refactor: 用户权限方案重构，黑名单实现 JWT 主动注销

2024-01-25 16:40:31 +08:00
parent 5b72b3af97
commit 911af69c0d
20 changed files with 232 additions and 116 deletions
--- a/src/main/java/com/youlai/system/service/impl/SysRoleServiceImpl.java
+++ b/src/main/java/com/youlai/system/service/impl/SysRoleServiceImpl.java
@@ -2,31 +2,33 @@ package com.youlai.system.service.impl;

 import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.core.lang.Assert;
+import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
-import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.youlai.system.common.constant.SystemConstants;
 import com.youlai.system.common.model.Option;
+import com.youlai.system.security.util.SecurityUtils;
 import com.youlai.system.converter.RoleConverter;
-import com.youlai.system.security.service.PermissionService;
 import com.youlai.system.mapper.SysRoleMapper;
 import com.youlai.system.model.entity.SysRole;
 import com.youlai.system.model.entity.SysRoleMenu;
 import com.youlai.system.model.form.RoleForm;
 import com.youlai.system.model.query.RolePageQuery;
 import com.youlai.system.model.vo.RolePageVO;
+import com.youlai.system.security.service.PermissionService;
 import com.youlai.system.service.SysRoleMenuService;
 import com.youlai.system.service.SysRoleService;
 import com.youlai.system.service.SysUserRoleService;
-import com.youlai.system.security.util.SecurityUtils;
 import lombok.RequiredArgsConstructor;
 import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;

-import java.util.*;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Set;

 /**
 * 角色业务实现类
@@ -100,19 +102,37 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
    public boolean saveRole(RoleForm roleForm) {

        Long roleId = roleForm.getId();
-        String roleCode = roleForm.getCode();

+        // 编辑角色时，判断角色是否存在
+        SysRole oldRole = null;
+        if (roleId != null) {
+            oldRole = this.getById(roleId);
+            Assert.isTrue(oldRole != null, "角色不存在");
+        }
+
+        String roleCode = roleForm.getCode();
        long count = this.count(new LambdaQueryWrapper<SysRole>()
                .ne(roleId != null, SysRole::getId, roleId)
                .and(wrapper ->
                        wrapper.eq(SysRole::getCode, roleCode).or().eq(SysRole::getName, roleForm.getName())
                ));
-        Assert.isTrue(count == 0, "角色名称或角色编码重复，请检查！");
+        Assert.isTrue(count == 0, "角色名称或角色编码已存在，请修改后重试！");

        // 实体转换
        SysRole role = roleConverter.form2Entity(roleForm);

-        return this.saveOrUpdate(role);
+        boolean result = this.saveOrUpdate(role);
+        if (result) {
+            // 判断角色编码或状态是否修改，修改了则刷新权限缓存
+            if (oldRole != null
+                    && (
+                    !StrUtil.equals(oldRole.getCode(), roleCode) ||
+                            !ObjectUtil.equals(oldRole.getStatus(), roleForm.getStatus())
+            )) {
+                permissionService.refreshRolePermsCache(oldRole.getCode(), roleCode);
+            }
+        }
+        return result;
    }

    /**
@@ -136,9 +156,16 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
     */
    @Override
    public boolean updateRoleStatus(Long roleId, Integer status) {
-        return this.update(new LambdaUpdateWrapper<SysRole>()
-                .eq(SysRole::getId, roleId)
-                .set(SysRole::getStatus, status));
+
+        SysRole role = this.getById(roleId);
+        Assert.isTrue(role != null, "角色不存在");
+
+        boolean result = this.updateById(role);
+        if (result) {
+            // 刷新角色的权限缓存
+            permissionService.refreshRolePermsCache(role.getCode());
+        }
+        return result;
    }

    /**
@@ -163,9 +190,9 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
            Assert.isTrue(!isRoleAssigned, "角色【{}】已分配用户，请先解除关联后删除", role.getName());

            boolean deleteResult = this.removeById(roleId);
-            if(deleteResult) {
+            if (deleteResult) {
                // 删除成功，刷新权限缓存
-                permissionService.refreshPermissionCache(role.getCode());
+                permissionService.refreshRolePermsCache(role.getCode());
            }
        }
        return true;
@@ -193,8 +220,14 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
    @Transactional
    @CacheEvict(cacheNames = "menu", key = "'routes'")
    public boolean assignMenusToRole(Long roleId, List<Long> menuIds) {
+        SysRole role = this.getById(roleId);
+        Assert.isTrue(role != null, "角色不存在");
+
        // 删除角色菜单
-        roleMenuService.remove(new LambdaQueryWrapper<SysRoleMenu>().eq(SysRoleMenu::getRoleId, roleId));
+        roleMenuService.remove(
+                new LambdaQueryWrapper<SysRoleMenu>()
+                        .eq(SysRoleMenu::getRoleId, roleId)
+        );
        // 新增角色菜单
        if (CollectionUtil.isNotEmpty(menuIds)) {
            List<SysRoleMenu> roleMenus = menuIds
@@ -203,6 +236,10 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
                    .toList();
            roleMenuService.saveBatch(roleMenus);
        }
+
+        // 刷新角色的权限缓存
+        permissionService.refreshRolePermsCache(role.getCode());
+
        return true;
    }