chujinwang
/
chushangcloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

1. 用户角色 授权bug

This commit is contained in:
zhaowenyuan 2024-06-17 17:46:37 +08:00
parent 1c23791f02
commit eb9b16848a
13 changed files with 93 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/bo/RoleUser.java
View File

@ -3,6 +3,8 @@ package com.chushang.system.entity.bo;
import lombok.Data;
import javax.validation.constraints.NotNull;
import java.util.Collection;
import java.util.List;
/**
* @author by zhaowenyuan create 2022/8/22 14:04
@ -11,10 +13,10 @@ import javax.validation.constraints.NotNull;
@Data
public class RoleUser {
@NotNull(message = "role id is null")
private Long roleId;
@NotNull(message = "role ids is null")
private Collection<Long> roleIds;
@NotNull(message = "user ids is null")
private Long[] userIds;
@NotNull(message = "user id is null")
private Long userId;
}

5
chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/bo/CancelUserRole.java → chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/bo/UserRole.java
View File

@ -3,15 +3,16 @@ package com.chushang.system.entity.bo;
import lombok.Data;
import javax.validation.constraints.NotNull;
import java.util.List;
/**
* @author by zhaowenyuan create 2022/8/22 12:24
* 取消授权用户
*/
@Data
public class CancelUserRole {
public class UserRole {
@NotNull(message = "role id is null")
private Long roleId;
@NotNull(message = "user id is null")
private Long[] userIds;
private List<Long> userIds;
}

20
chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/controller/RoleController.java
View File

@ -5,8 +5,7 @@ import com.chushang.common.log.annotation.SysLog;
import com.chushang.common.log.enums.BusinessType;
import com.chushang.security.annotation.RequiresPermissions;
import com.chushang.security.utils.SecurityUtils;
import com.chushang.system.entity.bo.CancelUserRole;
import com.chushang.system.entity.bo.RoleUser;
import com.chushang.system.entity.bo.UserRole;
import com.chushang.system.entity.dto.ListRoleDTO;
import com.chushang.system.entity.dto.ListUserDTO;
import com.chushang.security.entity.po.SysRole;
@ -17,6 +16,8 @@ import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
import java.util.Collection;
import java.util.List;
/**
* @author by zhaowenyuan create 2022/8/22 11:04
@ -142,7 +143,7 @@ public class RoleController {
@RequiresPermissions("system:role:remove")
@SysLog(value = "角色",businessType = BusinessType.DELETE)
@DeleteMapping("/{roleIds}")
public AjaxResult remove(@PathVariable Long[] roleIds)
public AjaxResult remove(@PathVariable Collection<Long> roleIds)
{
roleService.deleteRoleByIds(roleIds);
@ -185,9 +186,12 @@ public class RoleController {
@RequiresPermissions("system:role:edit")
@SysLog(value = "取消授权用户", businessType = BusinessType.GRANT)
@PutMapping("/authUser/cancel")
public AjaxResult cancelAuthUser(@RequestBody @Valid CancelUserRole cancelUserRole)
public AjaxResult cancelAuthUser(@RequestBody @Valid UserRole roleUser)
{
roleService.deleteAuthUser(cancelUserRole);
// todo 需要 清除当前User 缓存
roleService.deleteAuthUser(roleUser);
return AjaxResult.success();
}
@ -198,15 +202,17 @@ public class RoleController {
@RequiresPermissions("system:role:edit")
@SysLog(value = "用户授权", businessType = BusinessType.GRANT)
@PutMapping("/authUser")
public AjaxResult selectAuthUserAll(@RequestBody @Valid RoleUser roleUser)
public AjaxResult selectAuthUserAll(@RequestBody @Valid UserRole roleUser)
{
Long roleId = roleUser.getRoleId();
Long[] userIds = roleUser.getUserIds();
List<Long> userIds = roleUser.getUserIds();
// 判断当切登录用户有没有 此角色的权限
roleService.checkRoleDataScope(new SysRole(roleId));
roleService.insertAuthUsers(roleId, userIds);
// todo 需要 清除当前User 缓存
return AjaxResult.success();
}

40
chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/controller/UserController.java
View File

