用户权限变更

portal-service-application/src/main/java/com/hfln/portal/application/controller/admin/AdminLoginController.java

@@ -53,7 +53,7 @@ public class AdminLoginController {
     @Operation(summary = "退出登录")
     public ApiResult<Void> logout() {
 
-        StpUtil.logout(StpUtil.getLoginId(), StpUtil.getLoginDeviceType());
+        adminGateway.logout();
         return ApiResult.success();
     }
 

portal-service-common/src/main/java/com/hfln/portal/common/constant/redis/RedisCacheConstant.java

@@ -21,4 +21,14 @@ public interface RedisCacheConstant {
      */
     String ROLE_PERM_KEY_PRE = "hfln:perm:";
     String USER_ROLE_KEY_PRE = "hfln:role:";
+
+    /**
+     * loginId不同用户类型前缀
+     */
+    // 微信小程序用户
+    String WX_USER_PRE = "wx_";
+    // 网页管理员用户
+    String WEB_USER_PRE = "wb_";
+    // 后台超级管理员用户
+    String WEB_SUPER_USER_PRE = "ws_";
 }

portal-service-common/src/main/java/com/hfln/portal/common/util/SaTokenUtil.java

@@ -0,0 +1,24 @@
+package com.hfln.portal.common.util;
+
+import com.hfln.portal.common.constant.redis.RedisCacheConstant;
+
+public class SaTokenUtil {
+
+    public static Long getUserId(Object loginId) {
+
+        if (loginId == null) {
+            return null;
+        }
+
+        String loginIdStr = loginId.toString();
+        if (loginIdStr.startsWith(RedisCacheConstant.WX_USER_PRE) && loginIdStr.length() > RedisCacheConstant.WX_USER_PRE.length()) {
+            return Long.valueOf(loginIdStr.substring(RedisCacheConstant.WX_USER_PRE.length()));
+        } else if (loginIdStr.startsWith(RedisCacheConstant.WEB_USER_PRE) && loginIdStr.length() > RedisCacheConstant.WEB_USER_PRE.length()) {
+            return Long.valueOf(loginIdStr.substring(RedisCacheConstant.WEB_USER_PRE.length()));
+        } else if (loginIdStr.startsWith(RedisCacheConstant.WEB_SUPER_USER_PRE) && loginIdStr.length() > RedisCacheConstant.WEB_SUPER_USER_PRE.length()) {
+            return Long.valueOf(loginIdStr.substring(RedisCacheConstant.WEB_SUPER_USER_PRE.length()));
+        }
+
+        return Long.valueOf(loginIdStr);
+    }
+}

portal-service-domain/src/main/java/com/hfln/portal/domain/gateway/AdminGateway.java

@@ -45,5 +45,8 @@ public interface AdminGateway {
     void disableRole(@RequestParam String roleCode);
 
     List<RoleListDTO> roleList();
+
+    void logout();
+
 }
 

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/config/MybatisPlusMetaObjectHandler.java

@@ -3,6 +3,7 @@ package com.hfln.portal.infrastructure.config;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.core.handlers.MetaObjectHandler;
+import com.hfln.portal.common.util.SaTokenUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.ibatis.reflection.MetaObject;
 import org.springframework.util.ClassUtils;
@@ -69,16 +70,17 @@ public class MybatisPlusMetaObjectHandler implements MetaObjectHandler {
 			// 使用Sa-Token获取当前登录用户ID
 			if (StpUtil.isLogin()) {
 				Object loginId = StpUtil.getLoginId();
-				if (loginId != null) {
-					// 如果是字符串，尝试转换为Long
-					if (loginId instanceof String) {
-						return Long.valueOf((String) loginId);
-					} else if (loginId instanceof Long) {
-						return (Long) loginId;
-					} else if (loginId instanceof Number) {
-						return ((Number) loginId).longValue();
-					}
-				}
+//				if (loginId != null) {
+//					// 如果是字符串，尝试转换为Long
+//					if (loginId instanceof String) {
+//						return Long.valueOf((String) loginId);
+//					} else if (loginId instanceof Long) {
+//						return (Long) loginId;
+//					} else if (loginId instanceof Number) {
+//						return ((Number) loginId).longValue();
+//					}
+//				}
+				return SaTokenUtil.getUserId(loginId);
 			}
 			return 0L;
 		} catch (Exception e) {

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/config/UserAuthService.java

@@ -2,7 +2,9 @@ package com.hfln.portal.infrastructure.config;
 
 import cn.dev33.satoken.stp.StpUtil;
 import cn.hfln.framework.redis.util.RedisUtil;
+import com.alibaba.fastjson2.JSONArray;
 import com.hfln.portal.common.constant.redis.RedisCacheConstant;
+import com.hfln.portal.common.util.SaTokenUtil;
 import com.hfln.portal.infrastructure.po.TblPermission;
 import com.hfln.portal.infrastructure.po.TblRole;
 import com.hfln.portal.infrastructure.po.TblRolePermission;
@@ -16,7 +18,9 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import org.springframework.util.CollectionUtils;
 
