1. 用户角色 授权bug

chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/bo/RoleUser.java

@@ -3,6 +3,8 @@ package com.chushang.system.entity.bo;
 import lombok.Data;
 
 import javax.validation.constraints.NotNull;
+import java.util.Collection;
+import java.util.List;
 
 /**
  * @author by zhaowenyuan create 2022/8/22 14:04
@@ -11,10 +13,10 @@ import javax.validation.constraints.NotNull;
 @Data
 public class RoleUser {
 
-    @NotNull(message = "role id is null")
+    @NotNull(message = "role ids is null")
-    private Long roleId;
+    private Collection<Long> roleIds;
 
-    @NotNull(message = "user ids is null")
+    @NotNull(message = "user id is null")
-    private Long[] userIds;
+    private Long userId;
 
 }

chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/bo/UserRole.java

@@ -3,15 +3,16 @@ package com.chushang.system.entity.bo;
 import lombok.Data;
 
 import javax.validation.constraints.NotNull;
+import java.util.List;
 
 /**
  * @author by zhaowenyuan create 2022/8/22 12:24
  * 取消授权用户
  */
 @Data
-public class CancelUserRole {
+public class UserRole {
     @NotNull(message = "role id is null")
     private Long roleId;
     @NotNull(message = "user id is null")
-    private Long[] userIds;
+    private List<Long> userIds;
 }

chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/controller/RoleController.java

@@ -5,8 +5,7 @@ import com.chushang.common.log.annotation.SysLog;
 import com.chushang.common.log.enums.BusinessType;
 import com.chushang.security.annotation.RequiresPermissions;
 import com.chushang.security.utils.SecurityUtils;
-import com.chushang.system.entity.bo.CancelUserRole;
+import com.chushang.system.entity.bo.UserRole;
-import com.chushang.system.entity.bo.RoleUser;
 import com.chushang.system.entity.dto.ListRoleDTO;
 import com.chushang.system.entity.dto.ListUserDTO;
 import com.chushang.security.entity.po.SysRole;
@@ -17,6 +16,8 @@ import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
 import javax.validation.Valid;
+import java.util.Collection;
+import java.util.List;
 
 /**
  * @author by zhaowenyuan create 2022/8/22 11:04
@@ -142,7 +143,7 @@ public class RoleController {
     @RequiresPermissions("system:role:remove")
     @SysLog(value = "角色",businessType = BusinessType.DELETE)
     @DeleteMapping("/{roleIds}")
-    public AjaxResult remove(@PathVariable Long[] roleIds)
+    public AjaxResult remove(@PathVariable Collection<Long> roleIds)
     {
         roleService.deleteRoleByIds(roleIds);
 
@@ -185,9 +186,12 @@ public class RoleController {
     @RequiresPermissions("system:role:edit")
     @SysLog(value = "取消授权用户", businessType = BusinessType.GRANT)
     @PutMapping("/authUser/cancel")
-    public AjaxResult cancelAuthUser(@RequestBody @Valid CancelUserRole cancelUserRole)
+    public AjaxResult cancelAuthUser(@RequestBody @Valid UserRole roleUser)
     {
-        roleService.deleteAuthUser(cancelUserRole);
+
+        // todo 需要 清除当前User 缓存
+
+        roleService.deleteAuthUser(roleUser);
 
         return AjaxResult.success();
     }
@@ -198,15 +202,17 @@ public class RoleController {
     @RequiresPermissions("system:role:edit")
     @SysLog(value = "用户授权", businessType = BusinessType.GRANT)
     @PutMapping("/authUser")
-    public AjaxResult selectAuthUserAll(@RequestBody @Valid RoleUser roleUser)
+    public AjaxResult selectAuthUserAll(@RequestBody @Valid UserRole roleUser)
     {
         Long roleId = roleUser.getRoleId();
-        Long[] userIds = roleUser.getUserIds();
+        List<Long> userIds = roleUser.getUserIds();
         // 判断当切登录用户有没有 此角色的权限
         roleService.checkRoleDataScope(new SysRole(roleId));
 
         roleService.insertAuthUsers(roleId, userIds);
 
