🎨 解耦 common-security 和 system-model,SysUserDetails rename to User, sysUser 中的相关属性,现在直接写在 User 类中
This commit is contained in:
b2baccline
@@ -1,8 +1,8 @@
|
||||
package com.hccake.ballcat.admin.config;
|
||||
|
||||
import com.hccake.ballcat.system.model.entity.SysUser;
|
||||
import com.hccake.ballcat.common.security.util.SecurityUtils;
|
||||
import com.hccake.ballcat.common.conf.mybatis.FillMetaObjectHandle;
|
||||
import com.hccake.ballcat.common.security.userdetails.User;
|
||||
import com.hccake.ballcat.common.security.util.SecurityUtils;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.ibatis.reflection.MetaObject;
|
||||
|
||||
@@ -18,9 +18,9 @@ public class AdminFillMetaObjectHandle extends FillMetaObjectHandle {
|
||||
public void insertFill(MetaObject metaObject) {
|
||||
super.insertFill(metaObject);
|
||||
|
||||
SysUser sysUser = SecurityUtils.getSysUser();
|
||||
if (sysUser != null) {
|
||||
this.strictInsertFill(metaObject, "createBy", Integer.class, sysUser.getUserId());
|
||||
User user = SecurityUtils.getUser();
|
||||
if (user != null) {
|
||||
this.strictInsertFill(metaObject, "createBy", Integer.class, user.getUserId());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -28,9 +28,9 @@ public class AdminFillMetaObjectHandle extends FillMetaObjectHandle {
|
||||
public void updateFill(MetaObject metaObject) {
|
||||
super.updateFill(metaObject);
|
||||
|
||||
SysUser sysUser = SecurityUtils.getSysUser();
|
||||
if (sysUser != null) {
|
||||
this.strictUpdateFill(metaObject, "updateBy", Integer.class, sysUser.getUserId());
|
||||
User user = SecurityUtils.getUser();
|
||||
if (user != null) {
|
||||
this.strictUpdateFill(metaObject, "updateBy", Integer.class, user.getUserId());
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
package com.hccake.ballcat.admin.websocket.user;
|
||||
|
||||
import com.hccake.ballcat.admin.websocket.constant.AdminWebSocketConstants;
|
||||
import com.hccake.ballcat.common.security.userdetails.User;
|
||||
import com.hccake.ballcat.common.security.util.SecurityUtils;
|
||||
import com.hccake.ballcat.system.model.entity.SysUser;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.http.server.ServerHttpRequest;
|
||||
import org.springframework.http.server.ServerHttpResponse;
|
||||
@@ -42,9 +42,9 @@ public class UserAttributeHandshakeInterceptor implements HandshakeInterceptor {
|
||||
accessToken = serverRequest.getServletRequest().getParameter(AdminWebSocketConstants.TOKEN_ATTR_NAME);
|
||||
}
|
||||
// 由于 WebSocket 握手是由 http 升级的,携带 token 已经被 Security 拦截验证了,所以可以直接获取到用户
|
||||
SysUser sysUser = SecurityUtils.getSysUser();
|
||||
User user = SecurityUtils.getUser();
|
||||
attributes.put(AdminWebSocketConstants.TOKEN_ATTR_NAME, accessToken);
|
||||
attributes.put(AdminWebSocketConstants.USER_KEY_ATTR_NAME, sysUser.getUserId());
|
||||
attributes.put(AdminWebSocketConstants.USER_KEY_ATTR_NAME, user.getUserId());
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@@ -13,17 +13,25 @@
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<groupId>cn.hutool</groupId>
|
||||
<artifactId>hutool-core</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.hccake</groupId>
|
||||
<artifactId>ballcat-system-model</artifactId>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security.oauth</groupId>
|
||||
<artifactId>spring-security-oauth2</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-autoconfigure</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.data</groupId>
|
||||
<artifactId>spring-data-redis</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
||||
@@ -1,8 +1,7 @@
|
||||
package com.hccake.ballcat.common.security.userdetails;
|
||||
|
||||
import com.hccake.ballcat.common.core.constant.GlobalConstants;
|
||||
