From 711e030ab825ba91a499180cc1192851f647b755 Mon Sep 17 00:00:00 2001 From: WendyYang Date: Fri, 5 May 2023 15:50:39 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E4=BC=9A=E8=AE=AE=E5=85=B3=E8=81=94?= =?UTF-8?q?=E9=A1=B9=E7=9B=AE=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../pmapi/user/convert/UserInfoConvertor.java | 38 ++++++++++++++++++++ .../pmapi/user/manage/UserAuthLoginManage.java | 40 ++++++++++------------ .../pmapi/user/manage/UserInfoManage.java | 37 ++++++++++++++++++-- .../CredentialLoginUserDetailService.java | 32 +++++------------ .../user/security/auth/model/UserFullInfoDTO.java | 2 ++ 5 files changed, 103 insertions(+), 46 deletions(-) create mode 100644 pmapi/src/main/java/com/ningdatech/pmapi/user/convert/UserInfoConvertor.java diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/convert/UserInfoConvertor.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/convert/UserInfoConvertor.java new file mode 100644 index 0000000..7fa0e38 --- /dev/null +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/convert/UserInfoConvertor.java @@ -0,0 +1,38 @@ +package com.ningdatech.pmapi.user.convert; + +import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO; +import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails; + +/** + *

+ * UserInfoConvertor + *

+ * + * @author WendyYang + * @since 2023/5/5 + **/ +public class UserInfoConvertor { + + private UserInfoConvertor() { + + } + + public static UserInfoDetails toUserInfoDetails(UserFullInfoDTO userFullInfo) { + UserInfoDetails userInfoDetails = new UserInfoDetails(); + userInfoDetails.setUserId(userFullInfo.getUserId()); + userInfoDetails.setUsername(userFullInfo.getUsername()); + userInfoDetails.setRealName(userFullInfo.getRealName()); + userInfoDetails.setUserRoleList(userFullInfo.getUserRoleList()); + userInfoDetails.setRegionCode(userFullInfo.getRegionCode()); + userInfoDetails.setRegionLevel(userFullInfo.getRegionLevel()); + userInfoDetails.setIdentifier(userFullInfo.getIdentifier()); + userInfoDetails.setPassword(userFullInfo.getCredential()); + userInfoDetails.setEmployeeCode(userFullInfo.getEmployeeCode()); + userInfoDetails.setOrganizationCode(userFullInfo.getOrganizationCode()); + userInfoDetails.setOrganizationName(userFullInfo.getOrganizationName()); + userInfoDetails.setEmpPosUnitCode(userFullInfo.getEmpPosUnitCode()); + userInfoDetails.setEmpPosUnitName(userFullInfo.getEmpPosUnitName()); + return userInfoDetails; + } + +} diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java index 50a4ce3..66d94d3 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java @@ -43,8 +43,8 @@ public class UserAuthLoginManage { /** * 根据用户id 获取用户全量信息 * - * @param userId - * @return + * @param userId / + * @return / */ public UserFullInfoDTO getUserFullInfo(Long userId) { UserInfo userInfo = iUserInfoService.getById(userId); @@ -53,15 +53,15 @@ public class UserAuthLoginManage { } // 返回用户全量信息 UserFullInfoDTO userFullInfoDTO = new UserFullInfoDTO(); - userFullInfoDTOAssembler(userInfo, userFullInfoDTO); + userFullInfoAssembler(userInfo, userFullInfoDTO); return userFullInfoDTO; } /** * 根据用户名获取 * - * @param username - * @return + * @param username / + * @return / */ public UserFullInfoDTO queryUserInfoInPasswordAuth(String username) { // TODO 目前账号密码登陆测试使用 强制用户登录 userId 1L @@ -71,15 +71,15 @@ public class UserAuthLoginManage { } // 返回用户全量信息 UserFullInfoDTO userFullInfoDTO = new UserFullInfoDTO(); - userFullInfoDTOAssembler(userInfo, userFullInfoDTO); + userFullInfoAssembler(userInfo, userFullInfoDTO); return userFullInfoDTO; } /** * 根据手机号获取 * - * @param phoneNo - * @return + * @param phoneNo / + * @return / */ public UserFullInfoDTO queryUserInfoInPhoneNoAuth(String phoneNo) { UserInfo userInfo = iUserInfoService.getOne(Wrappers.lambdaQuery(UserInfo.class) @@ -89,15 +89,15 @@ public class UserAuthLoginManage { } // 返回用户全量信息 UserFullInfoDTO userFullInfoDTO = new UserFullInfoDTO(); - userFullInfoDTOAssembler(userInfo, userFullInfoDTO); + userFullInfoAssembler(userInfo, userFullInfoDTO); return userFullInfoDTO; } /** * 根据accountId(浙政钉扫码登陆) * - * @param accountId - * @return + * @param accountId / + * @return / */ public UserFullInfoDTO queryUserInfoInAccountIdAuth(String accountId) { @@ -109,12 +109,12 @@ public class UserAuthLoginManage { } // 返回用户全量信息 UserFullInfoDTO userFullInfoDTO = new UserFullInfoDTO(); - userFullInfoDTOAssembler(userInfo, userFullInfoDTO); + userFullInfoAssembler(userInfo, userFullInfoDTO); return userFullInfoDTO; } - private void userFullInfoDTOAssembler(UserInfo userInfo, UserFullInfoDTO userFullInfoDTO) { + private void userFullInfoAssembler(UserInfo userInfo, UserFullInfoDTO userFullInfoDTO) { // 获取浙政钉雇员信息 组织信息 String employeeCode = userInfo.getEmployeeCode(); if (StringUtils.isNotBlank(employeeCode)) { @@ -128,9 +128,7 @@ public class UserAuthLoginManage { // 装配用户任职所在单位 String empPosUnitCode = dingEmployeeInfo.getEmpPosUnitCode(); if (StringUtils.isNotBlank(empPosUnitCode)) { - DingOrganization dingOrganization = iDingOrganizationService - .getOne(Wrappers.lambdaQuery(DingOrganization.class) - .eq(DingOrganization::getOrganizationCode, empPosUnitCode)); + DingOrganization dingOrganization = iDingOrganizationService.getByOrgCode(empPosUnitCode); if (Objects.nonNull(dingOrganization)) { userFullInfoDTO.setEmpPosUnitCode(empPosUnitCode); userFullInfoDTO.setEmpPosUnitName(dingOrganization.getOrganizationName()); @@ -139,9 +137,9 @@ public class UserAuthLoginManage { // 装配用户所在orgCode String organizationCode = dingEmployeeInfo.getOrganizationCode(); - List dingOrganizationList = iDingOrganizationService - .list(Wrappers.lambdaQuery(DingOrganization.class) - .eq(DingOrganization::getOrganizationCode, organizationCode)); + List dingOrganizationList = iDingOrganizationService.list(Wrappers + .lambdaQuery(DingOrganization.class) + .eq(DingOrganization::getOrganizationCode, organizationCode)); if (CollectionUtil.isNotEmpty(dingOrganizationList)) { DingOrganization dingOrganization = dingOrganizationList.get(0); userFullInfoDTO.setOrganizationCode(dingOrganization.getOrganizationCode()); @@ -174,7 +172,7 @@ public class UserAuthLoginManage { userFullInfoDTO.setEmployeeCode(employeeCode); userFullInfoDTO.setUsername(userInfo.getRealName()); userFullInfoDTO.setMobile(userInfo.getMobile()); - + userFullInfoDTO.setAccountId(userInfo.getAccountId()); } public UserFullInfoDTO getUserFullInfoByEmployeeCode(String employeeCode) { @@ -185,7 +183,7 @@ public class UserAuthLoginManage { } // 返回用户全量信息 UserFullInfoDTO userFullInfoDTO = new UserFullInfoDTO(); - userFullInfoDTOAssembler(userInfo, userFullInfoDTO); + userFullInfoAssembler(userInfo, userFullInfoDTO); return userFullInfoDTO; } } diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java index fb052a2..2d26866 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java @@ -10,6 +10,7 @@ import com.ningdatech.basic.model.PageVo; import com.ningdatech.pmapi.common.constant.RegionConst; import com.ningdatech.pmapi.common.helper.RegionCacheHelper; import com.ningdatech.pmapi.common.helper.UserInfoHelper; +import com.ningdatech.pmapi.common.util.BizUtils; import com.ningdatech.pmapi.organization.model.entity.DingEmployeeInfo; import com.ningdatech.pmapi.organization.model.entity.DingOrganization; import