Merge remote-tracking branch 'origin/master'

1 jaar geleden · 541cedb0d4
--- a/pmapi/src/main/java/com/ningdatech/pmapi/sys/service/impl/RoleServiceImpl.java
+++ b/pmapi/src/main/java/com/ningdatech/pmapi/sys/service/impl/RoleServiceImpl.java
@@ -19,6 +19,7 @@ import com.ningdatech.pmapi.sys.model.dto.RoleUpdateDTO;
 import com.ningdatech.pmapi.sys.model.entity.*;
 import com.ningdatech.pmapi.sys.service.*;
 import com.ningdatech.pmapi.sys.utils.AuthCacheKeyUtils;
 import com.ningdatech.pmapi.user.manage.UserAuthLoginManage;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
@@ -46,6 +47,7 @@ public class RoleServiceImpl extends ServiceImpl<RoleMapper, Role> implements IR
    private final CachePlusOps cachePlusOps;
    private final IRoleMenuService roleMenuService;
    private final IMenuService menuService;
    private final UserAuthLoginManage userAuthLoginManage;

    /**
     * 删除角色时，需要级联删除跟角色相关的一切资源：
@@ -155,7 +157,10 @@ public class RoleServiceImpl extends ServiceImpl<RoleMapper, Role> implements IR
        saveRoleMenu(data.getMenuIds(), role.getId());
        saveRoleMenuDatascope(data.getMenuDataScopeList(), role.getId());
        List<Long> userIdList = userRoleService.listUserIdByRoleId(role.getId());
        userIdList.forEach(w -> cachePlusOps.del(AuthCacheKeyUtils.userResourceCacheKey(w)));
        userIdList.forEach(w -> {
            cachePlusOps.del(AuthCacheKeyUtils.userResourceCacheKey(w));
            userAuthLoginManage.refreshSession(w);
        });
    }

    @Override
--- a/pmapi/src/main/java/com/ningdatech/pmapi/user/convert/UserInfoConvertor.java
+++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/convert/UserInfoConvertor.java
@@ -0,0 +1,38 @@
 package com.ningdatech.pmapi.user.convert;

 import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO;
 import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails;

 /**
 * <p>
 * UserInfoConvertor
 * </p>
 *
 * @author WendyYang
 * @since 2023/5/5
 **/
 public class UserInfoConvertor {

    private UserInfoConvertor() {

    }

    public static UserInfoDetails toUserInfoDetails(UserFullInfoDTO userFullInfo) {
        UserInfoDetails userInfoDetails = new UserInfoDetails();
        userInfoDetails.setUserId(userFullInfo.getUserId());
        userInfoDetails.setUsername(userFullInfo.getUsername());
        userInfoDetails.setRealName(userFullInfo.getRealName());
        userInfoDetails.setUserRoleList(userFullInfo.getUserRoleList());
        userInfoDetails.setRegionCode(userFullInfo.getRegionCode());
        userInfoDetails.setRegionLevel(userFullInfo.getRegionLevel());
        userInfoDetails.setIdentifier(userFullInfo.getIdentifier());
        userInfoDetails.setPassword(userFullInfo.getCredential());
        userInfoDetails.setEmployeeCode(userFullInfo.getEmployeeCode());
        userInfoDetails.setOrganizationCode(userFullInfo.getOrganizationCode());
        userInfoDetails.setOrganizationName(userFullInfo.getOrganizationName());
        userInfoDetails.setEmpPosUnitCode(userFullInfo.getEmpPosUnitCode());
        userInfoDetails.setEmpPosUnitName(userFullInfo.getEmpPosUnitName());
        return userInfoDetails;
    }

