From 5a6a22d1ffc4891cda758cffd86183ff587edfd4 Mon Sep 17 00:00:00 2001
From: tengge1 <930372551@qq.com>
Date: Sun, 27 Oct 2019 20:44:09 +0800
Subject: [PATCH] =?UTF-8?q?=E6=9F=A5=E7=9C=8B=E5=85=B6=E4=BB=96=E4=BA=BA?=
 =?UTF-8?q?=E5=85=AC=E5=BC=80=E5=9C=BA=E6=99=AF=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Controllers/SceneController.cs            | 40 ++++++++++++++++++-
 ShadowEditor.Web/locales/zh-CN.json           |  4 +-
 2 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/ShadowEditor.Server/Controllers/SceneController.cs b/ShadowEditor.Server/Controllers/SceneController.cs
index 88fa3ccc..ec1a9b02 100644
--- a/ShadowEditor.Server/Controllers/SceneController.cs
+++ b/ShadowEditor.Server/Controllers/SceneController.cs
@@ -197,6 +197,44 @@ namespace ShadowEditor.Server.Controllers
 
             var mongo = new MongoHelper();
 
+            // 开启权限时，判断是否是自己的场景
+            if (ConfigHelper.EnableAuthority)
+            {
+                var user = UserHelper.GetCurrentUser();
+
+                var filter11 = Builders<BsonDocument>.Filter.Eq("ID", model.ID);
+                var doc = mongo.FindOne(Constant.SceneCollectionName, filter11);
+
+                if (doc == null)
+                {
+                    return Json(new
+                    {
+                        Code = 300,
+                        Msg = "The scene is not existed."
+                    });
+                }
+
+                // 保存其他人的场景
+                if (doc.Contains("UserID") && doc["UserID"].ToString() != user.ID)
+                {
+                    return Json(new
+                    {
+                        Code = 300,
+                        Msg = "Permission denied."
+                    });
+                }
+
+                // 非管理员组保存不带UserID的场景
+                if (!doc.Contains("UserID") && user.RoleName != "Administrator")
+                {
+                    return Json(new
+                    {
+                        Code = 300,
+                        Msg = "Permission denied."
+                    });
+                }
+            }
+
             var pinyin = PinYinHelper.GetTotalPinYin(model.Name);
 
             var filter = Builders<BsonDocument>.Filter.Eq("ID", objectId);
@@ -385,7 +423,7 @@ namespace ShadowEditor.Server.Controllers
                 return Json(new
                 {
                     Code = 300,
-                    Msg = "The asset is not existed!"
+                    Msg = "The scene is not existed."
                 });
             }
 
diff --git a/ShadowEditor.Web/locales/zh-CN.json b/ShadowEditor.Web/locales/zh-CN.json
index d36b4a2d..63ae39a6 100644
--- a/ShadowEditor.Web/locales/zh-CN.json
+++ b/ShadowEditor.Web/locales/zh-CN.json
@@ -889,5 +889,7 @@
     "Not allowed.": "不允许。",
     "System Setting": "系统设置",
     "Register Default Role": "注册默认角色",
-    "Is Public": "是否公开"
+    "Is Public": "是否公开",
+    "The scene is not existed.": "该场景不存在。",
+    "Permission denied.": "没有权限"
 }
\ No newline at end of file