1. xxl-job 设置虚拟用户 0 登录操作
2. Access-Control-Expose-Headers 允许暴露 content-disposition
This commit is contained in:
chenbowen
@@ -44,6 +44,10 @@
|
||||
<groupId>jakarta.validation</groupId>
|
||||
<artifactId>jakarta.validation-api</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.zt.plat</groupId>
|
||||
<artifactId>zt-spring-boot-starter-security</artifactId>
|
||||
</dependency>
|
||||
|
||||
</dependencies>
|
||||
|
||||
|
||||
@@ -35,6 +35,11 @@ public class XxlJobProperties {
|
||||
@NotNull(message = "执行器配置不能为空")
|
||||
private ExecutorProperties executor;
|
||||
|
||||
/**
|
||||
* 系统用户配置
|
||||
*/
|
||||
private SystemUserProperties systemUser = new SystemUserProperties();
|
||||
|
||||
/**
|
||||
* XXL-Job 调度器配置类
|
||||
*/
|
||||
@@ -96,4 +101,37 @@ public class XxlJobProperties {
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* XXL-Job 系统用户配置类
|
||||
*/
|
||||
@Data
|
||||
public static class SystemUserProperties {
|
||||
|
||||
/**
|
||||
* 系统用户 ID
|
||||
*/
|
||||
private Long userId = 0L;
|
||||
|
||||
/**
|
||||
* 系统用户昵称
|
||||
*/
|
||||
private String nickname = "job";
|
||||
|
||||
/**
|
||||
* 系统租户 ID
|
||||
*/
|
||||
private Long tenantId = 1L;
|
||||
|
||||
/**
|
||||
* 系统公司 ID(可选)
|
||||
*/
|
||||
private Long companyId;
|
||||
|
||||
/**
|
||||
* 系统部门 ID(可选)
|
||||
*/
|
||||
private Long deptId;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package com.zt.plat.framework.quartz.config;
|
||||
|
||||
import com.zt.plat.framework.quartz.core.handler.XxlJobSystemAuthenticationAspect;
|
||||
import com.xxl.job.core.executor.XxlJobExecutor;
|
||||
import com.xxl.job.core.executor.impl.XxlJobSpringExecutor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
@@ -9,7 +10,7 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.EnableAspectJAutoProxy;
|
||||
import org.springframework.scheduling.annotation.EnableScheduling;
|
||||
|
||||
/**
|
||||
@@ -22,6 +23,7 @@ import org.springframework.scheduling.annotation.EnableScheduling;
|
||||
@ConditionalOnProperty(prefix = "xxl.job", name = "enabled", havingValue = "true", matchIfMissing = true)
|
||||
@EnableConfigurationProperties({XxlJobProperties.class})
|
||||
@EnableScheduling // 开启 Spring 自带的定时任务
|
||||
@EnableAspectJAutoProxy // 开启 AOP
|
||||
@Slf4j
|
||||
public class ZtXxlJobAutoConfiguration {
|
||||
|
||||
@@ -44,4 +46,17 @@ public class ZtXxlJobAutoConfiguration {
|
||||
return xxlJobExecutor;
|
||||
}
|
||||
|
||||
/**
|
||||
* 配置 XXL-Job 系统认证切面
|
||||
*
|
||||
* 为 @XxlJob 注解的方法提供系统用户认证上下文
|
||||
*/
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public XxlJobSystemAuthenticationAspect xxlJobSystemAuthenticationAspect(XxlJobProperties properties) {
|
||||
log.info("[ZtXxlJobAutoConfiguration][注册 XXL-Job 系统认证切面] systemUserId=[{}], systemTenantId=[{}]",
|
||||
properties.getSystemUser().getUserId(), properties.getSystemUser().getTenantId());
|
||||
return new XxlJobSystemAuthenticationAspect(properties.getSystemUser());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -0,0 +1,119 @@
|
||||
package com.zt.plat.framework.quartz.core.handler;