com.ningdatech.pmapi.organization.service.IDingEmployeeInfoService; @@ -19,6 +20,7 @@ import com.ningdatech.pmapi.sys.model.entity.UserRole; import com.ningdatech.pmapi.sys.service.IRoleService; import com.ningdatech.pmapi.sys.service.IUserRoleService; import com.ningdatech.pmapi.user.constant.UserAvailableEnum; +import com.ningdatech.pmapi.user.convert.UserInfoConvertor; import com.ningdatech.pmapi.user.entity.UserInfo; import com.ningdatech.pmapi.user.model.po.ReqUserDetailEditPO; import com.ningdatech.pmapi.user.model.po.ReqUserDetailPO; @@ -27,11 +29,17 @@ import com.ningdatech.pmapi.user.model.po.ReqUserInfoListPO; import com.ningdatech.pmapi.user.model.vo.ResUserDetailVO; import com.ningdatech.pmapi.user.model.vo.ResUserInfoListVO; import com.ningdatech.pmapi.user.model.vo.UserRoleVO; +import com.ningdatech.pmapi.user.security.auth.credential.CredentialAuthToken; import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO; +import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails; import com.ningdatech.pmapi.user.service.IUserInfoService; import com.ningdatech.pmapi.user.util.LoginUserUtil; import com.wflow.workflow.bean.dto.ProcessInstanceUserDto; import lombok.RequiredArgsConstructor; +import org.springframework.security.core.context.SecurityContextImpl; +import org.springframework.session.Session; +import org.springframework.session.SessionRepository; +import org.springframework.session.data.redis.RedisIndexedSessionRepository; import org.springframework.stereotype.Component; import org.springframework.transaction.annotation.Transactional; @@ -53,8 +61,9 @@ public class UserInfoManage { private final IUserRoleService iUserRoleService; private final IRoleService iRoleService; private final UserInfoHelper userInfoHelper; - + private final RedisIndexedSessionRepository redisIndexedSessionRepository; private final RegionCacheHelper regionCacheHelper; + private final UserAuthLoginManage userAuthLoginManage; public PageVo list(ReqUserInfoListPO req) { PageVo pageVo = new PageVo<>(); @@ -206,7 +215,7 @@ public class UserInfoManage { return new ArrayList<>(); } return iUserInfoService.list(Wrappers.lambdaQuery(UserInfo.class) - .in(UserInfo::getId, compliantUserIdList)) + .in(UserInfo::getId, compliantUserIdList)) .stream().map(UserInfo::getId).collect(Collectors.toList()); } @@ -331,6 +340,8 @@ public class UserInfoManage { }).collect(Collectors.toList()); iUserRoleService.saveBatch(userRoleList); } + // 刷新用户权限 + refreshSession(userId); } /** @@ -490,4 +501,26 @@ public class UserInfoManage { } return processInstanceUserDto; } + + public void refreshSession(Long userId) { + UserFullInfoDTO ufi = userAuthLoginManage.getUserFullInfo(userId); + List sessionIds = new ArrayList<>(); + BizUtils.notNull(ufi.getIdentifier(), w -> sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(w).keySet())); + BizUtils.notNull(ufi.getMobile(), w -> sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(w).keySet())); + BizUtils.notNull(ufi.getAccountId(), w -> sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(w.toString()).keySet())); + if (sessionIds.isEmpty()) { + return; + } + SessionRepository redisSessionRepository = redisIndexedSessionRepository; + UserInfoDetails details = UserInfoConvertor.toUserInfoDetails(ufi); + CredentialAuthToken cat = new CredentialAuthToken(details, details.getPassword(), details.getAuthorities()); + sessionIds.forEach(sessionId -> { + Session session = redisIndexedSessionRepository.findById(sessionId); + SecurityContextImpl context = session.getAttribute("SPRING_SECURITY_CONTEXT"); + context.setAuthentication(cat); + session.setAttribute("SPRING_SECURITY_CONTEXT", context); + redisSessionRepository.save(session); + }); + } + } diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialLoginUserDetailService.