tongtong/youlai-boot
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: 刷新角色权限代码位置调整

Browse Source
This commit is contained in:
haoxr
2024-01-29 18:14:40 +08:00
parent 825f1fdfb3
commit 93720b526a
13 changed files with 147 additions and 179 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/com/youlai/system/common/constant/CacheConstants.java → src/main/java/com/youlai/system/common/constant/SecurityConstants.java
View File

@@ -6,7 +6,7 @@ package com.youlai.system.common.constant;
* @author haoxr
* @since 2023/11/24
*/
public interface CacheConstants {
public interface SecurityConstants {
/**
* 验证码缓存前缀

7
src/main/java/com/youlai/system/filter/CaptchaValidationFilter.java
View File

@@ -2,8 +2,7 @@ package com.youlai.system.filter;
import cn.hutool.captcha.generator.CodeGenerator;
import cn.hutool.core.util.StrUtil;
import com.youlai.system.common.constant.CacheConstants;
import com.youlai.system.security.constant.SecurityConstants;
import com.youlai.system.common.constant.SecurityConstants;
import com.youlai.system.common.result.ResultCode;
import com.youlai.system.common.util.ResponseUtils;
import jakarta.servlet.FilterChain;
@@ -25,7 +24,7 @@ import java.io.IOException;
*/
public class CaptchaValidationFilter extends OncePerRequestFilter {
private static final AntPathRequestMatcher LOGIN_PATH_REQUEST_MATCHER = new AntPathRequestMatcher(SecurityConstants.LOGIN_PATH, "POST");
private static final AntPathRequestMatcher LOGIN_PATH_REQUEST_MATCHER = new AntPathRequestMatcher(com.youlai.system.security.constant.SecurityConstants.LOGIN_PATH, "POST");
public static final String CAPTCHA_CODE_PARAM_NAME = "captchaCode";
public static final String CAPTCHA_KEY_PARAM_NAME = "captchaKey";
@@ -53,7 +52,7 @@ public class CaptchaValidationFilter extends OncePerRequestFilter {
}
// 缓存中的验证码
String verifyCodeKey = request.getParameter(CAPTCHA_KEY_PARAM_NAME);
String cacheVerifyCode = (String) redisTemplate.opsForValue().get(CacheConstants.CAPTCHA_CODE_PREFIX + verifyCodeKey);
String cacheVerifyCode = (String) redisTemplate.opsForValue().get(SecurityConstants.CAPTCHA_CODE_PREFIX + verifyCodeKey);
if (cacheVerifyCode == null) {
ResponseUtils.writeErrMsg(response, ResultCode.VERIFY_CODE_TIMEOUT);
} else {

4
src/main/java/com/youlai/system/filter/JwtValidationFilter.java
View File

@@ -3,7 +3,7 @@ package com.youlai.system.filter;
import cn.hutool.core.convert.Convert;
import cn.hutool.core.util.StrUtil;
import cn.hutool.jwt.JWTPayload;
import com.youlai.system.common.constant.CacheConstants;
import com.youlai.system.common.constant.SecurityConstants;
import com.youlai.system.common.result.ResultCode;
import com.youlai.system.security.util.JwtUtils;
import com.youlai.system.common.util.ResponseUtils;
@@ -49,7 +49,7 @@ public class JwtValidationFilter extends OncePerRequestFilter {
Map<String, Object> payload = JwtUtils.parseToken(token);
String jti = Convert.toStr(payload.get(JWTPayload.JWT_ID));
Boolean isTokenBlacklisted = redisTemplate.hasKey(CacheConstants.BLACKLIST_TOKEN_PREFIX + jti);
Boolean isTokenBlacklisted = redisTemplate.hasKey(SecurityConstants.BLACKLIST_TOKEN_PREFIX + jti);
if (Boolean.TRUE.equals(isTokenBlacklisted)) {
ResponseUtils.writeErrMsg(response, ResultCode.TOKEN_INVALID);
return;

