修改登录等资源权限

ee628cb0 · 赵啸非 · 9a50bbd9 · ee628cb0 · ee628cb0 · ee628cb0
Commit ee628cb0 authored Jul 27, 2024 by 赵啸非
37 changed files
--- a/one-certificate-manager/pom.xml
+++ b/one-certificate-manager/pom.xml
@@ -40,7 +40,6 @@
 		</profile>
 		<profile>
 			<id>test</id>
 			<properties>
 				<profiles.active>test</profiles.active>
 				<profiles.server.debug>-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=15505</profiles.server.debug>

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/framework/interceptor/AuthTokenServiceImpl.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/framework/interceptor/AuthTokenServiceImpl.java
@@ -7,31 +7,42 @@ import com.mortals.framework.service.ICacheService;
 import com.mortals.framework.service.IUser;
 import com.mortals.framework.util.DateUtils;
 import com.mortals.framework.util.StringUtils;
+import com.mortals.xhx.base.system.resource.service.ResourceService;
 import com.mortals.xhx.base.system.user.model.UserEntity;
+import com.mortals.xhx.base.system.user.service.UserService;
+import com.mortals.xhx.common.key.RedisKey;
+import com.mortals.xhx.common.utils.MenuEncodeUtil;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Primary;
 import org.springframework.core.annotation.Order;
 import org.springframework.stereotype.Service;
+import org.springframework.util.ObjectUtils;
 import javax.servlet.http.HttpServletRequest;
 import java.util.Base64;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.Set;
 /**
 * token验证处理
 *
 * @author zxfei
 */
+@Primary
 @Service
 @Order(1)
 @Slf4j
 public class AuthTokenServiceImpl implements IAuthTokenService {
+    @Autowired
+    private UserService userService;
    // 令牌自定义标识
    @Value("${token.header:Authorization}")
    private String header;
@@ -54,9 +65,6 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
    @Value("${token.database:0}")
    private Integer portalDb;
-    @Value("${platform.type:cloud}")
-    private String platFormType;//版本，默认云服务版本
    protected static final Long SECOND = 1l;
    protected static final Long SECOND_MINUTE = 60 * SECOND;
@@ -72,6 +80,10 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
    @Autowired
    private ICacheService cacheService;
+    @Autowired
+    private ResourceService resourceService;
    /**
     * 获取信息
     *
@@ -84,19 +96,42 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
        String token = getToken(request);
        if (StringUtils.isNotEmpty(token)) {
            try {
+                boolean signed = Jwts.parser().isSigned(token);
+                if (!signed) {
+                    log.error("token非法！=>{}", token);
+                    return null;
+                }
                Claims claims = parseToken(token);
                String uuid = (String) claims.get(SysConstains.LOGIN_USER_KEY);
                String userKey = getTokenKey(uuid);
-                cacheService.select(portalDb);
+                //cacheService.select(portalDb);
                String userStr = cacheService.get(userKey);
-                cacheService.select(db);
+       /*         RedisTemplate<String, String> redisTemplate = cacheService.selectDbRedisTemplate(portalDb);
-                if (StringUtils.isNotEmpty(userStr)) {
+                String userStr =redisTemplate.opsForValue().get(userKey);
-                    UserEntity userEntity = JSONObject.parseObject(userStr, UserEntity.class);
+*/
-                    userEntity.setToken(token);
+                //刷新token时间
+                UserEntity userEntity = JSONObject.parseObject(userStr, UserEntity.class);
+                if (!ObjectUtils.isEmpty(userEntity)) {
+                    verifyToken(userEntity);
+                }
+               // cacheService.select(db);
+                if (!ObjectUtils.isEmpty(userEntity)) {
+                    UserEntity temp = userService.getExtCache(userEntity.getLoginName());
+                    if (!ObjectUtils.isEmpty(temp)) {
+                        userEntity.setId(temp.getId());
+                    }
+                    //更新resource 路径
+                    String menuUrlCode = cacheService.hget(RedisKey.KEY_USER_MENU_CACHE, userEntity.getId().toString(), String.class);
+                    if (ObjectUtils.isEmpty(menuUrlCode)) {
+                        Set<String> urls = resourceService.findUrlSetByUserId(userEntity.getId());
+                        menuUrlCode = MenuEncodeUtil.generateMenuUrlCode(urls);
+                        cacheService.hset(RedisKey.KEY_USER_MENU_CACHE, userEntity.getId().toString(), menuUrlCode);
+                    }
+                    userEntity.setMenuUrl(menuUrlCode);
                    return userEntity;
                }
            } catch (Exception e) {
-                log.error("解析jwt token异常！", e);
+                log.error("解析jwt token异常！,token:{}",token, e);
                return null;
            }
        }
@@ -150,8 +185,8 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
    public void verifyToken(IUser user) {
        long expireTime = user.getExpireTime();
        long currentTime = System.currentTimeMillis();
-        if (expireTime - currentTime <= SECOND_MINUTE_TEN) {
+        if (expireTime - currentTime <= SECOND_MINUTE_TEN*1000) {
-            log.info("不足十分钟，刷新过期时间");
+            log.info("不足二十分钟，刷新过期时间");
            refreshToken(user);
        }
    }
@@ -163,7 +198,7 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
     */
    public void refreshToken(IUser user) {
        //user.setLoginTime(System.currentTimeMillis());
-        user.setExpireTime(user.getLoginTime() == null ? System.currentTimeMillis() : user.getLoginTime() + expireTime * SECOND_MINUTE);
+        user.setExpireTime(user.getLoginTime() == null ? System.currentTimeMillis() : user.getLoginTime() + expireTime * SECOND_MINUTE*1000);
        // 根据uuid将user缓存
        String userKey = getTokenKey(user.getToken());
        //设置有效时间 单位秒
@@ -230,4 +265,11 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
    private String getTokenKey(String uuid) {
        return SysConstains.LOGIN_TOKEN_KEY + uuid;
    }
+    public static void main(String[] args) {
+        //  boolean signed = Jwts.parser().isSigned("123");
+        boolean signed = Jwts.parser().isSigned("eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJuaW5naGFvLm5ldCIsImV4cCI6IjE0Mzg5NTU0NDUiLCJuYW1lIjoid2FuZ2hhbyIsImFkbWluIjp0cnVlfQ.SwyHTEx_RQppr97g4J5lKXtabJecpejuef8AqKYMAJc");
+        System.out.println(signed);
+    }
 }
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/framework/interceptor/AuthUserInterceptor.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/framework/interceptor/AuthUserInterceptor.java
@@ -4,12 +4,12 @@ import com.alibaba.fastjson.JSONObject;
 import com.mortals.framework.annotation.UnAuth;
 import com.mortals.framework.common.Rest;
 import com.mortals.framework.service.IAuthTokenService;
+import com.mortals.framework.service.ICacheService;
 import com.mortals.framework.service.IUser;
 import com.mortals.framework.util.AESUtil;
 import com.mortals.framework.utils.ServletUtils;
 import com.mortals.framework.web.interceptor.BaseInterceptor;
 import com.mortals.xhx.base.framework.config.InterceptorConfig;
-import com.mortals.xhx.common.code.ApiRespCodeEnum;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import org.springframework.util.ObjectUtils;
@@ -21,7 +21,6 @@ import javax.servlet.http.HttpServletResponse;
 import java.lang.reflect.Method;
 import static com.mortals.xhx.common.key.ErrorCode.*;
-import static com.mortals.xhx.common.key.ErrorCode.ERROR_USER_OPERATION_CONTENT;
 /**
 * 用户权限验证，基于token
@@ -35,6 +34,8 @@ public class AuthUserInterceptor extends BaseInterceptor {
    private InterceptorConfig config;
    @Autowired
    private IAuthTokenService authTokenService;
+    @Autowired
+    private ICacheService cacheService;
    @Override
    public int getOrder() {
@@ -74,7 +75,8 @@ public class AuthUserInterceptor extends BaseInterceptor {
                    if (ObjectUtils.isEmpty(loginUser)) {
                        ServletUtils.renderString(response, JSONObject.toJSONString(Rest.fail(ERROR_TOKEN_EXPIRED, ERROR_TOKEN_EXPIRED_CONTENT)));
                        return false;
-                    } else if (loginUser.isAdmin() || loginUser.getUserType() == 1) {
+                   // } else if (loginUser.isAdmin() || loginUser.getUserType() == 1) {