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialLoginUserDetailService.java index 854db99..455c0b9 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialLoginUserDetailService.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialLoginUserDetailService.java @@ -2,6 +2,7 @@ package com.ningdatech.pmapi.user.security.auth.credential; import com.ningdatech.pmapi.user.constant.LoginTypeEnum; +import com.ningdatech.pmapi.user.convert.UserInfoConvertor; import com.ningdatech.pmapi.user.manage.UserAuthLoginManage; import com.ningdatech.pmapi.user.security.auth.constants.UserDeatilsServiceConstant; import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO; @@ -32,25 +33,25 @@ public class CredentialLoginUserDetailService implements UserDetailsService { String loginTypeStr = split[1]; LoginTypeEnum loginTypeEnum = LoginTypeEnum.valueOf(loginTypeStr); - UserFullInfoDTO userFullInfoDTO = null; + UserFullInfoDTO userFullInfo; switch (loginTypeEnum) { case PHONE_VERIFICATION_CODE_LOGIN: { - userFullInfoDTO = userAuthLoginManage.queryUserInfoInPhoneNoAuth(username); - if (Objects.isNull(userFullInfoDTO)) { + userFullInfo = userAuthLoginManage.queryUserInfoInPhoneNoAuth(username); + if (Objects.isNull(userFullInfo)) { throw new CommonLoginException("改手机号未绑定用户"); } } break; case USERNAME_PASSWORD_LOGIN: { - userFullInfoDTO = userAuthLoginManage.queryUserInfoInPasswordAuth(username); - if (Objects.isNull(userFullInfoDTO)) { + userFullInfo = userAuthLoginManage.queryUserInfoInPasswordAuth(username); + if (Objects.isNull(userFullInfo)) { throw new UsernameNotFoundException(String.format("%s user not exist", username)); } } break; case DING_QR_LOGIN: { - userFullInfoDTO = userAuthLoginManage.queryUserInfoInAccountIdAuth(username); - if (Objects.isNull(userFullInfoDTO)) { + userFullInfo = userAuthLoginManage.queryUserInfoInAccountIdAuth(username); + if (Objects.isNull(userFullInfo)) { throw new CommonLoginException("浙政钉账号无法登陆"); } } @@ -59,21 +60,6 @@ public class CredentialLoginUserDetailService implements UserDetailsService { throw new UsernameNotFoundException(String.format("%s user not exist", username)); } } - - UserInfoDetails userInfoDetails = new UserInfoDetails(); - userInfoDetails.setUserId(userFullInfoDTO.getUserId()); - userInfoDetails.setUsername(userFullInfoDTO.getUsername()); - userInfoDetails.setRealName(userFullInfoDTO.getRealName()); - userInfoDetails.setUserRoleList(userFullInfoDTO.getUserRoleList()); - userInfoDetails.setRegionCode(userFullInfoDTO.getRegionCode()); - userInfoDetails.setRegionLevel(userFullInfoDTO.getRegionLevel()); - userInfoDetails.setIdentifier(userFullInfoDTO.getIdentifier()); - userInfoDetails.setPassword(userFullInfoDTO.getCredential()); - userInfoDetails.setEmployeeCode(userFullInfoDTO.getEmployeeCode()); - userInfoDetails.setOrganizationCode(userFullInfoDTO.getOrganizationCode()); - userInfoDetails.setOrganizationName(userFullInfoDTO.getOrganizationName()); - userInfoDetails.setEmpPosUnitCode(userFullInfoDTO.getEmpPosUnitCode()); - userInfoDetails.setEmpPosUnitName(userFullInfoDTO.getEmpPosUnitName()); - return userInfoDetails; + return UserInfoConvertor.toUserInfoDetails(userFullInfo); } } diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/model/UserFullInfoDTO.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/model/UserFullInfoDTO.java index 5482f45..f4291be 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/model/UserFullInfoDTO.