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
 import java.util.stream.Collectors;
 
 /**
@@ -47,21 +51,21 @@ public class UserAuthService {
 
 	public void cacheRolesAndPermissions() {
 
-		Set<String> roleCodeSet = this.getRoleCodeSet(StpUtil.getLoginId(), StpUtil.getLoginType());
-		if (!CollectionUtils.isEmpty(roleCodeSet)) {
+		List<String> roleCodeList = this.getRoleCodeList(StpUtil.getLoginId(), StpUtil.getLoginType());
+		if (!CollectionUtils.isEmpty(roleCodeList)) {
 			// 登录缓存角色 防止用户角色有变更，登录前先删除之前的缓存
 			if (!redisService.hasKey(RedisCacheConstant.USER_ROLE_KEY_PRE+StpUtil.getLoginId())) {
 				// 这里从更改用户角色的地方修改最好
-//				redisService.deleteObject(RedisCacheConstant.USER_ROLE_KEY_PRE+StpUtil.getLoginId());
-				redisService.sAdd(RedisCacheConstant.USER_ROLE_KEY_PRE+ StpUtil.getLoginId(), roleCodeSet.toArray());
+				redisService.del(RedisCacheConstant.USER_ROLE_KEY_PRE+StpUtil.getLoginId());
+				redisService.set(RedisCacheConstant.USER_ROLE_KEY_PRE+ StpUtil.getLoginId(), JSONArray.toJSONString(roleCodeList));
 			}
-			for (String roleCode : roleCodeSet) {
+			for (String roleCode : roleCodeList) {
 				if (!redisService.hasKey(RedisCacheConstant.ROLE_PERM_KEY_PRE+roleCode)) {
 					// 这里从更改角色权限的地方修改最好
 					// redisService.deleteObject(RedisCacheConstant.ROLE_PERM_KEY_PRE+roleCode);
-					Set<String> permCodeSet = this.getPermCodeSet(roleCode);
-					if (!CollectionUtils.isEmpty(permCodeSet)) {
-						redisService.sAdd(RedisCacheConstant.ROLE_PERM_KEY_PRE+roleCode, permCodeSet.toArray());
+					List<String> permCodeList = this.getPermCodeList(roleCode);
+					if (!CollectionUtils.isEmpty(permCodeList)) {
+						redisService.set(RedisCacheConstant.ROLE_PERM_KEY_PRE+roleCode, JSONArray.toJSONString(permCodeList));
 					}
 				}
 			}
@@ -69,96 +73,100 @@ public class UserAuthService {
 		// 每次修改用户角色，应该注销用户登录信息，让用户重新登录
 	}
 
+	public void delUserRoleCache() {
+		redisService.del(RedisCacheConstant.USER_ROLE_KEY_PRE+StpUtil.getLoginId());
+	}
+
 	/**
 	 * 返回一个账号所拥有的权限码集合
 	 */
-	public Set<String> getPermCodeSet(Object loginIdObj, String loginType) {
+	public List<String> getPermCodeList(Object loginIdObj, String loginType) {
 
-		Set<String> set = new HashSet<>();
+		List<String> list = new ArrayList<>();
 		// 后期接口调用次数大的话，可以放redis ，再加更新操作
 		long loginId = Long.parseLong(String.valueOf(loginIdObj));
 
 		List<TblUserRole> userRoles = userRoleService.findByUserId((long)loginId);
 		if (CollectionUtils.isEmpty(userRoles)) {
 			log.info("当前用户没有配置角色，userId:{}", loginId);
-			return set;
+			return list;
 		}
 
 		List<Long> userIds = userRoles.stream().map(TblUserRole::getRoleId).collect(Collectors.toList());
 		List<TblRole> roles = roleService.findAvailableByIds(userIds);
 		if (CollectionUtils.isEmpty(roles)) {
 			log.info("角色配置异常, userIds :{}", roles);
-			return set;
+			return list;
 		}
 
 		List<Long> roleIds = roles.stream().map(TblRole::getRoleId).collect(Collectors.toList());
 		List<TblRolePermission> rolePermissions = rolePermissionService.findByRoleIds(roleIds);
 		if (CollectionUtils.isEmpty(rolePermissions)) {
 			log.info("当前角色没有配置权限，roleIds:{}", roleIds);
-			return set;
+			return list;
 		}
 
 		List<Long> permIds = rolePermissions.stream().map(TblRolePermission::getPermId).collect(Collectors.toList());
 		List<TblPermission> permissionList = permissionService.findAvailableByIds(permIds);
 		if (CollectionUtils.isEmpty(permissionList)) {
 			log.info("权限配置异常, permIds :{}", permIds);
-			return set;
+			return list;
 		}
 
-		set.addAll(permissionList.stream().map(TblPermission::getPermCode).collect(Collectors.toSet()));
-		return set;
+		list.addAll(permissionList.stream().map(TblPermission::getPermCode).collect(Collectors.toList()));
+		return list;
 	}
 
