能力点调整通识性课程结构。

TEAMModelAPI/ApiTokenAttribute.cs

@@ -7,37 +7,79 @@ using Microsoft.Extensions.Options;
 using Microsoft.Extensions.DependencyInjection;
 using System.IdentityModel.Tokens.Jwt;
 using System.Linq;
+using TEAMModelOS.SDK.DI;
 
 namespace TEAMModelOS.Filter
 {
+    public class LimitPolicy {
+        /// <summary>
+        /// 颁发给谁的主体
+        /// </summary>
+        public string id { get; set; }
+        /// <summary>
+        /// 颁发主体
+        /// </summary>
+        public string school { get; set; }
+        /// <summary>
+        /// AIP的唯一ID
+        /// </summary>
+        public string jti { get; set; }
+        /// <summary>
+        /// minute  分钟,表示按分钟限流，多少分钟内只能访问多少次,
+        /// hour    小时,表示按小时限流，多少小时内只能访问多少次,
+        /// day     天数,表示按天数限流，多少天数内只能访问多少次,
+        /// </summary>
+        public string policy { get; set; }
+        /// <summary>
+        /// policy 策略，分钟，小时，天数对应的时长
+        /// </summary>
+        public int duration { get; set; }
+        /// <summary>
+        /// policy 策略，分钟，小时，天数对应的时长（duration） 可以访问的次数
+        /// </summary>
+        public int times { get; set; }
+        /// <summary>
+        /// 是否免费调用
+        /// </summary>
+        public bool free { get; set; }
+        /// <summary>
+        /// 每次调用花费多少钱
+        /// </summary>
+        public decimal cost { get; set; }
+    }
+
     public class ApiTokenAttribute : Attribute, IFilterFactory
     {
         public bool IsReusable => true;
-        //public string Roles { get; set; }
-        //public string Permissions { get; set; }
+        public bool Limit { get; set; }
+        public string Permission { get; set; }
 
         public IFilterMetadata CreateInstance(IServiceProvider services)
         {
             var option = services.GetService<IOptions<Option>>();
-            return new InternalAuthTokenFilter(option);
+            var azureRedis = services.GetService<AzureRedisFactory>();
+            return new InternalAuthTokenFilter(option ,azureRedis, Permission,   Limit);
         }
 
         private class InternalAuthTokenFilter : IResourceFilter
         {
             private readonly Option _option;
             //private readonly string _roles;
-            //private readonly string _permissions;
+            private readonly string _permission;
+            private readonly bool _limit;
+            private readonly AzureRedisFactory _azureRedis;
 
-            public InternalAuthTokenFilter(IOptions<Option> option)
+            public InternalAuthTokenFilter(IOptions<Option> option, AzureRedisFactory azureRedis, string permission,bool limit)
             {
                 _option = option.Value;
-                //_roles = roles;
-                //_permissions = permissions;
+                _permission = permission;
+                _limit = limit;
+                _azureRedis = azureRedis;
             }
             public void OnResourceExecuting(ResourceExecutingContext context)
             {
                 bool pass = false;
-                string id = string.Empty, name = string.Empty, school = string.Empty,jti=string.Empty;
+                string id = string.Empty, school = string.Empty,jti=string.Empty;
 