+        // todo 需要 清除当前User 缓存
+
         return AjaxResult.success();
     }
 

chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/controller/UserController.java

@@ -1,22 +1,23 @@
 package com.chushang.system.controller;
 
+import cn.hutool.core.collection.CollectionUtil;
 import com.chushang.common.core.exception.ResultException;
 import com.chushang.common.core.util.StringUtils;
 import com.chushang.common.core.web.AjaxResult;
 import com.chushang.common.log.annotation.SysLog;
 import com.chushang.common.log.enums.BusinessType;
-import com.chushang.security.entity.po.DataScopeEntity;
 import com.chushang.security.annotation.RequiresPermissions;
 import com.chushang.security.service.TokenService;
 import com.chushang.security.utils.SecurityUtils;
 import com.chushang.system.entity.bo.PasswordForm;
+import com.chushang.system.entity.bo.RoleUser;
+import com.chushang.system.entity.bo.UserRole;
 import com.chushang.system.entity.dto.ListUserDTO;
 import com.chushang.system.entity.po.SysPost;
 import com.chushang.security.entity.po.SysRole;
 import com.chushang.security.entity.po.SysUser;
 import com.chushang.security.entity.vo.LoginUser;
 import com.chushang.system.service.*;
-import org.apache.commons.lang3.ArrayUtils;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 
@@ -43,6 +44,7 @@ public class UserController {
     @Resource
     TokenService tokenService;
 
+
     /**
      * 用户列表
      */
@@ -163,7 +165,8 @@ public class UserController {
     @SysLog(value = "用户", businessType = BusinessType.UPDATE)
     @PostMapping("/update")
     @RequiresPermissions("system:user:update")
-    public AjaxResult update(@RequestBody SysUser user) {
+    public AjaxResult update(@RequestBody SysUser user)
+    {
 
         sysUserService.checkUserAllowed(user);
 
@@ -180,17 +183,22 @@ public class UserController {
     @SysLog(value = "用户", businessType = BusinessType.DELETE)
     @DeleteMapping("/{userIds}")
     @RequiresPermissions("system:user:delete")
-    public AjaxResult delete(@PathVariable Long[] userIds) {
+    public AjaxResult delete(@PathVariable Collection<Long> userIds)
-        if (ArrayUtils.contains(userIds, 1)) {
+    {
+        if (CollectionUtil.isEmpty(userIds)){return AjaxResult.success();}
+        if (userIds.contains(1L)) {
             return AjaxResult.error("系统管理员不能删除");
         }
 
-        if (ArrayUtils.contains(userIds, SecurityUtils.getUserId())) {
+        if (userIds.contains(SecurityUtils.getUserId())) {
             return AjaxResult.error("当前用户不能删除");
         }
 
         sysUserService.deleteBatch(userIds);
-
+        // 强退用户
+        for (Long userId : userIds) {
+            tokenService.forcedRetreat(userId);
+        }
         return AjaxResult.success();
     }
 
@@ -235,9 +243,10 @@ public class UserController {
         sysUserService.checkUserAllowed(new SysUser(userId));
         // 查看自己有没有权限操作
         sysUserService.checkUserDataScope(new SysUser(SecurityUtils.getUserId()));
-
+        // 修改密码
         sysUserService.resetPwd(userId, form.getNewPassword());
-
+        // 强退用户
+        tokenService.forcedRetreat(userId);
         return AjaxResult.success();
     }
 
@@ -265,6 +274,13 @@ public class UserController {
         sysUserService.checkUserDataScope(new SysUser(user.getUserId()));
         user.setUpdateBy(SecurityUtils.getUsername());
         sysUserService.updateUserStatus(user);
+        // 判断 改变的状态
+        Boolean status = user.getStatus();
+        if (!status){
+            // 强退用户
+            tokenService.forcedRetreat(user.getUserId());
+        }
+
         return AjaxResult.success();
     }
 