@ -1,22 +1,23 @@
package com.chushang.system.controller;
import cn.hutool.core.collection.CollectionUtil;
import com.chushang.common.core.exception.ResultException;
import com.chushang.common.core.util.StringUtils;
import com.chushang.common.core.web.AjaxResult;
import com.chushang.common.log.annotation.SysLog;
import com.chushang.common.log.enums.BusinessType;
import com.chushang.security.entity.po.DataScopeEntity;
import com.chushang.security.annotation.RequiresPermissions;
import com.chushang.security.service.TokenService;
import com.chushang.security.utils.SecurityUtils;
import com.chushang.system.entity.bo.PasswordForm;
import com.chushang.system.entity.bo.RoleUser;
import com.chushang.system.entity.bo.UserRole;
import com.chushang.system.entity.dto.ListUserDTO;
import com.chushang.system.entity.po.SysPost;
import com.chushang.security.entity.po.SysRole;
import com.chushang.security.entity.po.SysUser;
import com.chushang.security.entity.vo.LoginUser;
import com.chushang.system.service.*;
import org.apache.commons.lang3.ArrayUtils;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
@ -43,6 +44,7 @@ public class UserController {
@Resource
TokenService tokenService;
/**
* 用户列表
*/
@ -163,7 +165,8 @@ public class UserController {
@SysLog(value = "用户", businessType = BusinessType.UPDATE)
@PostMapping("/update")
@RequiresPermissions("system:user:update")
public AjaxResult update(@RequestBody SysUser user) {
public AjaxResult update(@RequestBody SysUser user)
{
sysUserService.checkUserAllowed(user);
@ -180,17 +183,22 @@ public class UserController {
@SysLog(value = "用户", businessType = BusinessType.DELETE)
@DeleteMapping("/{userIds}")
@RequiresPermissions("system:user:delete")
public AjaxResult delete(@PathVariable Long[] userIds) {
if (ArrayUtils.contains(userIds, 1)) {
public AjaxResult delete(@PathVariable Collection<Long> userIds)
{
if (CollectionUtil.isEmpty(userIds)){return AjaxResult.success();}
if (userIds.contains(1L)) {
return AjaxResult.error("系统管理员不能删除");
}
if (ArrayUtils.contains(userIds, SecurityUtils.getUserId())) {
if (userIds.contains(SecurityUtils.getUserId())) {
return AjaxResult.error("当前用户不能删除");
}
sysUserService.deleteBatch(userIds);
// 强退用户
for (Long userId : userIds) {
tokenService.forcedRetreat(userId);
}
return AjaxResult.success();
}
@ -235,9 +243,10 @@ public class UserController {
sysUserService.checkUserAllowed(new SysUser(userId));
// 查看自己有没有权限操作
sysUserService.checkUserDataScope(new SysUser(SecurityUtils.getUserId()));
// 修改密码
sysUserService.resetPwd(userId, form.getNewPassword());
// 强退用户
tokenService.forcedRetreat(userId);
return AjaxResult.success();
}
@ -265,6 +274,13 @@ public class UserController {
sysUserService.checkUserDataScope(new SysUser(user.getUserId()));
user.setUpdateBy(SecurityUtils.getUsername());
sysUserService.updateUserStatus(user);
// 判断 改变的状态
Boolean status = user.getStatus();
if (!status){
// 强退用户
tokenService.forcedRetreat(user.getUserId());
}
return AjaxResult.success();
}
@ -292,10 +308,14 @@ public class UserController {
@RequiresPermissions("system:user:auth")
@SysLog(value = "用户", businessType = BusinessType.GRANT)
@PutMapping("/authRole")
public AjaxResult insertAuthRole(Long userId, Long[] roleIds)
public AjaxResult insertAuthRole(@RequestBody RoleUser roleUser)
{
Collection<Long> roleIds = roleUser.getRoleIds();
Long userId = roleUser.getUserId();
sysUserService.checkUserDataScope(new SysUser(userId));
sysUserService.insertUserAuth(userId, roleIds);
// 强退用户
tokenService.forcedRetreat(userId);
return AjaxResult.success();
}

3
chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysRoleDeptService.java
View File

@ -7,6 +7,7 @@ import com.chushang.system.entity.po.SysRoleDept;
import org.springframework.transaction.annotation.Transactional;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
/**
@ -38,7 +39,7 @@ public interface ISysRoleDeptService extends IService<SysRoleDept> {
}
}
@Transactional
default void deleteRoleDept(List<Long> roleIds){
default void deleteRoleDept(Collection<Long> roleIds){
if (CollectionUtil.isNotEmpty(roleIds)){
roleIds.forEach(this::removeByRoleId);
}

10
chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysRoleService.java
View File

