Browse Source

👈 重构安全框架底层代码支持当前用户修改

master
wangxiang 3 years ago
parent
commit
cd75416b3e
  1. 15
      kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/TenantController.java
  2. 12
      kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/UserController.java
  3. 5
      kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/UserService.java
  4. 11
      kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/impl/UserServiceImpl.java
  5. 6
      kicc-ui/src/api/platform/system/controller/tenant.ts
  6. 6
      kicc-ui/src/layouts/default/setting/components/TenantSelect.vue

15
kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/TenantController.java

@ -4,17 +4,22 @@ import cn.hutool.core.util.ArrayUtil;
import cn.hutool.core.util.StrUtil; import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.cloud.kicc.common.core.api.R; import com.cloud.kicc.common.core.api.R;
import com.cloud.kicc.common.core.constant.AppConstants; import com.cloud.kicc.common.core.constant.AppConstants;
import com.cloud.kicc.common.log.annotation.SysLog; import com.cloud.kicc.common.log.annotation.SysLog;
import com.cloud.kicc.common.security.util.SecurityUtils;
import com.cloud.kicc.system.api.entity.Tenant; import com.cloud.kicc.system.api.entity.Tenant;
import com.cloud.kicc.system.api.entity.User;
import com.cloud.kicc.system.service.TenantService; import com.cloud.kicc.system.service.TenantService;
import com.cloud.kicc.system.service.UserService;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import java.util.Arrays; import java.util.Arrays;
import java.util.List;
/** /**
*<p> *<p>
@ -30,10 +35,10 @@ import java.util.Arrays;
public class TenantController { public class TenantController {
private final TenantService tenantService; private final TenantService tenantService;
private final UserService userService;
private LambdaQueryWrapper<Tenant> getQueryWrapper(Tenant tenant) { private LambdaQueryWrapper<Tenant> getQueryWrapper(Tenant tenant) {
return new LambdaQueryWrapper<Tenant>() return new LambdaQueryWrapper<Tenant>()
.in(ArrayUtil.isNotEmpty(tenant.getTenantIds()), Tenant::getCode, tenant.getTenantIds())
.like(StrUtil.isNotBlank(tenant.getName()), Tenant::getName, tenant.getName()) .like(StrUtil.isNotBlank(tenant.getName()), Tenant::getName, tenant.getName())
.eq(StrUtil.isNotBlank(tenant.getCode()), Tenant::getCode, tenant.getCode()) .eq(StrUtil.isNotBlank(tenant.getCode()), Tenant::getCode, tenant.getCode())
.eq(StrUtil.isNotBlank(tenant.getStatus()), Tenant::getStatus, tenant.getStatus()); .eq(StrUtil.isNotBlank(tenant.getStatus()), Tenant::getStatus, tenant.getStatus());
@ -46,6 +51,14 @@ public class TenantController {
return R.ok(tenantPage.getRecords(), tenantPage.getTotal()); return R.ok(tenantPage.getRecords(), tenantPage.getTotal());
} }
@GetMapping("/currentUserTenantList")
@PreAuthorize("@pms.hasPermission('tenant_view')")
public R currentUserTenantList() {
User user = userService.getCurrentUserInfo();
List<Tenant> tenantList = tenantService.list(Wrappers.<Tenant>query().lambda().in(Tenant::getId, StrUtil.split(",", user.getTenantId())));
return R.ok(tenantList);
}
@GetMapping("/{id:\\w+}") @GetMapping("/{id:\\w+}")
public R getById(@PathVariable("id") String id) { public R getById(@PathVariable("id") String id) {
return R.ok(tenantService.getById(id)); return R.ok(tenantService.getById(id));

12
kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/UserController.java

@ -69,11 +69,7 @@ public class UserController {
@GetMapping("/info") @GetMapping("/info")
public R info() { public R info() {
User user = userService.getOne(Wrappers.<User>query().lambda().eq(User::getUserName, SecurityUtils.getUser().getUsername())); return R.ok(userService.getCurrentUserInfo());
if (user == null) {
return R.error("用户信息为空,请检查当前多租户下是否有当前用户信息!");
}
return R.ok(userService.getUserAuthority(user));
} }
@GetMapping("/{id:\\w+}") @GetMapping("/{id:\\w+}")
@ -219,11 +215,7 @@ public class UserController {
@GetMapping("/resetTenant") @GetMapping("/resetTenant")
@PreAuthorize("@pms.hasPermission('user_edit')") @PreAuthorize("@pms.hasPermission('user_edit')")
public R resetTenant() { public R resetTenant() {
User user = userService.getOne(Wrappers.<User>query().lambda().eq(User::getId, SecurityUtils.getUser().getId())); User user = userService.getCurrentUserInfo();
userService.getUserAuthority(user);
if (user == null) {
return R.error("用户信息为空,请检查当前多租户下是否有当前用户信息!");
}
userService.setCurrentUserTenant(user.getTenantId()); userService.setCurrentUserTenant(user.getTenantId());
return R.ok(); return R.ok();
} }

