mirror of
https://github.com/continew-org/continew-admin.git
synced 2025-12-17 16:57:09 +08:00
fix: 完善用户角色变更校验及在线用户权限处理
This commit is contained in:
@@ -91,4 +91,12 @@ public interface RoleService extends BaseService<RoleResp, RoleDetailResp, RoleQ
|
|||||||
* @return 角色数量
|
* @return 角色数量
|
||||||
*/
|
*/
|
||||||
int countByNames(List<String> roleNames);
|
int countByNames(List<String> roleNames);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 分配角色给用户
|
||||||
|
*
|
||||||
|
* @param id 角色 ID
|
||||||
|
* @param userIds 用户 ID 列表
|
||||||
|
*/
|
||||||
|
void assignToUsers(Long id, List<Long> userIds);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -26,7 +26,6 @@ import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
|||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
import org.springframework.transaction.annotation.Transactional;
|
import org.springframework.transaction.annotation.Transactional;
|
||||||
import top.continew.admin.auth.service.OnlineUserService;
|
|
||||||
import top.continew.admin.common.constant.CacheConstants;
|
import top.continew.admin.common.constant.CacheConstants;
|
||||||
import top.continew.admin.common.constant.ContainerConstants;
|
import top.continew.admin.common.constant.ContainerConstants;
|
||||||
import top.continew.admin.common.constant.SysConstants;
|
import top.continew.admin.common.constant.SysConstants;
|
||||||
@@ -62,7 +61,6 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
|
|||||||
private final RoleMenuService roleMenuService;
|
private final RoleMenuService roleMenuService;
|
||||||
private final RoleDeptService roleDeptService;
|
private final RoleDeptService roleDeptService;
|
||||||
private final UserRoleService userRoleService;
|
private final UserRoleService userRoleService;
|
||||||
private final OnlineUserService onlineUserService;
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@Transactional(rollbackFor = Exception.class)
|
@Transactional(rollbackFor = Exception.class)
|
||||||
@@ -103,15 +101,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
|
|||||||
boolean isSaveDeptSuccess = roleDeptService.add(req.getDeptIds(), id);
|
boolean isSaveDeptSuccess = roleDeptService.add(req.getDeptIds(), id);
|
||||||
// 如果功能权限或数据权限有变更,则更新在线用户权限信息
|
// 如果功能权限或数据权限有变更,则更新在线用户权限信息
|
||||||
if (isSaveMenuSuccess || isSaveDeptSuccess || ObjectUtil.notEqual(req.getDataScope(), oldDataScope)) {
|
if (isSaveMenuSuccess || isSaveDeptSuccess || ObjectUtil.notEqual(req.getDataScope(), oldDataScope)) {
|
||||||
List<Long> userIdList = userRoleService.listUserIdByRoleId(id);
|
this.updateUserContext(id);
|
||||||
userIdList.parallelStream().forEach(userId -> {
|
|
||||||
UserContext userContext = UserContextHolder.getContext(userId);
|
|
||||||
if (null != userContext) {
|
|
||||||
userContext.setRoles(this.listByUserId(userId));
|
|
||||||
userContext.setPermissions(this.listPermissionByUserId(userId));
|
|
||||||
UserContextHolder.setContext(userContext);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -198,6 +188,15 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
|
|||||||
return (int)this.count(Wrappers.<RoleDO>lambdaQuery().in(RoleDO::getName, roleNames));
|
return (int)this.count(Wrappers.<RoleDO>lambdaQuery().in(RoleDO::getName, roleNames));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void assignToUsers(Long id, List<Long> userIds) {
|
||||||
|
super.getById(id);
|
||||||
|
// 保存用户和角色关联
|
||||||
|
userRoleService.assignRoleToUsers(id, userIds);
|
||||||
|
// 更新用户上下文
|
||||||
|
this.updateUserContext(id);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 名称是否存在
|
* 名称是否存在
|
||||||
*
|
*
|
||||||
@@ -219,4 +218,21 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
|