                 var authtoken = context.HttpContext.GetXAuth("ApiToken");
                 if (!string.IsNullOrWhiteSpace(authtoken) && JwtAuthExtension.ValidateApiToken(authtoken, _option.JwtSecretKey))
@@ -46,25 +88,34 @@ namespace TEAMModelOS.Filter
                     id = jwt.Payload.Sub;
                     school = jwt.Payload.Azp;
                     jti = jwt.Payload.Jti;
-                    name = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("name"))?.Value;
-                    //处理限流问题
-                    if (!string.IsNullOrEmpty(id) && !string.IsNullOrEmpty(school) && !string.IsNullOrEmpty(name)&& !string.IsNullOrEmpty(jti))
+                    var permissions = jwt.Claims.Where(c => c.Type == "permissions");
+                    ///当前请求的api的设置的permission值是否包含在 从jwt的获取["1","2","3","4","5"]值中
+                    if (!string.IsNullOrWhiteSpace(_permission)&& permissions.Count()>0)
                     {
-                        pass = true;
+                       if (permissions.Select(x=>x.Value).Contains(_permission))
+                       {
+                            pass = true;
+                       }
                     }
-                    else { 
-                        
+
+                    if (!string.IsNullOrEmpty(id) && !string.IsNullOrEmpty(school) && !string.IsNullOrEmpty(jti))
+                    {
+                        //AIP 开启限流策略 处理限流问题
+                        if (_limit)
+                        {
+                        }
                     }
                 }
 
                 if (pass)
                 {
                     context.HttpContext.Items.Add("ID", id);
-                    context.HttpContext.Items.Add("Name", name);
                     context.HttpContext.Items.Add("School", school);
                 }
                 else
+                { 
                     context.Result = new UnauthorizedResult();
+                }
             }
 
             public void OnResourceExecuted(ResourceExecutedContext context)

TEAMModelOS.SDK/Models/Cosmos/Research/Ability.cs

@@ -71,7 +71,7 @@ namespace TEAMModelOS.SDK.Models
         /// <summary>
         ///选修false  必修true
         /// </summary>
-        public bool compulsory { get; set; } =false;
+        public bool? compulsory { get; set; } 
         public string standard { get; set; }
         public List<string> uncountIds { get; set; } = new List<string>();
     }

TEAMModelOS.SDK/Models/Table/KnowledgeBlock.cs

@@ -1,36 +0,0 @@
-using Microsoft.Azure.Cosmos.Table;
-using System.ComponentModel.DataAnnotations;
-using TEAMModelOS.SDK.Context.Attributes.Azure;
-
-namespace TEAMModelOS.SDK.Models
-{
-    [TableName(Name = "SyllabusKnowledgeBlock")]
-    //
-    public class KnowledgeBlock : TableEntity
-    {
-        /// <summary>
-        /// 名称
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string Name { get; set; }
-        
-        /// <summary>
-        /// 上级ID
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string Pid { get; set; } = "root";
-        /// <summary>
-        /// 学科
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string SubjectCode { get; set; }
-        /// <summary>
-        /// 建议学段
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string AdvicePeriodCode { get; set; }
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public int Order { get; set; }
-
-    }
-}

TEAMModelOS.SDK/Models/Table/KnowledgeBlockPoint.cs

@@ -1,42 +0,0 @@
-using Microsoft.Azure.Cosmos.Table;
-using System.ComponentModel.DataAnnotations;
-using TEAMModelOS.SDK.Context.Attributes.Azure;
-
-namespace TEAMModelOS.SDK.Models
-{
-    [TableName(Name = "SyllabusKnowledgeBlockPoint")]
-    //
-    public class KnowledgeBlockPoint : TableEntity
-    {
-        //public string Id { get; set; }
-        public string PointId { get; set; }
-        /// <summary>
-        /// 原始名称
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string Name { get; set; }
-        /// <summary>
-        /// 别名
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string Alias { get; set; }
-        /// <summary>
-        /// 知识块ID
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string BlockId { get; set; }
-        /// <summary>
-        /// 建议学段
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string AdvicePeriodCode { get; set; }
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public int Order { get; set; }
-        /// <summary>
-        /// 学科
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string SubjectCode { get; set; }
-
-    }
-}