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/model/UserFullInfoDTO.java @@ -71,6 +71,8 @@ public class UserFullInfoDTO { */ private List userRoleList; + private Long accountId; + /** * 取最高的权限 * From 91927f542c7efb1e51f4193a6267c8c45b9b3ae8 Mon Sep 17 00:00:00 2001 From: WendyYang Date: Fri, 5 May 2023 16:23:20 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E7=BC=96=E8=BE=91=E8=A7=92=E8=89=B2?= =?UTF-8?q?=E5=88=B7=E6=96=B0=E7=94=A8=E6=88=B7=E4=BF=A1=E6=81=AF=E3=80=81?= =?UTF-8?q?=E7=A6=81=E7=94=A8=E7=94=A8=E6=88=B7=E5=88=B7=E6=96=B0=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E4=BF=A1=E6=81=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../pmapi/sys/service/impl/RoleServiceImpl.java | 7 ++- .../pmapi/user/manage/UserAuthLoginManage.java | 55 ++++++++++++++++++++-- .../pmapi/user/manage/UserInfoManage.java | 36 ++------------ 3 files changed, 63 insertions(+), 35 deletions(-) diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/sys/service/impl/RoleServiceImpl.java b/pmapi/src/main/java/com/ningdatech/pmapi/sys/service/impl/RoleServiceImpl.java index 46e9844..42f3d71 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/sys/service/impl/RoleServiceImpl.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/sys/service/impl/RoleServiceImpl.java @@ -19,6 +19,7 @@ import com.ningdatech.pmapi.sys.model.dto.RoleUpdateDTO; import com.ningdatech.pmapi.sys.model.entity.*; import com.ningdatech.pmapi.sys.service.*; import com.ningdatech.pmapi.sys.utils.AuthCacheKeyUtils; +import com.ningdatech.pmapi.user.manage.UserAuthLoginManage; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; @@ -46,6 +47,7 @@ public class RoleServiceImpl extends ServiceImpl implements IR private final CachePlusOps cachePlusOps; private final IRoleMenuService roleMenuService; private final IMenuService menuService; + private final UserAuthLoginManage userAuthLoginManage; /** * 删除角色时,需要级联删除跟角色相关的一切资源: @@ -155,7 +157,10 @@ public class RoleServiceImpl extends ServiceImpl implements IR saveRoleMenu(data.getMenuIds(), role.getId()); saveRoleMenuDatascope(data.getMenuDataScopeList(), role.getId()); List userIdList = userRoleService.listUserIdByRoleId(role.getId()); - userIdList.forEach(w -> cachePlusOps.del(AuthCacheKeyUtils.userResourceCacheKey(w))); + userIdList.forEach(w -> { + cachePlusOps.del(AuthCacheKeyUtils.userResourceCacheKey(w)); + userAuthLoginManage.refreshSession(w); + }); } @Override diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java index 66d94d3..bedf486 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java @@ -3,6 +3,7 @@ package com.ningdatech.pmapi.user.manage; import cn.hutool.core.collection.CollectionUtil; import com.baomidou.mybatisplus.core.toolkit.StringUtils; import com.baomidou.mybatisplus.core.toolkit.Wrappers; +import com.ningdatech.pmapi.common.util.StrUtils; import com.ningdatech.pmapi.organization.model.entity.DingEmployeeInfo; import com.ningdatech.pmapi.organization.model.entity.DingOrganization; import com.ningdatech.pmapi.organization.service.IDingEmployeeInfoService; @@ -11,11 +12,17 @@ import com.ningdatech.pmapi.sys.model.entity.Role; import com.ningdatech.pmapi.sys.model.entity.UserRole; import com.ningdatech.pmapi.sys.service.IRoleService; import com.ningdatech.pmapi.sys.service.IUserRoleService; +import com.ningdatech.pmapi.user.convert.UserInfoConvertor; import com.ningdatech.pmapi.user.entity.UserInfo; +import com.ningdatech.pmapi.user.security.auth.credential.CredentialAuthToken; import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO; -import