修改权限控制逻辑

Pu Zhibing

2024-09-20 5b60dd29e8f0c9d82fa54051b3c22d76543a362b

修改权限控制逻辑

 ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/filter/AuthFilter.java

@@ -12,6 +12,7 @@
import org.apache.logging.log4j.core.config.Order;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
@@ -42,11 +43,20 @@
    @Resource
    private ISysUserService sysUserService;
    
    @Autowired
    private IgnoreWhiteProperties ignoreWhite;
	
    
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        // 跳过不需要验证的路径
        String url = request.getRequestURI();
        if (StringUtils.matches(url, ignoreWhite.getWhites())) {
            filterChain.doFilter(request, response);
            return;
        }
        String userid = request.getHeader("user_id");
        if(StringUtils.isEmpty(userid)){
            filterChain.doFilter(request, response);

 ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/filter/IgnoreWhiteProperties.java

New file
@@ -0,0 +1,31 @@
package com.ruoyi.system.filter;

import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Configuration;

import java.util.ArrayList;
import java.util.List;

/**
 * 放行白名单配置
 *
 * @author ruoyi
 */
@Configuration
@RefreshScope
@ConfigurationProperties(prefix = "security.ignore")
public class IgnoreWhiteProperties {
    /**
     * 放行白名单配置，网关不校验此处的白名单
     */
    private List<String> whites = new ArrayList<>();
	
    public List<String> getWhites() {
        return whites;
    }
	
    public void setWhites(List<String> whites) {
        this.whites = whites;
    }
}

 ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/controller/TAppUserController.java

@@ -799,6 +799,8 @@
        appUserService.updateById(byId);
        return R.ok();
    }
    
    
    //已签到日期
    @ApiOperation(value = "本月已签到日期", tags = {"小程序-个人中心-签到"})
    @GetMapping(value = "/user/has/sign")

 ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/AuthFilter.java

@@ -11,6 +11,7 @@
import org.apache.logging.log4j.core.config.Order;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
@@ -41,11 +42,20 @@
    @Resource
    private SysUserClient sysUserClient;

    @Autowired
    private IgnoreWhiteProperties ignoreWhite;


    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        // 跳过不需要验证的路径
        String url = request.getRequestURI();
        if (StringUtils.matches(url, ignoreWhite.getWhites())) {
            filterChain.doFilter(request, response);
            return;
        }
        String userid = request.getHeader("user_id");
        if(StringUtils.isEmpty(userid)){
            filterChain.doFilter(request, response);

 ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/IgnoreWhiteProperties.java

New file
@@ -0,0 +1,31 @@
package com.ruoyi.account.filter;

import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Configuration;

import java.util.ArrayList;
import java.util.List;

/**
 * 放行白名单配置
 *
 * @author ruoyi
 */
@Configuration
@RefreshScope
@ConfigurationProperties(prefix = "security.ignore")
public class IgnoreWhiteProperties {
    /**
     * 放行白名单配置，网关不校验此处的白名单
     */
    private List<String> whites = new ArrayList<>();
	
    public List<String> getWhites() {
        return whites;
    }
	
    public void setWhites(List<String> whites) {
        this.whites = whites;
    }
}

 ruoyi-service/ruoyi-chargingPile/src/main/java/com/ruoyi/chargingPile/filter/AuthFilter.java

@@ -11,6 +11,7 @@
import org.apache.logging.log4j.core.config.Order;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
@@ -41,11 +42,20 @@
    @Resource
    private SysUserClient sysUserClient;
    
    @Autowired
    private IgnoreWhiteProperties ignoreWhite;
	
    
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        // 跳过不需要验证的路径
        String url = request.getRequestURI();
        if (StringUtils.matches(url, ignoreWhite.getWhites())) {
            filterChain.doFilter(request, response);
            return;
        }
        String userid = request.getHeader("user_id");
        if(StringUtils.isEmpty(userid)){
            filterChain.doFilter(request, response);

 ruoyi-service/ruoyi-chargingPile/src/main/java/com/ruoyi/chargingPile/filter/IgnoreWhiteProperties.java

New file
@@ -0,0 +1,31 @@
package com.ruoyi.chargingPile.filter;

import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Configuration;

import java.util.ArrayList;
import java.util.List;

/**
 * 放行白名单配置
 *
 * @author ruoyi
 */
@Configuration
@RefreshScope
@ConfigurationProperties(prefix = "security.ignore")
public class IgnoreWhiteProperties {
    /**
     * 放行白名单配置，网关不校验此处的白名单
     */
    private List<String> whites = new ArrayList<>();
	
    public List<String> getWhites() {
        return whites;
    }
	
    public void setWhites(List<String> whites) {
        this.whites = whites;
    }
}

 ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/AuthFilter.java

@@ -11,6 +11,7 @@
import org.apache.logging.log4j.core.config.Order;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
@@ -41,11 +42,20 @@
    @Resource
    private SysUserClient sysUserClient;
    
    @Autowired
    private IgnoreWhiteProperties ignoreWhite;
	
    
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        // 跳过不需要验证的路径
        String url = request.getRequestURI();
        if (StringUtils.matches(url, ignoreWhite.getWhites())) {
            filterChain.doFilter(request, response);
            return;
        }
        String userid = request.getHeader("user_id");
        if(StringUtils.isEmpty(userid)){
            filterChain.doFilter(request, response);

 ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/IgnoreWhiteProperties.java

New file
@@ -0,0 +1,31 @@
package com.ruoyi.order.filter;

import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Configuration;

import java.util.ArrayList;
import java.util.List;

/**
 * 放行白名单配置
 *
 * @author ruoyi
 */
@Configuration
@RefreshScope
@ConfigurationProperties(prefix = "security.ignore")
public class IgnoreWhiteProperties {
    /**
     * 放行白名单配置，网关不校验此处的白名单
     */
    private List<String> whites = new ArrayList<>();
	
    public List<String> getWhites() {
        return whites;
    }
	
    public void setWhites(List<String> whites) {
        this.whites = whites;
    }
}

 ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/AuthFilter.java

@@ -11,6 +11,7 @@
import org.apache.logging.log4j.core.config.Order;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
@@ -41,11 +42,20 @@
    @Resource
    private SysUserClient sysUserClient;
    
    @Autowired
    private IgnoreWhiteProperties ignoreWhite;
	
    
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        // 跳过不需要验证的路径
        String url = request.getRequestURI();
        if (StringUtils.matches(url, ignoreWhite.getWhites())) {
            filterChain.doFilter(request, response);
            return;
        }
        String userid = request.getHeader("user_id");
        if(StringUtils.isEmpty(userid)){
            filterChain.doFilter(request, response);

 ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/IgnoreWhiteProperties.java

New file
@@ -0,0 +1,31 @@
package com.ruoyi.other.filter;

import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Configuration;

import java.util.ArrayList;
import java.util.List;

/**
 * 放行白名单配置
 *
 * @author ruoyi
 */
@Configuration
@RefreshScope
@ConfigurationProperties(prefix = "security.ignore")
public class IgnoreWhiteProperties {
    /**
     * 放行白名单配置，网关不校验此处的白名单
     */
    private List<String> whites = new ArrayList<>();
	
    public List<String> getWhites() {
        return whites;
    }
	
    public void setWhites(List<String> whites) {
        this.whites = whites;
    }
}