From ecef33ed81b7c6c59820e6f1ac620bedbce7c643 Mon Sep 17 00:00:00 2001 From: "liang.chao" <1360241448@qq.com> Date: Wed, 15 Oct 2025 16:24:04 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BB=A3=E7=A0=81=E6=8F=90=E4=BA=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../web/controller/tool/DataCollectDataController.java | 1 - .../java/com/bonus/framework/config/ResourcesConfig.java | 5 +++-- .../java/com/bonus/framework/config/SecurityConfig.java | 8 ++++---- .../framework/interceptor/ReplayAttackInterceptor.java | 3 ++- .../system/service/impl/DataCollectDataServiceImpl.java | 2 +- 5 files changed, 10 insertions(+), 9 deletions(-) diff --git a/bonus-admin/src/main/java/com/bonus/web/controller/tool/DataCollectDataController.java b/bonus-admin/src/main/java/com/bonus/web/controller/tool/DataCollectDataController.java index 4556624..badcaa7 100644 --- a/bonus-admin/src/main/java/com/bonus/web/controller/tool/DataCollectDataController.java +++ b/bonus-admin/src/main/java/com/bonus/web/controller/tool/DataCollectDataController.java @@ -45,7 +45,6 @@ public class DataCollectDataController extends BaseController { return getDataTable(list); } @SysLog(title = "数据汇集管理详情", businessType = OperaType.QUERY, module = "数据汇集管理->数据汇集管理", details = "数据汇集管理详情") - @RequiresPermissions("data:Collect:share") @GetMapping("/queryById") public AjaxResult queryById(KyDataCollectData kyDataCollectData) { Map map = dataCollectDataService.queryDetailById(kyDataCollectData); diff --git a/bonus-framework/src/main/java/com/bonus/framework/config/ResourcesConfig.java b/bonus-framework/src/main/java/com/bonus/framework/config/ResourcesConfig.java index 55b51ac..a2a803e 100644 --- a/bonus-framework/src/main/java/com/bonus/framework/config/ResourcesConfig.java +++ b/bonus-framework/src/main/java/com/bonus/framework/config/ResourcesConfig.java @@ -20,7 +20,7 @@ import com.bonus.framework.interceptor.RepeatSubmitInterceptor; /** * 通用配置 - * + * * @author bonus */ @Configuration @@ -73,6 +73,7 @@ public class ResourcesConfig implements WebMvcConfigurer .excludePathPatterns("/smartArchives/getRouters") .excludePathPatterns("/smartArchives/session/check") .excludePathPatterns("/smartArchives/sys/config/getConfig") + .excludePathPatterns("/smartArchives/data/Collect/queryById") .excludePathPatterns(EXCLUDEURLS) .order(-15); } @@ -98,4 +99,4 @@ public class ResourcesConfig implements WebMvcConfigurer // 返回新的CorsFilter return new CorsFilter(source); } -} \ No newline at end of file +} diff --git a/bonus-framework/src/main/java/com/bonus/framework/config/SecurityConfig.java b/bonus-framework/src/main/java/com/bonus/framework/config/SecurityConfig.java index 85f2d67..d11396b 100644 --- a/bonus-framework/src/main/java/com/bonus/framework/config/SecurityConfig.java +++ b/bonus-framework/src/main/java/com/bonus/framework/config/SecurityConfig.java @@ -24,7 +24,7 @@ import com.bonus.framework.security.handle.LogoutSuccessHandlerImpl; /** * spring security配置 - * + * * @author bonus */ @EnableMethodSecurity(prePostEnabled = true, securedEnabled = true) @@ -36,7 +36,7 @@ public class SecurityConfig */ @Autowired private UserDetailsService userDetailsService; - + /** * 认证失败处理类 */ @@ -54,7 +54,7 @@ public class SecurityConfig */ @Autowired private JwtAuthenticationTokenFilter authenticationTokenFilter; - + /** * 跨域过滤器 */ @@ -112,7 +112,7 @@ public class SecurityConfig .authorizeHttpRequests((requests) -> { permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll()); // 对于登录login 注册register 验证码captchaImage 允许匿名访问 - requests.antMatchers("/login", "/register", "/captchaImage","/sys/config/getConfig","/session/check").permitAll() + requests.antMatchers("/login", "/register", "/captchaImage","/sys/config/getConfig","/session/check","/data/Collect/queryById").permitAll() // 静态资源,可匿名访问 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll() .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll() diff --git a/bonus-framework/src/main/java/com/bonus/framework/interceptor/ReplayAttackInterceptor.java b/bonus-framework/src/main/java/com/bonus/framework/interceptor/ReplayAttackInterceptor.java index 754444e..c81f636 100644 --- a/bonus-framework/src/main/java/com/bonus/framework/interceptor/ReplayAttackInterceptor.java +++ b/bonus-framework/src/main/java/com/bonus/framework/interceptor/ReplayAttackInterceptor.java @@ -48,6 +48,7 @@ public class ReplayAttackInterceptor implements HandlerInterceptor { ignoreUrlPatterns.add("/smartArchives/getRouters"); ignoreUrlPatterns.add("/smartArchives/session/check"); ignoreUrlPatterns.add("/smartArchives/sys/config/getConfig"); + ignoreUrlPatterns.add("/smartArchives/data/Collect/queryById"); } private final RedisCache redisUtil; @@ -301,4 +302,4 @@ public class ReplayAttackInterceptor implements HandlerInterceptor { public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { // 可选的清理操作 } -} \ No newline at end of file +} diff --git a/bonus-system/src/main/java/com/bonus/system/service/impl/DataCollectDataServiceImpl.java b/bonus-system/src/main/java/com/bonus/system/service/impl/DataCollectDataServiceImpl.java index 837058a..2cf7279 100644 --- a/bonus-system/src/main/java/com/bonus/system/service/impl/DataCollectDataServiceImpl.java +++ b/bonus-system/src/main/java/com/bonus/system/service/impl/DataCollectDataServiceImpl.java @@ -44,7 +44,7 @@ public class DataCollectDataServiceImpl implements DataCollectDataService { JSONObject object = (JSONObject) obj; if (object != null) { String id = object.getString("id"); - if (id.equals(kyDataCollectData.getJsonId())) { + if (id.equals(kyDataCollectData.getJsonId().toString())) { Map map = (Map) object; return map; }