import com.hccake.ballcat.system.constant.SysUserConst;
|
||||
import com.hccake.ballcat.system.model.entity.SysUser;
|
||||
import lombok.Getter;
|
||||
import lombok.ToString;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
|
||||
@@ -13,10 +12,53 @@ import java.util.Collection;
|
||||
* @version 1.0
|
||||
* @date 2019/9/25 21:03
|
||||
*/
|
||||
public class SysUserDetails implements UserDetails {
|
||||
@ToString
|
||||
@Getter
|
||||
public class User implements UserDetails {
|
||||
|
||||
private final SysUser sysUser;
|
||||
/**
|
||||
* 用户ID
|
||||
*/
|
||||
private final Integer userId;
|
||||
|
||||
/**
|
||||
* 登录账号
|
||||
*/
|
||||
private final String username;
|
||||
|
||||
/**
|
||||
* 密码
|
||||
*/
|
||||
private final String password;
|
||||
|
||||
/**
|
||||
* 昵称
|
||||
*/
|
||||
private final String nickname;
|
||||
|
||||
/**
|
||||
* 头像
|
||||
*/
|
||||
private final String avatar;
|
||||
|
||||
/**
|
||||
* 状态(1-正常,0-冻结)
|
||||
*/
|
||||
private final Integer status;
|
||||
|
||||
/**
|
||||
* 组织机构ID
|
||||
*/
|
||||
private final Integer organizationId;
|
||||
|
||||
/**
|
||||
* 用户类型
|
||||
*/
|
||||
private final Integer type;
|
||||
|
||||
/**
|
||||
* 权限信息列表
|
||||
*/
|
||||
private final Collection<? extends GrantedAuthority> authorities;
|
||||
|
||||
/**
|
||||
@@ -31,29 +73,22 @@ public class SysUserDetails implements UserDetails {
|
||||
*/
|
||||
private final UserAttributes userAttributes;
|
||||
|
||||
public SysUserDetails(SysUser sysUser, Collection<? extends GrantedAuthority> authorities,
|
||||
public User(Integer userId, String username, String password, String nickname, String avatar, Integer status,
|
||||
Integer organizationId, Integer type, Collection<? extends GrantedAuthority> authorities,
|
||||
UserResources userResources, UserAttributes userAttributes) {
|
||||
this.sysUser = sysUser;
|
||||
this.userId = userId;
|
||||
this.username = username;
|
||||
this.password = password;
|
||||
this.nickname = nickname;
|
||||
this.avatar = avatar;
|
||||
this.status = status;
|
||||
this.organizationId = organizationId;
|
||||
this.type = type;
|
||||
this.authorities = authorities;
|
||||
this.userResources = userResources;
|
||||
this.userAttributes = userAttributes;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<? extends GrantedAuthority> getAuthorities() {
|
||||
return authorities;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getPassword() {
|
||||
return sysUser.getPassword();
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getUsername() {
|
||||
return sysUser.getUsername();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isAccountNonExpired() {
|
||||
return true;
|
||||
@@ -61,7 +96,7 @@ public class SysUserDetails implements UserDetails {
|
||||
|
||||
@Override
|
||||
public boolean isAccountNonLocked() {
|
||||
return GlobalConstants.NOT_DELETED_FLAG.equals(sysUser.getDeleted());
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -71,19 +106,7 @@ public class SysUserDetails implements UserDetails {
|
||||
|
||||
@Override
|
||||
public boolean isEnabled() {
|
||||
return SysUserConst.Status.NORMAL.getValue().equals(sysUser.getStatus());
|
||||
}
|
||||
|
||||
public SysUser getSysUser() {
|
||||
return sysUser;
|
||||
}
|
||||
|
||||
public UserResources getUserResources() {
|
||||
return userResources;
|
||||
}
|
||||
|
||||
public UserAttributes getUserAttributes() {
|
||||
return userAttributes;
|
||||
return this.status != null && this.status == 1;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,12 +1,10 @@
|
||||
package com.hccake.ballcat.common.security.util;
|
||||
|
||||
import com.hccake.ballcat.common.security.constant.SecurityConstants;
|
||||
import com.hccake.ballcat.common.security.userdetails.SysUserDetails;