+                    } else if (loginUser.isAdmin()) {
                        return super.preHandle(request, response, handler);
                    } else {
                        ServletUtils.renderString(response, JSONObject.toJSONString(Rest.fail(ERROR_USER_OPERATION, ERROR_USER_OPERATION_CONTENT)));

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/login/web/LoginController.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/login/web/LoginController.java
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/dao/ResourceDao.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/dao/ResourceDao.java
@@ -24,7 +24,7 @@ import java.util.List;
 */
 public interface ResourceDao extends ICRUDDao<ResourceEntity,Long> {
-    public List<ResourceEntity> getListByUserId(Long userId);
+     List<ResourceEntity> getListByUserId(Long userId);
    List<ResourceEntity> getAll(int userType);
 }
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/dao/ibatis/ResourceDaoImpl.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/dao/ibatis/ResourceDaoImpl.java
@@ -8,7 +8,6 @@ import com.mortals.framework.dao.ibatis.BaseCRUDDaoMybatis;
 import com.mortals.framework.model.ParamDto;
 import com.mortals.xhx.base.system.resource.dao.ResourceDao;
 import com.mortals.xhx.base.system.resource.model.ResourceEntity;
 import org.springframework.stereotype.Repository;
 import java.util.HashMap;

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/model/ResourceEntity.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/model/ResourceEntity.java
@@ -8,10 +8,10 @@
 package com.mortals.xhx.base.system.resource.model;
-import java.util.Date;
 import com.mortals.framework.model.BaseEntityLong;
+import java.util.Date;
 /**
 * <p>Title: 资源信息</p>
 * <p>Description: ResourceEntity  </p>

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/service/ResourceService.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/service/ResourceService.java
@@ -9,7 +9,9 @@
 package com.mortals.xhx.base.system.resource.service;
+import com.mortals.framework.common.Rest;
 import com.mortals.framework.exception.AppException;
+import com.mortals.framework.model.Context;
 import com.mortals.framework.service.ICRUDService;
 import com.mortals.xhx.base.system.resource.model.ResourceEntity;
@@ -31,7 +33,7 @@ public interface ResourceService extends ICRUDService<ResourceEntity,Long> {
     * @return
     * @throws AppException
     */
-    public List<ResourceEntity> findAllEnable() throws AppException;
+     List<ResourceEntity> findAllEnable() throws AppException;
    /**
     * 根据用户查询可用资源
@@ -39,7 +41,7 @@ public interface ResourceService extends ICRUDService<ResourceEntity,Long> {
     * @return
     * @throws AppException
     */
-    public List<ResourceEntity> findListByUserId(Long userId) throws AppException;
+     List<ResourceEntity> findListByUserId(Long userId) throws AppException;
    /**
     * 查询用户可用资源
@@ -47,7 +49,7 @@ public interface ResourceService extends ICRUDService<ResourceEntity,Long> {
     * @return 字符串，多个以逗号分隔
     * @throws AppException
     */
-    public String findUrlByUserId(Long userId) throws AppException;
+     String findUrlByUserId(Long userId) throws AppException;
    /**
     * 查询用户用资源集合
@@ -55,7 +57,7 @@ public interface ResourceService extends ICRUDService<ResourceEntity,Long> {
     * @return
     * @throws AppException
     */
-    public Set<String> findUrlSetByUserId(Long userId) throws AppException;
+     Set<String> findUrlSetByUserId(Long userId) throws AppException;
    /**
     * 获取所有资源，不分页
@@ -63,4 +65,8 @@ public interface ResourceService extends ICRUDService<ResourceEntity,Long> {
     * @param userType
     */
    List<ResourceEntity> findAll(int userType);
+    Rest<String> refreshResourceUrl(String packageName, Context context);
 }
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/service/impl/ResourceServiceImpl.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/service/impl/ResourceServiceImpl.java
 /**
-* 文件：ResourceServiceImpl.java
+ * 文件：ResourceServiceImpl.java
-* 版本：1.0.0
+ * 版本：1.0.0
-* 日期：
+ * 日期：
-* Copyright &reg; 
+ * Copyright &reg;
-* All right reserved.
+ * All right reserved.
-*/
+ */
 package com.mortals.xhx.base.system.resource.service.impl;
+import com.mortals.framework.common.Rest;
 import com.mortals.framework.exception.AppException;
+import com.mortals.framework.model.Context;
+import com.mortals.framework.service.ICacheService;
 import com.mortals.framework.service.impl.AbstractCRUDServiceImpl;
+import com.mortals.framework.util.DataUtil;
 import com.mortals.framework.util.StringUtils;
 import com.mortals.xhx.base.system.resource.dao.ResourceDao;
 import com.mortals.xhx.base.system.resource.model.ResourceEntity;
 import com.mortals.xhx.base.system.resource.model.ResourceQuery;
 import com.mortals.xhx.base.system.resource.service.ResourceService;
+import com.mortals.xhx.base.system.role.model.RoleAuthEntity;
+import com.mortals.xhx.base.system.role.model.RoleAuthQuery;
+import com.mortals.xhx.base.system.role.service.RoleAuthService;
+import com.mortals.xhx.common.key.RedisKey;
+import com.mortals.xhx.common.utils.ControllerScanUtil;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Service;
+import org.springframework.util.ObjectUtils;
-import java.util.HashSet;
+import java.util.*;
-import java.util.List;
+import java.util.stream.Collectors;
-import java.util.Set;
+import static com.mortals.xhx.common.utils.MenuEncodeUtil.generateMenuUrlCode;
 /**
 * <p>Title: 资源信息</p>
 * <p>Description: ResourceServiceImpl service接口 </p>
 * <p>Copyright: Copyright &reg;  </p>
 * <p>Company: </p>
- * @author 
+ *
+ * @author
 * @version 1.0.0
 */
 @Service("resourceService")
-public class ResourceServiceImpl extends AbstractCRUDServiceImpl<ResourceDao,ResourceEntity,Long> implements ResourceService {
+public class ResourceServiceImpl extends AbstractCRUDServiceImpl<ResourceDao, ResourceEntity, Long> implements ResourceService {
+    @Autowired
+    private ICacheService cacheService;
+    @Autowired
+    @Lazy
+    private RoleAuthService roleAuthService;
    @Override
    public List<ResourceEntity> findAllEnable() throws AppException {
@@ -52,7 +72,7 @@ public class ResourceServiceImpl extends AbstractCRUDServiceImpl<ResourceDao,Res
    @Override
    public Set<String> findUrlSetByUserId(Long userId) throws AppException {
-        Set<String> urls = new HashSet<String>();
+        Set<String> urls = new HashSet<>();
        List<ResourceEntity> resList = this.findListByUserId(userId);
        for (ResourceEntity res : resList) {
            String url = res.getUrl();
@@ -69,5 +89,107 @@ public class ResourceServiceImpl extends AbstractCRUDServiceImpl<ResourceDao,Res
    public List<ResourceEntity> findAll(int userType) {
        return dao.getAll(userType);
    }
+    @Override
+    public Rest<String> refreshResourceUrl(String packageName, Context context) {
+        List<Class<?>> classList = ControllerScanUtil.getAllClassByPackageName(packageName);
+        //System.out.println(classList); //获取到了所有的类
+        List<ResourceEntity> newResourcelist = ControllerScanUtil.getAnnotationInfo(classList).stream().filter(f->!ObjectUtils.isEmpty(f.getUrl())).collect(Collectors.toList());
+        Map<String, List<ResourceEntity>> localResourceMap = this.find(new ResourceQuery()).stream().collect(Collectors.groupingBy(x -> x.getName()));
+        Map<String, List<ResourceEntity>> newResourceMap = newResourcelist.stream().collect(Collectors.groupingBy(x -> x.getName()));
+        //更新 与新增 新加的;
+        newResourceMap.entrySet().forEach(item -> {
+            List<ResourceEntity> resourceEntities = item.getValue();
+            if (ObjectUtils.isEmpty(resourceEntities)) return;
+            if (resourceEntities.size() == 1) {
+                ResourceEntity resourceEntity = resourceEntities.get(0);
+                saveUpdateResourceEntity(context, localResourceMap, resourceEntity);
+            } else if (resourceEntities.size() > 1) {
+                //原始扫描 有多个资源列表针对一个名称的
+                for (ResourceEntity resourceEntity : resourceEntities) {
+                    saveUpdateResourceEntity(context, localResourceMap, resourceEntity);
+                }
+            }
+        });
+        return Rest.ok();
+    }
+    private void saveUpdateResourceEntity(Context context, Map<String, List<ResourceEntity>> localResourceMap, ResourceEntity resourceEntity) {
