8 years ago · dbbf59376a
--- a/kanban-auth/src/main/java/com/uas/kanban/filter/SecurityInterceptor.java
+++ b/kanban-auth/src/main/java/com/uas/kanban/filter/SecurityInterceptor.java
@@ -9,7 +9,9 @@ import org.springframework.beans.factory.annotation.Autowired;
 
				 import org.springframework.stereotype.Component;

			
 
				 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

			
 
				 

			
 
				+import com.uas.kanban.exception.OperationException;

			
 
				 import com.uas.kanban.model.ResourcePoint;

			
 
				+import com.uas.kanban.model.ResourcePoint.Role;

			
 
				 import com.uas.kanban.support.SessionHelper;

			
 
				 import com.uas.kanban.support.SystemSession;

			
 
				 

			
@@ -51,6 +53,12 @@ public class SecurityInterceptor extends HandlerInterceptorAdapter {
 
				 			response.sendRedirect(contextPath + "/login");

			
 
				 			return false;

			
 
				 		}

			
 
				+		if (url.startsWith("/resourcePoint/save") || url.startsWith("/resourcePoint/update")

			
 
				+				|| url.startsWith("/resourcePoint/delete") || url.startsWith("/resourcePoint/get")) {

			
 
				+			if (resourcePoint.getRole() != Role.Admin) {

			
 
				+				throw new OperationException("不允许的操作");

			
 
				+			}

			
 
				+		}

			
 
				 		SystemSession.setResourcePoint(resourcePoint);

			
 
				 		return true;

			
 
				 	}

			
--- a/kanban-console/src/main/java/com/uas/kanban/WebAppConfiguration.java
+++ b/kanban-console/src/main/java/com/uas/kanban/WebAppConfiguration.java
@@ -123,11 +123,7 @@ public class WebAppConfiguration extends WebMvcConfigurerAdapter {
 
				 		// 排除路径，由 spring boot security 进行验证

			
 
				 		registration.excludePathPatterns("/console", "/fileUpload", "/**/delete/all", "/druid/**", "/user/**");

			
 
				 

			
 
				-		// 处理 /resourcePoint/** ，最终只验证 /resourcePoint/resetPwd

			
 
				-		// 排除路径，由 spring boot security 进行验证 /resourcePoint/save**

			
 
				-		registration.excludePathPatterns("/resourcePoint/save**", "/resourcePoint/update**", "/resourcePoint/delete**",

			
 
				-				"/resourcePoint/get**");

			
 
				-		// spring boot security 也不进行验证

			
 
				+		// 不对下列路径进行验证

			
 
				 		registration.excludePathPatterns("/resourcePoint/login", "/resourcePoint/logout", "/resourcePoint/exist");

			
 
				 	}

			
 
				 

			
--- a/kanban-console/src/main/resources/bootstrap.yml
+++ b/kanban-console/src/main/resources/bootstrap.yml
@@ -15,9 +15,9 @@ spring:
 
				 security:

			
 
				  basic:

			
 
				   enabled: true

			
 
				-  path: /console, /fileUpload, /**/delete/all, /druid/*, /user/**, /resourcePoint/**

			
 
				+  path: /console, /fileUpload, /**/delete/all, /druid/*, /user/**

			
 
				  user:

			
 
				   name: admin

			
 
				   password: select111***

			
 
				   role: ADMIN

			
 
				- ignored: /resourcePoint/login, /resourcePoint/logout, /resourcePoint/resetPwd, /resourcePoint/exist
			
 
				+ ignored: true