From 25d4f4cf023fef2cf3ea6905f2aec7784c906be3 Mon Sep 17 00:00:00 2001 From: weike6538 Date: Thu, 26 Jun 2025 18:27:23 +0800 Subject: [PATCH 1/2] =?UTF-8?q?feat(security):=20=E4=BF=AE=E5=A4=8D?= =?UTF-8?q?=E5=A4=9A=E7=A7=9F=E6=88=B7=E7=8E=AF=E5=A2=83=E4=B8=8B=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E5=88=87=E6=8D=A2=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 在 TokenAuthenticationFilter 中添加逻辑,为没有 tenantId 的用户动态设置 tenantId - 通过 AdminUserApi 获取用户信息,确保跨租户切换时能够正确获取目标租户信息 --- .../core/filter/TokenAuthenticationFilter.java | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/TokenAuthenticationFilter.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/TokenAuthenticationFilter.java index 2bf0f87..0859313 100644 --- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/TokenAuthenticationFilter.java +++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/TokenAuthenticationFilter.java @@ -13,12 +13,16 @@ import cn.iocoder.yudao.framework.web.core.handler.GlobalExceptionHandler; import cn.iocoder.yudao.framework.web.core.util.WebFrameworkUtils; import cn.iocoder.yudao.module.system.api.oauth2.OAuth2TokenApi; import cn.iocoder.yudao.module.system.api.oauth2.dto.OAuth2AccessTokenCheckRespDTO; +import cn.iocoder.yudao.module.system.api.tenant.TenantApi; +import cn.iocoder.yudao.module.system.api.user.AdminUserApi; +import cn.iocoder.yudao.module.system.api.user.dto.AdminUserRespDTO; import lombok.RequiredArgsConstructor; import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; import org.springframework.security.access.AccessDeniedException; import org.springframework.web.filter.OncePerRequestFilter; +import javax.annotation.Resource; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; @@ -43,6 +47,9 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { private final OAuth2TokenApi oauth2TokenApi; + @Resource + private AdminUserApi adminUserApi; + @Override @SuppressWarnings("NullableProblems") protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) @@ -74,6 +81,11 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { // 设置当前用户 if (loginUser != null) { + if(null == loginUser.getTenantId()){ + CommonResult user = adminUserApi.getUser(loginUser.getId()); + loginUser.setTenantId(user.getData().getTenantId()); + } + SecurityFrameworkUtils.setLoginUser(loginUser, request); } // 继续过滤链 From 318eeae8e8a7d5d6c411152da9ae573335da84a3 Mon Sep 17 00:00:00 2001 From: weike6538 Date: Thu, 3 Jul 2025 10:55:30 +0800 Subject: [PATCH 2/2] =?UTF-8?q?feat(system):=20=E5=9C=A8=20AdminUserRespDT?= =?UTF-8?q?O=20=E4=B8=AD=E6=B7=BB=E5=8A=A0=20tenantId=20=E5=AD=97=E6=AE=B5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 在 AdminUserRespDTO 类中添加 tenantId 字段,用于表示租户 ID - 该字段使用 @Schema 注解进行描述,包括 requiredMode 和 example 属性 --- .../yudao/module/system/api/user/dto/AdminUserRespDTO.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/user/dto/AdminUserRespDTO.java b/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/user/dto/AdminUserRespDTO.java index fca6cc8..380968d 100644 --- a/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/user/dto/AdminUserRespDTO.java +++ b/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/user/dto/AdminUserRespDTO.java @@ -31,4 +31,7 @@ public class AdminUserRespDTO implements VO { @Schema(description = "用户头像", requiredMode = Schema.RequiredMode.REQUIRED, example = "https://www.iocoder.cn/1.png") private String avatar; + @Schema(description = "租户id", requiredMode = Schema.RequiredMode.REQUIRED, example = "1024") + private Long tenantId; + }