权限验证拦截修改

user-service/src/main/java/com/diagbot/config/security/UrlAccessDecisionManager.java

@@ -25,42 +25,11 @@ public class UrlAccessDecisionManager implements AccessDecisionManager {
     public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
         HttpServletRequest request = ((FilterInvocation) object).getHttpRequest();
         String url, method;
+        if (matchPermitAllUrl(request)) {
+            return;
+        }
         if ("anonymousUser".equals(authentication.getPrincipal())) {
-            if (matchers("/swagger/**", request)
-                    || matchers("/v2/**", request)
-                    || matchers("/swagger-ui.html/**", request)
-                    || matchers("/swagger-resources/**", request)
-                    || matchers("/webjars/**", request)
-                    || matchers("/user/getJwt/**", request)
-                    || matchers("/user/registry/**", request)
-                    || matchers("/user/test/**", request)
-                    || matchers("/druid/**", request)
-                    || matchers("/actuator/**", request)
-                    || matchers("/hystrix/**", request)
-                    || matchers("/hi/**", request)
-                    || matchers("/test/**", request)
-                    || matchers("/user/refreshJwt", request)
-                    || matchers("/user/checkToken", request)
-                    || matchers("/userver/getImgVerification", request)
-                    || matchers("/userver/verifyImgVerification", request)
-                    || matchers("/userver/getSmsWithRegister", request)
-                    || matchers("/userver/getSmsWithResetPassword", request)
-                    || matchers("/userver/verifySmsVerification", request)
-                    || matchers("/getUserEnumsData", request)
-                    || matchers("/userInfo/getUserInfoPag", request)
-                    || matchers("/user/getPermission", request)
-                    || matchers("/user/resetPassword", request)
-                    || matchers("/user/index", request)
-                    || matchers("/user/getUserByOrgName", request)
-                    || matchers("/user/getUserAndOrg", request)
-                    || matchers("/userInfo/updateUserInfoAll", request)
-                    || matchers("/userInfo/updateDeleted", request)
-
-                    || matchers("/", request)) {
-                return;
-            } else {
-                throw new AccessDeniedException("no right");
-            }
+            throw new AccessDeniedException("no right");
         } else {
             for (GrantedAuthority ga : authentication.getAuthorities()) {
                 String[] authority = ga.getAuthority().split(";");
@@ -87,6 +56,42 @@ public class UrlAccessDecisionManager implements AccessDecisionManager {
         return true;
     }
 
+    private Boolean matchPermitAllUrl(HttpServletRequest request){
+        if (matchers("/swagger/**", request)
+                || matchers("/v2/**", request)
+                || matchers("/swagger-ui.html/**", request)
+                || matchers("/swagger-resources/**", request)
+                || matchers("/webjars/**", request)
+                || matchers("/user/getJwt/**", request)
+                || matchers("/user/registry/**", request)
+                || matchers("/user/test/**", request)
+                || matchers("/druid/**", request)
+                || matchers("/actuator/**", request)
+                || matchers("/hystrix/**", request)
+                || matchers("/hi/**", request)
+                || matchers("/test/**", request)
+                || matchers("/user/refreshJwt", request)
+                || matchers("/user/checkToken", request)
+                || matchers("/userver/getImgVerification", request)
+                || matchers("/userver/verifyImgVerification", request)
+                || matchers("/userver/getSmsWithRegister", request)
+                || matchers("/userver/getSmsWithResetPassword", request)
+                || matchers("/userver/verifySmsVerification", request)
+                || matchers("/getUserEnumsData", request)
+                || matchers("/userInfo/getUserInfoPag", request)
+                || matchers("/user/getPermission", request)
+                || matchers("/user/resetPassword", request)
+                || matchers("/user/index", request)
+                || matchers("/user/getUserByOrgName", request)
+                || matchers("/user/getUserAndOrg", request)
+                || matchers("/userInfo/updateUserInfoAll", request)
+                || matchers("/userInfo/updateDeleted", request)
+
+                || matchers("/", request)) {
+            return true;
+        }
+        return false;
+    }
 
     private boolean matchers(String url, HttpServletRequest request) {
         AntPathRequestMatcher matcher = new AntPathRequestMatcher(url);