From abf1e651e9782a6f7bf2a896018de17130038c57 Mon Sep 17 00:00:00 2001
From: kils <yjskils@gmail.com>
Date: Thu, 25 Apr 2024 18:00:38 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E7=94=A8=E6=88=B7?=
 =?UTF-8?q?=E7=AE=A1=E7=90=86/=E8=A7=92=E8=89=B2=E7=AE=A1=E7=90=86?=
 =?UTF-8?q?=E7=BC=96=E8=BE=91=E5=8F=8A=E7=8A=B6=E6=80=81=E5=8F=98=E6=9B=B4?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98=20(#53)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

修复用户管理修改任意信息,导致密码二次加密修改造成无法登录的问题

补充用户管理、权限管理状态变更后的逻辑：
1、禁用的角色不再允许分配给用户
2、已经分配给用户的角色不允许禁用
3、禁用用户后将清理该用户所有登录token
---
 .../admin/common/model/resp/LabelValueResp.java     | 12 ++++++++++++
 .../admin/auth/service/OnlineUserService.java       |  7 +++++++
 .../auth/service/impl/OnlineUserServiceImpl.java    |  8 ++++++++
 .../admin/system/service/UserRoleService.java       |  8 ++++++++
 .../admin/system/service/impl/RoleServiceImpl.java  |  6 +++++-
 .../system/service/impl/UserRoleServiceImpl.java    |  5 +++++
 .../admin/system/service/impl/UserServiceImpl.java  | 13 +++++++++++--
 7 files changed, 56 insertions(+), 3 deletions(-)

diff --git a/continew-admin-common/src/main/java/top/continew/admin/common/model/resp/LabelValueResp.java b/continew-admin-common/src/main/java/top/continew/admin/common/model/resp/LabelValueResp.java
index d100a36c..f2afb83a 100644
--- a/continew-admin-common/src/main/java/top/continew/admin/common/model/resp/LabelValueResp.java
+++ b/continew-admin-common/src/main/java/top/continew/admin/common/model/resp/LabelValueResp.java
@@ -51,6 +51,12 @@ public class LabelValueResp<T> implements Serializable {
     @Schema(description = "值", example = "1")
     private T value;
 
+    /**
+     * 是否禁用
+     */
+    @Schema(description = "是否禁用", example = "false")
+    private Boolean disabled;
+
     /**
      * 颜色
      */
@@ -68,4 +74,10 @@ public class LabelValueResp<T> implements Serializable {
         this.value = value;
         this.color = color;
     }
+
+    public LabelValueResp(String label, T value, Boolean disabled) {
+        this.label = label;
+        this.value = value;
+        this.disabled = disabled;
+    }
 }
diff --git a/continew-admin-system/src/main/java/top/continew/admin/auth/service/OnlineUserService.java b/continew-admin-system/src/main/java/top/continew/admin/auth/service/OnlineUserService.java
index 20fc28e2..e0cbf2e6 100644
--- a/continew-admin-system/src/main/java/top/continew/admin/auth/service/OnlineUserService.java
+++ b/continew-admin-system/src/main/java/top/continew/admin/auth/service/OnlineUserService.java
@@ -55,4 +55,11 @@ public interface OnlineUserService {
      * @param roleId 角色 ID
      */
     void cleanByRoleId(Long roleId);
+
+    /**
+     * 根据用户 ID 清除登录
+     *
+     * @param userId 用户 ID
+     */
+    void cleanByUserId(Long userId);
 }
diff --git a/continew-admin-system/src/main/java/top/continew/admin/auth/service/impl/OnlineUserServiceImpl.java b/continew-admin-system/src/main/java/top/continew/admin/auth/service/impl/OnlineUserServiceImpl.java
index 0f46845b..acadc394 100644
--- a/continew-admin-system/src/main/java/top/continew/admin/auth/service/impl/OnlineUserServiceImpl.java
+++ b/continew-admin-system/src/main/java/top/continew/admin/auth/service/impl/OnlineUserServiceImpl.java
@@ -92,6 +92,14 @@ public class OnlineUserServiceImpl implements OnlineUserService {
         });
     }
 