|||||||
private boolean isCodeExists(String code, Long id) {
|
private boolean isCodeExists(String code, Long id) {
|
||||||
return baseMapper.lambdaQuery().eq(RoleDO::getCode, code).ne(null != id, RoleDO::getId, id).exists();
|
return baseMapper.lambdaQuery().eq(RoleDO::getCode, code).ne(null != id, RoleDO::getId, id).exists();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 更新用户上下文
|
||||||
|
*
|
||||||
|
* @param roleId 角色 ID
|
||||||
|
*/
|
||||||
|
private void updateUserContext(Long roleId) {
|
||||||
|
List<Long> userIdList = userRoleService.listUserIdByRoleId(roleId);
|
||||||
|
userIdList.parallelStream().forEach(userId -> {
|
||||||
|
UserContext userContext = UserContextHolder.getContext(userId);
|
||||||
|
if (null != userContext) {
|
||||||
|
userContext.setRoles(this.listByUserId(userId));
|
||||||
|
userContext.setPermissions(this.listPermissionByUserId(userId));
|
||||||
|
UserContextHolder.setContext(userContext);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -57,6 +57,8 @@ public class UserRoleServiceImpl implements UserRoleService {
|
|||||||
if (CollUtil.isEmpty(CollUtil.disjunction(roleIds, oldRoleIdList))) {
|
if (CollUtil.isEmpty(CollUtil.disjunction(roleIds, oldRoleIdList))) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
CheckUtils.throwIf(SysConstants.SUPER_USER_ID.equals(userId) && !roleIds
|
||||||
|
.contains(SysConstants.SUPER_ROLE_ID), "不允许变更超管用户角色");
|
||||||
// 删除原有关联
|
// 删除原有关联
|
||||||
baseMapper.lambdaUpdate().eq(UserRoleDO::getUserId, userId).remove();
|
baseMapper.lambdaUpdate().eq(UserRoleDO::getUserId, userId).remove();
|
||||||
// 保存最新关联
|
// 保存最新关联
|
||||||
|
|||||||
@@ -182,12 +182,7 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserRes
|
|||||||
}
|
}
|
||||||
// 如果角色有变更,则更新在线用户权限信息
|
// 如果角色有变更,则更新在线用户权限信息
|
||||||
if (isSaveUserRoleSuccess) {
|
if (isSaveUserRoleSuccess) {
|
||||||
UserContext userContext = UserContextHolder.getContext(id);
|
this.updateContext(id);
|
||||||
if (null != userContext) {
|
|
||||||
userContext.setRoles(roleService.listByUserId(id));
|
|
||||||
userContext.setPermissions(roleService.listPermissionByUserId(id));
|
|
||||||
UserContextHolder.setContext(userContext);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -209,6 +204,8 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserRes
|
|||||||
userPasswordHistoryService.deleteByUserIds(ids);
|
userPasswordHistoryService.deleteByUserIds(ids);
|
||||||
// 删除用户
|
// 删除用户
|
||||||
super.delete(ids);
|
super.delete(ids);
|
||||||
|
// 踢出在线用户
|
||||||
|
ids.forEach(onlineUserService::kickOut);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@@ -388,8 +385,11 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserRes
|
|||||||
@Override
|
@Override
|
||||||
public void updateRole(UserRoleUpdateReq updateReq, Long id) {
|
public void updateRole(UserRoleUpdateReq updateReq, Long id) {
|
||||||
super.getById(id);
|
super.getById(id);
|
||||||
|
List<Long> roleIds = updateReq.getRoleIds();
|
||||||
// 保存用户和角色关联
|
// 保存用户和角色关联
|
||||||
userRoleService.assignRolesToUser(updateReq.getRoleIds(), id);
|
userRoleService.assignRolesToUser(roleIds, id);
|
||||||
|
// 更新用户上下文
|
||||||
|
this.updateContext(id);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@@ -685,4 +685,18 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserRes
|
|||||||
.in(UserDO::getUsername, usernames)
|
.in(UserDO::getUsername, usernames)
|
||||||
.select(UserDO::getId, UserDO::getUsername));
|
.select(UserDO::getId, UserDO::getUsername));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 更新用户上下文信息
|
||||||
|
*
|
||||||
|
* @param id ID
|
||||||
|
*/
|
||||||
|
private void updateContext(Long id) {
|
||||||
|
UserContext userContext = UserContextHolder.getContext(id);
