Commit 2e6ddb3efbdfff37418036f0ba48b3433ce4a76a
1 parent
4c8f4b37
fix: [DEFECT-1541]租户、租户管理员的启用禁用,已登录的租户或租户管理员在禁用后,需重新登录。不能继续操作其他页面
Showing
3 changed files
with
71 additions
and
12 deletions
| ... | ... | @@ -23,6 +23,7 @@ import org.thingsboard.server.common.data.id.TenantId; |
| 23 | 23 | import org.thingsboard.server.common.data.id.UserId; |
| 24 | 24 | import org.thingsboard.server.common.data.query.TsValue; |
| 25 | 25 | import org.thingsboard.server.common.data.security.UserCredentials; |
| 26 | +import org.thingsboard.server.common.data.security.event.UserAuthDataChangedEvent; | |
| 26 | 27 | import org.thingsboard.server.common.data.yunteng.constant.FastIotConstants; |
| 27 | 28 | import org.thingsboard.server.common.data.yunteng.constant.ModelConstants; |
| 28 | 29 | import org.thingsboard.server.common.data.yunteng.core.cache.CacheUtils; |
| ... | ... | @@ -740,6 +741,31 @@ public class SysUserServiceImpl extends AbstractBaseService<UserMapper, SysUserE |
| 740 | 741 | return user; |
| 741 | 742 | } |
| 742 | 743 | |
| 744 | + @Override | |
| 745 | + public void updateTenantAdminUserCredentials( | |
| 746 | + List<UserId> ids, | |
| 747 | + String currentTenantId, | |
| 748 | + boolean userCredentialsEnabled, | |
| 749 | + boolean needUpdateStatus) { | |
| 750 | + TenantId tenantId = new TenantId(UUID.fromString(currentTenantId)); | |
| 751 | + for (UserId id : ids) { | |
| 752 | + tbUserService.setUserCredentialsEnabled(tenantId, id, userCredentialsEnabled); | |
| 753 | + eventPublisher.publishEvent(new UserAuthDataChangedEvent(id)); | |
| 754 | + // 更新租户管理员的状态 | |
| 755 | + if (needUpdateStatus) { | |
| 756 | + SysUserEntity entity = | |
| 757 | + baseMapper.selectOne( | |
| 758 | + new LambdaQueryWrapper<SysUserEntity>() | |
| 759 | + .eq(SysUserEntity::getTenantId, currentTenantId) | |
| 760 | + .eq(SysUserEntity::getTbUser, id.getId().toString())); | |
| 761 | + if (null != entity) { | |
| 762 | + entity.setEnabled(userCredentialsEnabled); | |
| 763 | + baseMapper.updateById(entity); | |
| 764 | + } | |
| 765 | + } | |
| 766 | + } | |
| 767 | + } | |
| 768 | + | |
| 743 | 769 | private void checkPassword(AccountReqDTO accountReqDTO, SysUserEntity user) { |
| 744 | 770 | if (null == user |
| 745 | 771 | || StringUtils.isEmpty(accountReqDTO.getPassword()) | ... | ... |
| ... | ... | @@ -13,10 +13,12 @@ import org.springframework.scheduling.annotation.Async; |
| 13 | 13 | import org.springframework.stereotype.Service; |
| 14 | 14 | import org.springframework.transaction.annotation.Transactional; |
| 15 | 15 | import org.thingsboard.server.common.data.id.EntityId; |
| 16 | +import org.thingsboard.server.common.data.id.UserId; | |
| 16 | 17 | import org.thingsboard.server.common.data.query.TsValue; |
| 17 | 18 | import org.thingsboard.server.common.data.yunteng.core.exception.TkDataValidationException; |
| 18 | 19 | import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage; |
| 19 | 20 | import org.thingsboard.server.common.data.yunteng.dto.TenantDTO; |
| 21 | +import org.thingsboard.server.common.data.yunteng.dto.UserDTO; | |
| 20 | 22 | import org.thingsboard.server.common.data.yunteng.dto.request.TenantReqDTO; |
| 21 | 23 | import org.thingsboard.server.common.data.yunteng.enums.TenantStatusEnum; |
| 22 | 24 | import org.thingsboard.server.common.data.yunteng.utils.ReflectUtils; |
| ... | ... | @@ -60,6 +62,7 @@ public class TkTenantServiceImpl extends AbstractBaseService<TenantMapper, SysTe |
| 60 | 62 | private final SysEnterpriseService sysEnterpriseService; |
| 61 | 63 | private final UserRoleMapper userRoleMapper; |
