Merge branch 'hhb/develop-2205' into develop

TEAMModelAPI/Controllers/School/CourseController.cs

@@ -32,7 +32,7 @@ namespace TEAMModelAPI.Controllers
     [ProducesResponseType(StatusCodes.Status200OK)]
     [ProducesResponseType(StatusCodes.Status400BadRequest)]
     [ApiController]
-    [Route("school")]
+    [Route("{scope}")]
     public class CourseController : ControllerBase
     {
         public AzureCosmosFactory _azureCosmos;

TEAMModelAPI/Controllers/School/ExamController.cs

@@ -32,7 +32,7 @@ namespace TEAMModelAPI.Controllers
     [ProducesResponseType(StatusCodes.Status200OK)]
     [ProducesResponseType(StatusCodes.Status400BadRequest)]
     [ApiController]
-    [Route("school")]
+    [Route("{scope}")]
     public class ExamController : ControllerBase
     {
         public AzureCosmosFactory _azureCosmos;

TEAMModelAPI/Controllers/School/GroupListController.cs

@@ -30,7 +30,7 @@ namespace TEAMModelAPI.Controllers
     [ProducesResponseType(StatusCodes.Status200OK)]
     [ProducesResponseType(StatusCodes.Status400BadRequest)]
     [ApiController]
-    [Route("school")]
+    [Route("{scope}")]
     public class GroupListController : ControllerBase
     {
         public AzureCosmosFactory _azureCosmos;

TEAMModelAPI/Controllers/School/RoomController.cs

@@ -29,7 +29,7 @@ using HTEXLib.COMM.Helpers;
 using Microsoft.AspNetCore.Authorization;
 namespace TEAMModelAPI.Controllers
 {
-    [Route("school")]
+    [Route("{scope}")]
     [ApiController]
     public class RoomController : ControllerBase
     {

TEAMModelAPI/Controllers/School/SchoolController.cs

@@ -31,7 +31,7 @@ namespace TEAMModelAPI.Controllers
     [ProducesResponseType(StatusCodes.Status200OK)]
     [ProducesResponseType(StatusCodes.Status400BadRequest)]
     [ApiController]
-    [Route("school")]
+    [Route("{scope}")]
     public class SchoolController : ControllerBase
     {
         public AzureCosmosFactory _azureCosmos;
@@ -58,7 +58,7 @@ namespace TEAMModelAPI.Controllers
         /// <param name="request"></param>
         /// <returns></returns>
         [ProducesDefaultResponseType]
-        [HttpGet("get-school-info")]
+        [HttpPost("get-school-info")]
         [ApiToken(Auth = "1001",Name = "学校基础信息", RW = "R", Limit =false)]
         public async Task<IActionResult> GetSchoolInfo()
         {

TEAMModelAPI/Controllers/School/TeacherController.cs

@@ -32,7 +32,7 @@ using System.ComponentModel.DataAnnotations;
 
 namespace TEAMModelAPI.Controllers
 {
-    [Route("school")]
+    [Route("{scope}")]
     [ApiController]
     public class TeacherController : ControllerBase
     {

TEAMModelAPI/Startup.cs

@@ -99,7 +99,7 @@ namespace TEAMModelAPI
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
-        public void Configure(IApplicationBuilder app, IWebHostEnvironment env,AzureStorageFactory azureStorage)
+        public async void Configure(IApplicationBuilder app, IWebHostEnvironment env,AzureStorageFactory azureStorage)
         {
             if (env.IsDevelopment())
             {
@@ -119,22 +119,7 @@ namespace TEAMModelAPI
 #if DEBUG
             //在开发模式时，自检 [ApiToken(Auth = "1")] 有重复的接口 https://teammodelos.table.core.chinacloudapi.cn/IESOpenApi
             List<ApiTokenAttribute> auths = new List<ApiTokenAttribute>();
-            List<Attribute> attributes = ReflectorExtensions.GetMethodCustomAttribute<ApiTokenAttribute>(new string[] { "TEAMModelAPI" });
-            List<OpenApi> openApis = new List<OpenApi>();
-            attributes.ForEach(x => {
-                ApiTokenAttribute attribute = (ApiTokenAttribute)x;
-                openApis.Add(new OpenApi { 
-                    PartitionKey="IES5-API",
-                    RowKey= attribute.Auth,
-                    auth=int.Parse(attribute.Auth),
-                   // descr=attribute.Name,
-                   method="POST",
-                   name=attribute.Name,
-                    
-                });
-                auths.Add(attribute);
-            });
-          
+            (List < OpenApi > openApis ,List<Attribute> attributes  ) = ReflectorExtensions.GetMethodCustomAttribute<ApiTokenAttribute, HttpPostAttribute>(new string[] { "TEAMModelAPI" });
             auths.GroupBy(x => x.Auth).ToList().ForEach(x => {
                 if (x.Count() > 1) 
                 { 
@@ -143,6 +128,14 @@ namespace TEAMModelAPI
             });
 
