hhyykk/ipms-sjy
1
1
Fork 0
mirror of https://gitee.com/hhyykk/ipms-sjy.git synced 2025-11-04 04:08:43 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

增加 UserRole 的缓存,完善权限相关的单元测试

Browse Source
This commit is contained in:
YunaiV
2022-05-12 22:57:58 +08:00
parent 97db4586a8
commit 49b4eedfc0
8 changed files with 451 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/auth/AuthController.java
View File

@@ -93,7 +93,7 @@ public class AuthController {
return null;
}
// 获得角色列表
Set<Long> roleIds = permissionService.getUserRoleIds(getLoginUserId(), singleton(CommonStatusEnum.ENABLE.getStatus()));
Set<Long> roleIds = permissionService.getUserRoleIdsFromCache(getLoginUserId(), singleton(CommonStatusEnum.ENABLE.getStatus()));
List<RoleDO> roleList = roleService.getRolesFromCache(roleIds);
// 获得菜单列表
List<MenuDO> menuList = permissionService.getRoleMenuListFromCache(roleIds,
@@ -107,7 +107,7 @@ public class AuthController {
@ApiOperation("获得登录用户的菜单列表")
public CommonResult<List<AuthMenuRespVO>> getMenus() {
// 获得角色列表
Set<Long> roleIds = permissionService.getUserRoleIds(getLoginUserId(), singleton(CommonStatusEnum.ENABLE.getStatus()));
Set<Long> roleIds = permissionService.getUserRoleIdsFromCache(getLoginUserId(), singleton(CommonStatusEnum.ENABLE.getStatus()));
// 获得用户拥有的菜单列表
List<MenuDO> menuList = permissionService.getRoleMenuListFromCache(roleIds,
SetUtils.asSet(MenuTypeEnum.DIR.getType(), MenuTypeEnum.MENU.getType()), // 只要目录和菜单类型

6
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/dal/mysql/permission/UserRoleMapper.java
View File

@@ -4,8 +4,10 @@ import cn.iocoder.yudao.framework.mybatis.core.mapper.BaseMapperX;
import cn.iocoder.yudao.module.system.dal.dataobject.permission.UserRoleDO;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Select;
import java.util.Collection;
import java.util.Date;
import java.util.List;
@Mapper
@@ -36,4 +38,8 @@ public interface UserRoleMapper extends BaseMapperX<UserRoleDO> {
default List<UserRoleDO> selectListByRoleIds(Collection<Long> roleIds) {
return selectList(UserRoleDO::getRoleId, roleIds);
}
@Select("SELECT COUNT(*) FROM system_user_role WHERE update_time > #{maxUpdateTime}")
Long selectCountByUpdateTimeGt(Date maxUpdateTime);
}

29
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/mq/consumer/permission/UserRoleRefreshConsumer.java Normal file
View File

@@ -0,0 +1,29 @@
package cn.iocoder.yudao.module.system.mq.consumer.permission;
import cn.iocoder.yudao.framework.mq.core.pubsub.AbstractChannelMessageListener;
import cn.iocoder.yudao.module.system.mq.message.permission.UserRoleRefreshMessage;
import cn.iocoder.yudao.module.system.service.permission.PermissionService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
/**
* 针对 {@link UserRoleRefreshMessage} 的消费者
*
* @author 芋道源码
*/
@Component
@Slf4j
public class UserRoleRefreshConsumer extends AbstractChannelMessageListener<UserRoleRefreshMessage> {
@Resource
private PermissionService permissionService;
@Override
public void onMessage(UserRoleRefreshMessage message) {
log.info("[onMessage][收到 User 与 Role 的关联刷新消息]");
permissionService.initLocalCache();
}
}

21
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/mq/message/permission/UserRoleRefreshMessage.java Normal file
View File

@@ -0,0 +1,21 @@
package cn.iocoder.yudao.module.system.mq.message.permission;
import cn.iocoder.yudao.framework.mq.core.pubsub.AbstractChannelMessage;
import lombok.Data;
import lombok.EqualsAndHashCode;
/**
* 用户与角色的数据刷新 Message
*
* @author 芋道源码
*/
@Data
@EqualsAndHashCode(callSuper = true)
public class UserRoleRefreshMessage extends AbstractChannelMessage {
@Override
public String getChannel() {
return "system.user-role.refresh";
}
}