 }
--- a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java
+++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserAuthLoginManage.java
@@ -3,6 +3,7 @@ package com.ningdatech.pmapi.user.manage;
 import cn.hutool.core.collection.CollectionUtil;
 import com.baomidou.mybatisplus.core.toolkit.StringUtils;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.ningdatech.pmapi.common.util.StrUtils;
 import com.ningdatech.pmapi.organization.model.entity.DingEmployeeInfo;
 import com.ningdatech.pmapi.organization.model.entity.DingOrganization;
 import com.ningdatech.pmapi.organization.service.IDingEmployeeInfoService;
@@ -11,11 +12,17 @@ import com.ningdatech.pmapi.sys.model.entity.Role;
 import com.ningdatech.pmapi.sys.model.entity.UserRole;
 import com.ningdatech.pmapi.sys.service.IRoleService;
 import com.ningdatech.pmapi.sys.service.IUserRoleService;
 import com.ningdatech.pmapi.user.convert.UserInfoConvertor;
 import com.ningdatech.pmapi.user.entity.UserInfo;
 import com.ningdatech.pmapi.user.security.auth.credential.CredentialAuthToken;
 import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO;
 import com.ningdatech.pmapi.user.service.IUserAuthService;
 import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails;
 import com.ningdatech.pmapi.user.service.IUserInfoService;
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.core.context.SecurityContextImpl;
 import org.springframework.session.Session;
 import org.springframework.session.SessionRepository;
 import org.springframework.session.data.redis.RedisIndexedSessionRepository;
 import org.springframework.stereotype.Component;

 import java.util.ArrayList;
@@ -32,19 +39,18 @@ import java.util.stream.Collectors;
@RequiredArgsConstructor
 public class UserAuthLoginManage {

    private final IUserAuthService iUserAuthService;
    private final IUserInfoService iUserInfoService;
    private final IRoleService iRoleService;
    private final IDingOrganizationService iDingOrganizationService;
    private final IDingEmployeeInfoService iDingEmployeeInfoService;
    private final IUserRoleService iUserRoleService;

    private final RedisIndexedSessionRepository redisIndexedSessionRepository;

    /**
     * 根据用户id 获取用户全量信息
     *
     * @param userId
     * @return
     * @param userId /
     * @return /
     */
    public UserFullInfoDTO getUserFullInfo(Long userId) {
        UserInfo userInfo = iUserInfoService.getById(userId);
@@ -53,15 +59,15 @@ public class UserAuthLoginManage {
        }
        // 返回用户全量信息
        UserFullInfoDTO userFullInfoDTO = new UserFullInfoDTO();
        userFullInfoDTOAssembler(userInfo, userFullInfoDTO);
        userFullInfoAssembler(userInfo, userFullInfoDTO);
        return userFullInfoDTO;
    }

    /**
     * 根据用户名获取
     *
     * @param username
     * @return
     * @param username /
     * @return /
     */
    public UserFullInfoDTO queryUserInfoInPasswordAuth(String username) {
        // TODO 目前账号密码登陆测试使用 强制用户登录 userId 1L
@@ -71,15 +77,15 @@ public class UserAuthLoginManage {
        }
        // 返回用户全量信息
        UserFullInfoDTO userFullInfoDTO = new UserFullInfoDTO();
        userFullInfoDTOAssembler(userInfo, userFullInfoDTO);
        userFullInfoAssembler(userInfo, userFullInfoDTO);
        return userFullInfoDTO;
    }

    /**
     * 根据手机号获取
     *
     * @param phoneNo
     * @return
     * @param phoneNo /
     * @return /
     */
    public UserFullInfoDTO queryUserInfoInPhoneNoAuth(String phoneNo) {
        UserInfo userInfo = iUserInfoService.getOne(Wrappers.lambdaQuery(UserInfo.class)
@@ -89,15 +95,15 @@ public class UserAuthLoginManage {
        }
        // 返回用户全量信息
        UserFullInfoDTO userFullInfoDTO = new UserFullInfoDTO();
        userFullInfoDTOAssembler(userInfo, userFullInfoDTO);
        userFullInfoAssembler(userInfo, userFullInfoDTO);
        return userFullInfoDTO;
    }