|
||||
|
||||
import com.zt.plat.framework.common.enums.UserTypeEnum;
|
||||
import com.zt.plat.framework.quartz.config.XxlJobProperties;
|
||||
import com.zt.plat.framework.security.core.LoginUser;
|
||||
import com.zt.plat.framework.security.core.util.SecurityFrameworkUtils;
|
||||
import com.zt.plat.framework.web.core.util.WebFrameworkUtils;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.aspectj.lang.ProceedingJoinPoint;
|
||||
import org.aspectj.lang.annotation.Around;
|
||||
import org.aspectj.lang.annotation.Aspect;
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* XXL-Job 系统认证切面
|
||||
*
|
||||
* 为 @XxlJob 注解的方法提供系统用户认证上下文,
|
||||
* 确保 Job 方法执行时能够获取到用户信息
|
||||
*
|
||||
* @author ZT
|
||||
*/
|
||||
@Aspect
|
||||
@RequiredArgsConstructor
|
||||
@Slf4j
|
||||
@Order(-100) // 设置较高的优先级,确保在其他切面之前执行
|
||||
public class XxlJobSystemAuthenticationAspect {
|
||||
|
||||
private final XxlJobProperties.SystemUserProperties systemUserConfig;
|
||||
|
||||
@Around("@annotation(com.xxl.job.core.handler.annotation.XxlJob)")
|
||||
public Object around(ProceedingJoinPoint joinPoint) throws Throwable {
|
||||
// 获取当前登录用户
|
||||
LoginUser currentUser = SecurityFrameworkUtils.getLoginUser();
|
||||
try {
|
||||
// 如果当前没有登录用户,则设置系统用户上下文
|
||||
if (currentUser == null) {
|
||||
LoginUser systemUser = createSystemUser();
|
||||
setLoginUserForJob(systemUser);
|
||||
log.debug("[XxlJobSystemAuthenticationAspect][XXL-Job 方法执行,设置系统用户上下文] method=[{}], userId=[{}]",
|
||||
joinPoint.getSignature().toShortString(), systemUser.getId());
|
||||
} else {
|
||||
log.debug("[XxlJobSystemAuthenticationAspect][XXL-Job 方法执行,已存在用户上下文] method=[{}], userId=[{}]",
|
||||
joinPoint.getSignature().toShortString(), currentUser.getId());
|
||||
}
|
||||
|
||||
// 执行目标方法
|
||||
return joinPoint.proceed();
|
||||
|
||||
}
|
||||
catch (Exception e) {
|
||||
log.error("[XxlJobSystemAuthenticationAspect][XXL-Job 方法执行异常] method=[{}], error=[{}]",
|
||||
joinPoint.getSignature().toShortString(), e.getMessage(), e);
|
||||
throw e;
|
||||
}
|
||||
finally {
|
||||
// 如果是我们设置的系统用户,执行完毕后清理上下文
|
||||
if (currentUser == null) {
|
||||
clearLoginUserForJob();
|
||||
log.debug("[XxlJobSystemAuthenticationAspect][XXL-Job 方法执行完毕,清理系统用户上下文] method=[{}]",
|
||||
joinPoint.getSignature().toShortString());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 创建 XXL-Job 系统用户
|
||||
*/
|
||||
private LoginUser createSystemUser() {
|
||||
LoginUser systemUser = new LoginUser();
|
||||
systemUser.setId(systemUserConfig.getUserId());
|
||||
systemUser.setUserType(UserTypeEnum.ADMIN.getValue());
|
||||
systemUser.setTenantId(systemUserConfig.getTenantId());
|
||||
systemUser.setVisitTenantId(systemUserConfig.getTenantId());
|
||||
systemUser.setExpiresTime(LocalDateTime.now().plusDays(1));
|
||||
|
||||
// 设置用户信息
|
||||
Map<String, String> info = new HashMap<>();
|
||||
info.put(LoginUser.INFO_KEY_NICKNAME, systemUserConfig.getNickname());
|
||||
info.put(LoginUser.INFO_KEY_TENANT_ID, String.valueOf(systemUserConfig.getTenantId()));