| 62 | 64 | private final TkDeviceProfileService tkDeviceProfileService; |
| 65 | + private final TkUserService tkUserService; | |
| 63 | 66 | |
| 64 | 67 | @Override |
| 65 | 68 | @Transactional |
| ... | ... | @@ -276,16 +279,28 @@ public class TkTenantServiceImpl extends AbstractBaseService<TenantMapper, SysTe |
| 276 | 279 | if (!tenantReqDTO.getTenantProfileId().isNullUid()) { |
| 277 | 280 | tenant.setTenantProfileId(tenantReqDTO.getTenantProfileId().getId().toString()); |
| 278 | 281 | } |
| 282 | + String tenantId = tenantReqDTO.getTenantId(); | |
| 279 | 283 | // update tenant role |
| 280 | 284 | // delete |
| 281 | 285 | Set<String> tenantIds = new HashSet<>(); |
| 282 | - tenantIds.add(tenantReqDTO.getTenantId()); | |
| 286 | + tenantIds.add(tenantId); | |
| 283 | 287 | freshTenantAdminRole(tenantIds, Arrays.asList(tenantReqDTO.getRoleIds())); |
| 284 | 288 | deleteTenantRolesByTenantId(tenantIds); |
| 285 | 289 | deleteTenantMenusByTenantId(tenantIds); |
| 286 | 290 | // add |
| 287 | - saveTenantMapping(tenantReqDTO.getTenantId(), tenantReqDTO.getRoleIds()); | |
| 291 | + saveTenantMapping(tenantId, tenantReqDTO.getRoleIds()); | |
| 288 | 292 | baseMapper.updateById(tenant); |
| 293 | + | |
| 294 | + //查询所有的租户管理员,并设置租户管理员的凭证 | |
| 295 | + List<UserDTO> list = tkUserService.findAllTenantAdminsByTenantId(tenantId); | |
| 296 | + if(null != list && !list.isEmpty()){ | |
| 297 | + List<UserId> tbList = new ArrayList<>(); | |
| 298 | + for (UserDTO userDTO: list){ | |
| 299 | + UserId userId = new UserId(UUID.fromString(userDTO.getTbUser())); | |
| 300 | + tbList.add(userId); | |
| 301 | + } | |
| 302 | + tkUserService.updateTenantAdminUserCredentials(tbList,tenantId,tenantReqDTO.isEnabled(),true); | |
| 303 | + } | |
| 289 | 304 | } |
| 290 | 305 | return tenant.getDTO(TenantDTO.class); |
| 291 | 306 | } | ... | ... |
| 1 | 1 | package org.thingsboard.server.dao.yunteng.service; |
| 2 | 2 | |
| 3 | +import org.thingsboard.server.common.data.id.UserId; | |
| 3 | 4 | import org.thingsboard.server.common.data.query.TsValue; |
| 4 | 5 | import org.thingsboard.server.common.data.yunteng.dto.UserDTO; |
| 5 | 6 | import org.thingsboard.server.common.data.yunteng.dto.UserDetailsDTO; |
| ... | ... | @@ -19,7 +20,7 @@ import java.util.Set; |
| 19 | 20 | import java.util.concurrent.CompletableFuture; |
| 20 | 21 | |
| 21 | 22 | public interface TkUserService { |
| 22 | - List<UserDetailsDTO> findUserDetailsByUsername(String username,String tenantId); | |
| 23 | + List<UserDetailsDTO> findUserDetailsByUsername(String username, String tenantId); | |
| 23 | 24 | |
| 24 | 25 | UserDTO saveAccount( |
| 25 | 26 | UserDTO userDTO, boolean sendEmail, boolean sendMsg, boolean isTenantAdmin, String tenantId); |
| ... | ... | @@ -31,9 +32,8 @@ public interface TkUserService { |
| 31 | 32 | UserInfoDTO me(String userId, String tenantId, Set<String> currentRoles); |
| 32 | 33 | |
| 33 | 34 | TkPageData<UserDTO> page( |
| 34 | - Map<String, Object> queryMap, | |
| 35 | - boolean isPtSysadmin, | |
| 36 | - boolean isTenantAdmin); | |
| 35 | + Map<String, Object> queryMap, boolean isPtSysadmin, boolean isTenantAdmin); | |
| 36 | + | |
| 37 | 37 | TkPageData<UserDTO> tenantPage(Map<String, Object> queryMap, String tenantId); |
| 38 | 38 | |
| 39 | 39 | UserDTO updateUser(UserDTO userDTO, boolean isPtSysadmin, String tenantId); |
| ... | ... | @@ -42,9 +42,9 @@ public interface TkUserService { |
| 42 | 42 | |
| 43 | 43 | UserDTO saveTenantAdmin(UserDTO userDTO, boolean isPtSysadmin, String tenantId); |
| 44 | 44 | |
| 45 | - void resetPassword(String userId, String tenantId,String password); | |
