From bf541e87676aaf0f773b9edec54a8248618e06ea Mon Sep 17 00:00:00 2001 From: ZhengJie <201507802@qq.com> Date: Sat, 1 Aug 2020 14:07:45 +0800 Subject: [PATCH 1/2] =?UTF-8?q?[=E4=BB=A3=E7=A0=81=E5=AE=8C=E5=96=84](v2.5?= =?UTF-8?q?):=20=E4=BF=AE=E5=A4=8D=E7=A6=81=E7=94=A8=E7=94=A8=E6=88=B7?= =?UTF-8?q?=E5=90=8E=E7=94=A8=E6=88=B7=E8=BF=98=E5=8F=AF=E4=BB=A5=E6=93=8D?= =?UTF-8?q?=E4=BD=9C=E7=9A=84Bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit close https://github.com/elunez/eladmin/issues/443 --- .../security/service/OnlineUserService.java | 14 ++++++++++++++ .../security/service/UserDetailsServiceImpl.java | 3 ++- .../system/service/impl/UserServiceImpl.java | 6 ++++++ 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/service/OnlineUserService.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/service/OnlineUserService.java index c1fd9c5a..e9eeb8be 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/security/service/OnlineUserService.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/service/OnlineUserService.java @@ -21,6 +21,7 @@ import me.zhengjie.modules.security.service.dto.JwtUserDto; import me.zhengjie.modules.security.service.dto.OnlineUserDto; import me.zhengjie.utils.*; import org.springframework.data.domain.Pageable; +import org.springframework.scheduling.annotation.Async; import org.springframework.stereotype.Service; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -173,4 +174,17 @@ public class OnlineUserService { } } + /** + * 根据用户名强退用户 + * @param username / + */ + @Async + public void kickOutForUsername(String username) { + List onlineUsers = getAll(username); + for (OnlineUserDto onlineUser : onlineUsers) { + if (onlineUser.getUserName().equals(username)) { + kickOut(onlineUser.getKey()); + } + } + } } diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/service/UserDetailsServiceImpl.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/service/UserDetailsServiceImpl.java index 6ea954d6..d9aaf93f 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/security/service/UserDetailsServiceImpl.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/service/UserDetailsServiceImpl.java @@ -24,6 +24,7 @@ import me.zhengjie.modules.system.service.DataService; import me.zhengjie.modules.system.service.RoleService; import me.zhengjie.modules.system.service.UserService; import me.zhengjie.modules.system.service.dto.UserDto; +import org.springframework.http.HttpStatus; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Service; @@ -72,7 +73,7 @@ public class UserDetailsServiceImpl implements UserDetailsService { throw new UsernameNotFoundException(""); } else { if (!user.getEnabled()) { - throw new BadRequestException("账号未激活"); + throw new BadRequestException("账号未激活!"); } jwtUserDto = new JwtUserDto( user, diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/UserServiceImpl.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/UserServiceImpl.java index eca89aac..84b44ec8 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/UserServiceImpl.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/UserServiceImpl.java @@ -17,6 +17,7 @@ package me.zhengjie.modules.system.service.impl; import lombok.RequiredArgsConstructor; import me.zhengjie.config.FileProperties; +import me.zhengjie.modules.security.service.OnlineUserService; import me.zhengjie.modules.security.service.UserCacheClean; import me.zhengjie.modules.system.domain.User; import me.zhengjie.exception.EntityExistException; @@ -58,6 +59,7 @@ public class UserServiceImpl implements UserService { private final FileProperties properties; private final RedisUtils redisUtils; private final UserCacheClean userCacheClean; + private final OnlineUserService onlineUserService; @Override public Object queryAll(UserQueryCriteria criteria, Pageable pageable) { @@ -117,6 +119,10 @@ public class UserServiceImpl implements UserService { if(!resources.getUsername().equals(user.getUsername())){ redisUtils.del("user::username:" + user.getUsername()); } + // 如果用户被禁用,则清除用户登录信息 + if(!resources.getEnabled()){ + onlineUserService.kickOutForUsername(resources.getUsername()); + } user.setUsername(resources.getUsername()); user.setEmail(resources.getEmail()); user.setEnabled(resources.getEnabled()); From 49f3b0a53f8eccdf4f06222de130adb07dc583ce Mon Sep 17 00:00:00 2001 From: ZhengJie <201507802@qq.com> Date: Sun, 2 Aug 2020 15:46:03 +0800 Subject: [PATCH 2/2] =?UTF-8?q?[=E4=BB=A3=E7=A0=81=E5=AE=8C=E5=96=84](v2.5?= =?UTF-8?q?):=20=E9=83=A8=E9=97=A8=E6=9F=A5=E8=AF=A2=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit close https://github.com/elunez/eladmin/issues/428 --- .../java/me/zhengjie/utils/SecurityUtils.java | 13 +++++++ .../me/zhengjie/utils/enums/CodeBiEnum.java | 0 .../me/zhengjie/utils/enums/CodeEnum.java | 0 .../zhengjie/utils/enums/DataScopeEnum.java | 0 .../system/service/impl/DataServiceImpl.java | 2 +- .../system/service/impl/DeptServiceImpl.java | 35 +++++++++++++++---- 6 files changed, 43 insertions(+), 7 deletions(-) rename {eladmin-system => eladmin-common}/src/main/java/me/zhengjie/utils/enums/CodeBiEnum.java (100%) rename {eladmin-system => eladmin-common}/src/main/java/me/zhengjie/utils/enums/CodeEnum.java (100%) rename {eladmin-system => eladmin-common}/src/main/java/me/zhengjie/utils/enums/DataScopeEnum.java (100%) diff --git a/eladmin-common/src/main/java/me/zhengjie/utils/SecurityUtils.java b/eladmin-common/src/main/java/me/zhengjie/utils/SecurityUtils.java index fe39dcd0..b4fae876 100644 --- a/eladmin-common/src/main/java/me/zhengjie/utils/SecurityUtils.java +++ b/eladmin-common/src/main/java/me/zhengjie/utils/SecurityUtils.java @@ -20,6 +20,7 @@ import cn.hutool.json.JSONObject; import cn.hutool.json.JSONUtil; import lombok.extern.slf4j.Slf4j; import me.zhengjie.exception.BadRequestException; +import me.zhengjie.utils.enums.DataScopeEnum; import org.springframework.http.HttpStatus; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; @@ -84,4 +85,16 @@ public class SecurityUtils { JSONArray array = JSONUtil.parseArray(new JSONObject(userDetails).get("dataScopes")); return JSONUtil.toList(array,Long.class); } + + /** + * 获取数据权限级别 + * @return 级别 + */ + public static String getDataScopeType() { + List dataScopes = getCurrentUserDataScope(); + if(dataScopes.size() != 0){ + return ""; + } + return DataScopeEnum.ALL.getValue(); + } } diff --git a/eladmin-system/src/main/java/me/zhengjie/utils/enums/CodeBiEnum.java b/eladmin-common/src/main/java/me/zhengjie/utils/enums/CodeBiEnum.java similarity index 100% rename from eladmin-system/src/main/java/me/zhengjie/utils/enums/CodeBiEnum.java rename to eladmin-common/src/main/java/me/zhengjie/utils/enums/CodeBiEnum.java diff --git a/eladmin-system/src/main/java/me/zhengjie/utils/enums/CodeEnum.java b/eladmin-common/src/main/java/me/zhengjie/utils/enums/CodeEnum.java similarity index 100% rename from eladmin-system/src/main/java/me/zhengjie/utils/enums/CodeEnum.java rename to eladmin-common/src/main/java/me/zhengjie/utils/enums/CodeEnum.java diff --git a/eladmin-system/src/main/java/me/zhengjie/utils/enums/DataScopeEnum.java b/eladmin-common/src/main/java/me/zhengjie/utils/enums/DataScopeEnum.java similarity index 100% rename from eladmin-system/src/main/java/me/zhengjie/utils/enums/DataScopeEnum.java rename to eladmin-common/src/main/java/me/zhengjie/utils/enums/DataScopeEnum.java diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DataServiceImpl.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DataServiceImpl.java index ab828b39..5e3d541d 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DataServiceImpl.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DataServiceImpl.java @@ -65,7 +65,7 @@ public class DataServiceImpl implements DataService { deptIds.addAll(getCustomize(deptIds, role)); break; default: - break; + return new ArrayList<>(deptIds); } } return new ArrayList<>(deptIds); diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DeptServiceImpl.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DeptServiceImpl.java index 520da6ef..400021df 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DeptServiceImpl.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DeptServiceImpl.java @@ -25,13 +25,11 @@ import me.zhengjie.modules.system.repository.RoleRepository; import me.zhengjie.modules.system.repository.UserRepository; import me.zhengjie.modules.system.service.dto.DeptDto; import me.zhengjie.modules.system.service.dto.DeptQueryCriteria; -import me.zhengjie.utils.FileUtil; -import me.zhengjie.utils.QueryHelp; -import me.zhengjie.utils.RedisUtils; -import me.zhengjie.utils.ValidationUtil; +import me.zhengjie.utils.*; import me.zhengjie.modules.system.repository.DeptRepository; import me.zhengjie.modules.system.service.DeptService; import me.zhengjie.modules.system.service.mapstruct.DeptMapper; +import me.zhengjie.utils.enums.DataScopeEnum; import org.springframework.cache.annotation.CacheConfig; import org.springframework.cache.annotation.Cacheable; import org.springframework.data.domain.Sort; @@ -61,8 +59,11 @@ public class DeptServiceImpl implements DeptService { @Override public List queryAll(DeptQueryCriteria criteria, Boolean isQuery) throws Exception { Sort sort = new Sort(Sort.Direction.ASC, "deptSort"); + String dataScopeType = SecurityUtils.getDataScopeType(); if (isQuery) { - criteria.setPidIsNull(true); + if(dataScopeType.equals(DataScopeEnum.ALL.getValue())){ + criteria.setPidIsNull(true); + } List fields = QueryHelp.getAllFields(criteria.getClass(), new ArrayList<>()); List fieldNames = new ArrayList(){{ add("pidIsNull");add("enabled");}}; for (Field field : fields) { @@ -78,7 +79,12 @@ public class DeptServiceImpl implements DeptService { } } } - return deptMapper.toDto(deptRepository.findAll((root, criteriaQuery, criteriaBuilder) -> QueryHelp.getPredicate(root,criteria,criteriaBuilder),sort)); + List list = deptMapper.toDto(deptRepository.findAll((root, criteriaQuery, criteriaBuilder) -> QueryHelp.getPredicate(root,criteria,criteriaBuilder),sort)); + // 如果为空,就代表为自定义权限或者本级权限,就需要去重,不理解可以注释掉,看查询结果 + if(StringUtils.isBlank(dataScopeType)){ + return deduplication(list); + } + return list; } @Override @@ -247,6 +253,23 @@ public class DeptServiceImpl implements DeptService { } } + private List deduplication(List list) { + List deptDtos = new ArrayList<>(); + for (DeptDto deptDto : list) { + boolean flag = true; + for (DeptDto dto : list) { + if (deptDto.getPid().equals(dto.getId())) { + flag = false; + break; + } + } + if (flag){ + deptDtos.add(deptDto); + } + } + return deptDtos; + } + /** * 清理缓存 * @param id /