mirror of
https://github.com/continew-org/continew-admin.git
synced 2025-09-12 16:57:12 +08:00
fix: 完善用户角色变更校验及在线用户权限处理
This commit is contained in:
@@ -91,4 +91,12 @@ public interface RoleService extends BaseService<RoleResp, RoleDetailResp, RoleQ
|
||||
* @return 角色数量
|
||||
*/
|
||||
int countByNames(List<String> roleNames);
|
||||
|
||||
/**
|
||||
* 分配角色给用户
|
||||
*
|
||||
* @param id 角色 ID
|
||||
* @param userIds 用户 ID 列表
|
||||
*/
|
||||
void assignToUsers(Long id, List<Long> userIds);
|
||||
}
|
||||
|
||||
@@ -26,7 +26,6 @@ import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import top.continew.admin.auth.service.OnlineUserService;
|
||||
import top.continew.admin.common.constant.CacheConstants;
|
||||
import top.continew.admin.common.constant.ContainerConstants;
|
||||
import top.continew.admin.common.constant.SysConstants;
|
||||
@@ -62,7 +61,6 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
|
||||
private final RoleMenuService roleMenuService;
|
||||
private final RoleDeptService roleDeptService;
|
||||
private final UserRoleService userRoleService;
|
||||
private final OnlineUserService onlineUserService;
|
||||
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
@@ -103,15 +101,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
|
||||
boolean isSaveDeptSuccess = roleDeptService.add(req.getDeptIds(), id);
|
||||
// 如果功能权限或数据权限有变更,则更新在线用户权限信息
|
||||
if (isSaveMenuSuccess || isSaveDeptSuccess || ObjectUtil.notEqual(req.getDataScope(), oldDataScope)) {
|
||||
List<Long> userIdList = userRoleService.listUserIdByRoleId(id);
|
||||
userIdList.parallelStream().forEach(userId -> {
|
||||
UserContext userContext = UserContextHolder.getContext(userId);
|
||||
if (null != userContext) {
|
||||
userContext.setRoles(this.listByUserId(userId));
|
||||
userContext.setPermissions(this.listPermissionByUserId(userId));
|
||||
UserContextHolder.setContext(userContext);
|
||||
}
|
||||
});
|
||||
this.updateUserContext(id);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -198,6 +188,15 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
|
||||
return (int)this.count(Wrappers.<RoleDO>lambdaQuery().in(RoleDO::getName, roleNames));
|
||||
}
|
||||
|
||||
@Override
|
||||
public void assignToUsers(Long id, List<Long> userIds) {
|
||||
super.getById(id);
|
||||
// 保存用户和角色关联
|
||||
userRoleService.assignRoleToUsers(id, userIds);
|
||||
// 更新用户上下文
|
||||
this.updateUserContext(id);
|
||||
}
|
||||
|
||||
/**
|
||||
* 名称是否存在
|
||||
*
|
||||
@@ -219,4 +218,21 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
|
||||
private boolean isCodeExists(String code, Long id) {
|
||||
return baseMapper.lambdaQuery().eq(RoleDO::getCode, code).ne(null != id, RoleDO::getId, id).exists();
|
||||
}
|
||||
|
||||
/**
|
||||
* 更新用户上下文
|
||||
*
|
||||
* @param roleId 角色 ID
|
||||
*/
|
||||
private void updateUserContext(Long roleId) {
|
||||
List<Long> userIdList = userRoleService.listUserIdByRoleId(roleId);
|
||||
userIdList.parallelStream().forEach(userId -> {
|
||||
UserContext userContext = UserContextHolder.getContext(userId);
|
||||
if (null != userContext) {
|
||||
userContext.setRoles(this.listByUserId(userId));
|
||||
userContext.setPermissions(this.listPermissionByUserId(userId));
|
||||
UserContextHolder.setContext(userContext);
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -57,6 +57,8 @@ public class UserRoleServiceImpl implements UserRoleService {
|
||||
if (CollUtil.isEmpty(CollUtil.disjunction(roleIds, oldRoleIdList))) {
|
||||
return false;
|
||||
}
|
||||
CheckUtils.throwIf(SysConstants.SUPER_USER_ID.equals(userId) && !roleIds
|
||||
.contains(SysConstants.SUPER_ROLE_ID), "不允许变更超管用户角色");
|
||||
// 删除原有关联
|
||||
baseMapper.lambdaUpdate().eq(UserRoleDO::getUserId, userId).remove();
|
||||
// 保存最新关联
|
||||
|
||||
@@ -182,12 +182,7 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserRes
|
||||
}
|
||||
// 如果角色有变更,则更新在线用户权限信息
|
||||
if (isSaveUserRoleSuccess) {
|
||||
UserContext userContext = UserContextHolder.getContext(id);
|
||||
if (null != userContext) {
|
||||
userContext.setRoles(roleService.listByUserId(id));
|
||||
userContext.setPermissions(roleService.listPermissionByUserId(id));
|
||||
UserContextHolder.setContext(userContext);
|
||||
}
|
||||
this.updateContext(id);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -209,6 +204,8 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserRes
|
||||
userPasswordHistoryService.deleteByUserIds(ids);
|
||||
// 删除用户
|
||||
super.delete(ids);
|
||||
// 踢出在线用户
|
||||
ids.forEach(onlineUserService::kickOut);
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -388,8 +385,11 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserRes
|
||||
@Override
|
||||
public void updateRole(UserRoleUpdateReq updateReq, Long id) {
|
||||
super.getById(id);
|
||||
List<Long> roleIds = updateReq.getRoleIds();
|
||||
// 保存用户和角色关联
|
||||
userRoleService.assignRolesToUser(updateReq.getRoleIds(), id);
|
||||
userRoleService.assignRolesToUser(roleIds, id);
|
||||
// 更新用户上下文
|
||||
this.updateContext(id);
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -685,4 +685,18 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserRes
|
||||
.in(UserDO::getUsername, usernames)
|
||||
.select(UserDO::getId, UserDO::getUsername));
|
||||
}
|
||||
|
||||
/**
|
||||
* 更新用户上下文信息
|
||||
*
|
||||
* @param id ID
|
||||
*/
|
||||
private void updateContext(Long id) {
|
||||
UserContext userContext = UserContextHolder.getContext(id);
|
||||
if (null != userContext) {
|
||||
userContext.setRoles(roleService.listByUserId(id));
|
||||
userContext.setPermissions(roleService.listPermissionByUserId(id));
|
||||
UserContextHolder.setContext(userContext);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user