refactor(resource): 接口放行
parent
477d1c0dea
commit
ecc03229bd
|
|
@ -85,7 +85,7 @@ public class ModelCommentController {
|
||||||
* 获取模型评论
|
* 获取模型评论
|
||||||
*/
|
*/
|
||||||
@ApiOperation(value = "获取模型评论")
|
@ApiOperation(value = "获取模型评论")
|
||||||
@GetMapping("/comment")
|
@GetMapping("/getComment")
|
||||||
@Valid
|
@Valid
|
||||||
public R<List<ModelCommentVo>> getComment(@Valid
|
public R<List<ModelCommentVo>> getComment(@Valid
|
||||||
@NotNull(message = "模型id不能为空")
|
@NotNull(message = "模型id不能为空")
|
||||||
|
|
|
||||||
|
|
@ -74,7 +74,7 @@ public class ModelImageCommentController {
|
||||||
* 获取图片评论
|
* 获取图片评论
|
||||||
*/
|
*/
|
||||||
@ApiOperation(value = "获取图片评论")
|
@ApiOperation(value = "获取图片评论")
|
||||||
@GetMapping("/comment")
|
@GetMapping("/getComment")
|
||||||
@Valid
|
@Valid
|
||||||
public R<List<ModelImageCommentVo>> getComment(@Valid
|
public R<List<ModelImageCommentVo>> getComment(@Valid
|
||||||
@NotNull(message = "图片id不能为空")
|
@NotNull(message = "图片id不能为空")
|
||||||
|
|
|
||||||
|
|
@ -84,7 +84,7 @@ public class WorkFlowCommentController {
|
||||||
* 获取工作流评论
|
* 获取工作流评论
|
||||||
*/
|
*/
|
||||||
@ApiOperation(value = "获取工作流评论")
|
@ApiOperation(value = "获取工作流评论")
|
||||||
@GetMapping("/comment")
|
@GetMapping("/getComment")
|
||||||
public R<List<WorkFlowCommentVo>> getComment(@Valid
|
public R<List<WorkFlowCommentVo>> getComment(@Valid
|
||||||
@NotNull(message = "模型id不能为空")
|
@NotNull(message = "模型id不能为空")
|
||||||
@ApiParam(value = "模型id", required = true)
|
@ApiParam(value = "模型id", required = true)
|
||||||
|
|
|
||||||
|
|
@ -30,8 +30,7 @@ import org.springframework.web.filter.CorsFilter;
|
||||||
*/
|
*/
|
||||||
@EnableMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
@EnableMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
||||||
@Configuration
|
@Configuration
|
||||||
public class SecurityConfig
|
public class SecurityConfig {
|
||||||
{
|
|
||||||
/**
|
/**
|
||||||
* 自定义用户认证逻辑
|
* 自定义用户认证逻辑
|
||||||
*/
|
*/
|
||||||
|
|
@ -79,8 +78,7 @@ public class SecurityConfig
|
||||||
* 身份验证实现
|
* 身份验证实现
|
||||||
*/
|
*/
|
||||||
@Bean
|
@Bean
|
||||||
public AuthenticationManager authenticationManager()
|
public AuthenticationManager authenticationManager() {
|
||||||
{
|
|
||||||
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
|
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
|
||||||
daoAuthenticationProvider.setUserDetailsService(userDetailsService);
|
daoAuthenticationProvider.setUserDetailsService(userDetailsService);
|
||||||
daoAuthenticationProvider.setPasswordEncoder(bCryptPasswordEncoder());
|
daoAuthenticationProvider.setPasswordEncoder(bCryptPasswordEncoder());
|
||||||
|
|
@ -112,8 +110,7 @@ public class SecurityConfig
|
||||||
* authenticated | 用户登录后可访问
|
* authenticated | 用户登录后可访问
|
||||||
*/
|
*/
|
||||||
@Bean
|
@Bean
|
||||||
protected SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception
|
protected SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
|
||||||
{
|
|
||||||
return httpSecurity
|
return httpSecurity
|
||||||
// CSRF禁用,因为不使用session
|
// CSRF禁用,因为不使用session
|
||||||
.csrf(csrf -> csrf.disable())
|
.csrf(csrf -> csrf.disable())
|
||||||
|
|
@ -129,9 +126,30 @@ public class SecurityConfig
|
||||||
.authorizeHttpRequests((requests) -> {
|
.authorizeHttpRequests((requests) -> {
|
||||||
permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
|
permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
|
||||||
// 对于登录login 注册register 验证码captchaImage 允许匿名访问
|
// 对于登录login 注册register 验证码captchaImage 允许匿名访问
|
||||||
requests.antMatchers("/login", "/register", "/captchaImage","/ali/pay/doPay","/ali/pay/notify",
