阶段提交

src/main/java/com/usky/config/shiro/UserRealm.java

@@ -18,6 +18,7 @@ import org.apache.shiro.authz.AuthorizationInfo;
 import org.apache.shiro.authz.SimpleAuthorizationInfo;
 import org.apache.shiro.realm.AuthorizingRealm;
 import org.apache.shiro.subject.PrincipalCollection;
+import org.apache.shiro.subject.SimplePrincipalCollection;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Service;
 
@@ -95,6 +96,7 @@ public class UserRealm extends AuthorizingRealm {
             String currentTimeMillisRedis = redisUtil.get(Constant.PREFIX_SHIRO_REFRESH_TOKEN + loginName).toString();
             // 获取AccessToken时间戳，与RefreshToken的时间戳对比
             if (JwtUtil.getClaim(token, Constant.CURRENT_TIME_MILLIS).equals(currentTimeMillisRedis)) {
+
                 return new SimpleAuthenticationInfo(token, token, "userRealm");
             }
         }

src/main/java/com/usky/config/shiro/cache/CustomCache.java

@@ -50,6 +50,7 @@ public class CustomCache<K, V> implements Cache<K, V> {
         return redisUtil().get(this.getKey(key));
     }
 
+
     /**
      * 保存缓存
      */
@@ -62,6 +63,14 @@ public class CustomCache<K, V> implements Cache<K, V> {
         return redisUtil().set(this.getKey(key), value, Integer.parseInt(shiroCacheExpireTime));
     }
 
+
+    public Object reloadCache(Object key, Object value) throws CacheException {
+        PropertiesUtil.readProperties("config.properties");
+        String shiroCacheExpireTime = PropertiesUtil.getProperty("shiroCacheExpireTime");
+        // 设置Redis的Shiro缓存
+        return redisUtil().set(this.getKey(key), value, Integer.parseInt(shiroCacheExpireTime));
+    }
+
     /**
      * 移除缓存
      */
@@ -104,7 +113,7 @@ public class CustomCache<K, V> implements Cache<K, V> {
 //            set.add(SerializableUtil.unserializable(bs));
 //        }
         redisUtil().keys();
-        return  redisUtil().keys();
+        return redisUtil().keys();
     }
 
     /**

src/main/java/com/usky/controller/login/LoginController.java

@@ -66,7 +66,7 @@ public class LoginController {
         if (key.equals(loginName + passWord)) {
             // 清除可能存在的Shiro权限信息缓存
             if (redisUtil.hasKey(Constant.PREFIX_SHIRO_CACHE + loginName)) {
-                redisUtil.hasKey(Constant.PREFIX_SHIRO_CACHE + loginName);
+                redisUtil.del(Constant.PREFIX_SHIRO_CACHE + loginName);
             }
             // 设置RefreshToken，时间戳为当前时间戳，直接设置即可(不用先删后设，会覆盖已有的RefreshToken)
             String currentTimeMillis = String.valueOf(System.currentTimeMillis());

src/main/java/com/usky/controller/sys/RoleController.java

@@ -1,5 +1,6 @@
 package com.usky.controller.sys;
 
+import com.usky.constant.Constant;
 import com.usky.entity.sys.SysRoleDTO;
 import com.usky.entity.sys.SysUserRoleDTO;
 import com.usky.entity.sys.vo.SysDeptVO;

src/main/java/com/usky/controller/sys/UserController.java

@@ -139,10 +139,10 @@ public class UserController {
     @ResponseBody
     @ApiImplicitParams({
             @ApiImplicitParam(name = "status", value = "账户状态 0正常 1 停用", required = false, paramType = "query"),
-            @ApiImplicitParam(name = "phonenumber", value = "手机号", required = true, paramType = "query"),
-            @ApiImplicitParam(name = "deptId", value = "部门id", required = true, paramType = "query"),
-            @ApiImplicitParam(name = "roleIds", value = "角色", required = true, paramType = "query"),
-            @ApiImplicitParam(name = "userName", value = "用户名", required = true, paramType = "query"),
+            @ApiImplicitParam(name = "phonenumber", value = "手机号", required = false, paramType = "query"),
+            @ApiImplicitParam(name = "deptId", value = "部门id", required = false, paramType = "query"),
+            @ApiImplicitParam(name = "roleIds", value = "角色", required = false, paramType = "query"),
+            @ApiImplicitParam(name = "userName", value = "用户名", required = false, paramType = "query"),
             @ApiImplicitParam(name = "remark", value = "备注", required = false, paramType = "query"),
             @ApiImplicitParam(name = "userId", value = "用户id", required = true, paramType = "query")
     })
@@ -174,6 +174,10 @@ public class UserController {
         user.setRoleIds(roleIds);
         user.setPhonenumber(phonenumber);
         userService.updateUser(user);
+        SysUserDTO userDTO = userService.queryUserById(userId);
+        if (redisUtil.hasKey(Constant.PREFIX_SHIRO_CACHE + userDTO.getLoginName())) {
+            redisUtil.del(Constant.PREFIX_SHIRO_CACHE + userDTO.getLoginName());
+        }
         return Result.OK();
     }
 

