update AccountRole

auth/auth-service/src/main/java/cn/reghao/tnb/auth/app/db/repository/AccountRepository.java

@@ -179,7 +179,7 @@ public class AccountRepository {
     private UserAccount setAccountAuthorities(UserAccount userAccount) {
         Set<UserAuthority> set = userRoleMapper.findRolesByUserId(userAccount.getUserId()).stream()
                 .map(userRole -> {
-                    String role = AccountRole.getByDesc(userRole.getName()).name();
+                    String role = AccountRole.getByName(userRole.getName()).name();
                     return new UserAuthority(role);
                 })
                 .collect(Collectors.toSet());

auth/auth-service/src/main/java/cn/reghao/tnb/auth/app/model/po/UserAuthority.java

@@ -16,7 +16,7 @@ public class UserAuthority implements GrantedAuthority {
     private final String role;
 
     public UserAuthority() {
-        this.role = AccountRole.user.getValue();
+        this.role = AccountRole.ROLE_TNB_USER.name();
     }
 
     public UserAuthority(String role) {

auth/auth-service/src/main/java/cn/reghao/tnb/auth/app/security/AuthConverter.java

@@ -1,10 +1,12 @@
 package cn.reghao.tnb.auth.app.security;
 
+import cn.reghao.tnb.auth.app.model.po.UserAuthority;
 import cn.reghao.tnb.auth.app.security.form.AccountAuthToken;
 import cn.reghao.tnb.auth.model.JwtPayload;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.AuthorityUtils;
 
+import java.util.Arrays;
 import java.util.List;
 import java.util.stream.Collectors;
 
@@ -19,8 +21,9 @@ public class AuthConverter {
         long userId = accountAuthToken.getUserId();
         int loginType = accountAuthToken.getLoginType();
         String authorities = accountAuthToken.getAuthorities().stream()
-                .map(GrantedAuthority::getAuthority)
-                .collect(Collectors.toList())
+                .map(grantedAuthority -> grantedAuthority.getAuthority()
+                        .replace("ROLE_", "").toLowerCase())
+                .toList()
                 .toString();
         String jti = "";
         return new JwtPayload(plat, loginId, userId, loginType, authorities, jti);
@@ -33,7 +36,10 @@ public class AuthConverter {
         int loginType = jwtPayload.getLoginType();
         String authoritiesStr = jwtPayload.getAuthorities();
         String authoritiesStr0 = authoritiesStr.replace("[", "").replace("]", "");
-        List<GrantedAuthority> authorities = AuthorityUtils.commaSeparatedStringToAuthorityList(authoritiesStr0);
+        List<String> authorityList = Arrays.stream(authoritiesStr0.split(","))
+                .map(role -> String.format("ROLE_%s", role.toUpperCase()))
+                .toList();
+        List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList(authorityList);
         return new AccountAuthToken(plat, loginId, loginType, userId, authorities);
     }
 }

auth/auth-service/src/main/java/cn/reghao/tnb/auth/app/service/AccountProfileService.java

@@ -15,6 +15,8 @@ import cn.reghao.tnb.common.auth.AccountRole;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 
+import java.util.Locale;
+
 /**
  * @author reghao
  * @date 2023-02-18 14:42:57
@@ -40,15 +42,15 @@ public class AccountProfileService {
     }
 
     public Result grantRole(GrantRole grantRole) {
-        String roleName = grantRole.getRole();
-        AccountRole accountRole = AccountRole.getByDesc(roleName);
+        String roleName = String.format("ROLE_%s", grantRole.getRole()).toUpperCase(Locale.ROOT);
+        AccountRole accountRole = AccountRole.getByName(roleName);
         if (accountRole == null) {
             return Result.fail(String.format("role %s not exists", roleName));
         }
 
         AccountAuthToken authToken = accountTokenService.getAuthToken();
         long userId = authToken.getUserId();
-        accountRepository.addUserRole(userId, accountRole.getDesc());
+        accountRepository.addUserRole(userId, accountRole.name());
         return Result.success();
     }
 

auth/auth-service/src/main/java/cn/reghao/tnb/auth/app/service/impl/AccountRegistryServiceImpl.java