|
||||
import com.hccake.ballcat.system.model.entity.SysUser;
|
||||
import com.hccake.ballcat.common.security.userdetails.User;
|
||||
import lombok.experimental.UtilityClass;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
|
||||
import java.util.Optional;
|
||||
|
||||
@@ -28,16 +26,16 @@ public class SecurityUtils {
|
||||
/**
|
||||
* 获取系统用户Details
|
||||
* @param authentication 令牌
|
||||
* @return SysUser
|
||||
* @return User
|
||||
* <p>
|
||||
*/
|
||||
public SysUserDetails getSysUserDetails(Authentication authentication) {
|
||||
public User getUser(Authentication authentication) {
|
||||
if (authentication == null) {
|
||||
return null;
|
||||
}
|
||||
Object principal = authentication.getPrincipal();
|
||||
if (principal instanceof SysUserDetails) {
|
||||
return (SysUserDetails) principal;
|
||||
if (principal instanceof User) {
|
||||
return (User) principal;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
@@ -45,17 +43,9 @@ public class SecurityUtils {
|
||||
/**
|
||||
* 获取用户详情
|
||||
*/
|
||||
public SysUserDetails getSysUserDetails() {
|
||||
public User getUser() {
|
||||
Authentication authentication = getAuthentication();
|
||||
return getSysUserDetails(authentication);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取系统用户
|
||||
*/
|
||||
public SysUser getSysUser() {
|
||||
SysUserDetails sysUserDetails = getSysUserDetails();
|
||||
return sysUserDetails == null ? null : sysUserDetails.getSysUser();
|
||||
return getUser(authentication);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -65,7 +55,8 @@ public class SecurityUtils {
|
||||
public boolean isTestClient() {
|
||||
// 测试客户端 跳过密码解密(swagger 或 postman测试时使用)
|
||||
Authentication authentication = SecurityUtils.getAuthentication();
|
||||
User user = (User) Optional.ofNullable(authentication).map(Authentication::getPrincipal).orElse(null);
|
||||
org.springframework.security.core.userdetails.User user = (org.springframework.security.core.userdetails.User) Optional
|
||||
.ofNullable(authentication).map(Authentication::getPrincipal).orElse(null);
|
||||
return user != null && SecurityConstants.TEST_CLIENT_ID.equals(user.getUsername());
|
||||
}
|
||||
|
||||
|
||||
@@ -6,7 +6,6 @@ import com.hccake.ballcat.common.desensitize.enums.RegexDesensitizationTypeEnum;
|
||||
import com.hccake.ballcat.common.log.access.handler.AccessLogHandler;
|
||||
import com.hccake.ballcat.common.log.constant.LogConstant;
|
||||
import com.hccake.ballcat.common.log.util.LogUtils;
|
||||
import com.hccake.ballcat.common.security.userdetails.SysUserDetails;
|
||||
import com.hccake.ballcat.common.security.util.SecurityUtils;
|
||||
import com.hccake.ballcat.common.util.IpUtils;
|
||||
import com.hccake.ballcat.common.util.JsonUtils;
|
||||
@@ -95,7 +94,7 @@ public class CustomAccessLogHandler implements AccessLogHandler<AccessLog> {
|
||||
}
|
||||
|
||||
// 如果登陆用户 则记录用户名和用户id
|
||||
Optional.ofNullable(SecurityUtils.getSysUserDetails()).map(SysUserDetails::getSysUser).ifPresent(x -> {
|
||||
Optional.ofNullable(SecurityUtils.getUser()).ifPresent(x -> {
|
||||
accessLog.setUserId(x.getUserId());
|
||||
accessLog.setUsername(x.getUsername());
|
||||
});
|
||||
|
||||
@@ -6,7 +6,7 @@ import com.hccake.ballcat.notify.model.entity.UserAnnouncement;
|
||||
import com.hccake.ballcat.notify.recipient.RecipientHandler;
|
||||
import com.hccake.ballcat.notify.service.AnnouncementService;
|
||||
import com.hccake.ballcat.notify.service.UserAnnouncementService;
|
||||
import com.hccake.ballcat.common.security.userdetails.SysUserDetails;
|
||||
import com.hccake.ballcat.common.security.userdetails.User;
|
||||
import com.hccake.ballcat.system.model.entity.SysUser;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
