Merge branch 'dev' of ssh://10.10.100.21/source/saas-platform into dev

base-servers/gateway-server/src/main/java/com/usoftchina/saas/gateway/config/AuthFilter.java

@@ -12,6 +12,7 @@ import com.usoftchina.saas.exception.ExceptionCode;
 import com.usoftchina.saas.gateway.error.PermissionException;
 import com.usoftchina.saas.gateway.util.AntPathRequestMatcher;
 import com.usoftchina.saas.utils.CollectionUtils;
+import com.usoftchina.saas.utils.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.cloud.gateway.filter.GatewayFilterChain;
@@ -74,11 +75,20 @@ public class AuthFilter implements GlobalFilter, Ordered {
     private void checkPermission(ServerHttpRequest request, JwtInfo jwt, AccountDTO accountDTO) {
         if (!accountDTO.isAdmin(jwt.getCompanyId())) {
             // 非管理账户，需要鉴权
+            ResourceCache.current().hdel();
             List<UrlResourceDTO> resources = ResourceCache.current().getUrlResources();
             if (!CollectionUtils.isEmpty(resources)) {
                 // 本次请求相关的资源
                 List<UrlResourceDTO> permissions = resources.parallelStream().filter(resource -> {
-                    AntPathRequestMatcher matcher = new AntPathRequestMatcher(resource.getUrl(), resource.getMethod());
+                    if (StringUtils.isEmpty(resource.getUrl())) {
+                        return false;
+                    }
+                    //处理删除、查询时 url变动无法匹配的问题
+                    String url = resource.getUrl();
+                    if (url.substring(url.length() - 1).equals("/")) {
+                        url += "*";
+                    }
+                    AntPathRequestMatcher matcher = new AntPathRequestMatcher(url, resource.getMethod());
                     return matcher.matches(request);
                 }).collect(Collectors.toList());
                 if (!CollectionUtils.isEmpty(permissions)) {