fix bug #91

hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/embed/EmbedAuthenticationManager.java

@@ -55,6 +55,7 @@ public class EmbedAuthenticationManager implements AuthenticationManager {
                     }
                 }
             }
+            authentications.put(id, properties.toAuthentication(dataAccessConfigBuilderFactory));
         });
     }
 
@@ -66,7 +67,7 @@ public class EmbedAuthenticationManager implements AuthenticationManager {
                             ((PlainTextUsernamePasswordAuthenticationRequest) request).getUsername().equals(user.getUsername())
                                     && ((PlainTextUsernamePasswordAuthenticationRequest) request).getPassword().equals(user.getPassword()))
                     .findFirst()
-                    .map(properties -> properties.toAuthentication(dataAccessConfigBuilderFactory))
+                    .map(properties -> authentications.get(properties.getId()))
                     .orElseThrow(() -> new ValidationException("用户不存在")));
         }
 

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-local/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthenticationManager.java

@@ -27,7 +27,6 @@ public class SimpleAuthenticationManager implements AuthenticationManager {
 
     private AuthenticationInitializeService authenticationInitializeService;
 
-
     @Setter
     @Getter
     private AuthenticationManager parent;
@@ -85,7 +84,16 @@ public class SimpleAuthenticationManager implements AuthenticationManager {
     @Override
 //    @Cacheable(value = USER_AUTH_CACHE_NAME, key = "#userId")
     public Authentication getByUserId(String userId) {
-        Supplier<Authentication> supplier = () -> authenticationInitializeService.initUserAuthorization(userId);
+        Supplier<Authentication> supplier = () -> {
+            Authentication authentication = null;
+            if (parent != null) {
+                authentication = parent.getByUserId(userId);
+            }
+            if (authentication == null) {
+                authentication = authenticationInitializeService.initUserAuthorization(userId);
+            }
+            return authentication;
+        };
 
         if (null != cacheManager) {
             Cache cache = cacheManager.getCache(USER_AUTH_CACHE_NAME);
@@ -104,6 +112,9 @@ public class SimpleAuthenticationManager implements AuthenticationManager {
     @Override
     @CachePut(value = USER_AUTH_CACHE_NAME, key = "#authentication.user.id")
     public Authentication sync(Authentication authentication) {
+        if (parent != null) {
+            parent.sync(authentication);
+        }
         return authentication;
     }
 }

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/groovy/org/hswebframework/web/authorization/starter/FixBug91Test.groovy

@@ -0,0 +1,69 @@
+package org.hswebframework.web.authorization.starter
+
+import org.hswebframework.web.authorization.AuthenticationManager
+import org.hswebframework.web.authorization.simple.PlainTextUsernamePasswordAuthenticationRequest
+import org.hswebframework.web.entity.authorization.UserEntity
+import org.hswebframework.web.service.authorization.UserService
+import org.hswebframework.web.validate.ValidationException
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.boot.test.context.SpringBootTest
+import org.springframework.context.ConfigurableApplicationContext
+import org.springframework.context.annotation.Configuration
+import org.springframework.test.context.ContextConfiguration
+import org.springframework.test.context.web.WebAppConfiguration
+import org.springframework.test.web.servlet.MockMvc
+import org.springframework.test.web.servlet.setup.MockMvcBuilders
+import spock.lang.Shared
+import spock.lang.Specification
+
+@WebAppConfiguration
+@ContextConfiguration
+@SpringBootTest(classes = [TestApplication.class], properties = ["classpath:application.yml"])
+@Configuration
+class FixBug91Test extends Specification {
+
+    @Autowired
+    private ConfigurableApplicationContext context;
+
+    @Shared
+    private MockMvc mockMvc;
+
+    @Autowired
+    private AuthenticationManager authenticationManager;
+
+    @Autowired
+    private UserService userService;
+
+    void setup() {
+        mockMvc = MockMvcBuilders.webAppContextSetup(context).build();
+        UserEntity userEntity = userService.createEntity();
+        userEntity.setName("test");
+        userEntity.setUsername("fix-bug#91");
+        userEntity.setPassword("fix-bug#91");
+        if (userService.selectByUsername("fix-bug#91") == null) {
+            userService.insert(userEntity);
+        }
+    }
+
+    boolean authenticationInitSuccess(String username, String password) {
+        try {
+            def autz = authenticationManager.authenticate(new PlainTextUsernamePasswordAuthenticationRequest(username, password));
+            if (autz != null) {
+                return null != authenticationManager.getByUserId(autz.getUser().getId());
+            }
+        } catch (ValidationException e) {
+            return false;
+        }
+        return false;
+    }
+
+    def "同时获取配置文件和数据库中的用户权限"() {
+        expect:
+        authenticationInitSuccess(username, password) == success
+        where:
+        username            | password            | success
+        "fix-bug#91"        | "fix-bug#91"        | true
+        "fix-bug-91-in-yml" | "fix-bug-91-in-yml" | true
+        "not-exists-user"   | "not-exists-user"   | false
+    }
+}

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/resources/application.yml

@@ -14,6 +14,11 @@ hsweb:
     authorize:
       sync: false
       auto-parse: false
+    users:
+      fix-bug-91-in-yml:
+        username: "fix-bug-91-in-yml"
+        password: "fix-bug-91-in-yml"
+
 logging:
   level:
     org.springframework: WARN