TEAMModelOS.SDK/Models/Table/KnowledgePoint.cs

@@ -1,44 +0,0 @@
-using Microsoft.Azure.Cosmos.Table;
-using System.ComponentModel.DataAnnotations;
-using TEAMModelOS.SDK.Context.Attributes.Azure;
-
-namespace TEAMModelOS.SDK.Models
-{
-    /// <summary>
-    /// 知识点
-    /// </summary>
-    [TableName(Name = "SyllabusKnowledgePoint")]
-    //
-    public class KnowledgePoint : TableEntity
-    {
-        //public string Id { get; set; }
-        public string PointId { get; set; }
-        /// <summary>
-        /// 原始名称
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string Name { get; set; }
-        /// <summary>
-        /// 别名
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string Alias { get; set; }
-        /// <summary>
-        /// 知识块ID
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string BlockId { get; set; }
-        /// <summary>
-        /// 建议学段
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string AdvicePeriodCode { get; set; }
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public int Order { get; set; }
-        /// <summary>
-        /// 学科
-        /// </summary>
-        [Required(ErrorMessage = "{0} 必须填写")]
-        public string SubjectCode { get; set; }
-    }
-}

TEAMModelOS.SDK/Models/Table/ResourceReference.cs

@@ -1,19 +0,0 @@
-using Microsoft.Azure.Cosmos.Table;
-using System;
-using System.Collections.Generic;
-using System.Text;
-using TEAMModelOS.SDK.Context.Attributes.Azure;
-
-namespace TEAMModelOS.SDK.Models
-{
-    [TableName(Name = "CoreResourceReference")]
-    public class ResourceReference : TableEntity
-    {
-        public string ResourceId { get; set; }
-        public string ResourceType { get; set; }
-        public string ReferenceId { get; set; }
-        public string ReferenceType { get; set; }
-        public long CreateTime { get; set; }
-
-    }
-}

TEAMModelOS.SDK/Models/Table/tmdInfo.cs

@@ -1,14 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Text;
-
-namespace TEAMModelOS.SDK.Models.Table
-{
-
-    public class tmdInfo
-    {
-        public string tmdId { get; set; }
-        public List<double> tScore { get; set; } = new List<double>();
-        public string mark { get; set; }
-    }
-}

TEAMModelOS/Controllers/School/StuListController.cs

@@ -656,6 +656,7 @@ namespace TEAMModelOS.Controllers
                 }
                 else
                 {
+                    query = $"{query} where c.creatorId ='{code}' ";
                     await foreach (var item in client.GetContainer(Constant.TEAMModelOS, "Teacher").GetItemQueryStreamIterator(queryText: query, requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey($"StuList") }))
                     {
                         using var json = await JsonDocument.ParseAsync(item.ContentStream);