@@ -49,8 +49,9 @@ public class AnnouncementLoginEventListener {
|
||||
}
|
||||
// https://github.com/spring-projects-experimental/spring-authorization-server
|
||||
if ("password".equals(((HashMap) details).get("grant_type"))) {
|
||||
SysUserDetails sysUserDetails = (SysUserDetails) source.getPrincipal();
|
||||
SysUser sysUser = sysUserDetails.getSysUser();
|
||||
User user = (User) source.getPrincipal();
|
||||
SysUser sysUser = getSysUser(user);
|
||||
|
||||
// 获取当前用户未拉取过的公告信息
|
||||
Integer userId = sysUser.getUserId();
|
||||
List<Announcement> announcements = announcementService.listUnPulled(userId);
|
||||
@@ -70,6 +71,17 @@ public class AnnouncementLoginEventListener {
|
||||
}
|
||||
}
|
||||
|
||||
private SysUser getSysUser(User user) {
|
||||
SysUser sysUser = new SysUser();
|
||||
sysUser.setUserId(user.getUserId());
|
||||
sysUser.setUsername(user.getUsername());
|
||||
sysUser.setNickname(user.getNickname());
|
||||
sysUser.setAvatar(user.getAvatar());
|
||||
sysUser.setOrganizationId(user.getOrganizationId());
|
||||
sysUser.setType(user.getType());
|
||||
return sysUser;
|
||||
}
|
||||
|
||||
private boolean filterMatched(Announcement announ, Map<Integer, Object> filterAttrs) {
|
||||
Integer type = announ.getRecipientFilterType();
|
||||
return recipientHandler.match(type, filterAttrs.get(type), announ.getRecipientFilterCondition());
|
||||
|
||||
@@ -132,7 +132,7 @@ public class AnnouncementController {
|
||||
@GetMapping("/user")
|
||||
@PreAuthorize("@per.hasPermission('notify:userannouncement:read')")
|
||||
public R<List<Announcement>> getUserAnnouncements() {
|
||||
Integer userId = SecurityUtils.getSysUser().getUserId();
|
||||
Integer userId = SecurityUtils.getUser().getUserId();
|
||||
return R.ok(announcementService.listActiveAnnouncements(userId));
|
||||
}
|
||||
|
||||
|
||||
@@ -44,7 +44,7 @@ public class UserAnnouncementController {
|
||||
@PatchMapping("/read/{announcementId}")
|
||||
@PreAuthorize("@per.hasPermission('notify:userannouncement:read')")
|
||||
public R<?> readAnnouncement(@PathVariable("announcementId") Long announcementId) {
|
||||
Integer userId = SecurityUtils.getSysUser().getUserId();
|
||||
Integer userId = SecurityUtils.getUser().getUserId();
|
||||
userAnnouncementService.readAnnouncement(userId, announcementId);
|
||||
return R.ok();
|
||||
}
|
||||
|
||||
@@ -1,8 +1,7 @@
|
||||
package com.hccake.ballcat.oauth;
|
||||
|
||||
import com.hccake.ballcat.common.security.userdetails.SysUserDetails;
|
||||
import com.hccake.ballcat.common.security.userdetails.User;
|
||||
import com.hccake.ballcat.common.security.userdetails.UserResources;
|
||||
import com.hccake.ballcat.system.converter.SysUserConverter;
|
||||
import com.hccake.ballcat.system.model.vo.SysUserInfo;
|
||||
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
|
||||
import org.springframework.security.oauth2.common.OAuth2AccessToken;
|
||||
@@ -30,10 +29,9 @@ public class CustomTokenEnhancer implements TokenEnhancer {
|
||||
final Map<String, Object> additionalInfo = new HashMap<>(8);
|
||||
Object principal = authentication.getUserAuthentication().getPrincipal();
|
||||
|
||||
SysUserDetails sysUserDetails = (SysUserDetails) principal;
|
||||
SysUserInfo sysUserInfo = SysUserConverter.INSTANCE.poToInfo(sysUserDetails.getSysUser());
|
||||
|
||||
UserResources userResources = sysUserDetails.getUserResources();
|
||||
User user = (User) principal;
|
||||
SysUserInfo sysUserInfo = getSysUserInfo(user);
|
||||
UserResources userResources = user.getUserResources();
|
||||
|
||||
additionalInfo.put("info", sysUserInfo);
|
||||
additionalInfo.put("roles", userResources.getRoles());
|
||||
@@ -44,4 +42,20 @@ public class CustomTokenEnhancer implements TokenEnhancer {
