动态路由

2025-10-31 22:48:08 +08:00 · 2025-10-31 22:48:08 +08:00 · d4e4beb3a7
commit d4e4beb3a7
parent f8e520e2fc
1 changed files with 17 additions and 8 deletions
--- a/backend/src/main/java/com/qqchen/deploy/backend/system/service/impl/UserDetailsServiceImpl.java
+++ b/backend/src/main/java/com/qqchen/deploy/backend/system/service/impl/UserDetailsServiceImpl.java
@ -2,9 +2,11 @@ package com.qqchen.deploy.backend.system.service.impl;

 import com.qqchen.deploy.backend.framework.security.CustomUserDetails;
 import com.qqchen.deploy.backend.system.entity.User;
+import com.qqchen.deploy.backend.system.repository.IPermissionRepository;
 import com.qqchen.deploy.backend.system.repository.IUserRepository;
 import jakarta.annotation.Resource;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.hibernate.Hibernate;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
@ -23,12 +25,16 @@ import java.util.stream.Collectors;
 * @author qqchen
 * @date 2025-10-25
 */
+@Slf4j
@Service
@RequiredArgsConstructor
 public class UserDetailsServiceImpl implements UserDetailsService {

    @Resource
    private final IUserRepository userRepository;
+    
+    @Resource
+    private final IPermissionRepository permissionRepository;

    @Override
    @Transactional(readOnly = true)
@ -36,19 +42,23 @@ public class UserDetailsServiceImpl implements UserDetailsService {
        User user = userRepository.findByUsernameAndDeletedFalse(username)
                .orElseThrow(() -> new UsernameNotFoundException("用户不存在: " + username));
        
-        // ✅ 从数据库加载用户实际权限
+        // ✅ 批量加载用户权限(避免N+1查询)
        Hibernate.initialize(user.getRoles());  // 加载角色
        
-        List<SimpleGrantedAuthority> authorities = user.getRoles().stream()
-            .flatMap(role -> {
-                Hibernate.initialize(role.getPermissions());  // 加载权限
-                return role.getPermissions().stream();
-            })
+        List<Long> roleIds = user.getRoles().stream()
+            .map(role -> role.getId())
+            .collect(Collectors.toList());
+        
+        // 使用原生SQL批量查询所有权限(1次查询,避免N+1问题)
+        List<SimpleGrantedAuthority> authorities = permissionRepository.findByRoleIds(roleIds).stream()
            .map(permission -> new SimpleGrantedAuthority(permission.getCode()))
            .distinct()
            .collect(Collectors.toList());
        
-        // 返回自定义 UserDetails，包含用户ID等扩展信息
+        log.debug("加载用户 {} 的权限: {} 个角色, {} 个权限", 
+            username, roleIds.size(), authorities.size());
+        
+        // 返回自定义 UserDetails,包含用户ID等扩展信息
        return new CustomUserDetails(
                user.getId(),                // 用户ID
                user.getUsername(),          // 用户名
@ -58,4 +68,3 @@ public class UserDetailsServiceImpl implements UserDetailsService {
        );
    }
 }
-