+    @Override
+    public void cleanByUserId(Long userId) {
+        if (!StpUtil.isLogin(userId)) {
+            return;
+        }
+        StpUtil.logout(userId);
+    }
+
     /**
      * 是否符合查询条件
      *
diff --git a/continew-admin-system/src/main/java/top/continew/admin/system/service/UserRoleService.java b/continew-admin-system/src/main/java/top/continew/admin/system/service/UserRoleService.java
index e965676d..bc0f4648 100644
--- a/continew-admin-system/src/main/java/top/continew/admin/system/service/UserRoleService.java
+++ b/continew-admin-system/src/main/java/top/continew/admin/system/service/UserRoleService.java
@@ -57,4 +57,12 @@ public interface UserRoleService {
      * @return 总记录数
      */
     Long countByRoleIds(List<Long> roleIds);
+
+    /**
+     * 根据角色 ID 判断是否已被用户关联
+     *
+     * @param roleId 角色 ID
+     * @return 是否已关联
+     */
+    boolean isRoleIdExists(Long roleId);
 }
\ No newline at end of file
diff --git a/continew-admin-system/src/main/java/top/continew/admin/system/service/impl/RoleServiceImpl.java b/continew-admin-system/src/main/java/top/continew/admin/system/service/impl/RoleServiceImpl.java
index 8d78078d..5c764072 100644
--- a/continew-admin-system/src/main/java/top/continew/admin/system/service/impl/RoleServiceImpl.java
+++ b/continew-admin-system/src/main/java/top/continew/admin/system/service/impl/RoleServiceImpl.java
@@ -84,6 +84,8 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
         CheckUtils.throwIf(this.isNameExists(name, id), "修改失败，[{}] 已存在", name);
         RoleDO oldRole = super.getById(id);
         CheckUtils.throwIfNotEqual(req.getCode(), oldRole.getCode(), "角色编码不允许修改", oldRole.getName());
+        CheckUtils.throwIf(DisEnableStatusEnum.DISABLE.equals(req.getStatus()) && userRoleService
+            .isRoleIdExists(id), "所选角色存在用户关联，请解除关联后重试");
         DataScopeEnum oldDataScope = oldRole.getDataScope();
         if (Boolean.TRUE.equals(oldRole.getIsSystem())) {
             CheckUtils.throwIfEqual(DisEnableStatusEnum.DISABLE, req.getStatus(), "[{}] 是系统内置角色，不允许禁用", oldRole
@@ -141,7 +143,9 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleRes
         if (CollUtil.isEmpty(list)) {
             return new ArrayList<>(0);
         }
-        return list.stream().map(r -> new LabelValueResp<>(r.getName(), r.getId())).toList();
+        return list.stream()
+            .map(r -> new LabelValueResp<>(r.getName(), r.getId(), DisEnableStatusEnum.DISABLE.equals(r.getStatus())))
+            .toList();
     }
 
     @Override
diff --git a/continew-admin-system/src/main/java/top/continew/admin/system/service/impl/UserRoleServiceImpl.java b/continew-admin-system/src/main/java/top/continew/admin/system/service/impl/UserRoleServiceImpl.java
index 408dd557..fa6a0612 100644
--- a/continew-admin-system/src/main/java/top/continew/admin/system/service/impl/UserRoleServiceImpl.java
+++ b/continew-admin-system/src/main/java/top/continew/admin/system/service/impl/UserRoleServiceImpl.java
@@ -78,4 +78,9 @@ public class UserRoleServiceImpl implements UserRoleService {
     public Long countByRoleIds(List<Long> roleIds) {
         return userRoleMapper.lambdaQuery().in(UserRoleDO::getRoleId, roleIds).count();
     }
+
+    @Override
+    public boolean isRoleIdExists(Long roleId) {
+        return userRoleMapper.lambdaQuery().eq(UserRoleDO::getRoleId, roleId).exists();
+    }
 }
diff --git a/continew-admin-system/src/main/java/top/continew/admin/system/service/impl/UserServiceImpl.java b/continew-admin-system/src/main/java/top/continew/admin/system/service/impl/UserServiceImpl.java
index dc91bf3b..91ccade8 100644
--- a/continew-admin-system/src/main/java/top/continew/admin/system/service/impl/UserServiceImpl.java
+++ b/continew-admin-system/src/main/java/top/continew/admin/system/service/impl/UserServiceImpl.java
@@ -16,6 +16,7 @@
 
 package top.continew.admin.system.service.impl;
 
+import cn.hutool.core.bean.BeanUtil;
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.io.file.FileNameUtil;
 import cn.hutool.core.util.ObjectUtil;
@@ -32,6 +33,7 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.web.multipart.MultipartFile;
+import top.continew.admin.auth.service.OnlineUserService;
 import top.continew.admin.common.constant.CacheConstants;
 import top.continew.admin.common.enums.DisEnableStatusEnum;
 import top.continew.admin.common.util.helper.LoginHelper;
@@ -68,6 +70,7 @@ import java.util.Optional;
 @RequiredArgsConstructor
 public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserResp, UserDetailResp, UserQuery, UserReq> implements UserService, CommonUserService {
 
+    private final OnlineUserService onlineUserService;
     private final RoleService roleService;
     private final UserRoleService userRoleService;
     private final FileService fileService;
@@ -125,9 +128,15 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, UserDO, UserRes
             CheckUtils.throwIfNotEmpty(disjunctionRoleIds, "[{}] 是系统内置用户，不允许变更角色", oldUser.getNickname());
         }
         // 更新信息
-        super.update(req, id);
+        UserDO newUser = BeanUtil.toBean(req, UserDO.class);
+        newUser.setId(id);
+        baseMapper.updateById(newUser);
         // 保存用户和角色关联
-        userRoleService.add(req.getRoleIds(), id);
+        boolean isSaveUserRoleSuccess = userRoleService.add(req.getRoleIds(), id);
+        // 如果功能权限或数据权限有变更，则清除关联的在线用户（重新登录以获取最新角色权限）
+        if (DisEnableStatusEnum.DISABLE.equals(newStatus) || isSaveUserRoleSuccess) {
+            onlineUserService.cleanByUserId(id);
+        }
     }
 
     @Override