|
||||
|
||||
systemUser.setInfo(info);
|
||||
|
||||
return systemUser;
|
||||
}
|
||||
|
||||
/**
|
||||
* 为 Job 设置登录用户到 Spring Security 上下文和 Web 上下文
|
||||
*/
|
||||
private void setLoginUserForJob(LoginUser loginUser) {
|
||||
// 1. 设置到 Spring Security 上下文
|
||||
Authentication authentication = new UsernamePasswordAuthenticationToken(
|
||||
loginUser, null, Collections.emptyList());
|
||||
SecurityContextHolder.getContext().setAuthentication(authentication);
|
||||
|
||||
// 2. 设置到 Web 请求上下文,供 DefaultDBFieldHandler 使用
|
||||
HttpServletRequest request = WebFrameworkUtils.getRequest();
|
||||
if (request != null) {
|
||||
WebFrameworkUtils.setLoginUserId(request, loginUser.getId());
|
||||
WebFrameworkUtils.setLoginUserType(request, loginUser.getUserType());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 清理 Job 的登录用户上下文
|
||||
*/
|
||||
private void clearLoginUserForJob() {
|
||||
SecurityContextHolder.getContext().setAuthentication(null);
|
||||
}
|
||||
}
|
||||
@@ -47,7 +47,7 @@ public class DefaultDBFieldHandler implements MetaObjectHandler {
|
||||
baseDO.setUpdateTime(current);
|
||||
}
|
||||
|
||||
Long userId = WebFrameworkUtils.getLoginUserId();
|
||||
Long userId = getUserId();
|
||||
String userNickname = SecurityFrameworkUtils.getLoginUserNickname();
|
||||
// 当前登录用户不为空,创建人为空,则当前登录用户为创建人
|
||||
if (Objects.nonNull(userId) && Objects.isNull(baseDO.getCreator())) {
|
||||
@@ -81,7 +81,7 @@ public class DefaultDBFieldHandler implements MetaObjectHandler {
|
||||
|
||||
// 当前登录用户不为空,更新人为空,则当前登录用户为更新人
|
||||
Object modifier = getFieldValByName("updater", metaObject);
|
||||
Long userId = WebFrameworkUtils.getLoginUserId();
|
||||
Long userId = getUserId();
|
||||
String userNickname = SecurityFrameworkUtils.getLoginUserNickname();
|
||||
if (Objects.nonNull(userId) && Objects.isNull(modifier)) {
|
||||
setFieldValByName("updater", userId.toString(), metaObject);
|
||||
@@ -96,6 +96,15 @@ public class DefaultDBFieldHandler implements MetaObjectHandler {
|
||||
}
|
||||
}
|
||||
|
||||
private static Long getUserId() {
|
||||
Long userId = WebFrameworkUtils.getLoginUserId();
|
||||
if (userId == null) {
|
||||
// 如果不是 http 请求发起的操作,获取不到用户,从认证中获取
|
||||
userId = SecurityFrameworkUtils.getLoginUserId();
|
||||
}
|
||||
return userId;
|
||||
}
|
||||
|
||||
private void autoFillUserNames(BusinessBaseDO businessBaseDO) {
|
||||
String userNickname = SecurityFrameworkUtils.getLoginUserNickname();
|
||||
if (Objects.nonNull(userNickname)) {
|
||||
|
||||
@@ -88,6 +88,7 @@ public class ZtWebAutoConfiguration implements WebMvcConfigurer {
|
||||
config.addAllowedOriginPattern("*"); // 设置访问源地址
|
||||
config.addAllowedHeader("*"); // 设置访问源请求头
|
||||
config.addAllowedMethod("*"); // 设置访问源请求方法
|
||||
config.addExposedHeader("content-disposition"); // 暴露 content-disposition 头,用于文件下载
|
||||
// 创建 UrlBasedCorsConfigurationSource 对象
|
||||
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
|
||||
source.registerCorsConfiguration("/**", config); // 对接口配置跨域设置
|
||||
|
||||
Reference in New Issue
Block a user