| 45 | + void resetPassword(String userId, String tenantId, String password); | |
| 46 | 46 | |
| 47 | - void forgetPassword(String phoneNumber,AccountReqDTO forget); | |
| 47 | + void forgetPassword(String phoneNumber, AccountReqDTO forget); | |
| 48 | 48 | |
| 49 | 49 | List<UserDetailsDTO> getUserByPhoneNumber(String phoneNumber); |
| 50 | 50 | |
| ... | ... | @@ -52,6 +52,7 @@ public interface TkUserService { |
| 52 | 52 | |
| 53 | 53 | /** |
| 54 | 54 | * 验证租户角色是否有效 |
| 55 | + * | |
| 55 | 56 | * @param tenantId |
| 56 | 57 | */ |
| 57 | 58 | List<SysTenantRoleEntity> validateTenantRole(String tenantId); |
| ... | ... | @@ -62,7 +63,7 @@ public interface TkUserService { |
| 62 | 63 | * |
| 63 | 64 | * @param msg 请求信息 |
| 64 | 65 | */ |
| 65 | - void sendRestPasswordMsg(String tenantId,SendResetPasswordEmailMsg msg); | |
| 66 | + void sendRestPasswordMsg(String tenantId, SendResetPasswordEmailMsg msg); | |
| 66 | 67 | |
| 67 | 68 | /** |
| 68 | 69 | * 判断账号是否注册过 |
| ... | ... | @@ -74,6 +75,7 @@ public interface TkUserService { |
| 74 | 75 | |
| 75 | 76 | /** |
| 76 | 77 | * 判断电话是否注册过 |
| 78 | + * | |
| 77 | 79 | * @param phoneNumber 手机号 |
| 78 | 80 | * @return |
| 79 | 81 | */ |
| ... | ... | @@ -110,6 +112,7 @@ public interface TkUserService { |
| 110 | 112 | |
| 111 | 113 | /** |
| 112 | 114 | * 修改个人中心 |
| 115 | + * | |
| 113 | 116 | * @param userDTO 修改信息 |
| 114 | 117 | * @return 修改后的信息 |
| 115 | 118 | */ |
| ... | ... | @@ -117,35 +120,50 @@ public interface TkUserService { |
| 117 | 120 | |
| 118 | 121 | /** |
| 119 | 122 | * 获取当前用户的客户 |
| 123 | + * | |
| 120 | 124 | * @param organizationId 组织ID |
| 121 | 125 | * @param tenantId 用户ID |
| 122 | 126 | * @param isTenantAdmin 是否是租户管理员 |
| 123 | 127 | * @return 租户创建的所有用户 |
| 124 | 128 | */ |
| 125 | - List<UserDTO> getMyCustomers(String organizationId,String tenantId,boolean isTenantAdmin); | |
| 129 | + List<UserDTO> getMyCustomers(String organizationId, String tenantId, boolean isTenantAdmin); | |
| 126 | 130 | |
| 127 | 131 | /** |
| 128 | 132 | * 异步获取用户列表 |
| 133 | + * | |
| 129 | 134 | * @param startTs 开始时间 |
| 130 | 135 | * @param endTs 结束时间 |
| 131 | 136 | * @param ts 时间 |
| 132 | 137 | * @return 客户信息 |
| 133 | 138 | */ |
| 134 | - CompletableFuture<TsValue> findUsersAsyncByTs(LocalDateTime startTs, LocalDateTime endTs, long ts); | |
| 139 | + CompletableFuture<TsValue> findUsersAsyncByTs( | |
| 140 | + LocalDateTime startTs, LocalDateTime endTs, long ts); | |
| 135 | 141 | |
| 136 | 142 | /** |
| 137 | 143 | * 检查账号是否存在 |
| 144 | + * | |
| 138 | 145 | * @param userId 用户ID |
| 139 | 146 | * @param level 级别:0:超级管理员;1:平台管理员;2:租户账号;3:租户下的账号 |
| 140 | 147 | * @return true 存在 false 不存在 |
| 141 | 148 | */ |
| 142 | - UserDTO checkAccount(String userId,Integer level); | |
| 149 | + UserDTO checkAccount(String userId, Integer level); | |
| 143 | 150 | |
| 144 | 151 | /** |
| 145 | 152 | * 根据租户ID查询所有的租户管理员 |
| 153 | + * | |
| 146 | 154 | * @param tenantId 租户ID |
| 147 | 155 | * @return 租户管理员列表 |
| 148 | 156 | */ |
| 149 | 157 | List<UserDTO> findAllTenantAdminsByTenantId(String tenantId); |
| 150 | 158 | |
| 159 | + /** | |
| 160 | + * 更新租户管理员的用户凭证 | |
| 161 | + * | |
| 162 | + * @param ids TB用户ID | |
| 163 | + * @param currentTenantId 租户ID | |
| 164 | + * @param userCredentialsEnabled 用户凭证的启用禁用 | |
| 165 | + * @param needUpdateStatus 是否需要更新租户管理员的状态 | |
| 166 | + */ | |
| 167 | + void updateTenantAdminUserCredentials( | |
| 168 | + List<UserId> ids, String currentTenantId, boolean userCredentialsEnabled,boolean needUpdateStatus); | |
| 151 | 169 | } | ... | ... |