9
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/mq/producer/permission/PermissionProducer.java
View File

@@ -2,6 +2,7 @@ package cn.iocoder.yudao.module.system.mq.producer.permission;
import cn.iocoder.yudao.module.system.mq.message.permission.RoleMenuRefreshMessage;
import cn.iocoder.yudao.framework.mq.core.RedisMQTemplate;
import cn.iocoder.yudao.module.system.mq.message.permission.UserRoleRefreshMessage;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
@@ -23,4 +24,12 @@ public class PermissionProducer {
redisMQTemplate.send(message);
}
/**
* 发送 {@link UserRoleRefreshMessage} 消息
*/
public void sendUserRoleRefreshMessage() {
UserRoleRefreshMessage message = new UserRoleRefreshMessage();
redisMQTemplate.send(message);
}
}

28
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/permission/PermissionService.java
View File

@@ -37,13 +37,13 @@ public interface PermissionService extends SecurityPermissionFrameworkService, D
Collection<Integer> menusStatuses);
/**
* 获得用户拥有的角色编号集合
* 获得用户拥有的角色编号集合,从缓存中获取
*
* @param userId 用户编号
* @param roleStatuses 角色状态集合. 允许为空,为空时不过滤
* @return 角色编号集合
*/
Set<Long> getUserRoleIds(Long userId, @Nullable Collection<Integer> roleStatuses);
Set<Long> getUserRoleIdsFromCache(Long userId, @Nullable Collection<Integer> roleStatuses);
/**
* 获得角色拥有的菜单编号集合
@@ -53,6 +53,14 @@ public interface PermissionService extends SecurityPermissionFrameworkService, D
*/
Set<Long> getRoleMenuIds(Long roleId);
/**
* 获得拥有多个角色的用户编号集合
*
* @param roleIds 角色编号集合
* @return 用户编号集合
*/
Set<Long> getUserRoleIdListByRoleIds(Collection<Long> roleIds);
/**
* 设置角色菜单
*
@@ -69,14 +77,6 @@ public interface PermissionService extends SecurityPermissionFrameworkService, D
*/
Set<Long> getUserRoleIdListByUserId(Long userId);
/**
* 获得拥有某个角色的用户编号集合
*
* @param roleId 角色编号
* @return 用户编号集合
*/
Set<Long> getUserRoleIdListByRoleId(Long roleId);
/**
* 设置用户角色
*
@@ -115,12 +115,4 @@ public interface PermissionService extends SecurityPermissionFrameworkService, D
*/
void processUserDeleted(Long userId);
/**
* 获得拥有多个角色的用户编号集合
*
* @param roleIds 角色编号集合
* @return 用户编号集合
*/
Set<Long> getUserRoleIdListByRoleIds(Collection<Long> roleIds);
}

151
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/permission/PermissionServiceImpl.java
View File

