fix:user tenant api

Author: msslulu

base/src/main/java/com/tinyengine/it/login/config/SSOInterceptor.java

@@ -17,9 +17,8 @@
 import com.tinyengine.it.login.utils.JwtUtil;
 import com.tinyengine.it.login.config.context.DefaultLoginUserContext;
 import com.tinyengine.it.login.model.UserInfo;
+import com.tinyengine.it.mapper.AuthUsersUnitsRolesMapper;
 import com.tinyengine.it.model.entity.Tenant;
-import com.tinyengine.it.model.entity.User;
-import com.tinyengine.it.service.app.UserService;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
@@ -39,13 +38,13 @@ public class SSOInterceptor implements HandlerInterceptor {
     @Autowired
     private JwtUtil jwtUtil;
     @Autowired
-    private UserService userService;
-
+    AuthUsersUnitsRolesMapper authUsersUnitsRolesMapper;
     @Override
     public boolean preHandle(HttpServletRequest request,
         HttpServletResponse response, Object handler) throws Exception {
 
         String authorization = request.getHeader("Authorization");
+        String org = request.getHeader("X-Lowcode-Org");
         // 如果没有token，重定向到登录页
         if (authorization == null || authorization.isEmpty()) {
             log.info("No token");
@@ -66,7 +65,6 @@ public boolean preHandle(HttpServletRequest request,
             // 从token中获取用户信息
             String username = jwtUtil.getUsernameFromToken(token);
             String userId = jwtUtil.getUserIdFromToken(token);
-            List<Tenant> tenants = jwtUtil.getTenantIdFromToken(token);
             String roles = jwtUtil.getRolesFromToken(token);
             Integer platformId = jwtUtil.getPlatformIdFromToken(token);
 
@@ -76,16 +74,30 @@ public boolean preHandle(HttpServletRequest request,
                 log.warn("User information is incomplete - username: {}, userId: {}", username, userId);
                 throw new ServiceException(ExceptionEnum.CM339.getResultCode(), ExceptionEnum.CM339.getResultMsg());
             }
-            User user = userService.queryUserById(userId);// 确认用户存在
-            if (user == null) {
-                log.warn("User not found for userId: {}", userId);
-                throw new ServiceException(ExceptionEnum.CM338.getResultCode(), ExceptionEnum.CM339.getResultMsg());
-            }
-            Integer useTenantId = user.getUseTenantId();
-            for (Tenant tenant : tenants) {
-	            tenant.setIsInUse(tenant.getId().equals(useTenantId.toString()));
+            List<Tenant> tenants= authUsersUnitsRolesMapper.queryAllTenantByUserId(Integer.valueOf(userId));
+            if(!requestURI.equals("/platform-center/api/user/me")){
+
+                if(requestURI.contains("user/tenant")){
+                    String queryString = request.getQueryString();
+                      org=queryString.split("=")[1];
+                }
+                if(tenants != null&&!org.equals("null")){
+                    boolean findOrg = false;
+                    for (Tenant tenant : tenants) {
+                        tenant.setIsInUse(tenant.getId().equals(org));
+                        if(tenant.getIsInUse()){
+                            findOrg = true;
+                        }
+                    }
+                    if(!findOrg){
+                        log.warn("X-Lowcode-Org not found in user's tenants - X-Lowcode-Org: {}", org);
+                        throw new ServiceException(ExceptionEnum.CM341.getResultCode(), ExceptionEnum.CM341.getResultMsg());
+                    }
+                }
+
             }
-// 存储用户信息到LoginUserContext
+
+            // 存储用户信息到LoginUserContext
             UserInfo userInfo = new UserInfo(userId, username, tenants);
 
             userInfo.setPlatformId(platformId != null ? platformId : 0);
@@ -100,7 +112,7 @@ public boolean preHandle(HttpServletRequest request,
         } catch (Exception e) {
             log.error("Token validation exception: {}", e.getMessage(), e);
             DefaultLoginUserContext.clear();
-            throw new ServiceException(ExceptionEnum.CM339.getResultCode(), ExceptionEnum.CM339.getResultMsg());
+            throw new ServiceException(ExceptionEnum.CM339.getResultCode(), e.getMessage());
         }
     }
 
@@ -109,6 +121,7 @@ public void afterCompletion(HttpServletRequest request,
         HttpServletResponse response, Object handler, Exception ex) {
         // 请求完成后清理用户上下文
         DefaultLoginUserContext.clear();
+
         log.debug("Cleared user context for request completion");
     }
 }

base/src/main/java/com/tinyengine/it/login/config/context/DefaultLoginUserContext.java

@@ -19,6 +19,7 @@ public class DefaultLoginUserContext implements LoginUserContext {
     private static final String DEFAULT_TENANT = "1";
 
