feat：优化鉴权实体，增加用户权限标记

2021-12-04 11:20:13 +08:00 · 2021-12-04 11:20:13 +08:00 · 1cc68d21b4
parent 035fca6e4c
commit 1cc68d21b4
4 changed files with 35 additions and 6 deletions
--- a/flyfish-data/src/main/java/com/flyfish/framework/domain/po/User.java
+++ b/flyfish-data/src/main/java/com/flyfish/framework/domain/po/User.java
@ -91,6 +91,11 @@ public class User extends AuditDomain implements IUser {
    @Transient
    private Object detail;

+    /**
+     * 当前用户的鉴权标记
+     */
+    private String authority;
+
    /**
     * 错误次数，防止恶意登录
     */
--- a/flyfish-user/src/main/java/com/flyfish/framework/domain/AdminUserDetails.java
+++ b/flyfish-user/src/main/java/com/flyfish/framework/domain/AdminUserDetails.java
@ -2,6 +2,7 @@ package com.flyfish.framework.domain;

 import com.fasterxml.jackson.annotation.JsonFormat;
 import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.flyfish.framework.domain.base.Domain;
 import com.flyfish.framework.domain.base.IUser;
 import com.flyfish.framework.domain.po.Department;
 import com.flyfish.framework.domain.po.Role;
@ -9,9 +10,11 @@ import com.flyfish.framework.domain.po.User;
 import com.flyfish.framework.enums.UserStatus;
 import com.flyfish.framework.enums.UserType;
 import com.flyfish.framework.utils.CopyUtils;
+import lombok.AccessLevel;
 import lombok.Getter;
 import lombok.Setter;
 import org.apache.commons.lang3.BooleanUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;

@ -112,6 +115,12 @@ public class AdminUserDetails implements UserDetails, IUser {
     */
    private String openId;

+    /**
+     * 当前用户的鉴权标记
+     */
+    @Getter(AccessLevel.NONE)
+    private String authority;
+
    /**
     * 查询冗余，标记用户信息
     */
@ -150,4 +159,11 @@ public class AdminUserDetails implements UserDetails, IUser {
    public User toUser() {
        return CopyUtils.copyProps(this, new User());
    }
+
+    public String getAuthority() {
+        if (StringUtils.isBlank(authority)) {
+            authority = departments.stream().findFirst().map(Domain::getId).orElse(null);
+        }
+        return authority;
+    }
 }
--- a/flyfish-user/src/main/java/com/flyfish/framework/domain/authorized/AuthorizedDomain.java
+++ b/flyfish-user/src/main/java/com/flyfish/framework/domain/authorized/AuthorizedDomain.java
@ -1,18 +1,26 @@
 package com.flyfish.framework.domain.authorized;

+import com.flyfish.framework.context.UserContext;
 import com.flyfish.framework.domain.base.AuditDomain;
-import lombok.Getter;
+import com.flyfish.framework.domain.po.User;
 import lombok.Setter;
+import org.apache.commons.lang3.StringUtils;

 /**
 * 带鉴权的实体，主要以部门隔绝
- *
- * @param <T>
 */
-@Getter
@Setter
-public abstract class AuthorizedDomain<T extends AuthorizedDomain<T>> extends AuditDomain {
+public abstract class AuthorizedDomain extends AuditDomain {

    // 作用域id，一般是部门。用户存储时插入
    private String authorizeId;
+
+    public String getAuthorizeId() {
+        if (StringUtils.isNotBlank(authorizeId)) {
+            return authorizeId;
+        } else {
+            return UserContext.sharedContext().map(UserContext::currentUser)
+                    .map(User::getAuthority).orElse(null);
+        }
+    }
 }
--- a/flyfish-user/src/main/java/com/flyfish/framework/domain/authorized/AuthorizedQo.java
+++ b/flyfish-user/src/main/java/com/flyfish/framework/domain/authorized/AuthorizedQo.java
@ -21,7 +21,7 @@ import java.util.stream.Collectors;
 */
@Getter
@Setter
-public abstract class AuthorizedQo<T extends AuthorizedDomain<T>> extends NameLikeQo<T> {
+public abstract class AuthorizedQo<T extends AuthorizedDomain> extends NameLikeQo<T> {

    // 部门服务
    private DepartmentService departmentService;