refactor(tenant): 优化租户相关代码

2025-09-09 20:57:21 +08:00 · 2025-07-17 22:15:13 +08:00
parent 6e7d371565
commit 7e9a950694
29 changed files with 333 additions and 151 deletions
--- a/continew-server/src/main/java/top/continew/admin/config/satoken/SaExtensionInterceptor.java
+++ b/continew-server/src/main/java/top/continew/admin/config/satoken/SaExtensionInterceptor.java
@@ -19,10 +19,18 @@ package top.continew.admin.config.satoken;
 import cn.dev33.satoken.fun.SaParamFunction;
 import cn.dev33.satoken.interceptor.SaInterceptor;
 import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.extra.servlet.JakartaServletUtil;
+import cn.hutool.json.JSONUtil;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
 import org.springframework.lang.Nullable;
+import top.continew.admin.common.context.UserContext;
 import top.continew.admin.common.context.UserContextHolder;
+import top.continew.starter.extension.tenant.context.TenantContextHolder;
+import top.continew.starter.web.model.R;

 /**
 * Sa-Token 扩展拦截器
@@ -30,6 +38,7 @@ import top.continew.admin.common.context.UserContextHolder;
 * @author Charles7c
 * @since 2024/10/10 20:25
 */
+@Slf4j
 public class SaExtensionInterceptor extends SaInterceptor {

    public SaExtensionInterceptor(SaParamFunction<Object> auth) {
@@ -41,11 +50,24 @@ public class SaExtensionInterceptor extends SaInterceptor {
                             HttpServletResponse response,
                             Object handler) throws Exception {
        boolean flag = super.preHandle(request, response, handler);
-        if (flag && StpUtil.isLogin()) {
-            UserContextHolder.getContext();
-            UserContextHolder.getExtraContext();
+        if (!flag || !StpUtil.isLogin()) {
+            return flag;
        }
-        return flag;
+        // 设置上下文
+        UserContext userContext = UserContextHolder.getContext();
+        if (userContext == null) {
+            return true;
+        }
+        // 检查用户租户权限
+        Long userTenantId = userContext.getTenantId();
+        Long tenantId = TenantContextHolder.getTenantId();
+        if (!userTenantId.equals(tenantId)) {
+            JakartaServletUtil.write(response, JSONUtil.toJsonStr(R.fail(String.valueOf(HttpStatus.FORBIDDEN
+                .value()), "您当前没有访问该租户的权限")), MediaType.APPLICATION_JSON_VALUE);
+            return false;
+        }
+        UserContextHolder.getExtraContext();
+        return true;
    }

    @Override
@@ -53,6 +75,7 @@ public class SaExtensionInterceptor extends SaInterceptor {
                                HttpServletResponse response,
                                Object handler,
                                @Nullable Exception e) throws Exception {
+        // 清除上下文
        try {
            super.afterCompletion(request, response, handler, e);
        } finally {
--- a/continew-server/src/main/java/top/continew/admin/controller/common/CaptchaController.java
+++ b/continew-server/src/main/java/top/continew/admin/controller/common/CaptchaController.java
@@ -57,6 +57,7 @@ import top.continew.starter.core.autoconfigure.application.ApplicationProperties
 import top.continew.starter.core.util.TemplateUtils;
 import top.continew.starter.core.util.validation.CheckUtils;
 import top.continew.starter.core.util.validation.ValidationUtils;
+import top.continew.starter.extension.tenant.annotation.TenantIgnore;
 import top.continew.starter.log.annotation.Log;
 import top.continew.starter.messaging.mail.util.MailUtils;
 import top.continew.starter.ratelimiter.annotation.RateLimiter;
@@ -78,6 +79,7 @@ import java.util.concurrent.TimeUnit;
 * @since 2022/12/11 14:00
 */
@Tag(name = "验证码 API")
+@TenantIgnore
@SaIgnore
@Validated
@RestController
--- a/continew-server/src/main/java/top/continew/admin/controller/common/CommonController.java
+++ b/continew-server/src/main/java/top/continew/admin/controller/common/CommonController.java
@@ -38,6 +38,7 @@ import top.continew.admin.system.service.*;
 import top.continew.starter.core.util.validation.ValidationUtils;
 import top.continew.starter.extension.crud.model.query.SortQuery;
 import top.continew.starter.extension.crud.model.resp.LabelValueResp;
+import top.continew.starter.extension.tenant.annotation.TenantIgnore;
 import top.continew.starter.log.annotation.Log;