@@ -292,10 +308,14 @@ public class UserController {
     @RequiresPermissions("system:user:auth")
     @SysLog(value = "用户", businessType = BusinessType.GRANT)
     @PutMapping("/authRole")
-    public AjaxResult insertAuthRole(Long userId, Long[] roleIds)
+    public AjaxResult insertAuthRole(@RequestBody RoleUser roleUser)
     {
+        Collection<Long> roleIds = roleUser.getRoleIds();
+        Long userId = roleUser.getUserId();
         sysUserService.checkUserDataScope(new SysUser(userId));
         sysUserService.insertUserAuth(userId, roleIds);
+        // 强退用户
+        tokenService.forcedRetreat(userId);
         return AjaxResult.success();
     }
 

chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysRoleDeptService.java

@@ -7,6 +7,7 @@ import com.chushang.system.entity.po.SysRoleDept;
 import org.springframework.transaction.annotation.Transactional;
 
 import java.util.ArrayList;
+import java.util.Collection;
 import java.util.List;
 
 /**
@@ -38,7 +39,7 @@ public interface ISysRoleDeptService extends IService<SysRoleDept> {
         }
     }
     @Transactional
-    default void deleteRoleDept(List<Long> roleIds){
+    default void deleteRoleDept(Collection<Long> roleIds){
         if (CollectionUtil.isNotEmpty(roleIds)){
             roleIds.forEach(this::removeByRoleId);
         }

chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysRoleService.java

@@ -7,11 +7,13 @@ import com.chushang.common.core.exception.ResultException;
 import com.chushang.common.core.util.StringUtils;
 import com.chushang.common.core.web.AjaxResult;
 import com.chushang.common.mybatis.enums.Operator;
-import com.chushang.system.entity.bo.CancelUserRole;
+import com.chushang.system.entity.bo.RoleUser;
+import com.chushang.system.entity.bo.UserRole;
 import com.chushang.system.entity.dto.ListRoleDTO;
 import com.chushang.security.entity.po.SysRole;
 import com.chushang.security.entity.po.SysUser;
 
+import java.util.Collection;
 import java.util.List;
 
 /**
@@ -68,11 +70,11 @@ public interface ISysRoleService extends IService<SysRole> {
         updateById(role);
     }
 
-    void deleteRoleByIds(Long[] roleIds);
+    void deleteRoleByIds(Collection<Long> roleIds);
 
-    void deleteAuthUser(CancelUserRole cancelUserRole);
+    void deleteAuthUser(UserRole roleUser);
 
-    void insertAuthUsers(Long roleId, Long[] userIds);
+    void insertAuthUsers(Long roleId, Collection<Long> userIds);
 
     String selectRolesByUserName(String username);
 }

chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysUserRoleService.java

@@ -20,14 +20,14 @@ import java.util.stream.Collectors;
 public interface ISysUserRoleService extends IService<SysUserRole> {
 
     @Transactional
-    default void saveOrUpdate(Long userId, Long[] roleIdList){
+    default void saveOrUpdate(Long userId, Collection<Long> roleIdList){
         //先删除用户与角色关系
         this.remove(new LambdaQueryWrapper<SysUserRole>()
                 .eq(SysUserRole::getUserId, userId));
-        if(roleIdList == null || roleIdList.length == 0){
+        if(roleIdList == null || roleIdList.isEmpty()){
             return ;
         }
-        this.saveBatch(Arrays.stream(roleIdList).map(s -> {
+        this.saveBatch(roleIdList.stream().map(s -> {
             SysUserRole sysUserRoleEntity = new SysUserRole();
             sysUserRoleEntity.setUserId(userId);
             sysUserRoleEntity.setRoleId(s);
@@ -35,14 +35,14 @@ public interface ISysUserRoleService extends IService<SysUserRole> {
         }).collect(Collectors.toList()));
     }
     @Transactional
-    default void saveOrUpdate(Long[] userIdList, Long roleId){
+    default void saveOrUpdate(Collection<Long> userIdList, Long roleId){
         //先删除用户与角色关系
         this.remove(new LambdaQueryWrapper<SysUserRole>()
                 .eq(SysUserRole::getRoleId, roleId));
-        if(userIdList == null || userIdList.length == 0){
+        if(userIdList == null || userIdList.isEmpty()){
             return ;
         }
-        this.saveBatch(Arrays.stream(userIdList).map(userId -> {
+        this.saveBatch(userIdList.stream().map(userId -> {
             SysUserRole sysUserRoleEntity = new SysUserRole();
             sysUserRoleEntity.setUserId(userId);
             sysUserRoleEntity.setRoleId(roleId);

chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysUserService.java

@@ -9,6 +9,8 @@ import com.chushang.security.utils.SecurityUtils;
 import com.chushang.system.entity.dto.ListUserDTO;
 import com.chushang.security.entity.po.SysUser;
 
+import java.util.Collection;
+
 /**
  * <p>
  *  服务类
@@ -31,7 +33,7 @@ public interface ISysUserService extends IService<SysUser> {
 
     void update(SysUser user);
 
-    void deleteBatch(Long[] userIds);
+    void deleteBatch(Collection<Long> userIds);
 
 
     SysUser selectByUserId(Long userId);
@@ -63,7 +65,7 @@ public interface ISysUserService extends IService<SysUser> {
                 .eq(SysUser::getUserId, user.getUserId()));
     }
 
-    void insertUserAuth(Long userId, Long[] roleIds);
+    void insertUserAuth(Long userId, Collection<Long> roleIds);
 
     AjaxResult selectAllocatedList(ListUserDTO listUser);
 

chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysPermissionServiceImpl.java

@@ -62,7 +62,7 @@ public class SysPermissionServiceImpl implements ISysPermissionService {
                     perms.addAll(rolePerms);
                 }
                 // 添加 roleIds
-                sysUser.setRoleIds(roles.stream().map(SysRole::getRoleId).toArray(Long[]::new));
+                sysUser.setRoleIds(roles.stream().map(SysRole::getRoleId).collect(Collectors.toSet()));
             }
             else
             {

chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysRoleServiceImpl.java

@@ -9,9 +9,10 @@ import com.chushang.common.core.web.AjaxResult;
 import com.chushang.common.mybatis.utils.PageResult;
 import com.chushang.datascope.annotation.DataScope;
 import com.chushang.security.utils.SecurityUtils;
+import com.chushang.system.entity.bo.RoleUser;
+import com.chushang.system.entity.bo.UserRole;
 import com.chushang.system.mapper.SysRoleMapper;
 import com.chushang.system.service.ISysRoleMenuService;
-import com.chushang.system.entity.bo.CancelUserRole;
 import com.chushang.system.entity.dto.ListRoleDTO;
 import com.chushang.security.entity.po.SysRole;
 import com.chushang.security.entity.po.SysUser;
@@ -24,10 +25,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
-import java.util.Arrays;
+import java.util.*;
-import java.util.List;
-import java.util.Objects;
-import java.util.Set;
 import java.util.stream.Collectors;
 
 /**
@@ -134,7 +132,7 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
 
     @Override
     @Transactional
-    public void deleteRoleByIds(Long[] roleIds) {
+    public void deleteRoleByIds(Collection<Long> roleIds) {
         for (Long roleId : roleIds) {
             SysRole sysRole = new SysRole(roleId);
             if (2 == roleId){
@@ -151,22 +149,23 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
             }
         }
         // 删除角色与菜单关联
-        roleMenuService.deleteRoleMenu(Arrays.asList(roleIds));
+        roleMenuService.deleteRoleMenu(roleIds);
         // 删除角色与部门关联
-        roleDeptService.deleteRoleDept(Arrays.asList(roleIds));
+        roleDeptService.deleteRoleDept(roleIds);
         // 删除角色
-        baseMapper.deleteBatchIds(Arrays.asList(roleIds));
+        baseMapper.deleteBatchIds(roleIds);
+
     }
 