2
src/main/java/com/youlai/system/mapper/SysUserRoleMapper.java
View File

@@ -14,7 +14,7 @@ import org.apache.ibatis.annotations.Mapper;
public interface SysUserRoleMapper extends BaseMapper<SysUserRole> {
/**
* 统计角色绑定的用户数
* 获取角色绑定的用户数
*
* @param roleId 角色ID
*/

129
src/main/java/com/youlai/system/security/service/PermissionService.java
View File

@@ -2,11 +2,8 @@ package com.youlai.system.security.service;
import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.util.StrUtil;
import com.youlai.system.common.constant.CacheConstants;
import com.youlai.system.common.constant.SecurityConstants;
import com.youlai.system.security.util.SecurityUtils;
import com.youlai.system.model.bo.RolePermsBO;
import com.youlai.system.service.SysRoleMenuService;
import jakarta.annotation.PostConstruct;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.data.redis.core.RedisTemplate;
@@ -28,102 +25,6 @@ public class PermissionService {
private final RedisTemplate<String, Object> redisTemplate;
private final SysRoleMenuService roleMenuService;
/**
* 初始化权限缓存
*/
@PostConstruct
public void initRolePermsCache() {
refreshRolePermsCache();
}
/**
* 刷新权限缓存
*/
public void refreshRolePermsCache() {
// 清理权限缓存
redisTemplate.opsForHash().delete(CacheConstants.ROLE_PERMS_PREFIX, "*");
List<RolePermsBO> list = roleMenuService.getRolePermsList(null);
if (CollectionUtil.isNotEmpty(list)) {
list.forEach(item -> {
String roleCode = item.getRoleCode();
Set<String> perms = item.getPerms();
redisTemplate.opsForHash().put(CacheConstants.ROLE_PERMS_PREFIX, roleCode, perms);
});
}
}
/**
* 刷新权限缓存
*/
public void refreshRolePermsCache(String roleCode) {
// 清理权限缓存
redisTemplate.opsForHash().delete(CacheConstants.ROLE_PERMS_PREFIX, roleCode);
List<RolePermsBO> list = roleMenuService.getRolePermsList(roleCode);
if (CollectionUtil.isNotEmpty(list)) {
RolePermsBO rolePerms = list.get(0);
if (rolePerms == null) {
return;
}
Set<String> perms = rolePerms.getPerms();
redisTemplate.opsForHash().put(CacheConstants.ROLE_PERMS_PREFIX, roleCode, perms);
}
}
/**
* 刷新权限缓存 (角色编码变更时调用)
*/
public void refreshRolePermsCache(String oldRoleCode, String newRoleCode) {
// 清理旧角色权限缓存
redisTemplate.opsForHash().delete(CacheConstants.ROLE_PERMS_PREFIX, oldRoleCode);
// 添加新角色权限缓存
List<RolePermsBO> list = roleMenuService.getRolePermsList(newRoleCode);
if (CollectionUtil.isNotEmpty(list)) {
RolePermsBO rolePerms = list.get(0);
if (rolePerms == null) {
return;
}
Set<String> perms = rolePerms.getPerms();
redisTemplate.opsForHash().put(CacheConstants.ROLE_PERMS_PREFIX, newRoleCode, perms);
}
}
/**
* 获取角色权限列表
*
* @param roleCodes 角色编码集合
* @return 角色权限列表
*/
public Set<String> getRolePermsFormCache(Set<String> roleCodes) {
// 检查输入是否为空
if (CollectionUtil.isEmpty(roleCodes)) {
return Collections.emptySet();
}
Set<String> perms = new HashSet<>();
// 从缓存中一次性获取所有角色的权限
Collection<Object> roleCodesAsObjects = new ArrayList<>(roleCodes);
List<Object> rolePermsList = redisTemplate.opsForHash().multiGet(CacheConstants.ROLE_PERMS_PREFIX, roleCodesAsObjects);
for (Object rolePermsObj : rolePermsList) {
if (rolePermsObj instanceof Set) {
@SuppressWarnings("unchecked")
Set<String> rolePerms = (Set<String>) rolePermsObj;
perms.addAll(rolePerms);
}
}
return perms;
}
/**
* 判断当前登录用户是否拥有操作权限
*
@@ -165,4 +66,32 @@ public class PermissionService {
}
/**
* 从缓存中获取角色权限列表
*
* @param roleCodes 角色编码集合
* @return 角色权限列表
*/
public Set<String> getRolePermsFormCache(Set<String> roleCodes) {
// 检查输入是否为空
if (CollectionUtil.isEmpty(roleCodes)) {
return Collections.emptySet();
}
Set<String> perms = new HashSet<>();
// 从缓存中一次性获取所有角色的权限
Collection<Object> roleCodesAsObjects = new ArrayList<>(roleCodes);
List<Object> rolePermsList = redisTemplate.opsForHash().multiGet(SecurityConstants.ROLE_PERMS_PREFIX, roleCodesAsObjects);
for (Object rolePermsObj : rolePermsList) {
if (rolePermsObj instanceof Set) {
@SuppressWarnings("unchecked")
Set<String> rolePerms = (Set<String>) rolePermsObj;
perms.addAll(rolePerms);
}
}
return perms;
}
}

