fix(系统设置): 修复用户通过api调用接口后,本身权限没有及时刷新的问题

--bug=1015603 --user=刘瑞斌 【系统设置】创建项目接口工作空间ID为空可成功创建 https://www.tapd.cn/55049933/s/1218355
This commit is contained in:
CaptainB 2022-08-03 14:29:32 +08:00 committed by f2c-ci-robot[bot]
parent 27fbe1432e
commit cad3d298cc
3 changed files with 44 additions and 0 deletions

View File

@ -14,6 +14,7 @@ import io.metersphere.dto.WorkspaceDTO;
import io.metersphere.dto.WorkspaceMemberDTO; import io.metersphere.dto.WorkspaceMemberDTO;
import io.metersphere.dto.WorkspaceResource; import io.metersphere.dto.WorkspaceResource;
import io.metersphere.log.annotation.MsAuditLog; import io.metersphere.log.annotation.MsAuditLog;
import io.metersphere.security.session.RefreshSession;
import io.metersphere.service.UserService; import io.metersphere.service.UserService;
import io.metersphere.service.WorkspaceService; import io.metersphere.service.WorkspaceService;
import org.apache.shiro.authz.annotation.Logical; import org.apache.shiro.authz.annotation.Logical;
@ -46,6 +47,7 @@ public class WorkspaceController {
@PostMapping("special/add") @PostMapping("special/add")
@MsAuditLog(module = OperLogModule.SYSTEM_WORKSPACE, type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#workspace.id)", msClass = WorkspaceService.class) @MsAuditLog(module = OperLogModule.SYSTEM_WORKSPACE, type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#workspace.id)", msClass = WorkspaceService.class)
@RequiresPermissions(PermissionConstants.SYSTEM_WORKSPACE_READ_CREATE) @RequiresPermissions(PermissionConstants.SYSTEM_WORKSPACE_READ_CREATE)
@RefreshSession
public Workspace addWorkspaceByAdmin(@RequestBody Workspace workspace) { public Workspace addWorkspaceByAdmin(@RequestBody Workspace workspace) {
return workspaceService.addWorkspaceByAdmin(workspace); return workspaceService.addWorkspaceByAdmin(workspace);
} }

View File

@ -0,0 +1,5 @@
package io.metersphere.security.session;
public @interface RefreshSession {
}

View File

@ -0,0 +1,37 @@
package io.metersphere.security.session;
import io.metersphere.commons.user.SessionUser;
import io.metersphere.commons.utils.LogUtil;
import io.metersphere.commons.utils.SessionUtils;
import io.metersphere.dto.UserDTO;
import io.metersphere.service.UserService;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.AfterReturning;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
@Aspect
@Component
public class RefreshSessionAspect {
@Resource
private UserService userService;
@Pointcut("@annotation(io.metersphere.security.session.RefreshSession)")
public void pointcut() {
}
@AfterReturning(value = "pointcut()", returning = "retValue")
public void sendNotice(JoinPoint joinPoint, Object retValue) {
try {
UserDTO userDTO = userService.getUserDTO(SessionUtils.getUserId());
SessionUtils.putUser(SessionUser.fromUser(userDTO));
} catch (Exception ignore) {
LogUtil.warn(ignore);
}
}
}