             var table =  azureStorage.GetCloudTableClient().GetTableReference("IESOpenApi");
+            try {
+                foreach (var item in openApis)
+                {
+                    await table.SaveOrUpdate<OpenApi>(item);
+                }
+            } catch (Exception ex) {
+                Console.WriteLine(ex.Message);
+            }
 #endif
         }
     }

TEAMModelAPI/ApiTokenAttribute.cs

@@ -95,19 +95,34 @@ namespace TEAMModelOS.Filter
             }
             public void OnResourceExecuting(ResourceExecutingContext context)
             {
-                bool pass = false;
-                string id = string.Empty, school = string.Empty,jti=string.Empty;
-                var authtoken = context.HttpContext.GetXAuth("ApiToken");
-                if (!string.IsNullOrWhiteSpace(authtoken) && JwtAuthExtension.ValidateApiToken(authtoken, _option.JwtSecretKey))
+                var path =   context.HttpContext.Request.Path;
+                string[] paths = path.ToString().Split("/");
+                string scope = "";
+                if (paths.Any()) 
                 {
-                    var jwt = new JwtSecurityTokenHandler().ReadJwtToken(authtoken);
-                    string iss = jwt.Payload.Iss; //iss 检查jwt是否是测试站，正式站的授权key 
-                    if (iss.Equals(_option.HostName))
+                    if (paths[0].Equals("") && paths.Length > 1)
                     {
-                        //aud  受众
-                        id = jwt.Payload.Sub;//主题，又是应用APP
-                        school = jwt.Payload.Azp;//学校编码
-                        jti = jwt.Payload.Jti;//jwt唯一标识
+                        scope = paths[1];
+                    }
+                    else {
+                        scope = paths[0];
+                    }
+                }
+                if (scope.Equals("school") ||scope.Equals("business"))
+                {
+                    bool pass = false;
+                    string id = string.Empty, school = string.Empty, jti = string.Empty;
+                    var authtoken = context.HttpContext.GetXAuth("ApiToken");
+                    if (!string.IsNullOrWhiteSpace(authtoken) && JwtAuthExtension.ValidateApiToken(authtoken, _option.JwtSecretKey))
+                    {
+                        var jwt = new JwtSecurityTokenHandler().ReadJwtToken(authtoken);
+                        string iss = jwt.Payload.Iss; //iss 检查jwt是否是测试站，正式站的授权key 
+                        if (iss.Equals(_option.HostName))
+                        {
+                            //aud  受众
+                            id = jwt.Payload.Sub;//主题，又是应用APP
+                            school = jwt.Payload.Azp;//学校编码
+                            jti = jwt.Payload.Jti;//jwt唯一标识
 #if !DEBUG
                         var permissions = jwt.Claims.Where(c => c.Type.Equals("auth"));
                         ///当前请求的api的设置的permission值是否包含在 从jwt的获取["1","2","3","4","5"]值中
@@ -119,25 +134,29 @@ namespace TEAMModelOS.Filter
                             }
                         }
 #else
-                            pass=true;
+                            pass = true;
 #endif
 
-                        if (!string.IsNullOrEmpty(id) && !string.IsNullOrEmpty(school) && !string.IsNullOrEmpty(jti))
-                        {
-                            //AIP 开启限流策略 处理限流问题
-                            if (_limit)
+                            if (!string.IsNullOrEmpty(id) && !string.IsNullOrEmpty(school) && !string.IsNullOrEmpty(jti))
                             {
+                                //AIP 开启限流策略 处理限流问题
+                                if (_limit)
+                                {
+                                }
                             }
                         }
                     }
+                    if (pass)
+                    {
+                        context.HttpContext.Items.Add("ID", id);
+                        context.HttpContext.Items.Add("School", school);
+                    }
+                    else
+                    {
+                        context.Result = new UnauthorizedResult();
+                    }
                 }
-                if (pass)
-                {
-                    context.HttpContext.Items.Add("ID", id);
-                    context.HttpContext.Items.Add("School", school);
-                }
-                else
-                { 
+                else {
                     context.Result = new UnauthorizedResult();
                 }
             }

