feat: 基于 springboot cache 组件修改 api 和 role 的缓存策略

Author: cadecode

simple-framework/src/main/java/top/cadecode/framework/model/mapper/SecurityApiMapper.java

@@ -16,8 +16,7 @@ public interface SecurityApiMapper {
     /**
      * 查询所有接口及其角色
      *
-     * @return url
+     * @return api 列表
      */
-    List<SecurityApiVo> listSecurityApiVo();
-
+    List<SecurityApiVo> listSecurityApiVos();
 }

simple-framework/src/main/java/top/cadecode/framework/model/service/SecurityApiService.java

@@ -0,0 +1,20 @@
+package top.cadecode.framework.model.service;
+
+import top.cadecode.framework.model.vo.SecurityApiVo;
+
+import java.util.List;
+
+/**
+ * @author Cade Li
+ * @date 2022/1/5
+ * @description spring security api service 接口
+ */
+public interface SecurityApiService {
+
+    /**
+     * 查询所有接口及其角色
+     *
+     * @return api 列表
+     */
+    List<SecurityApiVo> listSecurityApiVos();
+}

simple-framework/src/main/java/top/cadecode/framework/model/service/impl/SecurityApiServiceImpl.java

@@ -0,0 +1,28 @@
+package top.cadecode.framework.model.service.impl;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.cache.annotation.Cacheable;
+import org.springframework.stereotype.Service;
+import top.cadecode.framework.model.mapper.SecurityApiMapper;
+import top.cadecode.framework.model.service.SecurityApiService;
+import top.cadecode.framework.model.vo.SecurityApiVo;
+
+import java.util.List;
+
+/**
+ * @author Cade Li
+ * @date 2022/1/5
+ * @description spring security api service 实现
+ */
+@RequiredArgsConstructor
+@Service
+public class SecurityApiServiceImpl implements SecurityApiService {
+
+    private final SecurityApiMapper securityApiMapper;
+
+    @Cacheable(cacheNames = "apiRoleCache", cacheManager = "securityCacheManager")
+    @Override
+    public List<SecurityApiVo> listSecurityApiVos() {
+        return securityApiMapper.listSecurityApiVos();
+    }
+}

simple-framework/src/main/java/top/cadecode/framework/security/voter/DbRoleVoter.java

@@ -1,63 +1,32 @@
 package top.cadecode.framework.security.voter;
 
-import com.google.common.cache.CacheBuilder;
-import com.google.common.cache.CacheLoader;
-import com.google.common.cache.LoadingCache;
-import org.springframework.beans.factory.annotation.Autowired;
+import lombok.RequiredArgsConstructor;
 import org.springframework.security.access.ConfigAttribute;
 import org.springframework.security.access.vote.RoleVoter;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.web.FilterInvocation;
 import org.springframework.stereotype.Component;
 import org.springframework.util.AntPathMatcher;
-import top.cadecode.common.util.TokenUtil;
-import top.cadecode.framework.model.mapper.SecurityApiMapper;
+import top.cadecode.framework.model.service.SecurityApiService;
 import top.cadecode.framework.model.vo.SecurityApiVo;
 
 import java.util.Collection;
-import java.util.Collections;
 import java.util.List;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
 
 /**
  * @author Cade Li
  * @date 2021/12/15
  * @description 数据库加载权限 api 的投票器
  */
+@RequiredArgsConstructor
 @Component
 public class DbRoleVoter extends RoleVoter {
 
     // ant 匹配器
     private final AntPathMatcher antPathMatcher = new AntPathMatcher();
-    // api role 关系缓存
-    private final LoadingCache<String, List<SecurityApiVo>> apiRoleCache;
 
-    @Autowired
-    public DbRoleVoter(TokenUtil tokenUtil, SecurityApiMapper securityApiMapper) {
-        this.apiRoleCache = CacheBuilder.newBuilder()
-                .refreshAfterWrite(tokenUtil.getExpiration(), TimeUnit.SECONDS)
-                .build(new CacheLoader<String, List<SecurityApiVo>>() {
-                    @Override
-                    public List<SecurityApiVo> load(String key) {
-                        return securityApiMapper.listSecurityApiVo();
-                    }
-                });
-    }
-
-    /**
-     * 获取 api role 的关系缓存
-     *
-     * @return api role 关系列表
-     */
-    public List<SecurityApiVo> getDbRoleCache() {
-        try {
-            return apiRoleCache.get("");
-        } catch (ExecutionException e) {
-            return Collections.emptyList();
-        }
-    }
+    private final SecurityApiService securityApiService;
 
     @Override
     public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> attributes) {
@@ -68,7 +37,7 @@ public int vote(Authentication authentication, Object object, Collection<ConfigA
         FilterInvocation fi = (FilterInvocation) object;
         String requestUrl = fi.getRequestUrl();
         // 获取 api role 的关系列表
-        List<SecurityApiVo> securityApiVos = this.getDbRoleCache();
+        List<SecurityApiVo> securityApiVos = securityApiService.listSecurityApiVos();
         // 获取用户角色
         List<String> roles = authentication.getAuthorities().stream()
                 .map(authority -> authority.getAuthority().replace("ROLE_", ""))

simple-framework/src/main/resources/mapper/SecurityApiMapper.xml

@@ -9,7 +9,7 @@
             <result column="code" />
         </collection>
     </resultMap>
-    <select id="listSecurityApiVo" resultMap="SecurityApiVoMap">
+    <select id="listSecurityApiVos" resultMap="SecurityApiVoMap">
         SELECT sa.id, sa.url, sa.description, sr.code
         FROM security_api sa
                  LEFT JOIN security_role_api sra ON sra.api_id = sa.id