修改用户信息代码

ad-platform-common/ad-platform-common-security/src/main/java/com/baiye/config/ResourceServerAutoConfiguration.java

@@ -6,6 +6,8 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.firewall.HttpFirewall;
+import org.springframework.security.web.firewall.StrictHttpFirewall;
 
 /**
  *
@@ -23,4 +25,17 @@ public class ResourceServerAutoConfiguration {
         return new BCryptPasswordEncoder();
     }
 
+
+    /**
+     * 配置地址栏不能识别 // 的情况
+     * @return
+     */
+    @Bean
+    public HttpFirewall allowUrlEncodedSlashHttpFirewall() {
+        StrictHttpFirewall firewall = new StrictHttpFirewall();
+        //此处可添加别的规则,目前只设置 允许双 //
+        firewall.setAllowUrlEncodedDoubleSlash(true);
+        return firewall;
+    }
+
 }

ad-platform-common/ad-platform-common-security/src/main/java/com/baiye/service/UserDetailsServiceImpl.java

@@ -105,9 +105,7 @@ public class UserDetailsServiceImpl implements UserDetailsService {
 
         Set<String> dbAuthsSet = new HashSet<>();
         if (CollUtil.isNotEmpty(user.getRoles())) {
-            user.getRoles().forEach(role -> {
-                dbAuthsSet.add(SecurityConstants.ROLE + role);
-            });
+            user.getRoles().forEach(role -> dbAuthsSet.add(SecurityConstants.ROLE + role));
             // TODO: 2020/8/12 远程查询部门数据权限
             //......
         }

ad-platform-manage/ad-platform-management/src/main/java/com/baiye/modules/system/controller/UserController.java

@@ -15,17 +15,17 @@
  */
 package com.baiye.modules.system.controller;
 
+import cn.hutool.core.collection.CollUtil;
+import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.json.JSONUtil;
 import com.baiye.component.LoginUser;
 import com.baiye.config.properties.RsaProperties;
 import com.baiye.constant.AdPlatFormConstants;
 import com.baiye.constant.DefaultNumberConstants;
 import com.baiye.constant.RoleNumberConstants;
+import com.baiye.constant.SecurityConstants;
 import com.baiye.exception.BadRequestException;
-import com.baiye.model.dto.DelUserDTO;
-import com.baiye.model.dto.RoleSmallDto;
-import com.baiye.model.dto.UserDto;
-import com.baiye.model.dto.UserFavorOfExcel;
+import com.baiye.model.dto.*;
 import com.baiye.modules.platform.domain.vo.UserPassVo;
 import com.baiye.modules.platform.service.dto.BuyComboDTO;
 import com.baiye.modules.platform.service.dto.CreateUserDTO;
@@ -38,6 +38,8 @@ import com.baiye.util.ReadExcelUtils;
 import com.baiye.util.RsaUtils;
 import com.baiye.util.SecurityUtils;
 import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.Maps;
+import io.micrometer.core.instrument.util.StringUtils;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
@@ -46,6 +48,8 @@ import org.springframework.data.domain.Pageable;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.validation.annotation.Validated;
@@ -54,10 +58,7 @@ import org.springframework.web.multipart.MultipartFile;
 
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
+import java.util.*;
 import java.util.stream.Collectors;
 
 /**
@@ -82,12 +83,33 @@ public class UserController {
     @ApiOperation("获取用户信息")
     @GetMapping(value = "/info")
     public ResponseEntity<Object> getUserInfo() {
+        LoginUser user;
+        Set<String> dbAuthsSet = new HashSet<>();
         LoginUser currentUser = SecurityUtils.getCurrentUser();
+        if (ObjectUtil.isNotNull(currentUser)) {
+            UserDto byName = this.userService.findByName(currentUser.getUsername());
+            Set<String> stringSet = roleService.getUserPermissions(byName);
+            if (CollUtil.isNotEmpty(byName.getRoles())) {
+                byName.getRoles().forEach
+                        (role -> dbAuthsSet.add(SecurityConstants.ROLE + role));
+            }
+            if (Boolean.TRUE.equals(byName.getIsAdmin())) {
+                dbAuthsSet.add(SecurityConstants.ADMIN);
+            }
+            String[] authArray = dbAuthsSet.stream().filter(StringUtils::isNotBlank).toArray(String[]::new);
+            List<GrantedAuthority> authorityList = null;
+            if (CollUtil.isNotEmpty(dbAuthsSet)) {
+                authorityList = AuthorityUtils.createAuthorityList(authArray);
+            }
+            user = new LoginUser(byName, stringSet, byName.getId(), byName.getUsername(), byName.getPassword(), byName.getEnabled(),
+                    true, true, true, authorityList, new ArrayList<>());
             String jwtTokenString = EncryptUtil.AESEncode(currentUser.getUser().getId().toString(), AdPlatFormConstants.PLATFORM_USER);
             // 返回 token 与 用户信息
-        Map<String, Object> authInfo = ImmutableMap.of("user", currentUser, "jwtToken", jwtTokenString);
+            Map<String, Object> authInfo = ImmutableMap.of("user", user, "jwtToken", jwtTokenString);
             return ResponseEntity.ok(authInfo);
         }
+        return ResponseEntity.ok(Maps.newConcurrentMap());
+    }
 
 
     @ApiOperation("导出用户数据")

ad-platform-pojo/src/main/java/com/baiye/model/dto/UserByNameDTO.java

@@ -1,10 +1,8 @@
 package com.baiye.model.dto;
 
 import lombok.Data;
-import org.springframework.security.core.GrantedAuthority;
 
 import java.io.Serializable;
-import java.util.List;
 import java.util.Set;
 
 /**