f01da8b8823
--- /dev/null
+++ b/EOM.TSHotelManagement.Contract/SystemManagement/Dto/Permission/SensitiveReadInputDtos.cs
@@ -0,0 +1,24 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace EOM.TSHotelManagement.Contract
+{
+ ///
+ /// Request body for reading data by user number.
+ ///
+ public class ReadByUserNumberInputDto : BaseInputDto
+ {
+ [Required(ErrorMessage = "UserNumber is required.")]
+ [MaxLength(128, ErrorMessage = "UserNumber cannot exceed 128 characters.")]
+ public string UserNumber { get; set; } = null!;
+ }
+
+ ///
+ /// Request body for reading data by role number.
+ ///
+ public class ReadByRoleNumberInputDto : BaseInputDto
+ {
+ [Required(ErrorMessage = "RoleNumber is required.")]
+ [MaxLength(128, ErrorMessage = "RoleNumber cannot exceed 128 characters.")]
+ public string RoleNumber { get; set; } = null!;
+ }
+}
diff --git a/EOM.TSHotelManagement.Data/DatabaseInitializer/DatabaseInitializer.cs b/EOM.TSHotelManagement.Data/DatabaseInitializer/DatabaseInitializer.cs
index 6367387a8b95bb02169d5fe42e697040cc708542..e86d9cf0e9153c4b339c74707da7d2c2f630dc36 100644
--- a/EOM.TSHotelManagement.Data/DatabaseInitializer/DatabaseInitializer.cs
+++ b/EOM.TSHotelManagement.Data/DatabaseInitializer/DatabaseInitializer.cs
@@ -16,8 +16,15 @@ namespace EOM.TSHotelManagement.Data
private readonly IConfiguration _configuration;
private readonly string _initialAdminEncryptedPassword;
private readonly string _initialEmployeeEncryptedPassword;
+ private readonly IDataProtector _adminPasswordProtector;
+ private readonly IDataProtector _employeePasswordProtector;
private const string AdminProtectorPurpose = "AdminInfoProtector";
private const string EmployeeProtectorPurpose = "EmployeeInfoProtector";
+ private const string DataProtectionPayloadPrefix = "CfDJ8";
+ private const string DefaultAdminAccount = "admin";
+ private const string DefaultEmployeeId = "WK010";
+ private const string DefaultAdminPassword = "admin";
+ private const string DefaultEmployeePassword = "WK010";
public DatabaseInitializer(
ISqlSugarClient client,
@@ -28,12 +35,10 @@ namespace EOM.TSHotelManagement.Data
_client = client;
_connector = connector;
_configuration = configuration;
- _initialAdminEncryptedPassword = dataProtectionProvider
- .CreateProtector(AdminProtectorPurpose)
- .Protect("admin");
- _initialEmployeeEncryptedPassword = dataProtectionProvider
- .CreateProtector(EmployeeProtectorPurpose)
- .Protect("WK010");
+ _adminPasswordProtector = dataProtectionProvider.CreateProtector(AdminProtectorPurpose);
+ _employeePasswordProtector = dataProtectionProvider.CreateProtector(EmployeeProtectorPurpose);
+ _initialAdminEncryptedPassword = _adminPasswordProtector.Protect(DefaultAdminPassword);
+ _initialEmployeeEncryptedPassword = _employeePasswordProtector.Protect(DefaultEmployeePassword);
}
#region initlize database
@@ -312,7 +317,9 @@ namespace EOM.TSHotelManagement.Data
try
{
- var entityBuilder = new EntityBuilder(_initialAdminEncryptedPassword);
+ EnsureDefaultAccountPasswordsEncrypted(db);
+
+ var entityBuilder = new EntityBuilder(_initialAdminEncryptedPassword, _initialEmployeeEncryptedPassword);
var entitiesToAdd = new List