44
src/main/java/com/youlai/system/security/util/SecurityUtils.java
View File

@@ -20,7 +20,7 @@ public class SecurityUtils {
/**
* 获取当前登录人信息
*
* @return
* @return SysUserDetails
*/
public static SysUserDetails getUser() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
@@ -36,7 +36,7 @@ public class SecurityUtils {
/**
* 获取用户ID
*
* @return
* @return Long
*/
public static Long getUserId() {
Long userId = Convert.toLong(getUser().getUserId());
@@ -65,7 +65,7 @@ public class SecurityUtils {
/**
* 获取用户角色集合
*
* @return
* @return 角色集合
*/
public static Set<String> getRoles() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
@@ -80,25 +80,6 @@ public class SecurityUtils {
return Collections.EMPTY_SET;
}
/**
* 获取用户权限集合
*
* @return
*/
public static Set<String> getPerms() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null) {
Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
if (CollectionUtil.isNotEmpty(authorities)) {
return authorities.stream()
.map(GrantedAuthority::getAuthority)
.filter(authority -> !authority.startsWith("ROLE_"))
.collect(Collectors.toSet());
}
}
return Collections.EMPTY_SET;
}
/**
* 是否超级管理员
* <p>
@@ -111,23 +92,4 @@ public class SecurityUtils {
return roles.contains(SystemConstants.ROOT_ROLE_CODE);
}
/**
* 是否拥有权限判断
* <p>
* 适用业务判断(接口权限判断适用Spring Security 自带注解 PreAuthorize 判断即可 )
*
* @return
*/
public static boolean hasPerm(String perm) {
if (isRoot()) {
return true;
}
Set<String> perms = getPerms();
return perms.stream().anyMatch(item -> PatternMatchUtils.simpleMatch(perm, item));
}
}

24
src/main/java/com/youlai/system/service/SysRoleMenuService.java
View File

@@ -2,11 +2,9 @@ package com.youlai.system.service;
import com.baomidou.mybatisplus.extension.service.IService;
import com.youlai.system.model.bo.RolePermsBO;
import com.youlai.system.model.entity.SysRoleMenu;
import java.util.List;
import java.util.Set;
/**
* 角色菜单业务接口
@@ -26,9 +24,23 @@ public interface SysRoleMenuService extends IService<SysRoleMenu> {
/**
* 获取角色和权限的列表
*
* @return 角色权限的列表
* 刷新权限缓存(所有角色)
*/
List<RolePermsBO> getRolePermsList(String roleCode);
void refreshRolePermsCache();
/**
* 刷新权限缓存(指定角色)
*
* @param roleCode 角色编码
*/
void refreshRolePermsCache(String roleCode);
/**
* 刷新权限缓存(修改角色编码时调用)
*
* @param oldRoleCode 旧角色编码
* @param newRoleCode 新角色编码
*/
void refreshRolePermsCache(String oldRoleCode, String newRoleCode);
}