     @Override
-    public void deleteAuthUser(CancelUserRole cancelUserRole) {
+    public void deleteAuthUser(UserRole userRole) {
         userRoleService.removeByUserIdAndRoleId(
-                Set.of(cancelUserRole.getUserIds()),
+                userRole.getUserIds(),
-                cancelUserRole.getRoleId());
+                userRole.getRoleId());
     }
 
     @Override
-    public void insertAuthUsers(Long roleId, Long[] userIds) {
+    public void insertAuthUsers(Long roleId,Collection<Long> userIds) {
         userRoleService.saveOrUpdate(userIds, roleId);
     }
 

chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysUserServiceImpl.java

@@ -24,6 +24,7 @@ import org.springframework.transaction.annotation.Transactional;
 
 import java.time.LocalDateTime;
 import java.util.Arrays;
+import java.util.Collection;
 import java.util.List;
 
 /**
@@ -105,6 +106,8 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
         String salt = IdUtils.getId(10);
         user.setPassword(SecurityUtils.encryptPassword(user.getPassword(), salt));
         user.setSalt(salt);
+        // 新增时默认为 自己部门的用户
+        user.setDeptId(SecurityUtils.getDeptId());
         this.save(user);
 
         //保存用户与角色关系
@@ -126,7 +129,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
 
     @Override
     @Transactional
-    public void deleteBatch(Long[] userIds) {
+    public void deleteBatch(Collection<Long> userIds) {
 
         for (Long userId : userIds)
         {
@@ -135,11 +138,11 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
             SpringUtils.getAopProxy(this).checkUserDataScope(sysUser);
         }
 
-        this.removeByIds(Arrays.asList(userIds));
+        this.removeByIds(userIds);
 
         //先删除用户与角色关系
         userRoleService.remove(new LambdaQueryWrapper<SysUserRole>()
-                .in(SysUserRole::getUserId, Arrays.asList(userIds)));
+                .in(SysUserRole::getUserId, userIds));
 
     }
 
@@ -151,7 +154,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
 
     @Override
     @Transactional
-    public void insertUserAuth(Long userId, Long[] roleIds) {
+    public void insertUserAuth(Long userId, Collection<Long> roleIds) {
         userRoleService.saveOrUpdate(userId, roleIds);
     }
 
@@ -215,8 +218,6 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
                 .password(newPassword)
                 .salt(salt)
                 .build());
-        // 强退用户
-        tokenService.forcedRetreat(userId);
     }
 
 

chushang-modules/chushang-module-system/system-service/src/main/resources/bootstrap.yml

@@ -13,12 +13,12 @@ spring:
       discovery:
         server-addr: ${spring.cloud.nacos.server-addr}
         namespace: ${nacos.namespace}
-        group: ${nacos.group}
+        group: local
         service: ${spring.application.name}
       config:
         server-addr: ${spring.cloud.nacos.server-addr}
         namespace: ${spring.cloud.nacos.discovery.namespace}
-        group: ${spring.cloud.nacos.discovery.group}
+        group: ${nacos.group}
         file-extension: yaml
         refresh-enabled: true
         shared-configs:

chushang-modules/chushang-module-system/system-service/src/main/resources/mapper/SysUserMapper.xml

@@ -124,7 +124,7 @@
         left join sys_role r on r.role_id = ur.role_id
         where u.del_state = FALSE
             and (r.role_id != #{listUser.roleId} or r.role_id IS NULL)
-            and u.user_id not in (select u.user_id from sys_user u inner join sys_user_role ur on u.user_id = ur.user_id and ur.role_id = #{listUser.roleId})
+            and u.user_id in (select u.user_id from sys_user u LEFT join sys_user_role ur on u.user_id = ur.user_id and ur.role_id != #{listUser.roleId})
 
         <if test="listUser.username != null and listUser.username != ''">
             AND u.username like concat('%',#{listUser.username},'%')