 	/**
 	 * 返回一个账号所拥有的角色标识集合
 	 */
-	public Set<String> getRoleCodeSet(Object loginIdObj, String loginType) {
+	public List<String> getRoleCodeList(Object loginIdObj, String loginType) {
 
-		Set<String> set = new HashSet<>();
-		long loginId = Long.parseLong(String.valueOf(loginIdObj));
+		List<String> roleCodeList = new ArrayList<>();
+		long loginId = SaTokenUtil.getUserId(loginIdObj);
 		List<TblUserRole> userRoles = userRoleService.findByUserId(loginId);
 		if (CollectionUtils.isEmpty(userRoles)) {
 			log.info("当前用户没有配置角色，userId:{}", loginId);
-			return set;
+			return roleCodeList;
 		}
 
-		List<Long> userIds = userRoles.stream().map(TblUserRole::getRoleId).collect(Collectors.toList());
-		List<TblRole> roles = roleService.findAvailableByIds(userIds);
+		List<Long> roleIds = userRoles.stream().map(TblUserRole::getRoleId).collect(Collectors.toList());
+		List<TblRole> roles = roleService.findAvailableByIds(roleIds);
 		if (CollectionUtils.isEmpty(roles)) {
-			log.info("角色配置异常, userIds :{}", roles);
-			return set;
+			log.info("角色配置异常, roleIds :{}", roleIds);
+			return roleCodeList;
 		}
-		set.addAll(roles.stream().map(TblRole::getRoleCode).collect(Collectors.toSet()));
-		return set;
+		roleCodeList.addAll(roles.stream().map(TblRole::getRoleCode).collect(Collectors.toList()));
+		return roleCodeList;
 	}
 
     /**
      * 返回当前角色所拥有的权限码集合
      */
-    public Set<String> getPermCodeSet(String roleCode) {
+    public List<String> getPermCodeList(String roleCode) {
 
-        Set<String> set = new HashSet<>();
+		List<String> list = new ArrayList<>();
 
         TblRole role = roleService.findAvailableByCode(roleCode);
         if (role == null) {
             log.info("角色配置异常, userIds :{}", role);
-            return set;
+            return list;
         }
 
         List<TblRolePermission> rolePermissions = rolePermissionService.findByRoleIds(Arrays.asList(role.getRoleId()));
         if (CollectionUtils.isEmpty(rolePermissions)) {
             log.info("当前角色没有配置权限，roleCode:{}", roleCode);
-            return set;
+            return list;
         }
 
         List<Long> permIds = rolePermissions.stream().map(TblRolePermission::getPermId).collect(Collectors.toList());
         List<TblPermission> permissionList = permissionService.findAvailableByIds(permIds);
         if (CollectionUtils.isEmpty(permissionList)) {
             log.info("权限配置异常, permIds :{}", permIds);
-            return set;
+            return list;
         }
 
-        set.addAll(permissionList.stream().map(TblPermission::getPermCode).collect(Collectors.toSet()));
-        return set;
+        list.addAll(permissionList.stream().map(TblPermission::getPermCode).collect(Collectors.toSet()));
+        return list;
     }
 }

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/gateway/impl/AdminGatewayImpl.java

@@ -162,12 +162,12 @@ public class AdminGatewayImpl implements AdminGateway {
         }
 
         // 清除之前登录信息
-        StpUtil.logout(adminUser.getUserId(), DeviceType.WEB.getCode());
+        StpUtil.logout(RedisCacheConstant.WEB_USER_PRE + adminUser.getUserId(), DeviceType.WEB.getCode());
         //  这里如果使用 多账号体系，需要新建一个类似 SptUtil 的 SptAdminUtil , 且在 gateway 校验的逻辑中，需要加上 对 SptAdminUtil 的判断
         // 1 需要保证 userId 和 adminUserId 不能一样
         // 2 可以在 stputil.login 的 loginId 参数前加前缀 user_ or admin_
         // 3 添加 SptAdminUtil，不过在不同地方，需要注意对 stputil sptadminutil 的不同引用
-        StpUtil.login(adminUser.getUserId(), SaLoginParameter.create().setDeviceType(DeviceType.WEB.getCode()).setTimeout(adminTimeout));
+        StpUtil.login(RedisCacheConstant.WEB_USER_PRE + adminUser.getUserId(), SaLoginParameter.create().setDeviceType(DeviceType.WEB.getCode()).setTimeout(adminTimeout));
 
         // 当前用户登录后，需要将当前用户的权限保存到redis，用于网关校验权限
         userAuthService.cacheRolesAndPermissions();
@@ -304,4 +304,11 @@ public class AdminGatewayImpl implements AdminGateway {
             return dto;
         }).collect(Collectors.toList());
     }
+
+    @Override
+    public void logout() {
+
+        StpUtil.logout(StpUtil.getLoginId(), StpUtil.getLoginDeviceType());
+        userAuthService.delUserRoleCache();
+    }
 }