    /**
     * 根据accountId(浙政钉扫码登陆)
     *
     * @param accountId
     * @return
     * @param accountId /
     * @return /
     */
    public UserFullInfoDTO queryUserInfoInAccountIdAuth(String accountId) {

@@ -109,12 +115,12 @@ public class UserAuthLoginManage {
        }
        // 返回用户全量信息
        UserFullInfoDTO userFullInfoDTO = new UserFullInfoDTO();
        userFullInfoDTOAssembler(userInfo, userFullInfoDTO);
        userFullInfoAssembler(userInfo, userFullInfoDTO);
        return userFullInfoDTO;
    }


    private void userFullInfoDTOAssembler(UserInfo userInfo, UserFullInfoDTO userFullInfoDTO) {
    private void userFullInfoAssembler(UserInfo userInfo, UserFullInfoDTO userFullInfoDTO) {
        // 获取浙政钉雇员信息 组织信息
        String employeeCode = userInfo.getEmployeeCode();
        if (StringUtils.isNotBlank(employeeCode)) {
@@ -128,9 +134,7 @@ public class UserAuthLoginManage {
            // 装配用户任职所在单位
            String empPosUnitCode = dingEmployeeInfo.getEmpPosUnitCode();
            if (StringUtils.isNotBlank(empPosUnitCode)) {
                DingOrganization dingOrganization = iDingOrganizationService
                        .getOne(Wrappers.lambdaQuery(DingOrganization.class)
                                .eq(DingOrganization::getOrganizationCode, empPosUnitCode));
                DingOrganization dingOrganization = iDingOrganizationService.getByOrgCode(empPosUnitCode);
                if (Objects.nonNull(dingOrganization)) {
                    userFullInfoDTO.setEmpPosUnitCode(empPosUnitCode);
                    userFullInfoDTO.setEmpPosUnitName(dingOrganization.getOrganizationName());
@@ -139,9 +143,9 @@ public class UserAuthLoginManage {

            // 装配用户所在orgCode
            String organizationCode = dingEmployeeInfo.getOrganizationCode();
            List<DingOrganization> dingOrganizationList = iDingOrganizationService
                    .list(Wrappers.lambdaQuery(DingOrganization.class)
                            .eq(DingOrganization::getOrganizationCode, organizationCode));
            List<DingOrganization> dingOrganizationList = iDingOrganizationService.list(Wrappers
                    .lambdaQuery(DingOrganization.class)
                    .eq(DingOrganization::getOrganizationCode, organizationCode));
            if (CollectionUtil.isNotEmpty(dingOrganizationList)) {
                DingOrganization dingOrganization = dingOrganizationList.get(0);
                userFullInfoDTO.setOrganizationCode(dingOrganization.getOrganizationCode());
@@ -174,7 +178,7 @@ public class UserAuthLoginManage {
        userFullInfoDTO.setEmployeeCode(employeeCode);
        userFullInfoDTO.setUsername(userInfo.getRealName());
        userFullInfoDTO.setMobile(userInfo.getMobile());

        userFullInfoDTO.setAccountId(userInfo.getAccountId());
    }

    public UserFullInfoDTO getUserFullInfoByEmployeeCode(String employeeCode) {
@@ -185,7 +189,50 @@ public class UserAuthLoginManage {
        }
        // 返回用户全量信息
        UserFullInfoDTO userFullInfoDTO = new UserFullInfoDTO();
        userFullInfoDTOAssembler(userInfo, userFullInfoDTO);
        userFullInfoAssembler(userInfo, userFullInfoDTO);
        return userFullInfoDTO;
    }