+        //查找 本地是否已经存在了
+        List<ResourceEntity> tempResourceList = localResourceMap.getOrDefault(resourceEntity.getName(), new ArrayList<>());
+        if (tempResourceList.size() == 0) {
+            //新增 resource;
+            resourceEntity.setCreateUserId(this.getContextUserId(context));
+            resourceEntity.setCreateTime(new Date());
+            this.save(resourceEntity, context);
+        } else if (tempResourceList.size() == 1) {
+            //更新
+            ResourceEntity tempResource = tempResourceList.get(0);
+            Set<String> setUrl = Arrays.stream(resourceEntity.getUrl().split(",")).collect(Collectors.toSet());
+            Arrays.stream(tempResource.getUrl().split(",")).forEach(i -> {
+                setUrl.add(i);
+            });
+            tempResource.setUrl(setUrl.stream().collect(Collectors.joining(",")));
+            this.update(tempResource, context);
+        } else if (tempResourceList.size() > 1) {
+            //找到多个同名的 资源配置
+            for (ResourceEntity tempResource : tempResourceList) {
+                //模糊匹配到路径有一个存在的
+                Set<String> setUrl = Arrays.stream(resourceEntity.getUrl().split(",")).collect(Collectors.toSet());
+                String[] splitUrl = tempResource.getUrl().split(",");
+                Boolean bool = false;
+                for (int i = 0; i < splitUrl.length; i++) {
+                    if (setUrl.contains(splitUrl[i])) {
+                        bool = true;
+                        break;
+                    }
+                }
+                if (bool) {
+                    //匹配到了，更新当前这个资源
+                    Arrays.stream(tempResource.getUrl().split(",")).forEach(i -> {
+                        setUrl.add(i);
+                    });
+                    tempResource.setUrl(setUrl.stream().collect(Collectors.joining(",")));
+                    this.update(tempResource, context);
+                }
+            }
+        }
+    }
+    @Override
+    protected void updateAfter(ResourceEntity entity, Context context) throws AppException {
+        updateUserMenuUrlCache();
+    }
+    @Override
+    protected void saveAfter(ResourceEntity entity, Context context) throws AppException {
+        updateUserMenuUrlCache();
+    }
+    @Override
+    protected void removeAfter(Long[] ids, Context context, int result) throws AppException {
+        //删除关联表中数据
+        if (!ObjectUtils.isEmpty(ids)) {
+            RoleAuthQuery query = new RoleAuthQuery();
+            query.setResourceIdList(Arrays.asList(ids));
+            List<RoleAuthEntity> roleAuthEntities = roleAuthService.find(query);
+            if (!ObjectUtils.isEmpty(roleAuthEntities)) {
+                roleAuthService.remove(roleAuthEntities.stream().map(m -> m.getId()).toArray(Long[]::new), context);
+                updateUserMenuUrlCache();
+            }
+        }
+    }
+    private void updateUserMenuUrlCache() {
+        //更新用户菜单
+        Set<String> hkeys = cacheService.hkeys(RedisKey.KEY_USER_MENU_CACHE);
+        for (String userId : hkeys) {
+            Set<String> urls = this.findUrlSetByUserId(DataUtil.converStr2Long(userId, 0L));
+            String menuUrlCode = generateMenuUrlCode(urls);
+            cacheService.hset(RedisKey.KEY_USER_MENU_CACHE, userId, menuUrlCode);
+        }
+    }
 }
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/web/ResourceController.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/web/ResourceController.java
 package com.mortals.xhx.base.system.resource.web;
-import java.util.HashMap;
+import com.alibaba.fastjson.JSONObject;
-import java.util.Map;
+import com.mortals.framework.annotation.UnAuth;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
 import com.mortals.framework.common.IBaseEnum;
+import com.mortals.framework.common.Rest;
 import com.mortals.framework.common.code.UserType;
+import com.mortals.framework.exception.AppException;
+import com.mortals.framework.model.Context;
+import com.mortals.framework.model.OrderCol;
 import com.mortals.framework.web.BaseCRUDJsonBodyMappingController;
+import com.mortals.xhx.base.system.resource.model.ResourceEntity;
+import com.mortals.xhx.base.system.resource.service.ResourceService;
+import com.mortals.xhx.common.code.AuthType;
+import com.mortals.xhx.common.code.SourceType;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
-import com.alibaba.fastjson.JSONObject;
+import java.util.Arrays;
-import com.mortals.framework.model.Context;
+import java.util.HashMap;
-import com.mortals.framework.web.BaseCRUDJsonMappingController;
+import java.util.Map;
-import com.mortals.xhx.base.system.resource.model.ResourceEntity;
-import com.mortals.xhx.base.system.resource.service.ResourceService;
-import com.mortals.xhx.common.code.AuthType;
-import com.mortals.xhx.common.code.SourceType;
 /**
 * 资源信息
@@ -32,38 +33,63 @@ import com.mortals.xhx.common.code.SourceType;
 @Slf4j
 @RestController
 @RequestMapping("resource")
-public class ResourceController extends BaseCRUDJsonBodyMappingController<ResourceService,ResourceEntity,Long> {
+public class ResourceController extends BaseCRUDJsonBodyMappingController<ResourceService, ResourceEntity, Long> {
+    public ResourceController() {
+        super.setModuleDesc("资源信息");
+    }
+    @Override
+    protected void init(Map<String, Object> model, Context context) {
+        Map<String, Object> statsus = new HashMap<String, Object>();
+        statsus.put("authType", AuthType.getEnumMap());
+        statsus.put("sourceType", SourceType.getEnumMap());
+        if (getCurUser().isAdmin()) {
+            statsus.put("userType", IBaseEnum.getEnumMap(UserType.class));
+        } else {
+            statsus.put("userType", UserType.findByValue(getCurUser().getUserType()));
+        }
+        model.put(KEY_RESULT_DICT, statsus);
+    }
+    /**
+     * 获取所有资源
+     *
+     * @return
+     */
+    @PostMapping("allResources")
+    public String allResources(int userType) {
+        JSONObject ret = new JSONObject();
+        ret.put(KEY_RESULT_CODE, VALUE_RESULT_SUCCESS);
+        ret.put(KEY_RESULT_MSG, "所有的customer以及user");
+        ret.put(KEY_RESULT_DATA, service.findAll(userType));
+        return ret.toJSONString();
+    }
-	public ResourceController(){
+    @Override
-		super.setFormClass(ResourceForm.class);
+    protected void doListBefore(ResourceEntity query, Map<String, Object> model, Context context) throws AppException {
-		super.setModuleDesc("资源信息");
+        query.setOrderColList(Arrays.asList(new OrderCol("sourceType")));
-	}
+        super.doListBefore(query, model, context);
+    }
-	@Override
+    /**
-	protected void init(Map<String, Object> model, Context context) {
+     * 资源路径刷新
-		Map<String, Object> statsus = new HashMap<String, Object>();
+     */
-		statsus.put("authType", AuthType.getEnumMap());
+    @PostMapping(value = "refreshUrl")
-		statsus.put("sourceType", SourceType.getEnumMap());
+    @UnAuth
-		if (getCurUser().isAdmin()) {
+    public Rest<String> refreshUrl(@RequestParam(name = "packageName", defaultValue = "com.mortals.xhx") String packageName) {
-			statsus.put("userType",  IBaseEnum.getEnumMap(UserType.class));
+        log.info("刷新资源路径，packageName", packageName);
-		} else {
+        String busiDesc = this.getModuleDesc() + "资源路径刷新";
-			statsus.put("userType", UserType.findByValue(getCurUser().getUserType()));
+        Rest<String> rest = Rest.ok(busiDesc + " 【成功】");
-		}
+        try {
-		model.put(KEY_RESULT_DICT, statsus);
+            this.service.refreshResourceUrl(packageName, getContext());
-	}
+            recordSysLog(request, busiDesc + " 【成功】");
+        } catch (Exception e) {
+            log.error(busiDesc, e);
+            rest = Rest.fail(super.convertException(e));
+        }
+        return rest;
+    }
-	/**
-	 * 获取所有资源
-	 *
-	 * @return
-	 */
-	@PostMapping("allResources")
-	public String allResources(int userType) {
-		JSONObject ret = new JSONObject();
-		ret.put(KEY_RESULT_CODE, VALUE_RESULT_SUCCESS);
-		ret.put(KEY_RESULT_MSG, "所有的customer以及user");
-		ret.put(KEY_RESULT_DATA, service.findAll(userType));
-		return ret.toJSONString();
-	}
 }
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/web/ResourceForm.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/resource/web/ResourceForm.java
-/**
-* 文件：ResourceForm.java
-* 版本：1.0.0
-* 日期：
-* Copyright &reg; 
-* All right reserved.
