更新 User 的 enabled 和 locked 字段

manager/src/main/java/cn/reghao/devops/manager/rbac/controller/UserController.java

@@ -34,12 +34,8 @@ public class UserController {
     @PreAuthorize("hasRole('ROLE_ADMIN')")
     @ApiOperation(value = "创建用户")
     @PostMapping(produces = MediaType.APPLICATION_JSON_VALUE)
-    public String createUser(@Validated UserCreateDto userCreateDTO) {
-        /*Set<UserAuthority> authorities = roles.stream()
-                .map(role -> new UserAuthority(role.getTitle()))
-                .collect(Collectors.toSet());
-        user.setAuthorities(authorities);
-        userService.createUser(user);*/
+    public String createUser(@Validated UserCreateDto userCreateDto) {
+        userService.createUser(userCreateDto);
         return WebResult.success();
     }
 

manager/src/main/java/cn/reghao/devops/manager/rbac/model/po/Role.java

@@ -33,7 +33,6 @@ public class Role extends BaseEntity {
     private String description;
     // Role 端维护 Role 和 Menu 之间的关系
     @ManyToMany
-    //@JoinTable(name = "role_menu", joinColumns = @JoinColumn(name = "role_id"), inverseJoinColumns = @JoinColumn(name = "menu_id"))
     @JoinTable(name = "sys_role_menu", joinColumns = @JoinColumn(name = "role_id"), inverseJoinColumns = @JoinColumn(name = "menu_id"))
     private Set<Menu> menus;
 }

manager/src/main/java/cn/reghao/devops/manager/rbac/model/po/User.java

@@ -35,16 +35,11 @@ public class User extends BaseEntity implements UserDetails {
     private String password;
     @Column(nullable = false)
     private String salt;
-    // roles 和 authorities 是同一个东东, 只是 authorities 用于 Spring Security
     @ElementCollection(fetch = FetchType.EAGER)
-    //@CollectionTable(name = "user_role")
     @CollectionTable(name = "sys_user_role")
     private Set<String> role;
-    @Transient
-    @Deprecated
-    private Set<UserAuthority> authorities;
-    private Boolean isEnabled = true;
-    private Boolean isLocked = false;
+    private Boolean enabled = true;
+    private Boolean locked = false;
 
     @NotBlank(message = "用户名不能为空白字符串")
     private String nickname;
@@ -53,10 +48,10 @@ public class User extends BaseEntity implements UserDetails {
     private String email;
     private Integer gender;
 
-    public User(String username, String password, Set<UserAuthority> authorities) {
+    public User(String username, String password, Set<String> roles) {
         this.username = username;
         this.password = password;
-        this.authorities = authorities;
+        this.role = roles;
         this.nickname = username;
         this.avatarUrl = "/imgs/avatar.jpg";
         this.gender = 2;
@@ -105,7 +100,7 @@ public class User extends BaseEntity implements UserDetails {
      */
     @Override
     public boolean isEnabled() {
-        return isEnabled;
+        return enabled;
     }
 
     /**
@@ -117,7 +112,7 @@ public class User extends BaseEntity implements UserDetails {
      */
     @Override
     public boolean isAccountNonLocked() {
-        return isLocked;
+        return locked;
     }
 
     /**
@@ -129,9 +124,6 @@ public class User extends BaseEntity implements UserDetails {
      */
     @Override
     public Collection<? extends GrantedAuthority> getAuthorities() {
-        if (authorities == null) {
-            authorities = role.stream().map(UserAuthority::new).collect(Collectors.toSet());
-        }
-        return authorities;
+        return role.stream().map(UserAuthority::new).collect(Collectors.toSet());
     }
 }

manager/src/main/java/cn/reghao/devops/manager/rbac/model/po/UserAuthority.java

@@ -5,20 +5,15 @@ import org.springframework.security.core.SpringSecurityCoreVersion;
 import org.springframework.util.Assert;
 
 /**
- * SimpleGrantedAuthority 的重写
+ * SimpleGrantedAuthority 的重写, 仅用于 SpringSecurity
  *
  * @author reghao
  * @date 2020-06-24 14:44:25
  */
-@Deprecated
 public class UserAuthority implements GrantedAuthority {
     private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
     private final String role;
 
-    public UserAuthority() {
-        this.role = "ROLE_USER";
-    }
-
     public UserAuthority(String role) {
         Assert.hasText(role, "A granted authority textual representation is required");
         this.role = role;

manager/src/main/java/cn/reghao/devops/manager/rbac/model/vo/UserVO.java

@@ -28,6 +28,6 @@ public class UserVO {
         this.mobilePhone = user.getMobilePhone();
         this.email = user.getEmail();
         this.createTime = DateTimeConverter.format(user.getCreateTime());
-        this.status = user.getIsEnabled() ? "启用" : "禁用";
+        this.status = user.getEnabled() ? "启用" : "禁用";
     }
 }

manager/src/main/java/cn/reghao/devops/manager/rbac/service/UserService.java

@@ -1,5 +1,6 @@
 package cn.reghao.devops.manager.rbac.service;
 
