cloud.hedou.abp.identity.RemoteIdentityService.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of abp-spring-boot-starter Show documentation
Show all versions of abp-spring-boot-starter Show documentation
When the functions of ABP cannot meet service requirements, the Spring Boot framework can be used to expand its own services to make use of abundant Java frameworks on the market.
package cloud.hedou.abp.identity
import com.fasterxml.jackson.databind.ObjectMapper
import cloud.hedou.abp.extension.deserialize
import cloud.hedou.abp.remote.HttpClient
import cloud.hedou.abp.remote.HttpClient.Companion.create
import cloud.hedou.abp.webcore.ForbiddenException
import org.slf4j.LoggerFactory
import org.springframework.amqp.rabbit.annotation.Exchange
import org.springframework.amqp.rabbit.annotation.Queue
import org.springframework.amqp.rabbit.annotation.QueueBinding
import org.springframework.amqp.rabbit.annotation.RabbitListener
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.cache.CacheManager
import org.springframework.cache.annotation.Cacheable
import org.springframework.stereotype.Repository
import retrofit2.HttpException
@Repository
class RemoteIdentityService(httpClient: HttpClient) {
private val remoteIdentityApi: RemoteIdentityApi = httpClient.create()
@Autowired
private lateinit var cacheManager: CacheManager
@Autowired
private lateinit var objectMapper: ObjectMapper
private val logger = LoggerFactory.getLogger(javaClass)
/** 查找指定ID的用户 */
@Cacheable(value = [CACHE_NAME_USER])
fun getUserById(userId: String): AbpUser {
return remoteIdentityApi
.getUserById(userId)
.execute()
.body()!!
}
/** 查询用户所属的角色列表 */
@Cacheable(value = [CACHE_NAME_ROLE_BY_USER])
fun getRolesByUserId(userId: String): List {
val response = remoteIdentityApi
.getRoleByUserId(userId)
.execute()
if (!response.isSuccessful) throw ForbiddenException("获取用户角色/岗位失败!", HttpException(response))
return response.body()?.items ?: emptyList()
}
/** 查询用户所属的部门 */
@Cacheable(value = [CACHE_NAME_ORG_BY_USER])
fun getDepartmentsByUserId(userId: String): List {
val response = remoteIdentityApi
.getDepartmentsByUserId(userId)
.execute()
if (!response.isSuccessful) throw ForbiddenException("获取用户所在部门失败!", HttpException(response))
return response.body() ?: emptyList()
}
@Cacheable(value = [CACHE_NAME_ORG_BY_ID])
fun getDepartmentById(departmentId: String): AbpDepartment {
val response = remoteIdentityApi
.getDepartmentById(departmentId)
.execute()
if (!response.isSuccessful) throw ForbiddenException("获取部门信息失败!", HttpException(response))
return response.body()!!
}
@Cacheable(value = [CACHE_NAME_ORG_BY_TENANT])
fun getDepartmentsByTenantId(tenantId: String): List {
val response = remoteIdentityApi.getDepartments(0, 100).execute()
if (!response.isSuccessful) throw ForbiddenException("获取部门数据失败!")
val pagedList = response.body() ?: throw ForbiddenException("获取部门数据失败!", HttpException(response))
val list = pagedList.items.toMutableList()
for (skip in 100..pagedList.totalCount step 100) {
val page = remoteIdentityApi.getDepartments(skip, 100).execute()
.body()
?.items
?: throw ForbiddenException("获取部门数据失败!", HttpException(response))
list.addAll(page)
}
return list
}
/** 获取指定部门下所有的角色ID */
@Cacheable(value = [CACHE_NAME_ROLES_BY_ORG])
fun getRolesByDepartmentId(departmentId: String): List {
var response = remoteIdentityApi.getRolesByDepartmentId(departmentId, 0, 100).execute()
if (!response.isSuccessful) throw ForbiddenException("获取部门下的角色/岗位失败!", HttpException(response))
val pagedList = response.body()!!
val roleList = pagedList.items.toMutableList()
for (skip in 100..pagedList.totalCount.toInt() step 100) {
response = remoteIdentityApi.getRolesByDepartmentId(departmentId, skip, 100).execute()
if (!response.isSuccessful) throw ForbiddenException("获取部门下的角色/岗位失败!", HttpException(response))
response.body()!!.items.let(roleList::addAll)
}
return roleList
}
/** 获取指定部门下所有的角色ID */
@Cacheable(value = [CACHE_NAME_USERS_BY_ORG])
fun getUsersByDepartmentId(departmentId: String): List {
var response = remoteIdentityApi
.getUsersByDepartmentId(departmentId, 0, 100)
.execute()
if (!response.isSuccessful) throw ForbiddenException("获取部门下的用户失败!", HttpException(response))
val pagedList = response.body()!!
