ContiNew/continew-admin
1
1
Fork 0
mirror of https://github.com/continew-org/continew-admin.git synced 2025-09-20 05:00:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: 完善用户角色变更校验及在线用户权限处理

Browse Source
This commit is contained in:
Charles7c
2024-11-12 21:33:51 +08:00
parent ad3f8329dd
commit c28d3cf1c4
7 changed files with 61 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
continew-module-system/src/main/java/top/continew/admin/system/service/RoleService.java
View File

@@ -91,4 +91,12 @@ public interface RoleService extends BaseService<RoleResp, RoleDetailResp, RoleQ
* @return 角色数量
*/
int countByNames(List<String> roleNames);
/**
* 分配角色给用户
*
* @param id 角色 ID
* @param userIds 用户 ID 列表
*/
void assignToUsers(Long id, List<Long> userIds);
}

38
continew-module-system/src/main/java/top/continew/admin/system/service/impl/RoleServiceImpl.java
View File

@@ -26,7 +26,6 @@ import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import top.continew.admin.auth.service.OnlineUserService;
import top.continew.admin.common.constant.CacheConstants;
import top.continew.admin.common.constant.ContainerConstants;
import top.continew.admin.common.constant.SysConstants;
@@ -62,7 +61,6 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
private final RoleMenuService roleMenuService;
private final RoleDeptService roleDeptService;
private final UserRoleService userRoleService;
private final OnlineUserService onlineUserService;
@Override
@Transactional(rollbackFor = Exception.class)
@@ -103,15 +101,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
boolean isSaveDeptSuccess = roleDeptService.add(req.getDeptIds(), id);
// 如果功能权限或数据权限有变更,则更新在线用户权限信息
if (isSaveMenuSuccess || isSaveDeptSuccess || ObjectUtil.notEqual(req.getDataScope(), oldDataScope)) {
List<Long> userIdList = userRoleService.listUserIdByRoleId(id);
userIdList.parallelStream().forEach(userId -> {
UserContext userContext = UserContextHolder.getContext(userId);
if (null != userContext) {
userContext.setRoles(this.listByUserId(userId));
userContext.setPermissions(this.listPermissionByUserId(userId));
UserContextHolder.setContext(userContext);
}
});
this.updateUserContext(id);
}
}
@@ -198,6 +188,15 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
return (int)this.count(Wrappers.<RoleDO>lambdaQuery().in(RoleDO::getName, roleNames));
}
@Override
public void assignToUsers(Long id, List<Long> userIds) {
super.getById(id);
// 保存用户和角色关联
userRoleService.assignRoleToUsers(id, userIds);
// 更新用户上下文
this.updateUserContext(id);
}
/**
* 名称是否存在
*
@@ -219,4 +218,21 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
private boolean isCodeExists(String code, Long id) {
return baseMapper.lambdaQuery().eq(RoleDO::getCode, code).ne(null != id, RoleDO::getId, id).exists();
}
/**
* 更新用户上下文
*
* @param roleId 角色 ID
*/
private void updateUserContext(Long roleId) {
List<Long> userIdList = userRoleService.listUserIdByRoleId(roleId);
userIdList.parallelStream().forEach(userId -> {
UserContext userContext = UserContextHolder.getContext(userId);
if (null != userContext) {
userContext.setRoles(this.listByUserId(userId));
userContext.setPermissions(this.listPermissionByUserId(userId));
UserContextHolder.setContext(userContext);
}
});
}
}

2
continew-module-system/src/main/java/top/continew/admin/system/service/impl/UserRoleServiceImpl.java
View File

@@ -57,6 +57,8 @@ public class UserRoleServiceImpl implements UserRoleService {
if (CollUtil.isEmpty(CollUtil.disjunction(roleIds, oldRoleIdList))) {
return false;
}
CheckUtils.throwIf(SysConstants.SUPER_USER_ID.equals(userId) && !roleIds
.contains(SysConstants.SUPER_ROLE_ID), "不允许变更超管用户角色");
// 删除原有关联
baseMapper.lambdaUpdate().eq(UserRoleDO::getUserId, userId).remove();
// 保存最新关联