TEAMModelOS/Controllers/XTest/BatchProcessController.cs

@@ -0,0 +1,92 @@
+using Azure.Cosmos;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Newtonsoft.Json;
+using StackExchange.Redis;
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Net.Http.Json;
+using System.Text;
+using System.Text.Json;
+using System.Threading.Tasks;
+using TEAMModelOS.SDK.DI;
+using TEAMModelOS.SDK.Extension;
+using TEAMModelOS.SDK;
+using TEAMModelOS.SDK.Models;
+using TEAMModelOS.SDK.Models.Cosmos.Common;
+using TEAMModelOS.SDK.Models.Service;
+using TEAMModelOS.Services.Common;
+using HTEXLib.COMM.Helpers;
+
+namespace TEAMModelOS.Controllers
+{
+    [Route("batch-process")]
+    [ApiController]
+    public class BatchProcessController : ControllerBase
+    {
+        private readonly AzureStorageFactory _azureStorage;
+        private readonly AzureRedisFactory _azureRedis;
+        private readonly AzureCosmosFactory _azureCosmos;
+        private readonly DingDing _dingDing;
+        public BatchProcessController(AzureCosmosFactory azureCosmos, AzureRedisFactory azureRedis, AzureStorageFactory azureStorage, DingDing dingDing)
+        {
+            _azureCosmos = azureCosmos;
+            _azureRedis = azureRedis;
+            _azureStorage = azureStorage;
+            _dingDing = dingDing;
+        }
+        /// <summary>
+        /// 修复学生的id
+        /// </summary>
+        /// <param name="data"></param>
+        /// <returns></returns>
+        [ProducesDefaultResponseType]
+        //[AuthToken(Roles = "teacher")]
+        [HttpPost("fix-ability-task")]
+        public async Task<IActionResult> FixStudentId(JsonElement data)
+        {
+            var client = _azureCosmos.GetCosmosClient();
+            var queryslt = $"SELECT  value(c) FROM c where c.pk='AbilityTask'";
+            List<AbilityTask> abilityTasks = new List<AbilityTask>();
+            List<AbilityTask> delabilityTasks = new List<AbilityTask>();
+            await foreach (var item in client.GetContainer(Constant.TEAMModelOS, "Normal").GetItemQueryIterator<AbilityTask>(queryText: queryslt))
+            {
+                bool contanis1_2 = false;
+                foreach (var it in item.children) {
+                    if (it.title.StartsWith("1.")|| it.title.StartsWith("2.")) {
+                        contanis1_2 = true;
+                    }
+                }
+                if (contanis1_2)
+                {
+                    delabilityTasks.Add(item);
+                }
+                else {
+                    abilityTasks.Add(item);
+                }
+            }
+            var Normal= _azureCosmos.GetCosmosClient().GetContainer("TEAMModelOS", "Normal");
+            foreach (var del in delabilityTasks) {
+                await Normal.DeleteItemStreamAsync(del.id, new PartitionKey(del.code));
+            }
+            abilityTasks.ForEach(x => {
+                x.children.ForEach(y => {
+                    var stastr= y.title.Substring(0,1);
+                    var endstr = y.title.Substring(1, y.title.Length - 1);
+                    if (int.TryParse(stastr, out int num)) {
+                        num = num - 2;
+                        y.title = $"{num}{endstr}";
+                    }
+                });
+            });
+            foreach(var item in abilityTasks) {
+                await Normal.ReplaceItemAsync(item, item.id, new PartitionKey(item.code));
+            }
+            return Ok();
+        }
+    }
+}

TEAMModelOS/Filter/SecurityHeadersAttribute.cs

@@ -1,56 +1,61 @@
-// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
+//Copyright(c) Brock Allen & Dominick Baier. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
 