TEAMModelOS.SDK/Helper/Common/ReflectorExtensions/ReflectorExtensions.cs

@@ -1,12 +1,15 @@
 using AspectCore.Extensions.Reflection;
 using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.Mvc;
 using System;
 using System.Collections.Generic;
 using System.IO;
 using System.Linq;
 using System.Reflection;
 using System.Reflection.Metadata;
+using TEAMModelOS.Filter;
 using TEAMModelOS.SDK.Context.Attributes.Azure;
+using TEAMModelOS.SDK.Models;
 
 namespace TEAMModelOS.SDK.Helper.Common.ReflectorExtensions
 {
@@ -65,8 +68,9 @@ namespace TEAMModelOS.SDK.Helper.Common.ReflectorExtensions
         /// </summary>
         /// <typeparam name="T"></typeparam>
         /// <returns></returns>
-        public static List<Attribute> GetMethodCustomAttribute<T,V>(string[] ScanModel)
+        public static (List<OpenApi>,List<Attribute>) GetMethodCustomAttribute<T,V>(string[] ScanModel)
         {
+            List<OpenApi> openApis = new List<OpenApi>();
             Type attrT = typeof(T);
             Type attrV = typeof(V);
             string currentDirectory = Path.GetDirectoryName(attrT.Assembly.Location);
@@ -77,19 +81,34 @@ namespace TEAMModelOS.SDK.Helper.Common.ReflectorExtensions
                 {
                     Assembly assembly = Assembly.LoadFrom(currentDirectory + "\\" + model + ".dll");
                     var TypeInModelS = assembly.GetTypes().SelectMany(x => x.GetMethods()).GroupBy(z => z.Name).ToList();
-                  //  var TypeInModelSS = assembly.GetTypes().SelectMany(x => x.GetMethods()).Where(x=>);
-                    TypeInModelS.ForEach(x => {
-                        if (x.Key.Equals("GetTeacherInfo"))
-                        {
-                            var at = x.ToList().SelectMany(z => z.GetCustomAttributes()).Where(m => m.GetType().Equals(attrT));
-                            string ke = x.Key;
+                    //  var TypeInModelSS = assembly.GetTypes().SelectMany(x => x.GetMethods()).Where(x=>);
+
+                    var TypeInModelTV = assembly.GetTypes().SelectMany(x => x.GetMethods()).Where(m=>m.GetCustomAttributes().Where(t=>t.GetType().Equals(attrT)).Any() && m.GetCustomAttributes().Where(t => t.GetType().Equals(attrV)).Any());
+                    Type attrR = typeof(RouteAttribute);
+                    foreach (var item in TypeInModelTV) {
+                        var routeAttr = item.ReflectedType.GetCustomAttribute<RouteAttribute>();
+                        var postAttr = item.GetCustomAttribute(attrV,true);
+                        var apiAttr = item.GetCustomAttribute(attrT, true);
+                        if (routeAttr!=null && postAttr!=null && apiAttr!=null) {
+                            ApiTokenAttribute apiTokenAttribute = (ApiTokenAttribute)apiAttr;
+                            HttpPostAttribute httpPostAttribute = (HttpPostAttribute)postAttr;
+                            OpenApi openApi = new OpenApi
+                            {
+                                PartitionKey = "IES5-API",
+                                RowKey = apiTokenAttribute.Auth,
+                                auth = int.Parse(apiTokenAttribute.Auth),
+                                method = "POST",
+                                name = apiTokenAttribute.Name,
+                                type= apiTokenAttribute.RW,
+                                url =$"/{routeAttr.Template}/{httpPostAttribute.Template}"
+                            };
+                            openApis.Add(openApi);
+                            attributes.Add(apiTokenAttribute);
                         }
-                    });
-                    var TypeInModel = assembly.GetTypes().Select(x => x.GetMethods()).SelectMany(y => y).Select(z => z.GetCustomAttribute(attrT, true)).Where(n => n != null);
-                    attributes.AddRange(TypeInModel);
+                    }
                 }
             }
-            return attributes;
+            return (openApis, attributes) ;
         }
         /// <summary>
         /// 获取T类型属性标记的类集合