|
||||
return accessToken;
|
||||
}
|
||||
|
||||
/**
|
||||
* 根据 User 对象获取 SysUserInfo
|
||||
* @param user User
|
||||
* @return SysUserInfo
|
||||
*/
|
||||
public SysUserInfo getSysUserInfo(User user) {
|
||||
SysUserInfo sysUserInfo = new SysUserInfo();
|
||||
sysUserInfo.setUserId(user.getUserId());
|
||||
sysUserInfo.setUsername(user.getUsername());
|
||||
sysUserInfo.setNickname(user.getNickname());
|
||||
sysUserInfo.setAvatar(user.getAvatar());
|
||||
sysUserInfo.setOrganizationId(user.getOrganizationId());
|
||||
sysUserInfo.setType(user.getType());
|
||||
return sysUserInfo;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package com.hccake.ballcat.oauth;
|
||||
|
||||
import cn.hutool.core.collection.CollectionUtil;
|
||||
import com.hccake.ballcat.common.security.userdetails.SysUserDetails;
|
||||
import com.hccake.ballcat.common.security.userdetails.User;
|
||||
import com.hccake.ballcat.common.security.userdetails.UserAttributes;
|
||||
import com.hccake.ballcat.common.security.userdetails.UserResources;
|
||||
import com.hccake.ballcat.system.model.dto.UserInfoDTO;
|
||||
@@ -74,7 +74,9 @@ public class SysUserDetailsServiceImpl implements UserDetailsService {
|
||||
// 用户额外属性
|
||||
UserAttributes userAttributes = userInfoCoordinator.coordinateAttribute(sysUser);
|
||||
|
||||
return new SysUserDetails(sysUser, authorities, userResources, userAttributes);
|
||||
return new User(sysUser.getUserId(), sysUser.getUsername(), sysUser.getPassword(), sysUser.getNickname(),
|
||||
sysUser.getAvatar(), sysUser.getStatus(), sysUser.getOrganizationId(), sysUser.getType(), authorities,
|
||||
userResources, userAttributes);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -32,7 +32,7 @@ public class AdminUserCheckerImpl implements AdminUserChecker {
|
||||
public boolean hasModifyPermission(SysUser targetUser) {
|
||||
// 如果需要修改的用户是超级管理员,则只能本人修改
|
||||
if (this.isAdminUser(targetUser)) {
|
||||
return SecurityUtils.getSysUserDetails().getUsername().equals(targetUser.getUsername());
|
||||
return SecurityUtils.getUser().getUsername().equals(targetUser.getUsername());
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -6,7 +6,7 @@ import com.hccake.ballcat.common.log.operation.annotation.DeleteOperationLogging
|
||||
import com.hccake.ballcat.common.log.operation.annotation.UpdateOperationLogging;
|
||||
import com.hccake.ballcat.common.model.result.BaseResultCode;
|
||||
import com.hccake.ballcat.common.model.result.R;
|
||||
import com.hccake.ballcat.common.security.userdetails.SysUserDetails;
|
||||
import com.hccake.ballcat.common.security.userdetails.User;
|
||||
import com.hccake.ballcat.common.security.userdetails.UserResources;
|
||||
import com.hccake.ballcat.common.security.util.SecurityUtils;
|
||||
import com.hccake.ballcat.system.constant.SysPermissionConst;
|
||||
@@ -47,8 +47,8 @@ public class SysMenuController {
|
||||
public R<List<SysMenuRouterVO>> getUserPermission() {
|
||||
|
||||
// 获取角色Code
|
||||
SysUserDetails sysUserDetails = SecurityUtils.getSysUserDetails();
|
||||
UserResources userResources = sysUserDetails.getUserResources();
|
||||
User user = SecurityUtils.getUser();
|
||||
UserResources userResources = user.getUserResources();
|
||||
Collection<String> roleCodes = userResources.getRoles();
|
||||
if (CollectionUtil.isEmpty(roleCodes)) {
|
||||
return R.ok(new ArrayList<>());
|
||||
|
||||
@@ -42,6 +42,12 @@ public class SysUserInfo implements Serializable {
|
||||
@ApiModelProperty(value = "头像")
|
||||
private String avatar;
|
||||
|
||||
/**
|
||||
* 组织机构ID
|
||||
*/
|
||||
@ApiModelProperty(value = "组织机构ID")
|
||||
private Integer organizationId;
|
||||
|
||||
/**
|
||||
* 用户类型
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user