expert_management.git

RuoYi

2022-08-22 aadb7a41cb4c69177a0251c251813070f7f97cd5

优化Context信息,防止泄漏问题

已修改5个文件

	ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java	3 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java	5 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	ruoyi-framework/src/main/java/com/ruoyi/framework/security/context/PermissionContextHolder.java	12 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java	4 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	ruoyi-system/src/main/resources/mapper/system/SysMenuMapper.xml	1 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java

@@ -251,7 +251,7 @@
    /**

     * 获取对应角色部门树列表

     */

    @PreAuthorize("@ss.hasPermi('system:role:list')")

    @PreAuthorize("@ss.hasPermi('system:role:query')")

    @GetMapping(value = "/deptTree/{roleId}")

    public AjaxResult deptTree(@PathVariable("roleId") Long roleId)

    {

@@ -260,5 +260,4 @@
        ajax.put("depts", deptService.selectDeptTreeList(new SysDept()));

        return ajax;

    }



}


 ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java

@@ -12,11 +12,6 @@
     */

    public static final String SYS_USER = "SYS_USER";



    /**

     * ss标记的权限字符

     */

    public static final String SS_PERMISSION = "SS_PERMISSION";



    /** 正常状态 */

    public static final String NORMAL = "0";




 ruoyi-framework/src/main/java/com/ruoyi/framework/security/context/PermissionContextHolder.java

@@ -1,5 +1,9 @@
package com.ruoyi.framework.security.context;



import org.springframework.web.context.request.RequestAttributes;

import org.springframework.web.context.request.RequestContextHolder;

import com.ruoyi.common.core.text.Convert;



/**

 * 权限信息

 * 

@@ -7,15 +11,17 @@
 */

public class PermissionContextHolder

{

    private static final ThreadLocal<String> contextHolder = new ThreadLocal<>();

    private static final String PERMISSION_CONTEXT_ATTRIBUTES = "PERMISSION_CONTEXT";



    public static void setContext(String permission)

    {

        contextHolder.set(permission);

        RequestContextHolder.currentRequestAttributes().setAttribute(PERMISSION_CONTEXT_ATTRIBUTES, permission,

                RequestAttributes.SCOPE_REQUEST);

    }



    public static String getContext()

    {

        return contextHolder.get();

        return Convert.toStr(RequestContextHolder.currentRequestAttributes().getAttribute(PERMISSION_CONTEXT_ATTRIBUTES,

                RequestAttributes.SCOPE_REQUEST));

    }

}


 ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java

@@ -89,6 +89,10 @@
                throw new ServiceException(e.getMessage());

            }

        }

        finally

        {

            AuthenticationContextHolder.clearContext();

        }

        AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));

        LoginUser loginUser = (LoginUser) authentication.getPrincipal();

        recordLoginInfo(loginUser.getUserId());


 ruoyi-system/src/main/resources/mapper/system/SysMenuMapper.xml

@@ -118,7 +118,6 @@
        where m.status = '0' and rm.role_id = #{roleId}

    </select>

    

	
    <select id="selectMenuById" parameterType="Long" resultMap="SysMenuResult">

        <include refid="selectMenuVo"/>

        where menu_id = #{menuId}

			@@ -251,7 +251,7 @@
			/**
			* 获取对应角色部门树列表
			*/
			@PreAuthorize("@ss.hasPermi('system:role:list')")
			@PreAuthorize("@ss.hasPermi('system:role:query')")
			@GetMapping(value = "/deptTree/{roleId}")
			public AjaxResult deptTree(@PathVariable("roleId") Long roleId)
			{
			@@ -260,5 +260,4 @@
			ajax.put("depts", deptService.selectDeptTreeList(new SysDept()));
			return ajax;
			}

			}

			@@ -12,11 +12,6 @@
			*/
			public static final String SYS_USER = "SYS_USER";

			/**
			* ss标记的权限字符
			*/
			public static final String SS_PERMISSION = "SS_PERMISSION";

			/** 正常状态 */
			public static final String NORMAL = "0";

			@@ -1,5 +1,9 @@
			package com.ruoyi.framework.security.context;

			import org.springframework.web.context.request.RequestAttributes;
			import org.springframework.web.context.request.RequestContextHolder;
			import com.ruoyi.common.core.text.Convert;

			/**
			* 权限信息
			*
			@@ -7,15 +11,17 @@
			*/
			public class PermissionContextHolder
			{
			private static final ThreadLocal<String> contextHolder = new ThreadLocal<>();
			private static final String PERMISSION_CONTEXT_ATTRIBUTES = "PERMISSION_CONTEXT";

			public static void setContext(String permission)
			{
			contextHolder.set(permission);
			RequestContextHolder.currentRequestAttributes().setAttribute(PERMISSION_CONTEXT_ATTRIBUTES, permission,
			RequestAttributes.SCOPE_REQUEST);
			}

			public static String getContext()
			{
			return contextHolder.get();
			return Convert.toStr(RequestContextHolder.currentRequestAttributes().getAttribute(PERMISSION_CONTEXT_ATTRIBUTES,
			RequestAttributes.SCOPE_REQUEST));
			}
			}

			@@ -89,6 +89,10 @@
			throw new ServiceException(e.getMessage());
			}
			}
			finally
			{
			AuthenticationContextHolder.clearContext();
			}
			AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
			LoginUser loginUser = (LoginUser) authentication.getPrincipal();
			recordLoginInfo(loginUser.getUserId());

			@@ -118,7 +118,6 @@
			where m.status = '0' and rm.role_id = #{roleId}
			</select>


			<select id="selectMenuById" parameterType="Long" resultMap="SysMenuResult">
			<include refid="selectMenuVo"/>
			where menu_id = #{menuId}