2
src/main/java/com/youlai/system/service/SysUserRoleService.java
View File

@@ -23,5 +23,5 @@ public interface SysUserRoleService extends IService<SysUserRole> {
* @param roleId 角色ID
* @return true已分配 false未分配
*/
boolean isRoleAssignedToUser(Long roleId);
boolean hasAssignedUsers(Long roleId);
}

8
src/main/java/com/youlai/system/service/impl/AuthServiceImpl.java
View File

@@ -7,7 +7,7 @@ import cn.hutool.core.convert.Convert;
import cn.hutool.core.util.IdUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.jwt.JWTPayload;
import com.youlai.system.common.constant.CacheConstants;
import com.youlai.system.common.constant.SecurityConstants;
import com.youlai.system.common.enums.CaptchaTypeEnum;
import com.youlai.system.model.dto.CaptchaResult;
import com.youlai.system.model.dto.LoginResult;
@@ -81,9 +81,9 @@ public class AuthServiceImpl implements AuthService {
Long expiration = Convert.toLong(claims.get(JWTPayload.EXPIRES_AT));
if (expiration != null) {
long ttl = expiration - System.currentTimeMillis() / 1000;
redisTemplate.opsForValue().set(CacheConstants.BLACKLIST_TOKEN_PREFIX + jti, null, ttl, TimeUnit.SECONDS);
redisTemplate.opsForValue().set(SecurityConstants.BLACKLIST_TOKEN_PREFIX + jti, null, ttl, TimeUnit.SECONDS);
} else {
redisTemplate.opsForValue().set(CacheConstants.BLACKLIST_TOKEN_PREFIX + jti, null);
redisTemplate.opsForValue().set(SecurityConstants.BLACKLIST_TOKEN_PREFIX + jti, null);
}
}
SecurityContextHolder.clearContext();
@@ -124,7 +124,7 @@ public class AuthServiceImpl implements AuthService {
// 验证码文本缓存至Redis用于登录校验
String captchaKey = IdUtil.fastSimpleUUID();
redisTemplate.opsForValue().set(CacheConstants.CAPTCHA_CODE_PREFIX + captchaKey, captchaCode,
redisTemplate.opsForValue().set(SecurityConstants.CAPTCHA_CODE_PREFIX + captchaKey, captchaCode,
captchaProperties.getExpireSeconds(), TimeUnit.SECONDS);
return CaptchaResult.builder()

10
src/main/java/com/youlai/system/service/impl/SysMenuServiceImpl.java
View File

@@ -18,8 +18,8 @@ import com.youlai.system.model.form.MenuForm;
import com.youlai.system.model.query.MenuQuery;
import com.youlai.system.model.vo.MenuVO;
import com.youlai.system.model.vo.RouteVO;
import com.youlai.system.security.service.PermissionService;
import com.youlai.system.service.SysMenuService;
import com.youlai.system.service.SysRoleMenuService;
import lombok.RequiredArgsConstructor;
import org.apache.commons.lang3.StringUtils;
import org.springframework.cache.annotation.CacheEvict;
@@ -43,7 +43,7 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
private final MenuConverter menuConverter;
private final PermissionService permissionService;
private final SysRoleMenuService roleMenuService;
/**
@@ -224,7 +224,7 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
if (result) {
// 编辑刷新角色权限缓存
if (menuForm.getId() != null) {
permissionService.refreshRolePermsCache();
roleMenuService.refreshRolePermsCache();
}
}
return result;
@@ -251,7 +251,7 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
*
* @param menuId 菜单ID
* @param visible 是否显示(1->显示2->隐藏)
* @return
* @return 是否修改成功
*/
@Override
@CacheEvict(cacheNames = "menu", key = "'routes'")
@@ -302,7 +302,7 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
// 刷新角色权限缓存
if (result) {
permissionService.refreshRolePermsCache();
roleMenuService.refreshRolePermsCache();
}
return result;

88
src/main/java/com/youlai/system/service/impl/SysRoleMenuServiceImpl.java
View File