com.ningdatech.pmapi.user.service.IUserAuthService; +import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails; import com.ningdatech.pmapi.user.service.IUserInfoService; import lombok.RequiredArgsConstructor; +import org.springframework.security.core.context.SecurityContextImpl; +import org.springframework.session.Session; +import org.springframework.session.SessionRepository; +import org.springframework.session.data.redis.RedisIndexedSessionRepository; import org.springframework.stereotype.Component; import java.util.ArrayList; @@ -32,13 +39,12 @@ import java.util.stream.Collectors; @RequiredArgsConstructor public class UserAuthLoginManage { - private final IUserAuthService iUserAuthService; private final IUserInfoService iUserInfoService; private final IRoleService iRoleService; private final IDingOrganizationService iDingOrganizationService; private final IDingEmployeeInfoService iDingEmployeeInfoService; private final IUserRoleService iUserRoleService; - + private final RedisIndexedSessionRepository redisIndexedSessionRepository; /** * 根据用户id 获取用户全量信息 @@ -186,4 +192,47 @@ public class UserAuthLoginManage { userFullInfoAssembler(userInfo, userFullInfoDTO); return userFullInfoDTO; } + + @SuppressWarnings({"rawtypes", "unchecked"}) + public void refreshSession(Long userId) { + UserFullInfoDTO userFullInfo = getUserFullInfo(userId); + List sessionIds = getSessionIds(userFullInfo); + if (sessionIds.isEmpty()) { + return; + } + SessionRepository redisSessionRepository = redisIndexedSessionRepository; + UserInfoDetails details = UserInfoConvertor.toUserInfoDetails(userFullInfo); + CredentialAuthToken cat = new CredentialAuthToken(details, details.getPassword(), details.getAuthorities()); + sessionIds.forEach(sessionId -> { + Session session = redisIndexedSessionRepository.findById(sessionId); + SecurityContextImpl context = session.getAttribute("SPRING_SECURITY_CONTEXT"); + context.setAuthentication(cat); + session.setAttribute("SPRING_SECURITY_CONTEXT", context); + redisSessionRepository.save(session); + }); + } + + private List getSessionIds(UserFullInfoDTO userFullInfo) { + List sessionIds = new ArrayList<>(); + String identifier = userFullInfo.getIdentifier(); + if (StrUtils.isNotBlank(identifier)) { + sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(identifier).keySet()); + } + String mobile = userFullInfo.getMobile(); + if (StrUtils.isNotBlank(mobile)) { + sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(mobile).keySet()); + } + Long accountId = userFullInfo.getAccountId(); + if (accountId != null) { + sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(accountId.toString()).keySet()); + } + return sessionIds; + } + + public void kickOff(Long userId) { + UserFullInfoDTO userFullInfo = getUserFullInfo(userId); + List sessionIds = getSessionIds(userFullInfo); + sessionIds.forEach(redisIndexedSessionRepository::deleteById); + } + } diff --git a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java index 2d26866..0cd3b9f 100644 --- a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java +++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java @@ -10,7 +10,6 @@ import com.ningdatech.basic.model.PageVo; import com.ningdatech.pmapi.common.constant.RegionConst; import com.ningdatech.pmapi.common.helper.RegionCacheHelper; import com.ningdatech.pmapi.common.helper.UserInfoHelper; -import com.ningdatech.pmapi.common.util.BizUtils; import com.ningdatech.pmapi.organization.model.entity.DingEmployeeInfo; import com.ningdatech.pmapi.organization.model.entity.DingOrganization; import com.ningdatech.pmapi.organization.service.IDingEmployeeInfoService; @@ -20,7 +19,6 @@ import