4 年前 · 6d07410df6
--- a/src/main/java/com/diagbot/config/ResourceServerConfigurer.java
+++ b/src/main/java/com/diagbot/config/ResourceServerConfigurer.java
@@ -26,7 +26,7 @@ import java.io.IOException;
 
				  */
			
 
				 @Configuration
			
 
				 @EnableResourceServer
			
 
				-@ComponentScan({"com.diagbot.config"})
			
 
				+@ComponentScan({ "com.diagbot.config" })
			
 
				 public class ResourceServerConfigurer extends ResourceServerConfigurerAdapter {
			
 
				     Logger log = LoggerFactory.getLogger(ResourceServerConfigurer.class);
			
 
				 
			
@@ -89,11 +89,16 @@ public class ResourceServerConfigurer extends ResourceServerConfigurerAdapter {
 
				                 .antMatchers("/sys/plan/getSysPlanInfoDatas").permitAll()
			
 
				                 .antMatchers("/sys/mrqc/analyze_run").permitAll()
			
 
				                 .antMatchers("/sys/tokenPermission/delPermission").permitAll()
			
 
				-                        .antMatchers("/sys/tokenPermission/getPermission").permitAll()
			
 
				+                .antMatchers("/sys/tokenPermission/getPermission").permitAll()
			
 
				                 .antMatchers("/push/push").permitAll()
			
 
				                 .antMatchers("/push/indicationPush").permitAll()
			
 
				+                .antMatchers("/sys/plan/getPlanInfoPages").permitAll()
			
 
				+                .antMatchers("/sys/plan/savePlanInfoDatas").permitAll()
			
 
				+                .antMatchers("/sys/plan/getSysPlanInfoDatas").permitAll()
			
 
				+                .antMatchers("/sys/plan/cancelPlanDatas").permitAll()
			
 
				+                .antMatchers("/sys/plan/revStopPlans").permitAll()
			
 
				                 .antMatchers("/**").authenticated();
			
 
				-//                .antMatchers("/**").permitAll();
			
 
				+        //                .antMatchers("/**").permitAll();
			
 
				     }
			
 
				 
			
 
				 
			
--- a/src/main/java/com/diagbot/config/security/UrlAccessDecisionManager.java
+++ b/src/main/java/com/diagbot/config/security/UrlAccessDecisionManager.java
@@ -35,7 +35,7 @@ public class UrlAccessDecisionManager implements AccessDecisionManager {
 
				         if (matchPermitAllUrl(request)) {
			
 
				             return;
			
 
				         }
			
 
				-        if ("anonymousUser".equals(authentication.getPrincipal())) {
			
 
				+        if ("anonymousUser" .equals(authentication.getPrincipal())) {
			
 
				             throw new AccessDeniedException("no right");
			
 
				         } else {
			
 
				             String tokenStr = HttpUtils.getHeaders(request).get("Authorization");
			
@@ -51,7 +51,7 @@ public class UrlAccessDecisionManager implements AccessDecisionManager {
 
				                 url = authority[0];
			
 
				                 method = authority[1];
			
 
				                 if (matchers(url, request)) {
			
 
				-                    if (method.equals(request.getMethod()) || "ALL".equals(method)) {
			
 
				+                    if (method.equals(request.getMethod()) || "ALL" .equals(method)) {
			
 
				                         return;
			
 
				                     }
			
 
				                 }
			
@@ -135,6 +135,11 @@ public class UrlAccessDecisionManager implements AccessDecisionManager {
 
				                 || matchers("/sys/tokenPermission/getPermission", request)
			
 
				                 || matchers("/push/push", request)
			
 
				                 || matchers("/push/indicationPush", request)
			
 
				+                || matchers("/sys/plan/getPlanInfoPages", request)
			
 
				+                || matchers("/sys/plan/savePlanInfoDatas", request)
			
 
				+                || matchers("/sys/plan/getSysPlanInfoDatas", request)
			
 
				+                || matchers("/sys/plan/cancelPlanDatas", request)
			
 
				+                || matchers("/sys/plan/revStopPlans", request)
			
 
				                 || matchers("/", request)) {
			
 
				             return true;
			
 
				         }