    @SuppressWarnings({"rawtypes", "unchecked"})
    public void refreshSession(Long userId) {
        UserFullInfoDTO userFullInfo = getUserFullInfo(userId);
        List<String> sessionIds = getSessionIds(userFullInfo);
        if (sessionIds.isEmpty()) {
            return;
        }
        SessionRepository redisSessionRepository = redisIndexedSessionRepository;
        UserInfoDetails details = UserInfoConvertor.toUserInfoDetails(userFullInfo);
        CredentialAuthToken cat = new CredentialAuthToken(details, details.getPassword(), details.getAuthorities());
        sessionIds.forEach(sessionId -> {
            Session session = redisIndexedSessionRepository.findById(sessionId);
            SecurityContextImpl context = session.getAttribute("SPRING_SECURITY_CONTEXT");
            context.setAuthentication(cat);
            session.setAttribute("SPRING_SECURITY_CONTEXT", context);
            redisSessionRepository.save(session);
        });
    }

    private List<String> getSessionIds(UserFullInfoDTO userFullInfo) {
        List<String> sessionIds = new ArrayList<>();
        String identifier = userFullInfo.getIdentifier();
        if (StrUtils.isNotBlank(identifier)) {
            sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(identifier).keySet());
        }
        String mobile = userFullInfo.getMobile();
        if (StrUtils.isNotBlank(mobile)) {
            sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(mobile).keySet());
        }
        Long accountId = userFullInfo.getAccountId();
        if (accountId != null) {
            sessionIds.addAll(redisIndexedSessionRepository.findByPrincipalName(accountId.toString()).keySet());
        }
        return sessionIds;
    }

    public void kickOff(Long userId) {
        UserFullInfoDTO userFullInfo = getUserFullInfo(userId);
        List<String> sessionIds = getSessionIds(userFullInfo);
        sessionIds.forEach(redisIndexedSessionRepository::deleteById);
    }

 }
--- a/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java
+++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/manage/UserInfoManage.java
@@ -53,8 +53,8 @@ public class UserInfoManage {
    private final IUserRoleService iUserRoleService;
    private final IRoleService iRoleService;
    private final UserInfoHelper userInfoHelper;

    private final RegionCacheHelper regionCacheHelper;
    private final UserAuthLoginManage userAuthLoginManage;

    public PageVo<ResUserInfoListVO> list(ReqUserInfoListPO req) {
        PageVo<ResUserInfoListVO> pageVo = new PageVo<>();
@@ -206,7 +206,7 @@ public class UserInfoManage {
            return new ArrayList<>();
        }
        return iUserInfoService.list(Wrappers.lambdaQuery(UserInfo.class)
                .in(UserInfo::getId, compliantUserIdList))
                        .in(UserInfo::getId, compliantUserIdList))
                .stream().map(UserInfo::getId).collect(Collectors.toList());

    }
@@ -259,6 +259,10 @@ public class UserInfoManage {
        UserInfo userInfo = iUserInfoService.getById(userId);
        userInfo.setAvailable(reqUserDisableOrEnablePO.getOperation());
        iUserInfoService.updateById(userInfo);
        if (userInfo.getAvailable().equals("DISABLE")) {
            userAuthLoginManage.kickOff(userId);
        }

    }

    public ResUserDetailVO userInfoDetail(ReqUserDetailPO reqUserDetailPO) {
@@ -331,6 +335,8 @@ public class UserInfoManage {
            }).collect(Collectors.toList());
            iUserRoleService.saveBatch(userRoleList);
        }
        // 刷新用户权限
        userAuthLoginManage.refreshSession(userId);
    }

    /**
@@ -490,4 +496,5 @@ public class UserInfoManage {
        }
        return processInstanceUserDto;
    }