28
continew-module-system/src/main/java/top/continew/admin/system/service/impl/UserServiceImpl.java
View File

@@ -182,12 +182,7 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserRes
}
// 如果角色有变更,则更新在线用户权限信息
if (isSaveUserRoleSuccess) {
UserContext userContext = UserContextHolder.getContext(id);
if (null != userContext) {
userContext.setRoles(roleService.listByUserId(id));
userContext.setPermissions(roleService.listPermissionByUserId(id));
UserContextHolder.setContext(userContext);
}
this.updateContext(id);
}
}
@@ -209,6 +204,8 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserRes
userPasswordHistoryService.deleteByUserIds(ids);
// 删除用户
super.delete(ids);
// 踢出在线用户
ids.forEach(onlineUserService::kickOut);
}
@Override
@@ -388,8 +385,11 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserRes
@Override
public void updateRole(UserRoleUpdateReq updateReq, Long id) {
super.getById(id);
List<Long> roleIds = updateReq.getRoleIds();
// 保存用户和角色关联
userRoleService.assignRolesToUser(updateReq.getRoleIds(), id);
userRoleService.assignRolesToUser(roleIds, id);
// 更新用户上下文
this.updateContext(id);
}
@Override
@@ -685,4 +685,18 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserRes
.in(UserDO::getUsername, usernames)
.select(UserDO::getId, UserDO::getUsername));
}
/**
* 更新用户上下文信息
*
* @param id ID
*/
private void updateContext(Long id) {
UserContext userContext = UserContextHolder.getContext(id);
if (null != userContext) {
userContext.setRoles(roleService.listByUserId(id));
userContext.setPermissions(roleService.listPermissionByUserId(id));
UserContextHolder.setContext(userContext);
}
}
}

2
continew-webapi/src/main/java/top/continew/admin/controller/system/RoleController.java
View File

@@ -66,6 +66,6 @@ public class RoleController extends BaseController<RoleService, RoleResp, RoleDe
@PostMapping("/{id}/user")
public void assignToUsers(@PathVariable("id") Long id,
@Validated @NotEmpty(message = "用户ID列表不能为空") @RequestBody List<Long> userIds) {
userRoleService.assignRoleToUsers(id, userIds);
baseService.assignToUsers(id, userIds);
}
}

1
continew-webapi/src/main/resources/db/changelog/mysql/main_data.sql
View File

@@ -16,6 +16,7 @@ VALUES
(1016, '导出', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:export', 6, 1, 1, NOW(), NULL, NULL),
(1017, '导入', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:import', 7, 1, 1, NOW(), NULL, NULL),
(1018, '重置密码', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:resetPwd', 8, 1, 1, NOW(), NULL, NULL),
(1019, '分配角色', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:updateRole', 9, 1, 1, NOW(), NULL, NULL),
(1030, '角色管理', 1000, 2, '/system/role', 'SystemRole', 'system/role/index', NULL, 'user-group', b'0', b'0', b'0', NULL, 2, 1, 1, NOW(), NULL, NULL),
(1031, '列表', 1030, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:role:list', 1, 1, 1, NOW(), NULL, NULL),

1
continew-webapi/src/main/resources/db/changelog/postgresql/main_data.sql
View File

@@ -16,6 +16,7 @@ VALUES
(1016, '导出', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:export', 6, 1, 1, NOW(), NULL, NULL),
(1017, '导入', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:import', 7, 1, 1, NOW(), NULL, NULL),
(1018, '重置密码', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:resetPwd', 8, 1, 1, NOW(), NULL, NULL),
(1019, '分配角色', 1010, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:user:updateRole', 9, 1, 1, NOW(), NULL, NULL),
(1030, '角色管理', 1000, 2, '/system/role', 'SystemRole', 'system/role/index', NULL, 'user-group', false, false, false, NULL, 2, 1, 1, NOW(), NULL, NULL),
(1031, '列表', 1030, 3, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'system:role:list', 1, 1, 1, NOW(), NULL, NULL),