 import java.io.IOException;
@@ -111,6 +112,7 @@ public class CommonController {
        return dictItemService.listByDictCode(code);
    }

+    @TenantIgnore
    @SaIgnore
    @Operation(summary = "查询系统配置参数", description = "查询系统配置参数")
    @GetMapping("/dict/option/site")
--- a/continew-server/src/main/java/top/continew/admin/job/DemoEnvironmentJob.java
+++ b/continew-server/src/main/java/top/continew/admin/job/DemoEnvironmentJob.java
@@ -35,6 +35,7 @@ import top.continew.admin.system.model.entity.user.UserDO;
 import top.continew.admin.system.model.entity.user.UserSocialDO;
 import top.continew.starter.cache.redisson.util.RedisUtils;
 import top.continew.starter.core.constant.StringConstants;
+import top.continew.starter.extension.tenant.annotation.TenantIgnore;

 import java.util.List;
 import java.util.function.BooleanSupplier;
@@ -78,6 +79,7 @@ public class DemoEnvironmentJob {
    /**
     * 重置演示环境数据
     */
+    @TenantIgnore
    @JobExecutor(name = "ResetEnvironmentData")
    @Transactional(rollbackFor = Exception.class)
    public void resetEnvironmentData() {
--- a/continew-server/src/main/java/top/continew/admin/job/NoticePublishJob.java
+++ b/continew-server/src/main/java/top/continew/admin/job/NoticePublishJob.java
@@ -33,6 +33,7 @@ import top.continew.admin.system.mapper.NoticeMapper;
 import top.continew.admin.system.model.entity.NoticeDO;
 import top.continew.admin.system.service.NoticeService;
 import top.continew.starter.core.constant.PropertiesConstants;
+import top.continew.starter.extension.tenant.annotation.TenantIgnore;

 import java.time.LocalDateTime;
 import java.util.List;
@@ -55,6 +56,7 @@ public class NoticePublishJob {
    @ConditionalOnProperty(prefix = "snail-job", name = PropertiesConstants.ENABLED, havingValue = "false")
    public static class Scheduler {

+        @TenantIgnore
        @Scheduled(cron = "0 * * * * ?")
        @Transactional(rollbackFor = Exception.class)
        public void publishNoticeWithSchedule() {
@@ -71,6 +73,7 @@ public class NoticePublishJob {
    @ConditionalOnEnabledScheduleJob
    public static class ScheduleJob {