 
-//using Microsoft.AspNetCore.Mvc;
-//using Microsoft.AspNetCore.Mvc.Filters;
-
-//namespace CoreSDK.Attribute
-//{
-//    public class SecurityHeadersAttribute : ActionFilterAttribute
-//    {
-//        public override void OnResultExecuting(ResultExecutingContext context)
-//        {
-//            var result = context.Result;
-//            if (result is ViewResult)
-//            {
-//                // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
-//                if (!context.HttpContext.Response.Headers.ContainsKey("X-Content-Type-Options"))
-//                {
-//                    context.HttpContext.Response.Headers.Add("X-Content-Type-Options", "nosniff");
-//                }
-
-//                // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
-//                if (!context.HttpContext.Response.Headers.ContainsKey("X-Frame-Options"))
-//                {
-//                    context.HttpContext.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN");
-//                }
-
-//                // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
-//                var csp = "default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';";
-//                // also consider adding upgrade-insecure-requests once you have HTTPS in place for production
-//                //csp += "upgrade-insecure-requests;";
-//                // also an example if you need client images to be displayed from twitter
-//                // csp += "img-src 'self' https://pbs.twimg.com;";
-
-//                // once for standards compliant browsers
-//                if (!context.HttpContext.Response.Headers.ContainsKey("Content-Security-Policy"))
-//                {
-//                    context.HttpContext.Response.Headers.Add("Content-Security-Policy", csp);
-//                }
-//                // and once again for IE
-//                if (!context.HttpContext.Response.Headers.ContainsKey("X-Content-Security-Policy"))
-//                {
-//                    context.HttpContext.Response.Headers.Add("X-Content-Security-Policy", csp);
-//                }
-
-//                // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
-//                var referrer_policy = "no-referrer";
-//                if (!context.HttpContext.Response.Headers.ContainsKey("Referrer-Policy"))
-//                {
-//                    context.HttpContext.Response.Headers.Add("Referrer-Policy", referrer_policy);
-//                }
-//            }
-//        }
-//    }
-//}
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+using System.Collections.Generic;
+
+namespace TEAMModelOS.Filter
+{
+    public class SecurityHeadersAttribute : ActionFilterAttribute
+    {
+        public override void OnResultExecuting(ResultExecutingContext context)
+        {
+            var result = context.Result;
+            if (result is ViewResult)
+            {
+                // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
+                if (!context.HttpContext.Response.Headers.ContainsKey("X-Content-Type-Options"))
+                {
+                    context.HttpContext.Response.Headers.Add("X-Content-Type-Options", "nosniff");
+                }
+
+                // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+                if (!context.HttpContext.Response.Headers.ContainsKey("X-Frame-Options"))
+                {
+                    context.HttpContext.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN");
+                }
+
+                // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
+                var csp = "default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';";
+                // also consider adding upgrade-insecure-requests once you have HTTPS in place for production
+                //csp += "upgrade-insecure-requests;";
+                // also an example if you need client images to be displayed from twitter
+                // csp += "img-src 'self' https://pbs.twimg.com;";
+
+                // once for standards compliant browsers
+                if (!context.HttpContext.Response.Headers.ContainsKey("Content-Security-Policy"))
+                {
+                    context.HttpContext.Response.Headers.Add("Content-Security-Policy", csp);
+                }
+                // and once again for IE
+                if (!context.HttpContext.Response.Headers.ContainsKey("X-Content-Security-Policy"))
+                {
+                    context.HttpContext.Response.Headers.Add("X-Content-Security-Policy", csp);
+                }
+
+                // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
+                var referrer_policy = "no-referrer";
+                if (!context.HttpContext.Response.Headers.ContainsKey("Referrer-Policy"))
+                {
+                    context.HttpContext.Response.Headers.Add("Referrer-Policy", referrer_policy);
+                }
+               // context.HttpContext.Response.Cookies.Append("XSRF-TOKEN", null, new CookieOptions() { HttpOnly = false });
+
+            }
+            
+        }
+        //其他 参考网站，https://www.cnblogs.com/tdfblog/p/aspnet-core-security-anti-request-forgery.html
+    }
+}

TEAMModelOS/Startup.cs

@@ -23,6 +23,7 @@ using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
 using Microsoft.Extensions.Primitives;
 using Microsoft.IdentityModel.Tokens;
+using TEAMModelOS.Filter;
 using TEAMModelOS.Models;
 using TEAMModelOS.SDK;
 using TEAMModelOS.SDK.Context.Attributes.Azure;
@@ -143,6 +144,8 @@ namespace TEAMModelOS
                     await client.Client.SendEventAsync(new { sid = client.Client.Id.ToString() }.ToJsonString());
                 };
             });
+            //等保安全性验证。
+            services.AddScoped<SecurityHeadersAttribute>();
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.

TEAMModelOS/TEAMModelOS.csproj

@@ -37,9 +37,9 @@
     <SpaRoot>ClientApp\</SpaRoot>
     <DefaultItemExcludes>$(DefaultItemExcludes);$(SpaRoot)node_modules\**</DefaultItemExcludes>
     <UserSecretsId>078b5d89-7d90-4f6a-88fc-7d96025990a8</UserSecretsId>
-    <Version>5.2109.26</Version>
-    <AssemblyVersion>5.2109.26.1</AssemblyVersion>
-    <FileVersion>5.2109.26.1</FileVersion>
+    <Version>5.2110.8</Version>
+    <AssemblyVersion>5.2110.8.1</AssemblyVersion>
+    <FileVersion>5.2110.8.1</FileVersion>
     <Description>TEAMModelOS(IES5)</Description>
     <PackageReleaseNotes>版本说明</PackageReleaseNotes>
   </PropertyGroup>