-*/
-package com.mortals.xhx.base.system.resource.web;
-import com.mortals.framework.web.BaseCRUDFormLong;
-import com.mortals.xhx.base.system.resource.model.ResourceEntity;
-import com.mortals.xhx.base.system.resource.model.ResourceQuery;
-/**
- * <p>Title: 资源信息</p>
- * <p>Description: ResourceForm  </p>
- * <p>Copyright: Copyright &reg;  </p>
- * <p>Company: </p>
- * @author 
- * @version 1.0.0
- */
-public class ResourceForm extends BaseCRUDFormLong<ResourceEntity> {
-	private ResourceEntity entity = new ResourceEntity();
-	private ResourceQuery query = new ResourceQuery();
-	public ResourceForm(){
-	}
-    @Override
-	public ResourceEntity getEntity() {
-		return entity;
-	}
-	public void setEntity(ResourceEntity entity) {
-		this.entity = entity;
-	}
-	@Override
-	public ResourceQuery getQuery() {
-		return query;
-	}
-	public void setQuery(ResourceQuery query) {
-		this.query = query;
-	}
-}
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/dao/ibatis/RoleAuthDaoImpl.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/dao/ibatis/RoleAuthDaoImpl.java
@@ -11,7 +11,6 @@ package com.mortals.xhx.base.system.role.dao.ibatis;
 import com.mortals.framework.dao.ibatis.BaseCRUDDaoMybatis;
 import com.mortals.xhx.base.system.role.dao.RoleAuthDao;
 import com.mortals.xhx.base.system.role.model.RoleAuthEntity;
 import org.springframework.stereotype.Repository;
 /**

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/dao/ibatis/RoleDaoImpl.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/dao/ibatis/RoleDaoImpl.java
@@ -11,7 +11,6 @@ package com.mortals.xhx.base.system.role.dao.ibatis;
 import com.mortals.framework.dao.ibatis.BaseCRUDDaoMybatis;
 import com.mortals.xhx.base.system.role.dao.RoleDao;
 import com.mortals.xhx.base.system.role.model.RoleEntity;
 import org.springframework.stereotype.Repository;
 /**

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/dao/ibatis/RoleUserDaoImpl.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/dao/ibatis/RoleUserDaoImpl.java
@@ -11,7 +11,6 @@ package com.mortals.xhx.base.system.role.dao.ibatis;
 import com.mortals.framework.dao.ibatis.BaseCRUDDaoMybatis;
 import com.mortals.xhx.base.system.role.dao.RoleUserDao;
 import com.mortals.xhx.base.system.role.model.RoleUserEntity;
 import org.springframework.stereotype.Repository;
 /**

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/model/RoleEntity.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/model/RoleEntity.java
@@ -8,10 +8,10 @@
 package com.mortals.xhx.base.system.role.model;
-import java.util.Date;
 import com.mortals.framework.model.BaseEntityLong;
+import java.util.Date;
 /**
 * <p>Title: 角色信息</p>
 * <p>Description: RoleEntity  </p>

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/service/impl/RoleAuthServiceImpl.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/service/impl/RoleAuthServiceImpl.java
 /**
-* 文件：RoleAuthServiceImpl.java
+ * 文件：RoleAuthServiceImpl.java
-* 版本：1.0.0
+ * 版本：1.0.0
-* 日期：
+ * 日期：
-* Copyright &reg; 
+ * Copyright &reg;
-* All right reserved.
+ * All right reserved.
-*/
+ */
 package com.mortals.xhx.base.system.role.service.impl;
+import com.mortals.framework.service.ICacheService;
 import com.mortals.framework.service.impl.AbstractCRUDServiceImpl;
+import com.mortals.framework.util.DataUtil;
+import com.mortals.xhx.base.system.resource.service.ResourceService;
 import com.mortals.xhx.base.system.role.dao.RoleAuthDao;
 import com.mortals.xhx.base.system.role.model.RoleAuthEntity;
 import com.mortals.xhx.base.system.role.model.RoleAuthQuery;
 import com.mortals.xhx.base.system.role.service.RoleAuthService;
+import com.mortals.xhx.common.key.RedisKey;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Service;
-import java.util.ArrayList;
+import java.util.*;
-import java.util.HashMap;
-import java.util.List;
+import static com.mortals.xhx.common.utils.MenuEncodeUtil.generateMenuUrlCode;
-import java.util.Map;
 /**
 * <p>Title: 角色资源权限</p>
 * <p>Description: RoleAuthServiceImpl service接口 </p>
 * <p>Copyright: Copyright &reg;  </p>
 * <p>Company: </p>
- * @author 
+ * @author
 * @version 1.0.0
 */
 @Service("roleAuthService")
-public class RoleAuthServiceImpl extends AbstractCRUDServiceImpl<RoleAuthDao,RoleAuthEntity,Long> implements RoleAuthService {
+public class RoleAuthServiceImpl extends AbstractCRUDServiceImpl<RoleAuthDao, RoleAuthEntity, Long> implements RoleAuthService {
+    @Autowired
+    private ICacheService cacheService;
+    @Autowired
+    @Lazy
+    private ResourceService resourceService;
    @Override
    public void doDistributionSource(RoleAuthQuery query) {
@@ -49,6 +58,18 @@ public class RoleAuthServiceImpl extends AbstractCRUDServiceImpl<RoleAuthDao,Rol
            list.add(entity);
        }
        this.dao.insertBatch(list);
+        this.updateUserMenuUrlCache();
    }
+    private void updateUserMenuUrlCache() {
+        //更新用户菜单
+        Set<String> hkeys = cacheService.hkeys(RedisKey.KEY_USER_MENU_CACHE);
+        for (String userId : hkeys) {
+            Set<String> urls = resourceService.findUrlSetByUserId(DataUtil.converStr2Long(userId, 0L));
+            String menuUrlCode = generateMenuUrlCode(urls);
+            cacheService.hset(RedisKey.KEY_USER_MENU_CACHE, userId, menuUrlCode);
+        }
+    }
 }
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/service/impl/RoleServiceImpl.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/service/impl/RoleServiceImpl.java
@@ -15,7 +15,6 @@ import com.mortals.xhx.base.system.role.dao.RoleDao;
 import com.mortals.xhx.base.system.role.model.*;
 import com.mortals.xhx.base.system.role.service.RoleAuthService;
 import com.mortals.xhx.base.system.role.service.RoleService;
 import com.mortals.xhx.base.system.role.service.RoleUserService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/service/impl/RoleUserServiceImpl.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/service/impl/RoleUserServiceImpl.java
 /**
-* 文件：RoleUserServiceImpl.java
+ * 文件：RoleUserServiceImpl.java
-* 版本：1.0.0
+ * 版本：1.0.0
-* 日期：
+ * 日期：
-* Copyright &reg; 
+ * Copyright &reg;
-* All right reserved.