+        @TenantIgnore
        @JobExecutor(name = "NoticePublishJob")
        @Transactional(rollbackFor = Exception.class)
        public void publishNoticeWithScheduleJob() {
--- a/continew-server/src/main/resources/config/application.yml
+++ b/continew-server/src/main/resources/config/application.yml
@@ -175,7 +175,7 @@ logging:
 --- ### 链路追踪配置
 continew-starter.trace:
  enabled: true
-  trace-id-name: traceId
+  trace-id-name: X-Trace-Id
  ## TLog 配置
  tlog:
    enable-invoke-time-print: false
@@ -202,24 +202,27 @@ continew-starter.tenant:
  enabled: true
  # 隔离级别（默认：LINE，行级）
  isolation-level: LINE
-  # 超级/默认租户 ID
+  # 超级/默认租户 ID：超管用户所在租户（默认：0）
  super-tenant-id: 0
+  # 请求头中租户 ID 键名
+  tenant-id-header: X-Tenant-Id
+  # 请求头中租户编码键名
+  tenant-code-header: X-Tenant-Code
  # 忽略表（忽略拼接租户条件）
  ignore-tables:
-    - gen_config # 代码生成
-    - gen_field_config
+    - tenant # 租户表
+    - tenant_package # 租户套餐表
+    - tenant_package_menu # 租户套餐与菜单关联表
+    - gen_config # 代码生成配置表
+    - gen_field_config # 代码生成字段配置表
    - sys_dict # 字典表
-    - sys_dict_item
-    - sys_option # 参数
-    - sys_storage # 存储配置
-    - tenant # 租户
-    - tenant_package
-    - tenant_package_menu
-    - tenant_datasource
-    - sys_client # 客户端管理
-    - sys_sms_config
-    - sys_sms_log
-    - sys_app # 应用
+    - sys_dict_item # 字典项表
+    - sys_option # 参数表
+    - sys_storage # 存储表
+    - sys_sms_config # 短信配置表
+    - sys_sms_log # 短信日志表
+    - sys_client # 客户端表
+    - sys_app # 应用表
  # 忽略菜单 ID（租户不能使用的菜单）
  ignore-menus:
    - 1130 # 字典管理
@@ -229,7 +232,7 @@ continew-starter.tenant:
    - 3000 # 租户管理
    - 7000 # 能力开放
    - 8000 # 任务调度
-    - 9000 # 代码生成
+    - 9000 # 开发工具

 --- ### 限流器配置
 continew-starter:
--- a/continew-server/src/main/resources/db/changelog/mysql/plugin/plugin_tenant.sql
+++ b/continew-server/src/main/resources/db/changelog/mysql/plugin/plugin_tenant.sql
@@ -7,7 +7,7 @@ CREATE TABLE IF NOT EXISTS `tenant` (
    `id`          bigint(20)   NOT NULL AUTO_INCREMENT     COMMENT 'ID',
    `name`        varchar(30)  NOT NULL                    COMMENT '名称',
    `code`        varchar(30)  NOT NULL                    COMMENT '编码',
-    `domain`      varchar(255) DEFAULT NULL                COMMENT '域名',
+    `domain`      varchar(255) DEFAULT NULL                COMMENT '绑定域名',
    `expire_time` datetime     DEFAULT NULL                COMMENT '过期时间',
    `description` varchar(200) DEFAULT NULL                COMMENT '描述',
    `status`      tinyint(1)   UNSIGNED NOT NULL DEFAULT 1 COMMENT '状态（1：启用；2：禁用）',
--- a/continew-server/src/main/resources/db/changelog/postgresql/plugin/plugin_tenant.sql
+++ b/continew-server/src/main/resources/db/changelog/postgresql/plugin/plugin_tenant.sql
@@ -22,13 +22,12 @@ CREATE TABLE IF NOT EXISTS "tenant" (
 CREATE UNIQUE INDEX "uk_tenant_code" ON "tenant" ("code");
 CREATE INDEX "idx_tenant_admin_user" ON "tenant" ("admin_user");
 CREATE INDEX "idx_tenant_package_id" ON "tenant" ("package_id");
-CREATE INDEX "idx_tenant_datasource_id" ON "tenant" ("datasource_id");
 CREATE INDEX "idx_tenant_create_user" ON "tenant" ("create_user");
 CREATE INDEX "idx_tenant_update_user" ON "tenant" ("update_user");
 COMMENT ON COLUMN "tenant"."id" IS 'ID';
 COMMENT ON COLUMN "tenant"."name" IS '名称';
 COMMENT ON COLUMN "tenant"."code" IS '编码';
-COMMENT ON COLUMN "tenant"."domain" IS '域名';
+COMMENT ON COLUMN "tenant"."domain" IS '绑定域名';
 COMMENT ON COLUMN "tenant"."expire_time" IS '过期时间';
 COMMENT ON COLUMN "tenant"."description" IS '描述';
 COMMENT ON COLUMN "tenant"."status" IS '状态（1：启用；2：禁用）';