 }
--- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialLoginUserDetailService.java
+++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialLoginUserDetailService.java
@@ -2,6 +2,7 @@ package com.ningdatech.pmapi.user.security.auth.credential;


 import com.ningdatech.pmapi.user.constant.LoginTypeEnum;
 import com.ningdatech.pmapi.user.convert.UserInfoConvertor;
 import com.ningdatech.pmapi.user.manage.UserAuthLoginManage;
 import com.ningdatech.pmapi.user.security.auth.constants.UserDeatilsServiceConstant;
 import com.ningdatech.pmapi.user.security.auth.model.UserFullInfoDTO;
@@ -32,25 +33,25 @@ public class CredentialLoginUserDetailService implements UserDetailsService {
        String loginTypeStr = split[1];
        LoginTypeEnum loginTypeEnum = LoginTypeEnum.valueOf(loginTypeStr);

        UserFullInfoDTO userFullInfoDTO = null;
        UserFullInfoDTO userFullInfo;
        switch (loginTypeEnum) {
            case PHONE_VERIFICATION_CODE_LOGIN: {
                userFullInfoDTO = userAuthLoginManage.queryUserInfoInPhoneNoAuth(username);
                if (Objects.isNull(userFullInfoDTO)) {
                userFullInfo = userAuthLoginManage.queryUserInfoInPhoneNoAuth(username);
                if (Objects.isNull(userFullInfo)) {
                    throw new CommonLoginException("改手机号未绑定用户");
                }
            }
            break;
            case USERNAME_PASSWORD_LOGIN: {
                userFullInfoDTO = userAuthLoginManage.queryUserInfoInPasswordAuth(username);
                if (Objects.isNull(userFullInfoDTO)) {
                userFullInfo = userAuthLoginManage.queryUserInfoInPasswordAuth(username);
                if (Objects.isNull(userFullInfo)) {
                    throw new UsernameNotFoundException(String.format("%s user not exist", username));
                }
            }
            break;
            case DING_QR_LOGIN: {
                userFullInfoDTO = userAuthLoginManage.queryUserInfoInAccountIdAuth(username);
                if (Objects.isNull(userFullInfoDTO)) {
                userFullInfo = userAuthLoginManage.queryUserInfoInAccountIdAuth(username);
                if (Objects.isNull(userFullInfo)) {
                    throw new CommonLoginException("浙政钉账号无法登陆");
                }
            }
@@ -59,21 +60,6 @@ public class CredentialLoginUserDetailService implements UserDetailsService {
                throw new UsernameNotFoundException(String.format("%s user not exist", username));
            }
        }

        UserInfoDetails userInfoDetails = new UserInfoDetails();
        userInfoDetails.setUserId(userFullInfoDTO.getUserId());
        userInfoDetails.setUsername(userFullInfoDTO.getUsername());
        userInfoDetails.setRealName(userFullInfoDTO.getRealName());
        userInfoDetails.setUserRoleList(userFullInfoDTO.getUserRoleList());
        userInfoDetails.setRegionCode(userFullInfoDTO.getRegionCode());
        userInfoDetails.setRegionLevel(userFullInfoDTO.getRegionLevel());
        userInfoDetails.setIdentifier(userFullInfoDTO.getIdentifier());
        userInfoDetails.setPassword(userFullInfoDTO.getCredential());
        userInfoDetails.setEmployeeCode(userFullInfoDTO.getEmployeeCode());
        userInfoDetails.setOrganizationCode(userFullInfoDTO.getOrganizationCode());
        userInfoDetails.setOrganizationName(userFullInfoDTO.getOrganizationName());
        userInfoDetails.setEmpPosUnitCode(userFullInfoDTO.getEmpPosUnitCode());
        userInfoDetails.setEmpPosUnitName(userFullInfoDTO.getEmpPosUnitName());
        return userInfoDetails;
        return UserInfoConvertor.toUserInfoDetails(userFullInfo);
    }
 }
--- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/model/UserFullInfoDTO.java
+++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/model/UserFullInfoDTO.java
@@ -71,6 +71,8 @@ public class UserFullInfoDTO {
     */
    private List<Role> userRoleList;

    private Long accountId;

    /**
     * 取最高的权限
     *