[代码完善](v2.5): 修复禁用用户后用户还可以操作的Bug

close https://github.com/elunez/eladmin/issues/443
pull/459/head
ZhengJie 2020-08-01 14:07:45 +08:00
parent fca640426e
commit bf541e8767
3 changed files with 22 additions and 1 deletions

View File

@ -21,6 +21,7 @@ import me.zhengjie.modules.security.service.dto.JwtUserDto;
import me.zhengjie.modules.security.service.dto.OnlineUserDto;
import me.zhengjie.utils.*;
import org.springframework.data.domain.Pageable;
import org.springframework.scheduling.annotation.Async;
import org.springframework.stereotype.Service;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@ -173,4 +174,17 @@ public class OnlineUserService {
}
}
/**
* 退
* @param username /
*/
@Async
public void kickOutForUsername(String username) {
List<OnlineUserDto> onlineUsers = getAll(username);
for (OnlineUserDto onlineUser : onlineUsers) {
if (onlineUser.getUserName().equals(username)) {
kickOut(onlineUser.getKey());
}
}
}
}

View File

@ -24,6 +24,7 @@ import me.zhengjie.modules.system.service.DataService;
import me.zhengjie.modules.system.service.RoleService;
import me.zhengjie.modules.system.service.UserService;
import me.zhengjie.modules.system.service.dto.UserDto;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
@ -72,7 +73,7 @@ public class UserDetailsServiceImpl implements UserDetailsService {
throw new UsernameNotFoundException("");
} else {
if (!user.getEnabled()) {
throw new BadRequestException("账号未激活");
throw new BadRequestException("账号未激活");
}
jwtUserDto = new JwtUserDto(
user,

View File

@ -17,6 +17,7 @@ package me.zhengjie.modules.system.service.impl;
import lombok.RequiredArgsConstructor;
import me.zhengjie.config.FileProperties;
import me.zhengjie.modules.security.service.OnlineUserService;
import me.zhengjie.modules.security.service.UserCacheClean;
import me.zhengjie.modules.system.domain.User;
import me.zhengjie.exception.EntityExistException;
@ -58,6 +59,7 @@ public class UserServiceImpl implements UserService {
private final FileProperties properties;
private final RedisUtils redisUtils;
private final UserCacheClean userCacheClean;
private final OnlineUserService onlineUserService;
@Override
public Object queryAll(UserQueryCriteria criteria, Pageable pageable) {
@ -117,6 +119,10 @@ public class UserServiceImpl implements UserService {
if(!resources.getUsername().equals(user.getUsername())){
redisUtils.del("user::username:" + user.getUsername());
}
// 如果用户被禁用,则清除用户登录信息
if(!resources.getEnabled()){
onlineUserService.kickOutForUsername(resources.getUsername());
}
user.setUsername(resources.getUsername());
user.setEmail(resources.getEmail());
user.setEnabled(resources.getEnabled());