+import cn.reghao.devops.manager.rbac.model.dto.UserCreateDto;
 import cn.reghao.devops.manager.rbac.model.po.User;
 import cn.reghao.devops.manager.rbac.model.dto.UserInfo;
 import cn.reghao.devops.manager.rbac.model.dto.UserRole;
@@ -10,7 +11,7 @@ import cn.reghao.devops.manager.rbac.model.dto.UserRole;
  */
 public interface UserService {
     User getUser(String username);
-    void createUser(User user);
+    void createUser(UserCreateDto userCreateDto);
     void modifyUserPassword(Integer userId, String newPassword);
     void modifyUserInfo(UserInfo userInfo);
     void setUserRoles(UserRole userRole);

manager/src/main/java/cn/reghao/devops/manager/rbac/service/impl/UserServiceImpl.java

@@ -1,6 +1,8 @@
 package cn.reghao.devops.manager.rbac.service.impl;
 
+import cn.reghao.devops.manager.rbac.db.repository.RoleRepository;
 import cn.reghao.devops.manager.rbac.db.repository.UserRepository;
+import cn.reghao.devops.manager.rbac.model.dto.UserCreateDto;
 import cn.reghao.devops.manager.rbac.model.po.Role;
 import cn.reghao.devops.manager.rbac.service.UserService;
 import cn.reghao.jutil.jdk.security.Cryptor;
@@ -8,15 +10,12 @@ import cn.reghao.jutil.jdk.security.Md5Cryptor;
 import cn.reghao.jutil.jdk.security.RandomString;
 import cn.reghao.devops.manager.rbac.model.dto.UserInfo;
 import cn.reghao.devops.manager.rbac.model.dto.UserRole;
-import cn.reghao.devops.manager.rbac.model.po.UserAuthority;
 import cn.reghao.devops.manager.rbac.model.po.User;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.security.core.GrantedAuthority;
 import org.springframework.stereotype.Service;
 
 import java.security.NoSuchAlgorithmException;
 import java.util.Set;
-import java.util.stream.Collectors;
 
 /**
  * @author reghao
@@ -26,42 +25,39 @@ import java.util.stream.Collectors;
 @Service
 public class UserServiceImpl implements UserService {
     private final UserRepository userRepository;
+    private RoleRepository roleRepository;
     private final Cryptor cryptor;
 
-    public UserServiceImpl(UserRepository userRepository) throws NoSuchAlgorithmException {
+    public UserServiceImpl(UserRepository userRepository, RoleRepository roleRepository) throws NoSuchAlgorithmException {
         this.userRepository = userRepository;
+        this.roleRepository = roleRepository;
         this.cryptor = new Md5Cryptor();
     }
 
     @Override
     public User getUser(String username) {
         User user = userRepository.findByUsername(username);
-        if (user != null) {
-            setGrantedAuthorities(user);
-        }
         return user;
     }
 
-    private void setGrantedAuthorities(User user) {
-        Set<UserAuthority> grantedAuthorities = user.getRole().stream()
-                .map(UserAuthority::new)
-                .collect(Collectors.toSet());
-        user.setAuthorities(grantedAuthorities);
-    }
-
     @Override
-    public void createUser(User user) {
-        String username = user.getUsername();
+    public void createUser(UserCreateDto userCreateDto) {
+        String username = userCreateDto.getUsername();
         User userEntity = userRepository.findByUsername(username);
         if (userEntity != null) {
             log.error("用户 {} 已存在", username);
             return;
         }
 
-        Set<String> roles = user.getAuthorities().stream()
-                .map(GrantedAuthority::getAuthority)
-                .collect(Collectors.toSet());
-        user.setRole(roles);
+        int roleId = userCreateDto.getRoleId();
+        Role role = roleRepository.findById(roleId).orElse(null);
+        if (role == null) {
+            log.error("角色 {} 不存在", roleId);
+            return;
+        }
+
+        String password = userCreateDto.getPassword();
+        User user = new User(username, password, Set.of(role.getTitle()));
         setEncryptPassword(user);
         userRepository.save(user);
     }
@@ -106,15 +102,6 @@ public class UserServiceImpl implements UserService {
         if (userEntity == null) {
             return;
         }
-        /*Set<UserAuthority> authorities = userRole.getRoles().stream()
-                .map(role -> new UserAuthority(role.getTitle()))
-                .collect(Collectors.toSet());
-        userEntity.setAuthorities(authorities);*/
-
-        Set<String> roles = userRole.getRoles().stream()
-                .map(Role::getTitle)
-                .collect(Collectors.toSet());
-        userEntity.setRole(roles);
         userRepository.save(userEntity);
     }
 
@@ -125,7 +112,7 @@ public class UserServiceImpl implements UserService {
             return;
         }
 
-        userEntity.setIsEnabled(enable);
+        userEntity.setEnabled(enable);
         userRepository.save(userEntity);
     }