+ * All right reserved.
-*/
+ */
 package com.mortals.xhx.base.system.role.service.impl;
+import com.mortals.framework.exception.AppException;
+import com.mortals.framework.model.Context;
+import com.mortals.framework.service.ICacheService;
 import com.mortals.framework.service.impl.AbstractCRUDServiceImpl;
+import com.mortals.framework.util.DataUtil;
+import com.mortals.xhx.base.system.resource.service.ResourceService;
 import com.mortals.xhx.base.system.role.dao.RoleUserDao;
 import com.mortals.xhx.base.system.role.model.RoleUserEntity;
 import com.mortals.xhx.base.system.role.model.RoleUserQuery;
 import com.mortals.xhx.base.system.role.service.RoleUserService;
+import com.mortals.xhx.common.key.RedisKey;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
-import java.util.ArrayList;
+import java.util.*;
-import java.util.HashMap;
-import java.util.List;
+import static com.mortals.xhx.common.utils.MenuEncodeUtil.generateMenuUrlCode;
-import java.util.Map;
 /**
 * <p>Title: 角色用户</p>
 * <p>Description: RoleUserServiceImpl service接口 </p>
 * <p>Copyright: Copyright &reg;  </p>
 * <p>Company: </p>
- * @author 
+ * @author
 * @version 1.0.0
 */
 @Service("roleUserService")
-public class RoleUserServiceImpl extends AbstractCRUDServiceImpl<RoleUserDao,RoleUserEntity,Long> implements RoleUserService {
+public class RoleUserServiceImpl extends AbstractCRUDServiceImpl<RoleUserDao, RoleUserEntity, Long> implements RoleUserService {
+    @Autowired
+    private ICacheService cacheService;
+    @Autowired
+    private ResourceService resourceService;
    @Override
    public void doDistributionUser(RoleUserQuery query) {
@@ -50,6 +60,7 @@ public class RoleUserServiceImpl extends AbstractCRUDServiceImpl<RoleUserDao,Rol
            list.add(rolseUser);
        }
        this.dao.insertBatch(list);
+        updateUserMenuUrlCache();
    }
    @Override
@@ -68,8 +79,22 @@ public class RoleUserServiceImpl extends AbstractCRUDServiceImpl<RoleUserDao,Rol
            list.add(rolseUser);
        }
        this.dao.insertBatch(list);
+        updateUserMenuUrlCache();
    }
+    @Override
+    protected void removeAfter(Long[] ids, Context context, int result) throws AppException {
+        updateUserMenuUrlCache();
+    }
+    private void updateUserMenuUrlCache() {
+        //更新用户菜单
+        Set<String> hkeys = cacheService.hkeys(RedisKey.KEY_USER_MENU_CACHE);
+        for (String userId : hkeys) {
+            Set<String> urls = resourceService.findUrlSetByUserId(DataUtil.converStr2Long(userId, 0L));
+            String menuUrlCode = generateMenuUrlCode(urls);
+            cacheService.hset(RedisKey.KEY_USER_MENU_CACHE, userId, menuUrlCode);
+        }
+    }
 }
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/web/RoleAuthController.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/web/RoleAuthController.java
@@ -3,20 +3,15 @@ package com.mortals.xhx.base.system.role.web;
 import com.alibaba.fastjson.JSONObject;
 import com.mortals.framework.web.BaseCRUDJsonBodyMappingController;
+import com.mortals.xhx.base.system.role.model.RoleAuthEntity;
 import com.mortals.xhx.base.system.role.model.RoleAuthQuery;
+import com.mortals.xhx.base.system.role.service.RoleAuthService;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-import com.mortals.framework.web.BaseCRUDJsonMappingController;
-import com.mortals.xhx.base.system.role.model.RoleAuthEntity;
-import com.mortals.xhx.base.system.role.service.RoleAuthService;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
 /**
 * 角色资源权限
 *
@@ -29,7 +24,6 @@ import javax.servlet.http.HttpServletResponse;
 public class RoleAuthController extends BaseCRUDJsonBodyMappingController<RoleAuthService, RoleAuthEntity, Long> {
    public RoleAuthController() {
-        super.setFormClass(RoleAuthForm.class);
        super.setModuleDesc("角色资源权限");
    }

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/web/RoleAuthForm.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/web/RoleAuthForm.java
-/**
-* 文件：RoleAuthForm.java
-* 版本：1.0.0
-* 日期：
-* Copyright &reg; 
-* All right reserved.
-*/
-package com.mortals.xhx.base.system.role.web;
-import com.mortals.framework.web.BaseCRUDFormLong;
-import com.mortals.xhx.base.system.role.model.RoleAuthEntity;
-import com.mortals.xhx.base.system.role.model.RoleAuthQuery;
-/**
- * <p>Title: 角色资源权限</p>
- * <p>Description: RoleAuthForm  </p>
- * <p>Copyright: Copyright &reg;  </p>
- * <p>Company: </p>
- * @author 
- * @version 1.0.0
- */
-public class RoleAuthForm extends BaseCRUDFormLong<RoleAuthEntity> {
-	private RoleAuthEntity entity = new RoleAuthEntity();
-	private RoleAuthQuery query = new RoleAuthQuery();
-	public RoleAuthForm(){
-	}
-    @Override
-	public RoleAuthEntity getEntity() {
-		return entity;
-	}
-	public void setEntity(RoleAuthEntity entity) {
-		this.entity = entity;
-	}
-	@Override
-	public RoleAuthQuery getQuery() {
-		return query;
-	}
-	public void setQuery(RoleAuthQuery query) {
-		this.query = query;
-	}
-}
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/web/RoleController.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/web/RoleController.java
@@ -5,20 +5,18 @@ import com.alibaba.fastjson.JSONObject;
 import com.mortals.framework.common.IBaseEnum;
 import com.mortals.framework.common.code.UserType;
 import com.mortals.framework.model.Context;
 import com.mortals.framework.web.BaseCRUDJsonBodyMappingController;
-import com.mortals.xhx.base.system.role.model.RoleQuery;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.*;
-import com.mortals.framework.web.BaseCRUDJsonMappingController;
 import com.mortals.xhx.base.system.role.model.RoleEntity;
 import com.mortals.xhx.base.system.role.model.RoleUserEntity;
 import com.mortals.xhx.base.system.role.service.RoleService;
 import com.mortals.xhx.base.system.role.service.RoleUserService;
 import com.mortals.xhx.common.code.RoleType;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
@@ -38,7 +36,6 @@ public class RoleController extends BaseCRUDJsonBodyMappingController<RoleServic
 	private RoleUserService roleUserService;
 	public RoleController(){
-		super.setFormClass(RoleForm.class);
 		super.setModuleDesc("角色信息");
 	}

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/web/RoleForm.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/web/RoleForm.java
-/**
-* 文件：RoleForm.java
-* 版本：1.0.0
-* 日期：
-* Copyright &reg; 
-* All right reserved.