val userList = pagedList.items.toMutableList()
for (skip in 100..pagedList.totalCount.toInt() step 100) {
response = remoteIdentityApi
.getUsersByDepartmentId(departmentId, skip, 100)
.execute()
if (!response.isSuccessful) throw ForbiddenException("获取部门下的用户失败!", HttpException(response))
response.body()!!.items.let(userList::addAll)
}
return userList
}
/** 获取权限 */
@Cacheable(value = [CACHE_NAME_AUTH_BY_USER])
fun getGrantedAuthorities(token: String): List {
val response = remoteIdentityApi
.getUserConfiguration()
.execute()
if (!response.isSuccessful) throw ForbiddenException("获取权限数据失败!", HttpException(response))
val userConfiguration = response.body() ?: throw ForbiddenException("获取权限数据失败!", HttpException(response))
return userConfiguration.auth.grantedPolicies.map(Map.Entry::key)
}
/** 根据部门与角色搜索用户列表 */
@Cacheable(value = [CACHE_NAME_USER_SEARCH])
fun findUsers(departmentId: String, roleId: String?): List {
var response = remoteIdentityApi.findUsers(roleId, departmentId, 0, 100).execute()
if (!response.isSuccessful) throw ForbiddenException("获取用户列表失败!", HttpException(response))
val pagedList = response.body()!!
val mutableList = pagedList.items.toMutableList()
for (skip in 100..pagedList.totalCount step 100) {
response = remoteIdentityApi.findUsers(roleId, departmentId, skip, 100).execute()
if (!response.isSuccessful) throw ForbiddenException("获取用户列表失败!", HttpException(response))
mutableList.addAll(response.body()!!.items)
}
return mutableList
}
/** 根据部门与角色搜索用户列表 */
@Cacheable(value = [CACHE_NAME_ROLE_BY_TENANT])
fun getRoles(tenantId: String): List {
var response = remoteIdentityApi.getRoles(0, 100).execute()
if (!response.isSuccessful) throw ForbiddenException("获取用户列表失败!", HttpException(response))
val pagedList = response.body()!!
val mutableList = pagedList.items.toMutableList()
for (skip in 100..pagedList.totalCount step 100) {
response = remoteIdentityApi.getRoles(skip, 100).execute()
if (!response.isSuccessful) throw ForbiddenException("获取用户列表失败!", HttpException(response))
mutableList.addAll(response.body()!!.items)
}
return mutableList
}
/** 当用户信息发生变化时,此方法会通过RabbitMQ调用,将该用户相关的缓存信息清除掉 */
@RabbitListener(
bindings = [
QueueBinding(
value = Queue("identity_queue"),
exchange = Exchange("xh_tenants_eventbus"),
key = ["Volo.Abp.Users.User.Updated"]
)
]
)
fun onIdentityChanged(value: String) {
logger.info("onIdentityChanged, $value")
val user = value.deserialize(objectMapper).entity
//清空用部门ID做KEY的所有缓存,因为无法确定修改的信息是否是与自己相关的信息
cacheManager.getCache(CACHE_NAME_ORG_BY_ID)?.clear()
cacheManager.getCache(CACHE_NAME_USERS_BY_ORG)?.clear()
cacheManager.getCache(CACHE_NAME_ROLES_BY_ORG)?.clear()
cacheManager.getCache(CACHE_NAME_ORG_BY_TENANT)?.clear()
cacheManager.getCache(CACHE_NAME_ROLE_BY_TENANT)?.clear()
//清除用此用户ID做KEY的缓存
cacheManager.getCache(CACHE_NAME_USER)?.evictIfPresent(user.id)
cacheManager.getCache(CACHE_NAME_ORG_BY_USER)?.evictIfPresent(user.id)
cacheManager.getCache(CACHE_NAME_AUTH_BY_USER)?.evictIfPresent(user.id)
cacheManager.getCache(CACHE_NAME_ROLE_BY_USER)?.evictIfPresent(user.id)
}
private companion object {
/** 用户信息缓存池名称 */
const val CACHE_NAME_USER = "abp_user"
/** 用户部门缓存池名称 */
const val CACHE_NAME_ORG_BY_USER = "abp_org_user"
/** 通过ID获取部门的缓存池名称 */
const val CACHE_NAME_ORG_BY_ID = "abp_org_id"
/** 所有部门的缓存池名称 */
const val CACHE_NAME_ORG_BY_TENANT = "abp_org_tenant"
/** 部门下的用户缓存池名称 */
const val CACHE_NAME_USERS_BY_ORG = "abp_user_org"
/** 部门下的角色缓存池名称 */
const val CACHE_NAME_ROLES_BY_ORG = "abp_role_org"
/** 用户的角色缓存池名称 */
const val CACHE_NAME_ROLE_BY_USER = "abp_role_user"
/** 用户的权限缓存池名称 */
const val CACHE_NAME_AUTH_BY_USER = "abp_auth_user"
/** 搜索用户的缓存池名称 */
const val CACHE_NAME_USER_SEARCH = "abp_user_search"
/** 该租户下所有的角色 */
const val CACHE_NAME_ROLE_BY_TENANT = "abp_role_tenant"
}
}