@ -7,11 +7,13 @@ import com.chushang.common.core.exception.ResultException;
import com.chushang.common.core.util.StringUtils;
import com.chushang.common.core.web.AjaxResult;
import com.chushang.common.mybatis.enums.Operator;
import com.chushang.system.entity.bo.CancelUserRole;
import com.chushang.system.entity.bo.RoleUser;
import com.chushang.system.entity.bo.UserRole;
import com.chushang.system.entity.dto.ListRoleDTO;
import com.chushang.security.entity.po.SysRole;
import com.chushang.security.entity.po.SysUser;
import java.util.Collection;
import java.util.List;
/**
@ -68,11 +70,11 @@ public interface ISysRoleService extends IService<SysRole> {
updateById(role);
}
void deleteRoleByIds(Long[] roleIds);
void deleteRoleByIds(Collection<Long> roleIds);
void deleteAuthUser(CancelUserRole cancelUserRole);
void deleteAuthUser(UserRole roleUser);
void insertAuthUsers(Long roleId, Long[] userIds);
void insertAuthUsers(Long roleId, Collection<Long> userIds);
String selectRolesByUserName(String username);
}

12
chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysUserRoleService.java
View File

@ -20,14 +20,14 @@ import java.util.stream.Collectors;
public interface ISysUserRoleService extends IService<SysUserRole> {
@Transactional
default void saveOrUpdate(Long userId, Long[] roleIdList){
default void saveOrUpdate(Long userId, Collection<Long> roleIdList){
//先删除用户与角色关系
this.remove(new LambdaQueryWrapper<SysUserRole>()
.eq(SysUserRole::getUserId, userId));
if(roleIdList == null || roleIdList.length == 0){
if(roleIdList == null || roleIdList.isEmpty()){
return ;
}
this.saveBatch(Arrays.stream(roleIdList).map(s -> {
this.saveBatch(roleIdList.stream().map(s -> {
SysUserRole sysUserRoleEntity = new SysUserRole();
sysUserRoleEntity.setUserId(userId);
sysUserRoleEntity.setRoleId(s);
@ -35,14 +35,14 @@ public interface ISysUserRoleService extends IService<SysUserRole> {
}).collect(Collectors.toList()));
}
@Transactional
default void saveOrUpdate(Long[] userIdList, Long roleId){
default void saveOrUpdate(Collection<Long> userIdList, Long roleId){
//先删除用户与角色关系
this.remove(new LambdaQueryWrapper<SysUserRole>()
.eq(SysUserRole::getRoleId, roleId));
if(userIdList == null || userIdList.length == 0){
if(userIdList == null || userIdList.isEmpty()){
return ;
}
this.saveBatch(Arrays.stream(userIdList).map(userId -> {
this.saveBatch(userIdList.stream().map(userId -> {
SysUserRole sysUserRoleEntity = new SysUserRole();
sysUserRoleEntity.setUserId(userId);
sysUserRoleEntity.setRoleId(roleId);

6
chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysUserService.java
View File

@ -9,6 +9,8 @@ import com.chushang.security.utils.SecurityUtils;
import com.chushang.system.entity.dto.ListUserDTO;
import com.chushang.security.entity.po.SysUser;
import java.util.Collection;
/**
* <p>
* 服务类
@ -31,7 +33,7 @@ public interface ISysUserService extends IService<SysUser> {
void update(SysUser user);
void deleteBatch(Long[] userIds);
void deleteBatch(Collection<Long> userIds);
SysUser selectByUserId(Long userId);
@ -63,7 +65,7 @@ public interface ISysUserService extends IService<SysUser> {
.eq(SysUser::getUserId, user.getUserId()));
}
void insertUserAuth(Long userId, Long[] roleIds);
void insertUserAuth(Long userId, Collection<Long> roleIds);
AjaxResult selectAllocatedList(ListUserDTO listUser);

2
chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysPermissionServiceImpl.java
View File

@ -62,7 +62,7 @@ public class SysPermissionServiceImpl implements ISysPermissionService {
perms.addAll(rolePerms);
}
// 添加 roleIds
sysUser.setRoleIds(roles.stream().map(SysRole::getRoleId).toArray(Long[]::new));
sysUser.setRoleIds(roles.stream().map(SysRole::getRoleId).collect(Collectors.toSet()));
}
else
{

25
chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysRoleServiceImpl.java
View File

