diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/SecurityConfig.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/SecurityConfig.java index a2e1797b..b88971c2 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/SecurityConfig.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/SecurityConfig.java @@ -112,9 +112,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { // 标识访问 `/home` 这个接口,需要具备`ADMIN`角色 // registry.antMatchers("/home").hasRole("ADMIN"); // 标识只能在 服务器本地ip[127.0.0.1或localhost] 访问 `/home` 这个接口,其他ip地址无法访问 - registry.antMatchers("/hrms/auth/permission/getUserRoles").hasIpAddress("127.0.0.1"); + //registry.antMatchers("/api-guarantee/dg-apply-amount-info/getRoles").hasIpAddress("127.0.0.1"); // 允许匿名的url - 可理解为放行接口 - 多个接口使用,分割 - //registry.antMatchers("/**").permitAll(); + registry.antMatchers("/**").permitAll(); + //registry.antMatchers("/api-guarantee/dg-apply-amount-info/getRoles").permitAll(); // registry.antMatchers("/**").access("hasAuthority('admin')"); // OPTIONS(选项):查找适用于一个特定网址资源的通讯选择。 在不需执行具体的涉及数据传输的动作情况下, 允许客户端来确定与资源相关的选项以及 / 或者要求, 或是一个服务器的性能 //registry.antMatchers(HttpMethod.OPTIONS, "/**").denyAll(); @@ -139,8 +140,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { */ @Override public void configure(WebSecurity web) throws Exception { - //web.ignoring().antMatchers("/**"); - web.ignoring().antMatchers("/hrms/auth/permission/getUserRoles"); + web.ignoring().antMatchers("/**"); + //web.ignoring().antMatchers("/dg-apply-amount-info/getRoles","/api-guarantee/dg-apply-amount-info/getRoles"); } } diff --git a/dq-financial-hrms/src/main/java/com/daqing/financial/hrms/DqFinancialHrmsApplication.java b/dq-financial-hrms/src/main/java/com/daqing/financial/hrms/DqFinancialHrmsApplication.java index b21c483e..391810b7 100644 --- a/dq-financial-hrms/src/main/java/com/daqing/financial/hrms/DqFinancialHrmsApplication.java +++ b/dq-financial-hrms/src/main/java/com/daqing/financial/hrms/DqFinancialHrmsApplication.java @@ -12,6 +12,7 @@ import org.springframework.scheduling.annotation.EnableScheduling; @SpringBootApplication @ComponentScan(basePackages = "com.daqing") @EnableScheduling +//@Import({SecurityConfig.class}) public class DqFinancialHrmsApplication { public static void main(String[] args) { diff --git a/dq-financial-hrms/src/main/java/com/daqing/financial/hrms/service/impl/PermissionServiceImpl.java b/dq-financial-hrms/src/main/java/com/daqing/financial/hrms/service/impl/PermissionServiceImpl.java index 99cd6d39..35a4dafc 100644 --- a/dq-financial-hrms/src/main/java/com/daqing/financial/hrms/service/impl/PermissionServiceImpl.java +++ b/dq-financial-hrms/src/main/java/com/daqing/financial/hrms/service/impl/PermissionServiceImpl.java @@ -10,6 +10,7 @@ import com.daqing.framework.domain.hrms.RolePermissionEntity; import com.daqing.framework.model.response.ResponseResult; import com.fasterxml.jackson.core.type.TypeReference; import com.fasterxml.jackson.databind.ObjectMapper; +import org.apache.commons.beanutils.BeanUtils; import org.apache.commons.beanutils.ConvertUtils; import org.springframework.stereotype.Service; import org.springframework.web.bind.annotation.RequestParam; @@ -68,7 +69,6 @@ public class PermissionServiceImpl extends ServiceImpl permissionList = new ArrayList(); - - List employeeMessage = null; - if(responseResult.getData() != null){ - employeeMessage = (List) responseResult.getData(); - } - - for(LinkedHashMap res : employeeMessage){ - permissionList.add((Integer) res.get("permissionId")); - }*/ Long[] permissionIds = permissionList.toArray(new Long[permissionList.size()]); //根据权限ids查询对应权限 List permissionEntityList = permissionMapper.queryPermissionsByIds(Arrays.asList(permissionIds)); -/* - ResponseResult responseResult2 = hrmsFeignService.queryPermissionsByIds(permissionIds); - List perList = (List) responseResult2.getData(); - //LinkedHashMap转对象 - ObjectMapper mapper = new ObjectMapper(); - List permissionEntityList = mapper.convertValue(perList, new TypeReference>() { }); -*/ - return getListDepartmentAndEmployeeTree(permissionEntityList, 0L); -/* - List list = new ArrayList(); - list.add(permissionEntityList); - list.add(roleIds);*/ - } private List getListDepartmentAndEmployeeTree(List list, Long parentId) { @@ -118,6 +94,7 @@ public class PermissionServiceImpl extends ServiceImpl (menu.getSort() == null ? 0 : menu.getSort()))) // 根据所选排序信息进行排序 .collect(Collectors.toList());