|
||||||
|
if (null != userContext) {
|
||||||
|
userContext.setRoles(roleService.listByUserId(id));
|
||||||
|
userContext.setPermissions(roleService.listPermissionByUserId(id));
|
||||||
|
UserContextHolder.setContext(userContext);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -66,6 +66,6 @@ public class RoleController extends BaseController<RoleService, RoleResp, RoleDe
|
|||||||
@PostMapping("/{id}/user")
|
@PostMapping("/{id}/user")
|
||||||
public void assignToUsers(@PathVariable("id") Long id,
|
public void assignToUsers(@PathVariable("id") Long id,
|
||||||
@Validated @NotEmpty(message = "用户ID列表不能为空") @RequestBody List<Long> userIds) {
|
@Validated @NotEmpty(message = "用户ID列表不能为空") @RequestBody List<Long> userIds) {
|
||||||
userRoleService.assignRoleToUsers(id, userIds);
|
baseService.assignToUsers(id, userIds);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -16,6 +16,7 @@ VALUES
|
|||||||
(1016, '导出', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:export', 6, 1, 1, NOW(), NULL, NULL),
|
(1016, '导出', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:export', 6, 1, 1, NOW(), NULL, NULL),
|
||||||
(1017, '导入', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:import', 7, 1, 1, NOW(), NULL, NULL),
|
(1017, '导入', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:import', 7, 1, 1, NOW(), NULL, NULL),
|
||||||
(1018, '重置密码', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:resetPwd', 8, 1, 1, NOW(), NULL, NULL),
|
(1018, '重置密码', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:resetPwd', 8, 1, 1, NOW(), NULL, NULL),
|
||||||
|
(1019, '分配角色', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:updateRole', 9, 1, 1, NOW(), NULL, NULL),
|
||||||
|
|
||||||
(1030, '角色管理', 1000, 2, '/system/role', 'SystemRole', 'system/role/index', NULL, 'user-group', b'0', b'0', b'0', NULL, 2, 1, 1, NOW(), NULL, NULL),
|
(1030, '角色管理', 1000, 2, '/system/role', 'SystemRole', 'system/role/index', NULL, 'user-group', b'0', b'0', b'0', NULL, 2, 1, 1, NOW(), NULL, NULL),
|
||||||
(1031, '列表', 1030, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:role:list', 1, 1, 1, NOW(), NULL, NULL),
|
(1031, '列表', 1030, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:role:list', 1, 1, 1, NOW(), NULL, NULL),
|
||||||
|
|||||||
@@ -16,6 +16,7 @@ VALUES
|
|||||||
(1016, '导出', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:export', 6, 1, 1, NOW(), NULL, NULL),
|
(1016, '导出', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:export', 6, 1, 1, NOW(), NULL, NULL),
|
||||||
(1017, '导入', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:import', 7, 1, 1, NOW(), NULL, NULL),
|
(1017, '导入', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:import', 7, 1, 1, NOW(), NULL, NULL),
|
||||||
(1018, '重置密码', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:resetPwd', 8, 1, 1, NOW(), NULL, NULL),
|
(1018, '重置密码', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:resetPwd', 8, 1, 1, NOW(), NULL, NULL),
|
||||||
|
(1019, '分配角色', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:updateRole', 9, 1, 1, NOW(), NULL, NULL),
|
||||||
|
|
||||||
(1030, '角色管理', 1000, 2, '/system/role', 'SystemRole', 'system/role/index', NULL, 'user-group', false, false, false, NULL, 2, 1, 1, NOW(), NULL, NULL),
|
(1030, '角色管理', 1000, 2, '/system/role', 'SystemRole', 'system/role/index', NULL, 'user-group', false, false, false, NULL, 2, 1, 1, NOW(), NULL, NULL),
|
||||||
(1031, '列表', 1030, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:role:list', 1, 1, 1, NOW(), NULL, NULL),
|
(1031, '列表', 1030, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:role:list', 1, 1, 1, NOW(), NULL, NULL),
|
||||||
|
|||||||
Reference in New Issue
Block a user