Merge branch 'master' of https://gitee.com/elunez/eladmin

eladmin-common/src/main/java/me/zhengjie/utils/SecurityUtils.java

@@ -20,6 +20,7 @@ import cn.hutool.json.JSONObject;
 import cn.hutool.json.JSONUtil;
 import lombok.extern.slf4j.Slf4j;
 import me.zhengjie.exception.BadRequestException;
+import me.zhengjie.utils.enums.DataScopeEnum;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -84,4 +85,16 @@ public class SecurityUtils {
         JSONArray array = JSONUtil.parseArray(new JSONObject(userDetails).get("dataScopes"));
         return JSONUtil.toList(array,Long.class);
     }
+
+    /**
+     * 获取数据权限级别
+     * @return 级别
+     */
+    public static String getDataScopeType() {
+        List<Long> dataScopes = getCurrentUserDataScope();
+        if(dataScopes.size() != 0){
+            return "";
+        }
+        return DataScopeEnum.ALL.getValue();
+    }
 }

eladmin-system/src/main/java/me/zhengjie/modules/security/service/OnlineUserService.java

@@ -21,6 +21,7 @@ import me.zhengjie.modules.security.service.dto.JwtUserDto;
 import me.zhengjie.modules.security.service.dto.OnlineUserDto;
 import me.zhengjie.utils.*;
 import org.springframework.data.domain.Pageable;
+import org.springframework.scheduling.annotation.Async;
 import org.springframework.stereotype.Service;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -173,4 +174,17 @@ public class OnlineUserService {
         }
     }
 
+    /**
+     * 根据用户名强退用户
+     * @param username /
+     */
+    @Async
+    public void kickOutForUsername(String username) {
+        List<OnlineUserDto> onlineUsers = getAll(username);
+        for (OnlineUserDto onlineUser : onlineUsers) {
+            if (onlineUser.getUserName().equals(username)) {
+                kickOut(onlineUser.getKey());
+            }
+        }
+    }
 }

eladmin-system/src/main/java/me/zhengjie/modules/security/service/UserDetailsServiceImpl.java

@@ -24,6 +24,7 @@ import me.zhengjie.modules.system.service.DataService;
 import me.zhengjie.modules.system.service.RoleService;
 import me.zhengjie.modules.system.service.UserService;
 import me.zhengjie.modules.system.service.dto.UserDto;
+import org.springframework.http.HttpStatus;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
@@ -72,7 +73,7 @@ public class UserDetailsServiceImpl implements UserDetailsService {
                 throw new UsernameNotFoundException("");
             } else {
                 if (!user.getEnabled()) {
-                    throw new BadRequestException("账号未激活");
+                    throw new BadRequestException("账号未激活！");
                 }
                 jwtUserDto = new JwtUserDto(
                         user,

eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DataServiceImpl.java

@@ -65,7 +65,7 @@ public class DataServiceImpl implements DataService {
                     deptIds.addAll(getCustomize(deptIds, role));
                     break;
                 default:
-                    break;
+                    return new ArrayList<>(deptIds);
             }
         }
         return new ArrayList<>(deptIds);

eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DeptServiceImpl.java

@@ -25,13 +25,11 @@ import me.zhengjie.modules.system.repository.RoleRepository;
 import me.zhengjie.modules.system.repository.UserRepository;
 import me.zhengjie.modules.system.service.dto.DeptDto;
 import me.zhengjie.modules.system.service.dto.DeptQueryCriteria;
-import me.zhengjie.utils.FileUtil;
+import me.zhengjie.utils.*;
-import me.zhengjie.utils.QueryHelp;
-import me.zhengjie.utils.RedisUtils;
-import me.zhengjie.utils.ValidationUtil;
 import me.zhengjie.modules.system.repository.DeptRepository;
 import me.zhengjie.modules.system.service.DeptService;
 import me.zhengjie.modules.system.service.mapstruct.DeptMapper;
+import me.zhengjie.utils.enums.DataScopeEnum;
 import org.springframework.cache.annotation.CacheConfig;
 import org.springframework.cache.annotation.Cacheable;
 import org.springframework.data.domain.Sort;
@@ -61,8 +59,11 @@ public class DeptServiceImpl implements DeptService {
     @Override
     public List<DeptDto> queryAll(DeptQueryCriteria criteria, Boolean isQuery) throws Exception {
         Sort sort = new Sort(Sort.Direction.ASC, "deptSort");
+        String dataScopeType = SecurityUtils.getDataScopeType();
         if (isQuery) {
-            criteria.setPidIsNull(true);
+            if(dataScopeType.equals(DataScopeEnum.ALL.getValue())){
+                criteria.setPidIsNull(true);
+            }
             List<Field> fields = QueryHelp.getAllFields(criteria.getClass(), new ArrayList<>());
             List<String> fieldNames = new ArrayList<String>(){{ add("pidIsNull");add("enabled");}};
             for (Field field : fields) {
@@ -78,7 +79,12 @@ public class DeptServiceImpl implements DeptService {
                 }
             }
         }
-        return deptMapper.toDto(deptRepository.findAll((root, criteriaQuery, criteriaBuilder) -> QueryHelp.getPredicate(root,criteria,criteriaBuilder),sort));
+        List<DeptDto> list = deptMapper.toDto(deptRepository.findAll((root, criteriaQuery, criteriaBuilder) -> QueryHelp.getPredicate(root,criteria,criteriaBuilder),sort));
+        // 如果为空，就代表为自定义权限或者本级权限，就需要去重，不理解可以注释掉，看查询结果
+        if(StringUtils.isBlank(dataScopeType)){
+            return deduplication(list);
+        }
+        return list;
     }
 
     @Override
@@ -247,6 +253,23 @@ public class DeptServiceImpl implements DeptService {
         }
     }
 
+    private List<DeptDto> deduplication(List<DeptDto> list) {
+        List<DeptDto> deptDtos = new ArrayList<>();
+        for (DeptDto deptDto : list) {
+            boolean flag = true;
+            for (DeptDto dto : list) {
+                if (deptDto.getPid().equals(dto.getId())) {
+                    flag = false;
+                    break;
+                }
+            }
+            if (flag){
+                deptDtos.add(deptDto);
+            }
+        }
+        return deptDtos;
+    }
+
     /**
      * 清理缓存
      * @param id /

eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/UserServiceImpl.java

@@ -17,6 +17,7 @@ package me.zhengjie.modules.system.service.impl;
 
 import lombok.RequiredArgsConstructor;
 import me.zhengjie.config.FileProperties;
+import me.zhengjie.modules.security.service.OnlineUserService;
 import me.zhengjie.modules.security.service.UserCacheClean;
 import me.zhengjie.modules.system.domain.User;
 import me.zhengjie.exception.EntityExistException;
@@ -58,6 +59,7 @@ public class UserServiceImpl implements UserService {
     private final FileProperties properties;
     private final RedisUtils redisUtils;
     private final UserCacheClean userCacheClean;
+    private final OnlineUserService onlineUserService;
 
     @Override
     public Object queryAll(UserQueryCriteria criteria, Pageable pageable) {
@@ -117,6 +119,10 @@ public class UserServiceImpl implements UserService {
         if(!resources.getUsername().equals(user.getUsername())){
             redisUtils.del("user::username:" + user.getUsername());
         }
+        // 如果用户被禁用，则清除用户登录信息
+        if(!resources.getEnabled()){
+            onlineUserService.kickOutForUsername(resources.getUsername());
+        }
         user.setUsername(resources.getUsername());
         user.setEmail(resources.getEmail());
         user.setEnabled(resources.getEnabled());