@ -9,9 +9,10 @@ import com.chushang.common.core.web.AjaxResult;
import com.chushang.common.mybatis.utils.PageResult;
import com.chushang.datascope.annotation.DataScope;
import com.chushang.security.utils.SecurityUtils;
import com.chushang.system.entity.bo.RoleUser;
import com.chushang.system.entity.bo.UserRole;
import com.chushang.system.mapper.SysRoleMapper;
import com.chushang.system.service.ISysRoleMenuService;
import com.chushang.system.entity.bo.CancelUserRole;
import com.chushang.system.entity.dto.ListRoleDTO;
import com.chushang.security.entity.po.SysRole;
import com.chushang.security.entity.po.SysUser;
@ -24,10 +25,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.Arrays;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.*;
import java.util.stream.Collectors;
/**
@ -134,7 +132,7 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
@Override
@Transactional
public void deleteRoleByIds(Long[] roleIds) {
public void deleteRoleByIds(Collection<Long> roleIds) {
for (Long roleId : roleIds) {
SysRole sysRole = new SysRole(roleId);
if (2 == roleId){
@ -151,22 +149,23 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
}
}
// 删除角色与菜单关联
roleMenuService.deleteRoleMenu(Arrays.asList(roleIds));
roleMenuService.deleteRoleMenu(roleIds);
// 删除角色与部门关联
roleDeptService.deleteRoleDept(Arrays.asList(roleIds));
roleDeptService.deleteRoleDept(roleIds);
// 删除角色
baseMapper.deleteBatchIds(Arrays.asList(roleIds));
baseMapper.deleteBatchIds(roleIds);
}
@Override
public void deleteAuthUser(CancelUserRole cancelUserRole) {
public void deleteAuthUser(UserRole userRole) {
userRoleService.removeByUserIdAndRoleId(
Set.of(cancelUserRole.getUserIds()),
cancelUserRole.getRoleId());
userRole.getUserIds(),
userRole.getRoleId());
}
@Override
public void insertAuthUsers(Long roleId, Long[] userIds) {
public void insertAuthUsers(Long roleId,Collection<Long> userIds) {
userRoleService.saveOrUpdate(userIds, roleId);
}

13
chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysUserServiceImpl.java
View File

@ -24,6 +24,7 @@ import org.springframework.transaction.annotation.Transactional;
import java.time.LocalDateTime;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
/**
@ -105,6 +106,8 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
String salt = IdUtils.getId(10);
user.setPassword(SecurityUtils.encryptPassword(user.getPassword(), salt));
user.setSalt(salt);
// 新增时默认为 自己部门的用户
user.setDeptId(SecurityUtils.getDeptId());
this.save(user);
//保存用户与角色关系
@ -126,7 +129,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
@Override
@Transactional
public void deleteBatch(Long[] userIds) {
public void deleteBatch(Collection<Long> userIds) {
for (Long userId : userIds)
{
@ -135,11 +138,11 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
SpringUtils.getAopProxy(this).checkUserDataScope(sysUser);
}
this.removeByIds(Arrays.asList(userIds));
this.removeByIds(userIds);
//先删除用户与角色关系
userRoleService.remove(new LambdaQueryWrapper<SysUserRole>()
.in(SysUserRole::getUserId, Arrays.asList(userIds)));
.in(SysUserRole::getUserId, userIds));
}
@ -151,7 +154,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
@Override
@Transactional
public void insertUserAuth(Long userId, Long[] roleIds) {
public void insertUserAuth(Long userId, Collection<Long> roleIds) {
userRoleService.saveOrUpdate(userId, roleIds);
}
@ -215,8 +218,6 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
.password(newPassword)
.salt(salt)
.build());
// 强退用户
tokenService.forcedRetreat(userId);
}

4
chushang-modules/chushang-module-system/system-service/src/main/resources/bootstrap.yml
View File

@ -13,12 +13,12 @@ spring:
discovery:
server-addr: ${spring.cloud.nacos.server-addr}
namespace: ${nacos.namespace}
group: ${nacos.group}
group: local
service: ${spring.application.name}
config:
server-addr: ${spring.cloud.nacos.server-addr}
namespace: ${spring.cloud.nacos.discovery.namespace}
group: ${spring.cloud.nacos.discovery.group}
group: ${nacos.group}
file-extension: yaml
refresh-enabled: true
shared-configs:

2
chushang-modules/chushang-module-system/system-service/src/main/resources/mapper/SysUserMapper.xml
View File

@ -124,7 +124,7 @@
left join sys_role r on r.role_id = ur.role_id
where u.del_state = FALSE
and (r.role_id != #{listUser.roleId} or r.role_id IS NULL)
and u.user_id not in (select u.user_id from sys_user u inner join sys_user_role ur on u.user_id = ur.user_id and ur.role_id = #{listUser.roleId})
and u.user_id in (select u.user_id from sys_user u LEFT join sys_user_role ur on u.user_id = ur.user_id and ur.role_id != #{listUser.roleId})
<if test="listUser.username != null and listUser.username != ''">
AND u.username like concat('%',#{listUser.username},'%')