请结合2.0查看解决了当前问题
如何修改其他用户权限
修改用户信息没有效果等

    private final CacheManager cacheManager;
    private final RedisConnectionFactory redisConnectionFactory;
    private final AuthenticationKeyGenerator authenticationKeyGenerator = new
            DefaultAuthenticationKeyGenerator();
    private final JdkSerializationStrategy serializationStrategy = new JdkSerializationStrategy();
    
/**
	 * 动态修改自身权限，无需重新登录
	 * @return
	 */
	@PostMapping("/oneselfUpdateAuth")
	public R oneselfUpdateAuth() {
       //获取当前用户信息
		BaseUser users = SecurityUtils.getUser();

		//token存放的地方
		RedisTokenStore tokenStore = new RedisTokenStore(redisConnectionFactory);
		//设置前缀 base_oauth:
		tokenStore.setPrefix(SecurityConstants.BASE_PREFIX + SecurityConstants.OAUTH_PREFIX);
		tokenStore.setAuthenticationKeyGenerator(new DefaultAuthenticationKeyGenerator() {
			@Override
			public String extractKey(OAuth2Authentication authentication) {
				return super.extractKey(authentication) + ":" + TenantContextHolder.getTenantId();
			}
		});
		//根据id获取用户信息
		UserVO user = sysUserService.selectUserVoById(users.getId());
		//获取当前用户的认证信息
		Authentication authentication=SecurityContextHolder.getContext().getAuthentication();

		//添加权限的地方随便测试一下
		Set<GrantedAuthority> dbAuthsSet = new HashSet<>(authentication.getAuthorities());
		//增加一个权限
		dbAuthsSet.add(new SimpleGrantedAuthority("salaryother:warningteam:testroleid"));

		Collection<? extends GrantedAuthority> authorities =dbAuthsSet;



//				AuthorityUtils
//				.createAuthorityList(dbAuthsSet.toArray(new String[0]));

		//监测当前用户是否锁定
		boolean enabled = StrUtil.equals(user.getLockFlag(), CommonConstants.STATUS_NORMAL);
		// 构造security用户，SecurityConstants.BCRYPT为加密特征码
		BaseUser itduUser = new BaseUser(user.getId(), user.getOrganId(), user.getTenantId(), user.getUsername(), SecurityConstants.BCRYPT + user.getPassword(), enabled,
				true, true, CommonConstants.STATUS_NORMAL.equals(user.getLockFlag()), authorities);
		//从缓存中获取用户信息 String USER_CACHE = "user_cache";
		Cache cache = cacheManager.getCache(CacheConstants.USER_CACHE);
		if (cache != null) {
			//存入缓存
			cache.put(user.getUsername(), itduUser);
		}
		if (authentication instanceof OAuth2Authentication) {
			OAuth2Authentication originalOAuth2Authentication = (OAuth2Authentication) authentication;
			if (!originalOAuth2Authentication.isClientOnly()) {
				Authentication userAuthentication = originalOAuth2Authentication.getUserAuthentication();
				if (userAuthentication instanceof UsernamePasswordAuthenticationToken) {
					//替换用户信息
					UsernamePasswordAuthenticationToken usernamePasswordAuthentication = new UsernamePasswordAuthenticationToken(itduUser, "N_A", authorities);
					usernamePasswordAuthentication.setDetails(itduUser);
					OAuth2Authentication oauth2Authentication = new OAuth2Authentication(originalOAuth2Authentication.getOAuth2Request(), usernamePasswordAuthentication);
					oauth2Authentication.setDetails(itduUser);
					//提取秘钥
					String key = authenticationKeyGenerator.extractKey(originalOAuth2Authentication);
					//这里获取auth_to_access不知道长可以去redis看 本项目用的是 base_oauth:auth_to_access:key:tenantId 每个项目用的可能不一样
					byte[] serializedKey =  serializationStrategy.serialize(SecurityConstants.BASE_PREFIX + SecurityConstants.OAUTH_PREFIX+ "auth_to_access:"+ key+":"+user.getTenantId());
					byte[] bytes = null;
					RedisConnection conn = redisConnectionFactory.getConnection();
					try {
						bytes = conn.get(serializedKey);
					} finally {
						conn.close();
					}
					//获取到token
					OAuth2AccessToken accessToken =serializationStrategy.deserialize(bytes,OAuth2AccessToken.class);
					
					//更新这个token权限
					tokenStore.storeAccessToken(accessToken,oauth2Authentication);
				}
			}
		}


		return R.ok();
	}

测试一下

 @RequestMapping(value="/testRoleId")
    @PreAuthorize("@ato.hasAuthority('salaryother:warningteam:testroleid')")
    public R testRoleId()  {
     return R.ok("通过权限校验");
    }

定义一个没有当前权限的用户登录获取token进行测试

调用权限更新接口

重新调用接口测试权限

ok，权限已经修改完毕，重新刷新token的话权限还是存在，这个就不测了，当然如果重新登录的话，权限一样会被更新，之后失效要想永久修改那就得修改数据库