@@ -1,13 +1,19 @@
package com.youlai.system.service.impl;
import cn.hutool.core.collection.CollectionUtil;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.youlai.system.common.constant.SecurityConstants;
import com.youlai.system.mapper.SysRoleMenuMapper;
import com.youlai.system.model.bo.RolePermsBO;
import com.youlai.system.model.entity.SysRoleMenu;
import com.youlai.system.service.SysRoleMenuService;
import jakarta.annotation.PostConstruct;
import lombok.RequiredArgsConstructor;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Service;
import java.util.List;
import java.util.Set;
/**
@@ -17,8 +23,79 @@ import java.util.List;
* @since 2.5.0
*/
@Service
@RequiredArgsConstructor
public class SysRoleMenuServiceImpl extends ServiceImpl<SysRoleMenuMapper, SysRoleMenu> implements SysRoleMenuService {
private final RedisTemplate<String, Object> redisTemplate;
/**
* 初始化权限缓存
*/
@PostConstruct
public void initRolePermsCache() {
refreshRolePermsCache();
}
/**
* 刷新权限缓存
*/
@Override
public void refreshRolePermsCache() {
// 清理权限缓存
redisTemplate.opsForHash().delete(SecurityConstants.ROLE_PERMS_PREFIX, "*");
List<RolePermsBO> list = this.baseMapper.getRolePermsList(null);
if (CollectionUtil.isNotEmpty(list)) {
list.forEach(item -> {
String roleCode = item.getRoleCode();
Set<String> perms = item.getPerms();
redisTemplate.opsForHash().put(SecurityConstants.ROLE_PERMS_PREFIX, roleCode, perms);
});
}
}
/**
* 刷新权限缓存
*/
@Override
public void refreshRolePermsCache(String roleCode) {
// 清理权限缓存
redisTemplate.opsForHash().delete(SecurityConstants.ROLE_PERMS_PREFIX, roleCode);
List<RolePermsBO> list = this.baseMapper.getRolePermsList(roleCode);
if (CollectionUtil.isNotEmpty(list)) {
RolePermsBO rolePerms = list.get(0);
if (rolePerms == null) {
return;
}
Set<String> perms = rolePerms.getPerms();
redisTemplate.opsForHash().put(SecurityConstants.ROLE_PERMS_PREFIX, roleCode, perms);
}
}
/**
* 刷新权限缓存 (角色编码变更时调用)
*/
@Override
public void refreshRolePermsCache(String oldRoleCode, String newRoleCode) {
// 清理旧角色权限缓存
redisTemplate.opsForHash().delete(SecurityConstants.ROLE_PERMS_PREFIX, oldRoleCode);
// 添加新角色权限缓存
List<RolePermsBO> list =this.baseMapper.getRolePermsList(newRoleCode);
if (CollectionUtil.isNotEmpty(list)) {
RolePermsBO rolePerms = list.get(0);
if (rolePerms == null) {
return;
}
Set<String> perms = rolePerms.getPerms();
redisTemplate.opsForHash().put(SecurityConstants.ROLE_PERMS_PREFIX, newRoleCode, perms);
}
}
/**
* 获取角色拥有的菜单ID集合
*
@@ -31,15 +108,4 @@ public class SysRoleMenuServiceImpl extends ServiceImpl<SysRoleMenuMapper, SysRo
return menuIds;
}
/**
* 获取权限角色列表
*
* @return 权限角色列表
*/
@Override
public List<RolePermsBO> getRolePermsList(String roleCode) {
List<RolePermsBO> rolePerms= this.baseMapper.getRolePermsList(roleCode);
return rolePerms;
}
}

2
src/main/java/com/youlai/system/service/impl/SysUserRoleServiceImpl.java
View File

@@ -75,7 +75,7 @@ public class SysUserRoleServiceImpl extends ServiceImpl<SysUserRoleMapper, SysUs
* @return true已分配 false未分配
*/
@Override
public boolean isRoleAssignedToUser(Long roleId) {
public boolean hasAssignedUsers(Long roleId) {
int count = this.baseMapper.countUsersForRole(roleId);
return count > 0;
}