5
kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/UserService.java

@ -44,4 +44,9 @@ public interface UserService extends IService<User> {
*/ */
void setCurrentUserTenant(String... tenantIds); void setCurrentUserTenant(String... tenantIds);
/**
* 获取当前用户信息
* @return User
*/
User getCurrentUserInfo();
} }

11
kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/impl/UserServiceImpl.java

@ -4,7 +4,9 @@ import cn.hutool.core.util.ArrayUtil;
import cn.hutool.core.util.StrUtil; import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.cloud.kicc.common.core.api.R;
import com.cloud.kicc.common.core.constant.SecurityConstants; import com.cloud.kicc.common.core.constant.SecurityConstants;
import com.cloud.kicc.common.core.exception.CheckedException; import com.cloud.kicc.common.core.exception.CheckedException;
import com.cloud.kicc.common.core.exception.CommonException; import com.cloud.kicc.common.core.exception.CommonException;
@ -111,6 +113,15 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
return user; return user;
} }
@Override
public User getCurrentUserInfo() {
User user = super.getOne(Wrappers.<User>query().lambda().eq(User::getId, SecurityUtils.getUser().getId()));
this.getUserAuthority(user);
if (user == null) {
throw new CommonException("用户信息为空,请检查当前多租户下是否有当前用户信息!");
}
return user;
}
@Override @Override
public void setCurrentUserTenant(String... tenantIds) { public void setCurrentUserTenant(String... tenantIds) {

6
kicc-ui/src/api/platform/system/controller/tenant.ts

@ -11,7 +11,8 @@ enum Api {
add = '/system_proxy/system/tenant/save', add = '/system_proxy/system/tenant/save',
get = '/system_proxy/system/tenant', get = '/system_proxy/system/tenant',
edit = '/system_proxy/system/tenant/update', edit = '/system_proxy/system/tenant/update',
del = '/system_proxy/system/tenant/remove' del = '/system_proxy/system/tenant/remove',
currentUserTenantList = '/system_proxy/system/tenant/currentUserTenantList'
} }
/** 查询多租户列表 */ /** 查询多租户列表 */
@ -28,3 +29,6 @@ export const getTenant = (id: string) => defHttp.get<Tenant>({ url: `${Api.get}/
/** 删除多租户 */ /** 删除多租户 */
export const delTenant = (ids: string) => defHttp.delete({ url: `${Api.del}/${ids}` }); export const delTenant = (ids: string) => defHttp.delete({ url: `${Api.del}/${ids}` });
/** 查询当前用户多租户列表 */
export const currentUserTenantList = () => defHttp.get<Tenant[]>({ url: Api.currentUserTenantList });

6
kicc-ui/src/layouts/default/setting/components/TenantSelect.vue

@ -41,7 +41,7 @@
</template> </template>
<script lang="ts" setup> <script lang="ts" setup>
import { reactive, onMounted, ref } from 'vue'; import { reactive, onMounted, ref } from 'vue';
import { listTenant } from '/@/api/platform/system/controller/tenant'; import { currentUserTenantList } from '/@/api/platform/system/controller/tenant';
import { useUserStore } from '/@/store/modules/user'; import { useUserStore } from '/@/store/modules/user';
import { Select, Row, Col, Form } from 'ant-design-vue'; import { Select, Row, Col, Form } from 'ant-design-vue';
import { useTenant } from '/@/hooks/web/useTenant'; import { useTenant } from '/@/hooks/web/useTenant';
@ -72,8 +72,8 @@
onMounted(async () => { onMounted(async () => {
const userStore = useUserStore(); const userStore = useUserStore();
state.modelRef.tenantIds = userStore.getUserInfo.tenantIds; state.modelRef.tenantIds = userStore.getUserInfo.tenantIds;
const result = await listTenant({ tenantIds: state.modelRef.tenantIds }); const tenantList = await currentUserTenantList();
state.options = result.data.map(tenant => ({ state.options = tenantList.map(tenant => ({
value: tenant.code, value: tenant.code,
label: tenant.name label: tenant.name
})); }));

Loading…
Cancel
Save