-*/
-package com.mortals.xhx.base.system.role.web;
-import com.mortals.framework.web.BaseCRUDFormLong;
-import com.mortals.xhx.base.system.role.model.RoleEntity;
-import com.mortals.xhx.base.system.role.model.RoleQuery;
-/**
- * <p>Title: 角色信息</p>
- * <p>Description: RoleForm  </p>
- * <p>Copyright: Copyright &reg;  </p>
- * <p>Company: </p>
- * @author 
- * @version 1.0.0
- */
-public class RoleForm extends BaseCRUDFormLong<RoleEntity> {
-	private RoleEntity entity = new RoleEntity();
-	private RoleQuery query = new RoleQuery();
-	/** 用户ID */
-	private Long userId;
-	public RoleForm(){
-	}
-    @Override
-	public RoleEntity getEntity() {
-		return entity;
-	}
-	public void setEntity(RoleEntity entity) {
-		this.entity = entity;
-	}
-	@Override
-	public RoleQuery getQuery() {
-		return query;
-	}
-	public void setQuery(RoleQuery query) {
-		this.query = query;
-	}
-	public Long getUserId() {
-		return userId;
-	}
-	public void setUserId(Long userId) {
-		this.userId = userId;
-	}
-}
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/web/RoleUserController.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/web/RoleUserController.java
@@ -7,26 +7,22 @@ import com.mortals.framework.ap.SysConstains;
 import com.mortals.framework.exception.AppException;
 import com.mortals.framework.model.BaseEntityLong;
 import com.mortals.framework.model.Context;
 import com.mortals.framework.web.BaseCRUDJsonBodyMappingController;
-import com.mortals.xhx.base.system.role.model.RoleUserQuery;
-import org.apache.commons.beanutils.MethodUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-import com.mortals.framework.web.BaseCRUDJsonMappingController;
 import com.mortals.xhx.base.system.role.model.RoleEntity;
 import com.mortals.xhx.base.system.role.model.RoleUserEntity;
+import com.mortals.xhx.base.system.role.model.RoleUserQuery;
 import com.mortals.xhx.base.system.role.service.RoleService;
 import com.mortals.xhx.base.system.role.service.RoleUserService;
 import com.mortals.xhx.base.system.user.model.UserEntity;
 import com.mortals.xhx.base.system.user.model.UserQuery;
 import com.mortals.xhx.base.system.user.service.UserService;
+import org.apache.commons.beanutils.MethodUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -49,7 +45,6 @@ public class RoleUserController extends BaseCRUDJsonBodyMappingController<RoleUs
    private UserService userService;
    public RoleUserController() {
-        super.setFormClass(RoleUserForm.class);
        super.setModuleDesc("角色用户");
    }

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/web/RoleUserForm.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/role/web/RoleUserForm.java
-/**
-* 文件：RoleUserForm.java
-* 版本：1.0.0
-* 日期：
-* Copyright &reg; 
-* All right reserved.
-*/
-package com.mortals.xhx.base.system.role.web;
-import com.mortals.framework.web.BaseCRUDFormLong;
-import com.mortals.xhx.base.system.role.model.RoleUserEntity;
-import com.mortals.xhx.base.system.role.model.RoleUserQuery;
-/**
- * <p>Title: 角色用户</p>
- * <p>Description: RoleUserForm  </p>
- * <p>Copyright: Copyright &reg;  </p>
- * <p>Company: </p>
- * @author 
- * @version 1.0.0
- */
-public class RoleUserForm extends BaseCRUDFormLong<RoleUserEntity> {
-	private RoleUserEntity entity = new RoleUserEntity();
-	private RoleUserQuery query = new RoleUserQuery();
-	public RoleUserForm(){
-	}
-    @Override
-	public RoleUserEntity getEntity() {
-		return entity;
-	}
-	public void setEntity(RoleUserEntity entity) {
-		this.entity = entity;
-	}
-	@Override
-	public RoleUserQuery getQuery() {
-		return query;
-	}
-	public void setQuery(RoleUserQuery query) {
-		this.query = query;
-	}
-}
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/upload/service/impl/UploadServiceImpl.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/upload/service/impl/UploadServiceImpl.java
 package com.mortals.xhx.base.system.upload.service.impl;
 import cn.hutool.core.io.FileUtil;
-import cn.hutool.core.util.IdUtil;
+import cn.hutool.core.util.StrUtil;
 import com.mortals.framework.exception.AppException;
 import com.mortals.framework.service.IUser;
 import com.mortals.framework.util.StringUtils;
@@ -48,9 +48,7 @@ public class UploadServiceImpl implements UploadService {
        if (tempFile == null || tempFile.getSize() == 0) {
            throw new AppException("没有要上传的文件！");
        }
-        if(StringUtils.isEmpty(prePath)){
-            prePath = "file/uploadfile";
-        }
        String fileName = tempFile.getOriginalFilename();
        String extension = FilenameUtils.getExtension(fileName);
        UploadFileType type = UploadFileType.getFileType(extension);
@@ -58,7 +56,7 @@ public class UploadServiceImpl implements UploadService {
            log.error("文件上传大小超过限制，当前文件---" + tempFile.getSize() + "，允许大小----------" + type.getMaxSize());
            throw new AppException("文件上传大小超过限制！");
        }
-        if (null != fileName && fileName.length() > 50) {
+        if (null != fileName && fileName.length() > 500) {
            throw new AppException("文件名称过长，无法上传！");
        }
@@ -84,7 +82,9 @@ public class UploadServiceImpl implements UploadService {
    @Override
    public String getFilePath(String path) {
-        String filePath = this.filePath.endsWith("/") ? this.filePath : this.filePath + "/";
+        String filePath = StrUtil.appendIfMissing(this.filePath, "/");
+        path =StrUtil.removePrefix(path, "/");
+        StrUtil.prependIfMissing(path, "/", "/");
        return filePath + path;
    }
@@ -152,7 +152,7 @@ public class UploadServiceImpl implements UploadService {
    @Override
    public void uploadDownload(String fileName, HttpServletResponse response) {
-        String filePath = this.filePath+ fileName;
+        String filePath =  this.getFilePath(fileName);
        try {
            response.setContentType(MediaType.APPLICATION_OCTET_STREAM_VALUE);
            setAttachmentResponseHeader(response, fileName);

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/dao/ibatis/UserDaoImpl.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/dao/ibatis/UserDaoImpl.java
@@ -8,11 +8,10 @@
 package com.mortals.xhx.base.system.user.dao.ibatis;
-import com.mortals.xhx.base.system.user.dao.UserDao;
-import com.mortals.xhx.base.system.user.model.UserEntity;
 import com.mortals.framework.dao.ibatis.BaseCRUDDaoMybatis;
 import com.mortals.framework.model.ParamDto;
+import com.mortals.xhx.base.system.user.dao.UserDao;
+import com.mortals.xhx.base.system.user.model.UserEntity;
 import org.springframework.stereotype.Repository;
 import java.util.List;

--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/model/UserEntity.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/model/UserEntity.java
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/model/UserEntityExt.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/model/UserEntityExt.java
-package com.mortals.xhx.base.system.user.model;
-import com.alibaba.fastjson.annotation.JSONField;
-import com.mortals.framework.model.BaseEntityLong;
-import lombok.Data;
-import java.util.List;
-/**
- *
- * Description:User
- * date: 2021-9-26 16:11:48
- */
-@Data
-public class UserEntityExt extends BaseEntityLong {
-    /**
-     * 唯一标识
-     */
-    @JSONField(serialize = false)
-    private String token;
-    /**
-     * 登录时间
-     */
-    private Long loginTime;
-    /**
-     * 过期时间
-     */
-    private Long expireTime;
-    private String siteName;
-    private List<Long> roleIds;
-    private String siteCode;
-    private String oldPassword;
-    private String newPassword;
-    private String siteIds;
-}
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/model/UserQuery.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/model/UserQuery.java
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/model/vo/UserVo.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/model/vo/UserVo.java
@@ -4,9 +4,6 @@ package com.mortals.xhx.base.system.user.model.vo;
 import com.mortals.framework.model.BaseEntityLong;
 import lombok.Data;
-import java.util.ArrayList;
-import java.util.List;
 /**
 * 用户信息业务视图对象
 *
@@ -39,8 +36,4 @@ public class UserVo extends BaseEntityLong {
     * 过期时间
     */
    private Long expireTime;
-    private Long siteId;
-    private Long customerId;
 }
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/service/UserService.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/service/UserService.java
 /**
- * 文件：UserService.java
+* 文件：UserService.java
- * 版本：1.0.0
+* 版本：1.0.0
- * 日期：
+* 日期：
- * Copyright &reg;
+* Copyright &reg; 
- * All right reserved.