 
+
     /**
      * 返回当前用户所在的业务租户id
      *
@@ -32,9 +33,14 @@ public String getTenantId() {
             return DEFAULT_TENANT;
         }
         for (Tenant tenant : tenantList) {
-            if (tenant.getIsInUse()!=null&&tenant.getIsInUse()) {
-                return tenant.getId();
+            if(tenant.getIsInUse()!=null){
+                if (tenant.getIsInUse()) {
+                    return tenant.getId();
+                }
+            }else{
+                return tenantList.get(0).getId();
             }
+
         }
         return DEFAULT_TENANT;
     }
@@ -69,6 +75,7 @@ public void setTenants(List<Tenant> tenants) {
         CURRENT_USER.set(userInfo);
     }
 
+
     /**
      * 设置当前用户信息
      */

base/src/main/java/com/tinyengine/it/login/controller/LoginController.java

@@ -16,13 +16,10 @@
 import com.tinyengine.it.common.context.LoginUserContext;
 import com.tinyengine.it.common.exception.ExceptionEnum;
 import com.tinyengine.it.common.log.SystemControllerLog;
+import com.tinyengine.it.login.model.*;
 import com.tinyengine.it.login.utils.JwtUtil;
 import com.tinyengine.it.login.utils.SM3PasswordUtil;
 import com.tinyengine.it.login.config.context.DefaultLoginUserContext;
-import com.tinyengine.it.login.model.PasswordResult;
-import com.tinyengine.it.login.model.PasswordValidationResult;
-import com.tinyengine.it.login.model.SSOTicket;
-import com.tinyengine.it.login.model.ValidationResult;
 import com.tinyengine.it.login.service.ConfigurablePasswordValidator;
 import com.tinyengine.it.login.service.LoginService;
 import com.tinyengine.it.login.service.TokenBlacklistService;
@@ -31,9 +28,6 @@
 import com.tinyengine.it.model.entity.Tenant;
 import com.tinyengine.it.model.entity.User;
 import com.tinyengine.it.service.app.UserService;
-import com.tinyengine.it.service.platform.TenantService;
-import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.Jwts;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Content;
@@ -265,34 +259,22 @@ public Result<SSOTicket> setTenant(@RequestParam Integer tenantId) {
             return Result.failed(ExceptionEnum.CM341);
         }
         //存储当前组织到LoginUserContext
-        loginUserContext.setTenants(tenantList);
-        // 更新用户当前使用组织
-        User user = new User();
-        user.setId(loginUserContext.getLoginUserId());
-        user.setUseTenantId(tenantId);
-        userService.updateUserById(user);
+        UserInfo currentUser = DefaultLoginUserContext.getCurrentUser();
+        currentUser.setTenants(tenantList);
+        DefaultLoginUserContext.setCurrentUser(currentUser);
 
         // 通过 RequestContextHolder 获取请求
         HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes())
             .getRequest();
         String authHeader = request.getHeader("Authorization");
-        String headerToken = jwtUtil.getTokenFromRequest(authHeader);
+       String headerToken = jwtUtil.getTokenFromRequest(authHeader);
         if (headerToken == null || headerToken.isEmpty()) {
             return Result.failed(ExceptionEnum.CM336);
         }
-        String token = jwtUtil.generateTokenWithSelectedTenant(headerToken, tenantList);
-        // 将原 token 加入黑名单
-        Claims claims = Jwts.parser()
-            .verifyWith(JwtUtil.getSecretKey())
-            .build()
-            .parseSignedClaims(headerToken)
-            .getPayload();
 
-        long expiryTime = claims.getExpiration().getTime();
-        tokenBlacklistService.blacklistToken(headerToken, expiryTime);
         // 创建SSO票据
         SSOTicket ticket = new SSOTicket();
-        ticket.setToken(token);
+        ticket.setToken(headerToken);
         ticket.setUsername(DefaultLoginUserContext.getCurrentUser().getUsername());
         ticket.setExpireTime(System.currentTimeMillis() + 3600000);
 

base/src/main/java/com/tinyengine/it/login/service/impl/LoginServiceImpl.java

@@ -70,7 +70,6 @@ public User createUser(User user) throws Exception {
         user.setSalt(cipherText);
         user.setPublicKey(publicKeyBase64);
         user.setPrivateKey(privateKeyBase64);
-        user.setUseTenantId(Integer.valueOf(loginUserContext.getTenantId()));
         baseMapper.createUser(user);
         User result = baseMapper.queryUserById(user.getId());
         result.setPrivateKey(null);

base/src/main/java/com/tinyengine/it/service/app/impl/v1/AppV1ServiceImpl.java

@@ -280,7 +280,9 @@ private List<PackagesDto> getPackages() {
      * @return the meta
      */
     public MetaDto getMetaDto(Integer id) {
-        App app = appMapper.queryAppById(id, loginUserContext.getTenantId());
+        String tenantId = loginUserContext.getTenantId();
+        log.info("Getting login user  tenant id: {}", tenantId);
+        App app = appMapper.queryAppById(id, tenantId);
         if (app == null) {
             throw new ServiceException(ExceptionEnum.CM009.getResultCode(), ExceptionEnum.CM009.getResultMsg());
         }