权限管理开发基本功能已完成,待前端对接

zhoushihao

2024-04-28 1b4d9b2dd4ed07758241d1143890b3a86b3c0641

 hangzhoumesParent/common/springsecurity/src/main/java/com/mes/userinfo/service/impl/SysUserServiceImpl.java

@@ -1,5 +1,6 @@
package com.mes.userinfo.service.impl;

import cn.hutool.core.collection.CollectionUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
@@ -7,12 +8,15 @@
import com.mes.common.config.Const;
import com.mes.common.utils.JwtUtil;
import com.mes.common.utils.RedisUtil;
import com.mes.common.utils.UserInfoUtils;
import com.mes.entity.request.GeneralRequest;
import com.mes.menu.mapper.SysMenuMapper;
import com.mes.role.entity.SysRole;
import com.mes.role.entity.SysRoleMenu;
import com.mes.role.service.SysRoleService;
import com.mes.userinfo.entity.LoginUser;
import com.mes.userinfo.entity.SysUser;
import com.mes.userinfo.entity.SysUserRole;
import com.mes.userinfo.entity.request.UserRequest;
import com.mes.userinfo.entity.vo.SysUserVO;
import com.mes.userinfo.mapper.SysUserMapper;
import com.mes.userinfo.service.SysUserRoleService;
@@ -20,10 +24,10 @@
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
@@ -35,6 +39,7 @@

import javax.annotation.Resource;
import java.util.*;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;

/**
@@ -61,11 +66,18 @@
    @Resource
    private SysUserRoleService sysUserRoleService;

    @Autowired
    @Resource
    private SysRoleService sysRoleService;

    @Resource
    BCryptPasswordEncoder passwordEncoder;

    @Value("${test.common}")
    private String value;

    @Override
    public Map<String, String> login(SysUser user) {
        log.info(value);
        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(user.getUserName(), user.getPassword());
        Authentication authenticate = authenticationManager.authenticate(authenticationToken);
        if (Objects.isNull(authenticate)) {
@@ -74,12 +86,12 @@
        //使用userid生成token
        LoginUser loginUser = (LoginUser) authenticate.getPrincipal();
        String userId = loginUser.getUser().getId().toString();
        String jwt = JwtUtil.createJWT(userId);
        String jwt = JwtUtil.generateToken(userId);

        //查询权限信息
//        List<String> perms = sysMenuMapper.selectPermsByUserId(userId);
        //authenticate存入redis
        redisUtil.setCacheObject("login:" + userId, loginUser.getAuthorities());
        redisUtil.setCacheObject("login:" + userId, loginUser);
        //把token响应给前端
        HashMap<String, String> map = new HashMap<>();
        map.put("token", jwt);
@@ -88,10 +100,9 @@

    @Override
    public String logout() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        Long userid = loginUser.getUser().getId();
        redisUtil.deleteObject("login:" + userid);
        log.info("用户退出");
        SysUser user = UserInfoUtils.get();
        redisUtil.deleteObject("login:" + user.getId());
        return "注销成功";
    }

@@ -117,10 +128,12 @@
        BeanUtils.copyProperties(user, sysUser);
        this.updateById(sysUser);
        log.info("删除用户角色信息");
        sysUserRoleService.removeByIds(user.getRoleList());
        List<Long> roleIds = user.getRoleList().stream().map(SysRole::getId).collect(Collectors.toList());
        sysUserRoleService.remove(new LambdaQueryWrapper<SysUserRole>()
                .eq(SysUserRole::getUserId, sysUser.getId()).in(CollectionUtil.isNotEmpty(roleIds), SysUserRole::getRoleId, roleIds));
        log.info("保存用户角色信息");
        saveUserRole(user.getRoleList(), sysUser.getId());
        return null;
        return user;
    }

    @Override
@@ -135,13 +148,18 @@
    }

    @Override
    public List<SysUserVO> listByUserName(UserRequest request) {
    public SysUser queryByUserName(String userName) {
        return baseMapper.selectOne(new LambdaQueryWrapper<SysUser>().eq(SysUser::getUserName, userName));
    }

    @Override
    public List<SysUserVO> listByUserName(GeneralRequest request) {
        MPJLambdaWrapper<SysUser> wrapper = new MPJLambdaWrapper<>();
        wrapper.selectAll(SysUser.class)
                .selectCollection(SysRole.class, SysUserVO::getRoleList)
                .leftJoin(SysUserRole.class, SysUserRole::getUserId, SysUser::getId)
                .leftJoin(SysRole.class, SysRole::getId, SysUserRole::getRoleId)
                .like(StringUtils.hasText(request.getUserName()), SysUser::getUserName, request.getUserName());
                .like(StringUtils.hasText(request.getKey()), SysUser::getUserName, request.getKey());
        return baseMapper.selectJoinList(SysUserVO.class, wrapper);
    }

@@ -154,6 +172,65 @@

    }

    @Override
    public List<String> getUserAuthorityInfo(Long userId) {
        SysUser sysUser = baseMapper.selectById(userId);

        //  ROLE_admin,ROLE_normal,sys:user:list,....
        String authority = "";
        if (redisUtil.hasKey("GrantedAuthority:" + sysUser.getUserName())) {
            authority = redisUtil.getCacheObject("GrantedAuthority:" + sysUser.getUserName());

        } else {
            // 获取角色编码
            List<SysRole> roles = sysRoleService.list(new QueryWrapper<SysRole>()
                    .inSql("id", "select role_id from sys_user_role where user_id = " + userId));

            if (roles.size() > 0) {
                String roleCodes = roles.stream().map(r -> "ROLE_" + r.getRoleKey()).collect(Collectors.joining(","));
                authority = roleCodes.concat(",");
            }

            // 获取菜单操作编码
            List<String> perms = sysMenuMapper.selectPermsByUserId(userId);
            if (perms.size() > 0) {
                String menuPerms = String.join(",", perms);
                authority = authority.concat(menuPerms);
            }

            redisUtil.setCacheObject("GrantedAuthority:" + sysUser.getUserName(), authority, 60 * 60, TimeUnit.SECONDS);
        }
        return Arrays.stream(authority.split(",")).collect(Collectors.toList());
    }

    @Override
    public void clearUserAuthorityInfo(String userName) {
        redisUtil.deleteObject("GrantedAuthority:" + userName);
    }

    @Override
    public void clearUserAuthorityInfoByRoleId(Long roleId) {
        List<SysUser> sysUsers = this.list(new QueryWrapper<SysUser>()
                .inSql("id", "select user_id from sys_user_role where role_id = " + roleId));

        sysUsers.forEach(u -> {
            this.clearUserAuthorityInfo(u.getUserName());
        });

    }

    @Override
    public void clearUserAuthorityInfoByMenuId(Long menuId) {
        MPJLambdaWrapper<SysUserRole> wrapper = new MPJLambdaWrapper<SysUserRole>().selectAll(SysUser.class).distinct()
                .leftJoin(SysUser.class, SysUser::getId, SysUserRole::getUserId)
                .leftJoin(SysRoleMenu.class, SysRoleMenu::getRoleId, SysUserRole::getRoleId)
                .eq(SysRoleMenu::getMenuId, menuId);
        List<SysUser> sysUsers = sysUserRoleService.selectJoinList(SysUser.class, wrapper);
        sysUsers.forEach(u -> {
            this.clearUserAuthorityInfo(u.getUserName());
        });
    }

    /**
     * 实现UserDetailsService接口，从数据库内获取用户及权限信息
     *