+* All right reserved.
- */
+*/
 package com.mortals.xhx.base.system.user.service;
+import com.mortals.framework.common.Rest;
 import com.mortals.framework.exception.AppException;
 import com.mortals.framework.model.Result;
-import com.mortals.framework.service.ICRUDService;
+import com.mortals.framework.service.ICRUDCacheService;
 import com.mortals.framework.service.IUser;
 import com.mortals.xhx.base.system.menu.model.MenuEntity;
+import com.mortals.xhx.base.system.user.dao.UserDao;
 import com.mortals.xhx.base.system.user.model.UserEntity;
 import java.util.List;
@@ -23,11 +25,11 @@ import java.util.Set;
 * <p>Description: UserService service接口 </p>
 * <p>Copyright: Copyright &reg;  </p>
 * <p>Company: </p>
- * @author
+ * @author 
 * @version 1.0.0
 */
-public interface UserService extends ICRUDService<UserEntity,Long> {
+public interface UserService extends ICRUDCacheService<UserEntity,Long> {
    /**
     * 用户登录
     *
@@ -37,7 +39,7 @@ public interface UserService extends ICRUDService<UserEntity,Long> {
     * @return
     * @throws AppException
     */
-    public UserEntity doLogin(String loginName, String password, String loginIp) throws AppException;
+     UserEntity doLogin(String loginName, String password, String loginIp) throws AppException;
    /**
     * 校验用户名与密码是否正确
@@ -47,7 +49,7 @@ public interface UserService extends ICRUDService<UserEntity,Long> {
     * @return
     * @throws AppException
     */
-    public UserEntity doCheckUser(String loginName, String password) throws AppException;
+     UserEntity doCheckUser(String loginName, String password) throws AppException;
    /**
     * 检查用户是否存在
@@ -56,7 +58,7 @@ public interface UserService extends ICRUDService<UserEntity,Long> {
     * @param userId    密码
     * @return
     */
-    public boolean existUser(String loginName, Long userId) throws AppException;
+     boolean existUser(String loginName, Long userId) throws AppException;
    /**
     * 通过登录用户获取菜单功能权限
@@ -64,7 +66,7 @@ public interface UserService extends ICRUDService<UserEntity,Long> {
     * @param user
     * @return
     */
-    public List<MenuEntity> findOutlookBarList(IUser user);
+     List<MenuEntity> findOutlookBarList(IUser user);
    /**
     * 查询用户所有有权限的菜单ID
@@ -72,7 +74,7 @@ public interface UserService extends ICRUDService<UserEntity,Long> {
     * @param userEntity
     * @return
     */
-    public Set<Long> findAllAuthIds(UserEntity userEntity) throws AppException;
+     Set<Long> findAllAuthIds(UserEntity userEntity) throws AppException;
    /**
     * 查询用户记录
@@ -84,7 +86,7 @@ public interface UserService extends ICRUDService<UserEntity,Long> {
     * @return
     * @throws AppException
     */
-    public Result<UserEntity> find(Long platformId, UserEntity params, int currPage, int prePageResult) throws AppException;
+     Result<UserEntity> find(Long platformId, UserEntity params, int currPage, int prePageResult) throws AppException;
    /**
     * 为客户创建用户
@@ -99,7 +101,7 @@ public interface UserService extends ICRUDService<UserEntity,Long> {
     * @return
     * @throws AppException
     */
-    public UserEntity createUser(IUser currUser, Long customerId, String customerName, String loginName, String password,
+     UserEntity createUser(IUser currUser, Long customerId, String customerName, String loginName, String password,
                                 String userName, String mobile) throws AppException;
    /**
@@ -111,5 +113,11 @@ public interface UserService extends ICRUDService<UserEntity,Long> {
     * @return
     * @throws AppException
     */
-    public boolean updateUserPwd(String loginName, String oldPwd, String newPwd) throws AppException;
+     boolean updateUserPwd(String loginName, String oldPwd, String newPwd) throws AppException;
+     Rest<Void> refreshUser();
+      UserDao getUserDao();
 }
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/service/impl/UserServiceImpl.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/service/impl/UserServiceImpl.java
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/web/UserController.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/web/UserController.java
-/**
- * 文件：UserController.java
- * 版本：1.0.0
- * 日期：
- * Copyright &reg;
- * All right reserved.
- */
 package com.mortals.xhx.base.system.user.web;
-import java.util.HashMap;
+import com.alibaba.fastjson.JSONObject;
-import java.util.List;
+import com.mortals.framework.annotation.UnAuth;
-import java.util.Map;
-import java.util.stream.Collectors;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import com.mortals.framework.service.IUser;
-import com.mortals.framework.web.BaseCRUDJsonBodyMappingController;
-import com.mortals.xhx.base.system.role.model.RoleEntity;
-import com.mortals.xhx.base.system.role.service.RoleService;
-import com.mortals.xhx.common.code.UserStatus;
 import com.mortals.framework.common.IBaseEnum;
+import com.mortals.framework.common.Rest;
 import com.mortals.framework.common.code.UserType;
-import com.mortals.xhx.common.key.Constant;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.util.StringUtils;
-import org.springframework.web.bind.annotation.*;
-import com.alibaba.fastjson.JSONObject;
 import com.mortals.framework.exception.AppException;
 import com.mortals.framework.model.Context;
-import com.mortals.framework.web.BaseCRUDJsonMappingController;
+import com.mortals.framework.web.BaseCRUDJsonBodyMappingController;
 import com.mortals.xhx.base.framework.annotation.Operlog;
+import com.mortals.xhx.base.system.role.model.RoleQuery;
+import com.mortals.xhx.base.system.role.model.RoleUserEntity;
+import com.mortals.xhx.base.system.role.model.RoleUserQuery;
+import com.mortals.xhx.base.system.role.service.RoleService;
+import com.mortals.xhx.base.system.role.service.RoleUserService;
 import com.mortals.xhx.base.system.user.model.UserEntity;
 import com.mortals.xhx.base.system.user.service.UserService;
+import com.mortals.xhx.common.code.UserStatus;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.StringUtils;
+import org.springframework.web.bind.annotation.*;
+import java.util.Base64;
+import java.util.Map;
+import java.util.stream.Collectors;
 /**
- * <p>Title: 用户信息</p>
+ * 用户信息
- * <p>Description: UserController  </p>
+ *
- * <p>Copyright: Copyright &reg;  </p>
+ * @author: zxfei
- * <p>Company: </p>
+ * @date: 2022/5/7 15:42
- * @author
- * @version 1.0.0
 */
 @RestController
 @RequestMapping("user")
 public class UserController extends BaseCRUDJsonBodyMappingController<UserService, UserEntity, Long> {
-    @Autowired
-    private UserService userService;
    @Autowired
    private RoleService roleService;
+    @Autowired
+    private RoleUserService roleUserService;
    public UserController() {
-        super.setFormClass(UserForm.class);
        super.setModuleDesc("用户信息");
    }
    @Override
    protected void init(Map<String, Object> model, Context context) {
+        this.addDict(model, "userType", IBaseEnum.getEnumMap(UserType.class));
