fix: 数据权限调整后引发的问题修复
This commit is contained in:
Ray.Hao
@@ -20,6 +20,10 @@ import java.util.List;
|
||||
@Mapper(componentModel = "spring")
|
||||
public interface RoleConverter {
|
||||
|
||||
@Mapping(target = "dataScope", source = "dataScope")
|
||||
@Mapping(target = "dataScopeLabel", expression = "java(com.youlai.boot.common.enums.DataScopeEnum.getByValue(role.getDataScope()) == null ? null : com.youlai.boot.common.enums.DataScopeEnum.getByValue(role.getDataScope()).getLabel())")
|
||||
RolePageVO toPageVo(Role role);
|
||||
|
||||
Page<RolePageVO> toPageVo(Page<Role> page);
|
||||
|
||||
@Mappings({
|
||||
|
||||
@@ -19,4 +19,12 @@ public interface UserRoleMapper extends BaseMapper<UserRole> {
|
||||
* @param roleId 角色ID
|
||||
*/
|
||||
int countUsersByRoleId(Long roleId);
|
||||
|
||||
/**
|
||||
* 获取角色绑定的用户ID集合
|
||||
*
|
||||
* @param roleId 角色ID
|
||||
* @return 用户ID集合
|
||||
*/
|
||||
java.util.List<Long> listUserIdsByRoleId(Long roleId);
|
||||
}
|
||||
|
||||
@@ -25,11 +25,15 @@ public class RolePageVO {
|
||||
@Schema(description="排序")
|
||||
private Integer sort;
|
||||
|
||||
@Schema(description="数据权限(1-所有数据 2-部门及子部门数据 3-本部门数据 4-本人数据 5-自定义部门数据)")
|
||||
private Integer dataScope;
|
||||
|
||||
@Schema(description="数据权限名称")
|
||||
private String dataScopeLabel;
|
||||
|
||||
@JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
|
||||
private LocalDateTime createTime;
|
||||
|
||||
@JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
|
||||
private LocalDateTime updateTime;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
@@ -30,4 +30,12 @@ public interface UserRoleService extends IService<UserRole> {
|
||||
* @return true:已分配 false:未分配
|
||||
*/
|
||||
boolean hasAssignedUsers(Long roleId);
|
||||
|
||||
/**
|
||||
* 获取角色绑定的用户ID集合
|
||||
*
|
||||
* @param roleId 角色ID
|
||||
* @return 用户ID集合
|
||||
*/
|
||||
List<Long> listUserIdsByRoleId(Long roleId);
|
||||
}
|
||||
|
||||
@@ -4,9 +4,11 @@ import cn.hutool.core.collection.CollectionUtil;
|
||||
import cn.hutool.core.lang.Assert;
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import com.youlai.boot.security.token.TokenManager;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||
import com.youlai.boot.common.constant.SystemConstants;
|
||||
import com.youlai.boot.common.enums.DataScopeEnum;
|
||||
import com.youlai.boot.core.exception.BusinessException;
|
||||
import com.youlai.boot.security.model.RoleDataScope;
|
||||
@@ -17,7 +19,6 @@ import com.youlai.boot.system.model.entity.RoleMenu;
|
||||
import com.youlai.boot.system.model.form.RoleForm;
|
||||
import com.youlai.boot.system.model.query.RoleQuery;
|
||||
import com.youlai.boot.system.model.vo.RolePageVO;
|
||||
import com.youlai.boot.common.constant.SystemConstants;
|
||||
import com.youlai.boot.common.model.Option;
|
||||
import com.youlai.boot.security.util.SecurityUtils;
|
||||
import com.youlai.boot.system.service.RoleDeptService;
|
||||
@@ -47,6 +48,7 @@ public class RoleServiceImpl extends ServiceImpl<RoleMapper, Role> implements Ro
|
||||
private final RoleMenuService roleMenuService;
|
||||
private final RoleDeptService roleDeptService;
|
||||
private final UserRoleService userRoleService;
|
||||
private final TokenManager tokenManager;
|
||||
private final RoleConverter roleConverter;
|
||||
|
||||
/**
|
||||
@@ -111,9 +113,14 @@ public class RoleServiceImpl extends ServiceImpl<RoleMapper, Role> implements Ro
|
||||
|
||||
// 编辑角色时,判断角色是否存在
|
||||
Role oldRole = null;
|
||||
List<Long> oldDeptIds = null;
|
||||
if (roleId != null) {
|
||||
oldRole = this.getById(roleId);
|
||||
Assert.isTrue(oldRole != null, "角色不存在");
|
||||
|
||||
if (DataScopeEnum.CUSTOM.getValue().equals(oldRole.getDataScope())) {
|
||||
oldDeptIds = roleDeptService.getDeptIdsByRoleId(roleId);
|
||||
}
|
||||
}
|
||||
|
||||
String roleCode = roleForm.getCode();
|
||||
@@ -147,6 +154,25 @@ public class RoleServiceImpl extends ServiceImpl<RoleMapper, Role> implements Ro
|
||||
)) {
|
||||
roleMenuService.refreshRolePermsCache(oldRole.getCode(), roleCode);
|
||||
}
|
||||
|
||||
// 数据权限发生变化时,失效该角色关联用户的登录态(JWT tokenVersion)
|
||||
if (oldRole != null) {
|
||||
boolean dataScopeChanged = !ObjectUtil.equals(oldRole.getDataScope(), roleForm.getDataScope());
|
||||
|
||||
boolean customDeptChanged = false;
|
||||
if (!dataScopeChanged && DataScopeEnum.CUSTOM.getValue().equals(roleForm.getDataScope())) {
|
||||
List<Long> newDeptIds = roleForm.getDeptIds() != null ? roleForm.getDeptIds() : List.of();
|
||||
List<Long> oldIds = oldDeptIds != null ? oldDeptIds : List.of();
|
||||
customDeptChanged = !new java.util.HashSet<>(oldIds).equals(new java.util.HashSet<>(newDeptIds));
|
||||
}
|
||||
|
||||
if (dataScopeChanged || customDeptChanged) {
|
||||
List<Long> userIds = userRoleService.listUserIdsByRoleId(savedRoleId);
|
||||
if (CollectionUtil.isNotEmpty(userIds)) {
|
||||
userIds.forEach(tokenManager::invalidateUserSessions);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
@@ -94,4 +94,12 @@ public class UserRoleServiceImpl extends ServiceImpl<UserRoleMapper, UserRole> i
|
||||
int count = this.baseMapper.countUsersByRoleId(roleId);
|
||||
return count > 0;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<Long> listUserIdsByRoleId(Long roleId) {
|
||||
if (roleId == null) {
|
||||
return List.of();
|
||||
}
|
||||
return this.baseMapper.listUserIdsByRoleId(roleId);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user