👈 重构安全框架底层代码支持当前用户修改

3 years ago · cd75416b3e
6 changed files with 40 additions and 15 deletions
--- a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/TenantController.java
+++ b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/TenantController.java
@ -4,17 +4,22 @@ import cn.hutool.core.util.ArrayUtil;
 import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.cloud.kicc.common.core.api.R;
 import com.cloud.kicc.common.core.constant.AppConstants;
 import com.cloud.kicc.common.log.annotation.SysLog;
 import com.cloud.kicc.common.security.util.SecurityUtils;
 import com.cloud.kicc.system.api.entity.Tenant;
 import com.cloud.kicc.system.api.entity.User;
 import com.cloud.kicc.system.service.TenantService;
 import com.cloud.kicc.system.service.UserService;
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 import java.util.Arrays;
 import java.util.List;
 /**
 *<p>
@ -30,10 +35,10 @@ import java.util.Arrays;
 public class TenantController {
    private final TenantService tenantService;
    private final UserService userService;
    private LambdaQueryWrapper<Tenant> getQueryWrapper(Tenant tenant) {
        return new LambdaQueryWrapper<Tenant>()
                .in(ArrayUtil.isNotEmpty(tenant.getTenantIds()), Tenant::getCode, tenant.getTenantIds())
                .like(StrUtil.isNotBlank(tenant.getName()), Tenant::getName, tenant.getName())
                .eq(StrUtil.isNotBlank(tenant.getCode()), Tenant::getCode, tenant.getCode())
                .eq(StrUtil.isNotBlank(tenant.getStatus()), Tenant::getStatus, tenant.getStatus());
@ -46,6 +51,14 @@ public class TenantController {
        return R.ok(tenantPage.getRecords(), tenantPage.getTotal());
    }
    @GetMapping("/currentUserTenantList")
    @PreAuthorize("@pms.hasPermission('tenant_view')")
    public R currentUserTenantList() {
        User user = userService.getCurrentUserInfo();
        List<Tenant> tenantList = tenantService.list(Wrappers.<Tenant>query().lambda().in(Tenant::getId, StrUtil.split(",", user.getTenantId())));
        return R.ok(tenantList);
    }
    @GetMapping("/{id:\\w+}")
    public R getById(@PathVariable("id") String id) {
        return R.ok(tenantService.getById(id));
--- a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/UserController.java
+++ b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/UserController.java
@ -69,11 +69,7 @@ public class UserController {
    @GetMapping("/info")
    public R info() {
-        User user = userService.getOne(Wrappers.<User>query().lambda().eq(User::getUserName, SecurityUtils.getUser().getUsername()));
+        return R.ok(userService.getCurrentUserInfo());
        if (user == null) {
            return R.error("用户信息为空,请检查当前多租户下是否有当前用户信息!");
        }
        return R.ok(userService.getUserAuthority(user));
    }
    @GetMapping("/{id:\\w+}")
@ -219,11 +215,7 @@ public class UserController {
    @GetMapping("/resetTenant")
    @PreAuthorize("@pms.hasPermission('user_edit')")
    public R resetTenant() {
-        User user = userService.getOne(Wrappers.<User>query().lambda().eq(User::getId, SecurityUtils.getUser().getId()));
+        User user =  userService.getCurrentUserInfo();
        userService.getUserAuthority(user);
        if (user == null) {
            return R.error("用户信息为空,请检查当前多租户下是否有当前用户信息!");
        }
        userService.setCurrentUserTenant(user.getTenantId());
        return R.ok();
    }
--- a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/UserService.java
+++ b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/UserService.java
@ -44,4 +44,9 @@ public interface UserService extends IService<User> {
     */
    void setCurrentUserTenant(String... tenantIds);
    /**
     * 获取当前用户信息
     * @return User
     */
    User getCurrentUserInfo();
 }
--- a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/impl/UserServiceImpl.java
+++ b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/impl/UserServiceImpl.java
@ -4,7 +4,9 @@ import cn.hutool.core.util.ArrayUtil;
 import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.cloud.kicc.common.core.api.R;
 import com.cloud.kicc.common.core.constant.SecurityConstants;
 import com.cloud.kicc.common.core.exception.CheckedException;
 import com.cloud.kicc.common.core.exception.CommonException;
@ -111,6 +113,15 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
        return user;
    }
    @Override
    public User getCurrentUserInfo() {
        User user = super.getOne(Wrappers.<User>query().lambda().eq(User::getId, SecurityUtils.getUser().getId()));
        this.getUserAuthority(user);
        if (user == null) {
            throw new CommonException("用户信息为空,请检查当前多租户下是否有当前用户信息!");
        }
        return user;
    }
    @Override
    public void setCurrentUserTenant(String... tenantIds) {
--- a/kicc-ui/src/api/platform/system/controller/tenant.ts
+++ b/kicc-ui/src/api/platform/system/controller/tenant.ts
@ -11,7 +11,8 @@ enum Api {
  add = '/system_proxy/system/tenant/save',
  get = '/system_proxy/system/tenant',
  edit = '/system_proxy/system/tenant/update',
-  del = '/system_proxy/system/tenant/remove'
+  del = '/system_proxy/system/tenant/remove',
  currentUserTenantList = '/system_proxy/system/tenant/currentUserTenantList'
 }
 /** 查询多租户列表 */
@ -28,3 +29,6 @@ export const getTenant = (id: string) => defHttp.get<Tenant>({ url: `${Api.get}/
 /** 删除多租户 */
 export const delTenant = (ids: string) => defHttp.delete({ url: `${Api.del}/${ids}` });
 /** 查询当前用户多租户列表 */
 export const currentUserTenantList = () => defHttp.get<Tenant[]>({ url: Api.currentUserTenantList });
--- a/kicc-ui/src/layouts/default/setting/components/TenantSelect.vue
+++ b/kicc-ui/src/layouts/default/setting/components/TenantSelect.vue
@ -41,7 +41,7 @@
 </template>
 <script lang="ts" setup>
  import { reactive, onMounted, ref } from 'vue';
-  import { listTenant } from '/@/api/platform/system/controller/tenant';
+  import { currentUserTenantList } from '/@/api/platform/system/controller/tenant';
  import { useUserStore } from '/@/store/modules/user';
  import { Select, Row, Col, Form } from 'ant-design-vue';
  import { useTenant } from '/@/hooks/web/useTenant';
@ -72,8 +72,8 @@
  onMounted(async () => {
    const userStore = useUserStore();
    state.modelRef.tenantIds = userStore.getUserInfo.tenantIds;
-    const result = await listTenant({ tenantIds: state.modelRef.tenantIds });
+    const tenantList = await currentUserTenantList();
-    state.options = result.data.map(tenant => ({
+    state.options = tenantList.map(tenant => ({
      value: tenant.code,
      label: tenant.name
    }));