@@ -114,7 +114,7 @@ public class AccountRegistryServiceImpl implements AccountRegistryService {
             String password = ConstantId.ADMIN_PASSWORD;
             String salt = RandomString.getSalt(64);
             String encodedPassword = passwordEncoder.encode(password + salt);
-            Set<UserAuthority> authorities = Set.of(new UserAuthority(AccountRole.admin.getValue()));
+            Set<UserAuthority> authorities = Set.of(new UserAuthority(AccountRole.ROLE_TNB_ADMIN.getValue()));
 
             UserAccount userAccount = new UserAccount(principal, userId, encodedPassword, salt, authorities);
             accountRepository.saveAccount(userAccount);

common/src/main/java/cn/reghao/tnb/common/auth/AccountRole.java

@@ -8,21 +8,19 @@ import java.util.Map;
  * @date 2024-02-14 19:13:18
  */
 public enum AccountRole {
-    disk("ROLE_TNB_DISK", "tnb_disk"),
-    user("ROLE_TNB_USER", "tnb_user"),
-    admin("ROLE_TNB_ADMIN", "tnb_admin");
+    ROLE_TNB_DISK("tnb_disk"),
+    ROLE_TNB_USER("tnb_user"),
+    ROLE_TNB_ADMIN("tnb_admin");
 
     private final String value;
-    private final String desc;
-    AccountRole(String value, String desc) {
+    AccountRole(String value) {
         this.value = value;
-        this.desc = desc;
     }
 
     private static final Map<String, AccountRole> map = new HashMap<>();
     static {
         for (AccountRole role : AccountRole.values()) {
-            map.put(role.getDesc(), role);
+            map.put(role.name(), role);
         }
     }
 
@@ -34,11 +32,7 @@ public enum AccountRole {
         return value;
     }
 
-    public String getDesc() {
-        return desc;
-    }
-
-    public static AccountRole getByDesc(String desc) {
-        return map.get(desc);
+    public static AccountRole getByName(String name) {
+        return map.get(name);
     }
 }

common/src/main/java/cn/reghao/tnb/common/auth/AuthUserAspect.java

@@ -30,7 +30,7 @@ public class AuthUserAspect {
         boolean auth = authUser.value();
         LoginUser loginUser = UserContext.getLoginUser();
         if (auth && loginUser.getUserId() != -1) {
-            boolean ret = loginUser.getRoles().contains(AccountRole.user.getValue());
+            boolean ret = loginUser.getRoles().contains(AccountRole.ROLE_TNB_USER.getValue());
             return point.proceed(point.getArgs());
         }
 

gateway/src/main/resources/application.yml

@@ -230,7 +230,7 @@ spring:
 #            allowedHeaders: "*"
 app:
   resources:
-    _api_admin_: role_tnb_admin
-    _api_oss_: role_tnb_admin
-    _api_blog_bg_: role_tnb_admin
-    _api_disk_: role_tnb_disk
+    _api_admin_: tnb_admin
+    _api_oss_: tnb_admin
+    _api_blog_bg_: tnb_admin
+    _api_disk_: tnb_disk

message/message-service/src/main/java/cn/reghao/tnb/message/app/service/UserMessageService.java

@@ -34,7 +34,7 @@ public class UserMessageService {
     public void addMessage(UserMessageDto userMessageDto) {
         long receiverId = userMessageDto.getReceiver();
         if (receiverId == ConstantId.ANONYMOUS_USER_ID) {
-            long adminUserId = accountQuery.getByRole(AccountRole.admin.getValue());
+            long adminUserId = accountQuery.getByRole(AccountRole.ROLE_TNB_ADMIN.getValue());
             if (adminUserId == ConstantId.ANONYMOUS_USER_ID) {
                 log.error("system not init yet");
                 return;