@@ -23,10 +23,13 @@ import cn.iocoder.yudao.module.system.enums.permission.DataScopeEnum;
import cn.iocoder.yudao.module.system.mq.producer.permission.PermissionProducer;
import cn.iocoder.yudao.module.system.service.dept.DeptService;
import cn.iocoder.yudao.module.system.service.user.AdminUserService;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Suppliers;
import com.google.common.collect.ImmutableMultimap;
import com.google.common.collect.Multimap;
import com.google.common.collect.Sets;
import lombok.Getter;
import lombok.Setter;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Lazy;
import org.springframework.scheduling.annotation.Scheduled;
@@ -40,6 +43,8 @@ import javax.annotation.Resource;
import java.util.*;
import java.util.function.Supplier;
import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.convertSet;
import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.getMaxValue;
import static cn.iocoder.yudao.framework.security.core.util.SecurityFrameworkUtils.getLoginUserId;
import static java.util.Collections.singleton;
@@ -65,6 +70,8 @@ public class PermissionServiceImpl implements PermissionService {
*
* 这里声明 volatile 修饰的原因是,每次刷新时,直接修改指向
*/
@Getter
@Setter // 单元测试
private volatile Multimap<Long, Long> roleMenuCache;
/**
* 菜单编号与角色编号的缓存映射
@@ -73,11 +80,29 @@ public class PermissionServiceImpl implements PermissionService {
*
* 这里声明 volatile 修饰的原因是,每次刷新时,直接修改指向
*/
@Getter
private volatile Multimap<Long, Long> menuRoleCache;
/**
* 缓存菜单的最大更新时间,用于后续的增量轮询,判断是否有更新
* 缓存 RoleMenu 的最大更新时间,用于后续的增量轮询,判断是否有更新
*/
private volatile Date maxUpdateTime;
@Getter
private volatile Date roleMenuMaxUpdateTime;
/**
* 用户编号与角色编号的缓存映射
* key用户编号
* value角色编号的数组
*
* 这里声明 volatile 修饰的原因是,每次刷新时,直接修改指向
*/
@Getter
@Setter // 单元测试需要
private volatile Map<Long, Set<Long>> userRoleCache;
/**
* 缓存 UserRole 的最大更新时间,用于后续的增量轮询,判断是否有更新
*/
@Getter
private volatile Date userRoleMaxUpdateTime;
@Resource
private RoleMenuMapper roleMenuMapper;
@@ -104,15 +129,21 @@ public class PermissionServiceImpl implements PermissionService {
@Lazy // 注入自己,所以延迟加载
private PermissionService self;
/**
* 初始化 {@link #roleMenuCache} 和 {@link #menuRoleCache} 缓存
*/
@Override
@PostConstruct
@TenantIgnore // 初始化缓存,无需租户过滤
public void initLocalCache() {
initUserRoleLocalCache();
initRoleMenuLocalCache();
}
/**
* 初始化 {@link #roleMenuCache} 和 {@link #menuRoleCache} 缓存
*/
@VisibleForTesting
void initRoleMenuLocalCache() {
// 获取角色与菜单的关联列表,如果有更新
List<RoleMenuDO> roleMenuList = loadRoleMenuIfUpdate(maxUpdateTime);
List<RoleMenuDO> roleMenuList = loadRoleMenuIfUpdate(roleMenuMaxUpdateTime);
if (CollUtil.isEmpty(roleMenuList)) {
return;
}
@@ -126,8 +157,27 @@ public class PermissionServiceImpl implements PermissionService {
});
roleMenuCache = roleMenuCacheBuilder.build();
menuRoleCache = menuRoleCacheBuilder.build();
maxUpdateTime = CollectionUtils.getMaxValue(roleMenuList, RoleMenuDO::getUpdateTime);
log.info("[initLocalCache][初始化角色与菜单的关联数量为 {}]", roleMenuList.size());
roleMenuMaxUpdateTime = getMaxValue(roleMenuList, RoleMenuDO::getUpdateTime);
log.info("[initRoleMenuLocalCache][初始化角色与菜单的关联数量为 {}]", roleMenuList.size());
}
/**
* 初始化 {@link #userRoleCache} 缓存
*/
@VisibleForTesting
void initUserRoleLocalCache() {
// 获取用户与角色的关联列表,如果有更新
List<UserRoleDO> userRoleList = loadUserRoleIfUpdate(userRoleMaxUpdateTime);
if (CollUtil.isEmpty(userRoleList)) {
return;
}
// 初始化 userRoleCache 缓存
ImmutableMultimap.Builder<Long, Long> userRoleCacheBuilder = ImmutableMultimap.builder();
userRoleList.forEach(userRoleDO -> userRoleCacheBuilder.put(userRoleDO.getUserId(), userRoleDO.getRoleId()));
