diff --git a/src/main/java/com/zsc/edu/gateway/framework/security/SecurityUtil.java b/src/main/java/com/zsc/edu/gateway/framework/security/SecurityUtil.java index c670439..6c95315 100644 --- a/src/main/java/com/zsc/edu/gateway/framework/security/SecurityUtil.java +++ b/src/main/java/com/zsc/edu/gateway/framework/security/SecurityUtil.java @@ -1,6 +1,7 @@ package com.zsc.edu.gateway.framework.security; import org.springframework.security.authentication.AnonymousAuthenticationToken; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; @@ -20,6 +21,13 @@ public class SecurityUtil { return (UserDetailsImpl) authentication.getPrincipal(); } + public static void setUserInfo(UserDetailsImpl user) { + // 重新加载用户信息并更新SecurityContext + SecurityContextHolder.getContext().setAuthentication( + new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities()) + ); + } + public static Optional getCurrentAuditor() { try { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); diff --git a/src/main/java/com/zsc/edu/gateway/modules/system/controller/UserController.java b/src/main/java/com/zsc/edu/gateway/modules/system/controller/UserController.java index 16c7bf2..a099c8f 100644 --- a/src/main/java/com/zsc/edu/gateway/modules/system/controller/UserController.java +++ b/src/main/java/com/zsc/edu/gateway/modules/system/controller/UserController.java @@ -91,7 +91,10 @@ public class UserController { * @return 更新后的用户信息 */ @PatchMapping("self") - public Boolean selfUpdate(@AuthenticationPrincipal UserDetailsImpl userDetails, @RequestBody UserSelfUpdateDto dto) { + public Boolean selfUpdate( + @AuthenticationPrincipal UserDetailsImpl userDetails, + @RequestBody UserSelfUpdateDto dto + ) { return service.selfUpdate(userDetails, dto); } @@ -186,7 +189,7 @@ public class UserController { * */ @GetMapping("dept/{id}") public Collection listByDept(@PathVariable("id") Long id) { - return service.list(new QueryWrapper().eq("dept_id", id)); + return service.list(new LambdaQueryWrapper().eq(User::getDeptId, id)); } /** diff --git a/src/main/java/com/zsc/edu/gateway/modules/system/service/impl/UserServiceImpl.java b/src/main/java/com/zsc/edu/gateway/modules/system/service/impl/UserServiceImpl.java index 779d218..3043aac 100644 --- a/src/main/java/com/zsc/edu/gateway/modules/system/service/impl/UserServiceImpl.java +++ b/src/main/java/com/zsc/edu/gateway/modules/system/service/impl/UserServiceImpl.java @@ -3,6 +3,7 @@ package com.zsc.edu.gateway.modules.system.service.impl; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.zsc.edu.gateway.exception.ConstraintException; +import com.zsc.edu.gateway.framework.security.SecurityUtil; import com.zsc.edu.gateway.framework.security.UserDetailsImpl; import com.zsc.edu.gateway.modules.system.dto.UserCreateDto; import com.zsc.edu.gateway.modules.system.dto.UserSelfUpdateDto; @@ -122,20 +123,13 @@ public class UserServiceImpl extends ServiceImpl implement if (role == null) { throw new ConstraintException("角色不存在"); } - UserDetailsImpl userDetails = (UserDetailsImpl) SecurityContextHolder.getContext().getAuthentication().getPrincipal(); - User user = getById(userDetails.getId()); - if (Objects.equals(user.getRoleId(), roleId)) { - throw new ConstraintException("不能切换到当前角色"); - } - user.setRoleId(roleId); - boolean updated = updateById(user); + UserDetailsImpl userDetails = SecurityUtil.getUserInfo(); + boolean updated = lambdaUpdate().eq(User::getId, userDetails.getId()) + .set(User::getRoleId, roleId) + .update(); userDetails.setRole(role); if (updated) { - SecurityContextHolder.getContext().setAuthentication( - new org.springframework.security.authentication.UsernamePasswordAuthenticationToken( - userDetails, userDetails.getPassword(), userDetails.getAuthorities() - ) - ); + SecurityUtil.setUserInfo(userDetails); } return userDetails; }