+        this.addDict(model, "status", UserStatus.getEnumMap());
+        this.addDict(model, "roleIds", roleService.find(new RoleQuery()).stream().collect(Collectors.toMap(x -> x.getId().toString(), y -> y.getName())));
-        this.addDict(model,"userType", IBaseEnum.getEnumMap(UserType.class));
-        this.addDict(model,"status", UserStatus.getEnumMap());
-        List<RoleEntity> roleList = roleService.find(new RoleEntity());
-        this.addDict(model,"roleId", roleList.stream().collect(Collectors.toMap(e->e.getId().toString(), e->e.getName())));
-        super.init(model, context);
    }
+    @Override
+    protected void doListBefore(UserEntity query, Map<String, Object> model, Context context) throws AppException {
+        if (!StringUtils.isEmpty(query.getRealName())) {
+            query.setRealName("%".concat(query.getRealName()).concat("%"));
+        }
+        if (!StringUtils.isEmpty(query.getLoginName())) {
+            query.setLoginName("%".concat(query.getLoginName()).concat("%"));
+        }
+    }
    @Override
    protected int editAfter(Long id, Map<String, Object> model, UserEntity entity, Context context) throws AppException {
-        entity.setLoginPwd(null);
+        RoleUserQuery roleUserQuery = new RoleUserQuery();
-        entity.setLoginPwd1(null);
+        roleUserQuery.setUserId(entity.getId());
-        entity.setLoginPwd2(null);
+        String roleIds = roleUserService.find(roleUserQuery).stream().map(RoleUserEntity::getRoleId).map(String::valueOf).collect(Collectors.joining(","));
-        entity.setLoginPwd3(null);
+        entity.setRoleIds(roleIds);
-        return 1;
+        return super.editAfter(id, model, entity, context);
    }
-    @RequestMapping(value = "change/password", method = RequestMethod.POST)
+    @Override
-    public String changePassword(@RequestBody UserEntity entity) {
+    protected int saveAfter(UserEntity entity, Map<String, Object> model, Context context) throws AppException {
+        return super.saveAfter(entity, model, context);
+    }
-        IUser user = this.getCurUser();
-        if(user == null){
+//    @Override
-            return this.createFailJsonResp("请先登录");
+//    protected void saveBefore(UserEntity entity, Map<String, Object> model, Context context) throws AppException {
-        }
+//        if (!ObjectUtils.isEmpty(entity.getLoginName()) && service.existUser(entity.getLoginName(), entity.getId())) {
+//            throw new AppException("登录名已存在！");
+//        }
+//        super.saveBefore(entity, model, context);
+//    }
+    @RequestMapping(value = "change/password", method = RequestMethod.POST)
+    @Operlog(msg = "密码修改成功!")
+    public String changePassword(@RequestParam String oldPwd, @RequestParam String newPwd) {
        JSONObject ret = new JSONObject();
        try {
-            service.updateUserPwd(super.getCurUser().getLoginName(), entity.getOldPassword(), entity.getNewPassword());
+            service.updateUserPwd(super.getCurUser().getLoginName(), oldPwd, newPwd);
            ret.put(KEY_RESULT_CODE, VALUE_RESULT_SUCCESS);
            ret.put(KEY_RESULT_MSG, "密码修改成功！");
        } catch (Exception e) {
@@ -95,4 +104,31 @@ public class UserController extends BaseCRUDJsonBodyMappingController<UserServic
        }
        return ret.toJSONString();
    }
+    @PostMapping({"refreshUser"})
+    @UnAuth
+    public Rest<Object> refreshUser() {
+        log.info("刷新用户");
+        this.service.refreshUser();
+        return Rest.ok("用户同步刷新操作成功");
+    }
+    public static void main(String[] args) {
+        String token = "eyJhbGciOiJIUzI1NiJ9.eyJsb2dpbl91c2VyX2tleSI6IjIzNGE5NDA5ZDVhOTQ3MWNhMzdkYjZkYmMwY2JjZTc5In0.MWyQW40HYDxyUz7PJRf_nRsFPWx3Hr811Ime984nixs";
+        String secret = "026db82420614469897fcc2dc1b4ce38";
+        Claims claims = Jwts.parser()
+                .setSigningKey(Base64.getEncoder().encodeToString(secret.getBytes()))
+                .parseClaimsJws(token)
+                .getBody();
+        String uuid = (String) claims.get("login_user_key");
+        System.out.println(uuid);
+    }
 }
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/web/UserForm.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/base/system/user/web/UserForm.java
-/**
-* 文件：UserForm.java
-* 版本：1.0.0
-* 日期：
-* Copyright &reg; 
-* All right reserved.
-*/
-package com.mortals.xhx.base.system.user.web;
-import com.mortals.framework.web.BaseCRUDFormLong;
-import com.mortals.xhx.base.system.user.model.UserEntity;
-import com.mortals.xhx.base.system.user.model.UserQuery;
-/**
- * <p>Title: 用户信息</p>
- * <p>Description: UserForm  </p>
- * <p>Copyright: Copyright &reg;  </p>
- * <p>Company: </p>
- * @author 
- * @version 1.0.0
- */
-public class UserForm extends BaseCRUDFormLong<UserEntity> {
-	private UserEntity entity = new UserEntity();
-	private UserQuery query = new UserQuery();
-	public UserForm(){
-	}
-    @Override
-	public UserEntity getEntity() {
-		return entity;
-	}
-	public void setEntity(UserEntity entity) {
-		this.entity = entity;
-	}
-	@Override
-	public UserQuery getQuery() {
-		return query;
-	}
-	public void setQuery(UserQuery query) {
-		this.query = query;
-	}
-}
\ No newline at end of file
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/common/key/RedisKey.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/common/key/RedisKey.java
@@ -5,9 +5,6 @@ package com.mortals.xhx.common.key;
 */
 public class RedisKey {
-    /**
+    public static final String KEY_USER_MENU_CACHE = "user:menu";
-     * 登录 cookies key
-     */
-    public static final String KEY_MENU_CACHE = "iot:base:MenuCacheKey:";
 }
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/common/utils/ControllerScanUtil.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/common/utils/ControllerScanUtil.java
--- a/one-certificate-manager/src/main/java/com/mortals/xhx/common/utils/MenuEncodeUtil.java
+++ b/one-certificate-manager/src/main/java/com/mortals/xhx/common/utils/MenuEncodeUtil.java
+package com.mortals.xhx.common.utils;
+import com.mortals.framework.ap.GlobalSysInfo;
+import com.mortals.framework.ap.SysConstains;
+import com.mortals.framework.util.AESUtil;
+import lombok.extern.slf4j.Slf4j;
+import java.util.Set;
+@Slf4j
+public class MenuEncodeUtil {
+    public static String generateMenuUrlCode(Set<String> urls) {
+        try {
+            String securityKey = GlobalSysInfo.getPropertyValue(SysConstains.PROP_COOKIE_SECURITY_KEY);
+            StringBuilder sb = new StringBuilder();
+            if (urls != null && urls.size() > 0) {
+                for (String url : urls) {
+                    int index = url.hashCode() & (Integer.MAX_VALUE - 1);
+                    sb.append(index).append(",");
+                }
+            }
+            String menuUrl = sb.toString();
+            return AESUtil.encrypt(menuUrl, securityKey);
+        } catch (Throwable e) {
+            log.error("编码异常",e);
+            return null;
+        }
+    }
+}