userRoleCache = CollectionUtils.convertMultiMap2(userRoleList, UserRoleDO::getUserId, UserRoleDO::getRoleId);
userRoleMaxUpdateTime = getMaxValue(userRoleList, UserRoleDO::getUpdateTime);
log.info("[initUserRoleLocalCache][初始化用户与角色的关联数量为 {}]", userRoleList.size());
}
@Scheduled(fixedDelay = SCHEDULER_PERIOD, initialDelay = SCHEDULER_PERIOD)
@@ -156,6 +206,27 @@ public class PermissionServiceImpl implements PermissionService {
return roleMenuMapper.selectList();
}
/**
* 如果用户与角色的关联发生变化,从数据库中获取最新的全量用户与角色的关联。
* 如果未发生变化,则返回空
*
* @param maxUpdateTime 当前角色与菜单的关联的最大更新时间
* @return 角色与菜单的关联列表
*/
protected List<UserRoleDO> loadUserRoleIfUpdate(Date maxUpdateTime) {
// 第一步,判断是否要更新。
if (maxUpdateTime == null) { // 如果更新时间为空,说明 DB 一定有新数据
log.info("[loadUserRoleIfUpdate][首次加载全量用户与角色的关联]");
} else { // 判断数据库中是否有更新的用户与角色的关联
if (userRoleMapper.selectCountByUpdateTimeGt(maxUpdateTime) == 0) {
return null;
}
log.info("[loadUserRoleIfUpdate][增量加载全量用户与角色的关联]");
}
// 第二步,如果有更新,则从数据库加载所有用户与角色的关联
return userRoleMapper.selectList();
}
@Override
public List<MenuDO> getRoleMenuListFromCache(Collection<Long> roleIds, Collection<Integer> menuTypes,
Collection<Integer> menusStatuses) {
@@ -176,35 +247,33 @@ public class PermissionServiceImpl implements PermissionService {
}
@Override
public Set<Long> getUserRoleIds(Long userId, Collection<Integer> roleStatuses) {
List<UserRoleDO> userRoleList = userRoleMapper.selectListByUserId(userId);
public Set<Long> getUserRoleIdsFromCache(Long userId, Collection<Integer> roleStatuses) {
Set<Long> roleIds = new HashSet<>(userRoleCache.get(userId));
// 过滤角色状态
if (CollectionUtil.isNotEmpty(roleStatuses)) {
userRoleList.removeIf(userRoleDO -> {
RoleDO role = roleService.getRoleFromCache(userRoleDO.getRoleId());
roleIds.removeIf(roleId -> {
RoleDO role = roleService.getRoleFromCache(roleId);
return role == null || !roleStatuses.contains(role.getStatus());
});
}
return CollectionUtils.convertSet(userRoleList, UserRoleDO::getRoleId);
return roleIds;
}
@Override
public Set<Long> getRoleMenuIds(Long roleId) {
// 如果是管理员的情况下,获取全部菜单编号
RoleDO role = roleService.getRole(roleId);
if (roleService.hasAnySuperAdmin(Collections.singletonList(role))) {
return CollectionUtils.convertSet(menuService.getMenus(), MenuDO::getId);
if (roleService.hasAnySuperAdmin(Collections.singleton(roleId))) {
return convertSet(menuService.getMenus(), MenuDO::getId);
}
// 如果是非管理员的情况下,获得拥有的菜单编号
return CollectionUtils.convertSet(roleMenuMapper.selectListByRoleId(roleId),
RoleMenuDO::getMenuId);
return convertSet(roleMenuMapper.selectListByRoleId(roleId), RoleMenuDO::getMenuId);
}
@Override
@Transactional(rollbackFor = Exception.class)
public void assignRoleMenu(Long roleId, Set<Long> menuIds) {
// 获得角色拥有菜单编号
Set<Long> dbMenuIds = CollectionUtils.convertSet(roleMenuMapper.selectListByRoleId(roleId),
Set<Long> dbMenuIds = convertSet(roleMenuMapper.selectListByRoleId(roleId),
RoleMenuDO::getMenuId);
// 计算新增和删除的菜单编号
Collection<Long> createMenuIds = CollUtil.subtract(menuIds, dbMenuIds);
@@ -234,20 +303,21 @@ public class PermissionServiceImpl implements PermissionService {
@Override
public Set<Long> getUserRoleIdListByUserId(Long userId) {
return CollectionUtils.convertSet(userRoleMapper.selectListByUserId(userId),
return convertSet(userRoleMapper.selectListByUserId(userId),
UserRoleDO::getRoleId);
}
@Override
public Set<Long> getUserRoleIdListByRoleId(Long roleId) {
return CollectionUtils.convertSet(userRoleMapper.selectListByRoleId(roleId),
UserRoleDO::getRoleId);
public Set<Long> getUserRoleIdListByRoleIds(Collection<Long> roleIds) {