com.ningdatech.pmapi.sys.model.entity.UserRole; import com.ningdatech.pmapi.sys.service.IRoleService; import com.ningdatech.pmapi.sys.service.IUserRoleService; import com.ningdatech.pmapi.user.constant.UserAvailableEnum; -import com.ningdatech.pmapi.user.convert.UserInfoConvertor; import com.ningdatech.pmapi.user.entity.UserInfo; import com.ningdatech.pmapi.user.model.po.ReqUserDetailEditPO; import com.ningdatech.pmapi.user.model.po.ReqUserDetailPO; @@ -29,17 +27,11 @@ import com.ningdatech.pmapi.user.model.po.ReqUserInfoListPO; import com.ningdatech.pmapi.user.model.vo.ResUserDetailVO; import com.ningdatech.pmapi.user.model.vo.ResUserInfoListVO; import com.ningdatech.pmapi.user.model.vo.UserRoleVO; -import com.ningdatech.pmapi.user.security.auth.credential.CredentialAuthToken; import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO; -import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails; import com.ningdatech.pmapi.user.service.IUserInfoService; import com.ningdatech.pmapi.user.util.LoginUserUtil; import com.wflow.workflow.bean.dto.ProcessInstanceUserDto; import lombok.RequiredArgsConstructor; -import org.springframework.security.core.context.SecurityContextImpl; -import org.springframework.session.Session; -import org.springframework.session.SessionRepository; -import org.springframework.session.data.redis.RedisIndexedSessionRepository; import org.springframework.stereotype.Component; import org.springframework.transaction.annotation.Transactional; @@ -61,7 +53,6 @@ public class UserInfoManage { private final IUserRoleService iUserRoleService; private final IRoleService iRoleService; private final UserInfoHelper userInfoHelper; - private final RedisIndexedSessionRepository redisIndexedSessionRepository; private final RegionCacheHelper regionCacheHelper; private final UserAuthLoginManage userAuthLoginManage; @@ -268,6 +259,10 @@ public class UserInfoManage { UserInfo userInfo = iUserInfoService.getById(userId); userInfo.setAvailable(reqUserDisableOrEnablePO.getOperation()); iUserInfoService.updateById(userInfo); + if (userInfo.getAvailable().equals("DISABLE")) { + userAuthLoginManage.kickOff(userId); + } + } public ResUserDetailVO userInfoDetail(ReqUserDetailPO reqUserDetailPO) { @@ -341,7 +336,7 @@ public class UserInfoManage { iUserRoleService.saveBatch(userRoleList); } // 刷新用户权限 - refreshSession(userId); + userAuthLoginManage.refreshSession(userId); } /** @@ -502,25 +497,4 @@ public class UserInfoManage { return processInstanceUserDto; } - public void refreshSession(Long userId) { - UserFullInfoDTO ufi = userAuthLoginManage.getUserFullInfo(userId); - List sessionIds = new ArrayList<>(); - BizUtils.notNull(ufi.getIdentifier(), w -> sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(w).keySet())); - BizUtils.notNull(ufi.getMobile(), w -> sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(w).keySet())); - BizUtils.notNull(ufi.getAccountId(), w -> sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(w.toString()).keySet())); - if (sessionIds.isEmpty()) { - return; - } - SessionRepository redisSessionRepository = redisIndexedSessionRepository; - UserInfoDetails details = UserInfoConvertor.toUserInfoDetails(ufi); - CredentialAuthToken cat = new CredentialAuthToken(details, details.getPassword(), details.getAuthorities()); - sessionIds.forEach(sessionId -> { - Session session = redisIndexedSessionRepository.findById(sessionId); - SecurityContextImpl context = session.getAttribute("SPRING_SECURITY_CONTEXT"); - context.setAuthentication(cat); - session.setAttribute("SPRING_SECURITY_CONTEXT", context); - redisSessionRepository.save(session); - }); - } - }