src/main/java/com/usky/entity/sys/vo/SysUserVO.java

@@ -49,6 +49,7 @@ public class SysUserVO extends BaseEntity implements Serializable {
     @ApiModelProperty("随机盐")
     private String salt;
     @ApiModelProperty("账户状态 0正常 1 停用")
+    @NotBlank(message = "账户状态不能为空")
     private String status;
     @ApiModelProperty("删除标准 0 未删除 1 已删除")
     private String delFlag;

src/main/java/com/usky/service/sys/RoleServiceImpl.java

@@ -165,6 +165,7 @@ public class RoleServiceImpl extends BaseDaoImpl implements RoleService {
                 "\tr.role_name AS roleName,\n" +
                 "\tr.role_key AS roleKey,\n" +
                 "\tr.role_sort AS roleSort,\n" +
+                "\tr.data_scope AS dataScope,\n" +
                 "\tr.`status`,\n" +
                 "\tr.create_by AS createBy,\n" +
                 "\tr.create_time AS createTime\n" +
@@ -204,7 +205,7 @@ public class RoleServiceImpl extends BaseDaoImpl implements RoleService {
 
     public void insertRoleDept(SysRoleVO role) {
         // 新增角色与部门（数据权限）管理
-        if (null != role.getMenuIds() && role.getMenuIds().length != 0) {
+        if (null != role.getDeptIds() && role.getDeptIds().length != 0) {
             for (Integer deptId : role.getDeptIds()) {
                 SysRoleDeptDTO rd = new SysRoleDeptDTO();
                 rd.setRoleId(role.getRoleId());
@@ -217,6 +218,8 @@ public class RoleServiceImpl extends BaseDaoImpl implements RoleService {
 
     }
 
+
+
     public void delRoleDept(Integer roleId) {
         getSession().createSQLQuery("delete from sys_role_dept where role_id=" + roleId + "").executeUpdate();
     }

src/main/java/com/usky/service/sys/user/UserServiceImpl.java

@@ -118,6 +118,7 @@ public class UserServiceImpl extends BaseDaoImpl implements UserService {
         if (StringUtils.isNotBlank(dataScope)) {
             sb.append(" ").append(dataScope);
         }
+        sb.append(" order by u.create_time DESC");
         List list = getSession().createSQLQuery(sb.toString()).list();
 
         Page<SysUserVO> result = new Page<>(list.size(), pageSize);

src/main/java/com/usky/utils/ShiroUtils.java

@@ -102,6 +102,23 @@ public class ShiroUtils {
         subject.runAs(newPrincipalCollection);
     }
 
+    /**
+     * 重新赋值权限(在比如:给一个角色临时添加一个权限,需要调用此方法刷新权限,否则还是没有刚赋值的权限)
+     * @param myRealm 自定义的realm
+     * @param username 用户名
+     */
+    public static void reloadAuthorizing(String username){
+        Subject subject = SecurityUtils.getSubject();
+        String realmName = subject.getPrincipals().getRealmNames().iterator().next();
+        //第一个参数为用户名,第二个参数为realmName,test想要操作权限的用户
+        SimplePrincipalCollection principals = new SimplePrincipalCollection(username,realmName);
+        subject.runAs(principals);
+    //    myRealm.getAuthorizationCache().remove(subject.getPrincipals());
+    //    subject.releaseRunAs();
+    }
+
+
+
     public static Integer getUserId() {
         return getSysUser().getUserId();
     }

src/main/resources/config.properties

@@ -3,10 +3,10 @@ encryptAESKey=V2FuZzkyNjQ1NGRTQkFQSUpXVA==
 # JWT认证加密私钥(Base64加密)
 encryptJWTKey=U0JBUElKV1RkV2FuZzkyNjQ1NA==
 # AccessToken过期时间-5分钟-5*60(秒为单位)
-accessTokenExpireTime=1800
+accessTokenExpireTime=180000
 # RefreshToken过期时间-30分钟-30*60(秒为单位)
-refreshTokenExpireTime=1800
+refreshTokenExpireTime=180000
 # Shiro缓存过期时间-5分钟-5*60(秒为单位)(一般设置与AccessToken过期时间一致)
-shiroCacheExpireTime=1800
+shiroCacheExpireTime=180000
 #密码长度
 passwordMaxLen=8