网关接口权限过滤

9817c359 · 梅存智 · e7849f85 · 9817c359 · 9817c359 · 9817c359
Commit 9817c359 authored May 22, 2025 by 梅存智
Showing with 13 additions and 5 deletions

cloud-gateWay/src/main/java/com/yizhi/application/GatewayApplication.java
+1 -1

cloud-gateWay/src/main/java/com/yizhi/application/filter/EntryFilter.java
+11 -3

cloud-gateWay/src/main/resources/bootstrap.properties
+1 -1

No files found.
--- a/cloud-gateWay/src/main/java/com/yizhi/application/GatewayApplication.java
+++ b/cloud-gateWay/src/main/java/com/yizhi/application/GatewayApplication.java
@@ -71,7 +71,7 @@ public class GatewayApplication {
 	public CorsFilter corsFilter() {
 		final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
 		final CorsConfiguration config = new CorsConfiguration();
-		config.setAllowCredentials(false); // 允许cookies跨域
+		config.setAllowCredentials(true); // 允许cookies跨域
 		config.setAllowedOrigins(zuulAllowedOrigin);// #允许向该服务器提交请求的URI，*表示全部允许，在SpringMVC中，如果设成*，会自动转成当前请求头中的Origin
 		config.addAllowedHeader("*");// #允许访问的头信息,*表示全部
 		config.setMaxAge(18000L);// 预检请求的缓存时间（秒），即在这个时间段里，对于相同的跨域请求不会再预检了

--- a/cloud-gateWay/src/main/java/com/yizhi/application/filter/EntryFilter.java
+++ b/cloud-gateWay/src/main/java/com/yizhi/application/filter/EntryFilter.java
@@ -82,7 +82,15 @@ public class EntryFilter extends BaseZuulFilter {
            "/system/manage/dashboard/accountToMonth",
            "/system/manage/dashboard/accountReadyTask",
            "/system/manage/dashboard/usedFunctions",
-            "/system/manage/site/get"
+            "/system/manage/site/get",
+            "/manage/group/list/page",
+            "/manage/systemMailbox/selectMyPage",
+            "/manage/systemMailbox/save",
+            "/manage/systemMailbox/getById",
+            "/manage/leaveWord/save",
+            "/manage/leaveWord/getById",
+            "/manage/site/classify/publication/insert",
+            "/manage/site/classify/publication/list"
    };
    /**
@@ -317,7 +325,7 @@ public class EntryFilter extends BaseZuulFilter {
                    // 获取用户权限资源
                    AuthAccountSiteModel authAccountModel = getAuthAccountSiteModel(companyId, companyCode, accountVO.getId(), siteVO.getId(), siteVO.getCode(), keyPrefix);
-                    if (null == authAccountModel) {
+                    if (null == authAccountModel && !isManagePublic(url)) {
                        logger.info("没有指定站点访问权限");
                        setFailCtx(ctx, ReturnCode.NOT_SITE_ACCESS);
                        return null;
@@ -325,7 +333,7 @@ public class EntryFilter extends BaseZuulFilter {
                    // 过滤查询可见范围、用户组织相关url
                    if (isManagePublic(url)) {
-                        if (authAccountModel.getSiteAdmin()) {
+                        if (authAccountModel != null && authAccountModel.getSiteAdmin()) {
                            admin = Boolean.TRUE;
                        }
                    } else {

--- a/cloud-gateWay/src/main/resources/bootstrap.properties
+++ b/cloud-gateWay/src/main/resources/bootstrap.properties
@@ -11,7 +11,7 @@ spring.cloud.nacos.config.server-addr=10.10.12.97:8848
 # ssl
-server.ssl.enabled=true
+server.ssl.enabled=false
 server.ssl.key-store=classpath:shanghaiairport.com.jks
 server.ssl.key-store-password=now0jsve
 server.ssl.protocol=TLSv1