return convertSet(userRoleMapper.selectListByRoleIds(roleIds),
UserRoleDO::getUserId);
}
@Override
@Transactional(rollbackFor = Exception.class)
public void assignUserRole(Long userId, Set<Long> roleIds) {
// 获得角色拥有角色编号
Set<Long> dbRoleIds = CollectionUtils.convertSet(userRoleMapper.selectListByUserId(userId),
Set<Long> dbRoleIds = convertSet(userRoleMapper.selectListByUserId(userId),
UserRoleDO::getRoleId);
// 计算新增和删除的角色编号
Collection<Long> createRoleIds = CollUtil.subtract(roleIds, dbRoleIds);
@@ -264,6 +334,15 @@ public class PermissionServiceImpl implements PermissionService {
if (!CollectionUtil.isEmpty(deleteMenuIds)) {
userRoleMapper.deleteListByUserIdAndRoleIdIds(userId, deleteMenuIds);
}
// 发送刷新消息. 注意,需要事务提交后,在进行发送刷新消息。不然 db 还未提交,结果缓存先刷新了
TransactionSynchronizationManager.registerSynchronization(new TransactionSynchronization() {
@Override
public void afterCommit() {
permissionProducer.sendUserRoleRefreshMessage();
}
});
}
@Override
@@ -284,6 +363,7 @@ public class PermissionServiceImpl implements PermissionService {
@Override
public void afterCommit() {
permissionProducer.sendRoleMenuRefreshMessage();
permissionProducer.sendUserRoleRefreshMessage();
}
});
@@ -305,8 +385,17 @@ public class PermissionServiceImpl implements PermissionService {
}
@Override
@Transactional(rollbackFor = Exception.class)
public void processUserDeleted(Long userId) {
userRoleMapper.deleteListByUserId(userId);
TransactionSynchronizationManager.registerSynchronization(new TransactionSynchronization() {
@Override
public void afterCommit() {
permissionProducer.sendUserRoleRefreshMessage();
}
});
}
@Override
@@ -322,7 +411,7 @@ public class PermissionServiceImpl implements PermissionService {
}
// 获得当前登录的角色。如果为空,说明没有权限
Set<Long> roleIds = getUserRoleIds(getLoginUserId(), singleton(CommonStatusEnum.ENABLE.getStatus()));
Set<Long> roleIds = getUserRoleIdsFromCache(getLoginUserId(), singleton(CommonStatusEnum.ENABLE.getStatus()));
if (CollUtil.isEmpty(roleIds)) {
return false;
}
@@ -357,7 +446,7 @@ public class PermissionServiceImpl implements PermissionService {
}
// 获得当前登录的角色。如果为空,说明没有权限
Set<Long> roleIds = getUserRoleIds(getLoginUserId(), singleton(CommonStatusEnum.ENABLE.getStatus()));
Set<Long> roleIds = getUserRoleIdsFromCache(getLoginUserId(), singleton(CommonStatusEnum.ENABLE.getStatus()));
if (CollUtil.isEmpty(roleIds)) {
return false;
}
@@ -365,7 +454,7 @@ public class PermissionServiceImpl implements PermissionService {
if (roleService.hasAnySuperAdmin(roleIds)) {
return true;
}
Set<String> userRoles = CollectionUtils.convertSet(roleService.getRolesFromCache(roleIds),
Set<String> userRoles = convertSet(roleService.getRolesFromCache(roleIds),
RoleDO::getCode);
return CollUtil.containsAny(userRoles, Sets.newHashSet(roles));
}
@@ -375,7 +464,7 @@ public class PermissionServiceImpl implements PermissionService {
public DeptDataPermissionRespDTO getDeptDataPermission(Long userId) {
DeptDataPermissionRespDTO result = new DeptDataPermissionRespDTO();
// 获得用户的角色
Set<Long> roleIds = getUserRoleIds(userId, singleton(CommonStatusEnum.ENABLE.getStatus()));
Set<Long> roleIds = getUserRoleIdsFromCache(userId, singleton(CommonStatusEnum.ENABLE.getStatus()));
if (CollUtil.isEmpty(roleIds)) {
return result;
}
@@ -425,10 +514,4 @@ public class PermissionServiceImpl implements PermissionService {
return result;
}
@Override
public Set<Long> getUserRoleIdListByRoleIds(Collection<Long> roleIds) {
return CollectionUtils.convertSet(userRoleMapper.selectListByRoleIds(roleIds),
UserRoleDO::getUserId);
}
}