|
requests.antMatchers("/login",
|
||||||
"/ali/pay/callback","/file/**","/model/modelSquare","/image/imageList","/WorkFlow/workFlowList",
|
"/register",
|
||||||
"/system/dict/data/type/**").permitAll()
|
"/captchaImage",
|
||||||
|
"/ali/pay/doPay",
|
||||||
|
"/ali/pay/notify",
|
||||||
|
"/ali/pay/callback",
|
||||||
|
"/file/**",
|
||||||
|
"/model/modelSquare",
|
||||||
|
"/model/selectModelById",
|
||||||
|
"/model/finbyid",
|
||||||
|
"/ModelVersion/finbyid",
|
||||||
|
"/ModelComment/getComment",
|
||||||
|
"/ModelComment/commentCount",
|
||||||
|
"/WorkFlow/workFlowList",
|
||||||
|
"/WorkFlow/selectWorkFlowById",
|
||||||
|
"/WorkFlowComment/getComment",
|
||||||
|
"/image/imageList",
|
||||||
|
"/image/detail",
|
||||||
|
"/imageComment/getComment",
|
||||||
|
"/system/user/selectUserById",
|
||||||
|
"/system/dict/data/type/**",
|
||||||
|
"/attention/selectAttention",
|
||||||
|
"/attention/selectUserInfo"
|
||||||
|
).permitAll()
|
||||||
// 静态资源,可匿名访问
|
// 静态资源,可匿名访问
|
||||||
.antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
|
.antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
|
||||||
.antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
|
.antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
|
||||||
|
|
@ -152,8 +170,7 @@ public class SecurityConfig
|
||||||
* 强散列哈希加密实现
|
* 强散列哈希加密实现
|
||||||
*/
|
*/
|
||||||
@Bean
|
@Bean
|
||||||
public BCryptPasswordEncoder bCryptPasswordEncoder()
|
public BCryptPasswordEncoder bCryptPasswordEncoder() {
|
||||||
{
|
|
||||||
return new BCryptPasswordEncoder();
|
return new BCryptPasswordEncoder();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -146,7 +146,7 @@ public class ModelCommentServiceImpl extends ServiceImpl<ModelCommentMapper, Mod
|
||||||
List<Long> allCommentIds = collectAllCommentIds(parentComments, childComments);
|
List<Long> allCommentIds = collectAllCommentIds(parentComments, childComments);
|
||||||
|
|
||||||
// 5. 批量查询点赞状态(仅当用户已登录)
|
// 5. 批量查询点赞状态(仅当用户已登录)
|
||||||
Map<Long, Integer> likeStatusMap = SecurityUtils.getUserIdMax() != null ?
|
Map<Long, Integer> likeStatusMap = SecurityUtils.getUserIdMax() != 0 ?
|
||||||
batchGetLikeStatus(allCommentIds, SecurityUtils.getUserIdMax()) :
|
batchGetLikeStatus(allCommentIds, SecurityUtils.getUserIdMax()) :
|
||||||
new HashMap<>();
|
new HashMap<>();
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -172,7 +172,7 @@ public class ModelImageLikeServiceImpl extends ServiceImpl<ModelImageLikeMapper,
|
||||||
List<Long> modelImageLikeIds = new ArrayList<>();
|
List<Long> modelImageLikeIds = new ArrayList<>();
|
||||||
|
|
||||||
List<ModelImageLike> modelImageLikes = baseMapper.selectList(new LambdaQueryWrapper<ModelImageLike>()
|
List<ModelImageLike> modelImageLikes = baseMapper.selectList(new LambdaQueryWrapper<ModelImageLike>()
|
||||||
.eq(ModelImageLike::getUserId, SecurityUtils.getUserId()));
|
.eq(ModelImageLike::getUserId, SecurityUtils.getUserIdMax()));
|
||||||
for (ModelImageLike modelImageLike : modelImageLikes) {
|
for (ModelImageLike modelImageLike : modelImageLikes) {
|
||||||
modelImageLikeIds.add(modelImageLike.getModelImageId());
|
modelImageLikeIds.add(modelImageLike.getModelImageId());
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -142,8 +142,8 @@ public class WorkFlowCommentServiceImpl extends ServiceImpl<WorkFlowCommentMappe
|
||||||
List<Long> allCommentIds = collectAllCommentIds(parentComments, childComments);
|
List<Long> allCommentIds = collectAllCommentIds(parentComments, childComments);
|
||||||
|
|
||||||
// 5. 批量查询点赞状态(仅当用户已登录)
|
// 5. 批量查询点赞状态(仅当用户已登录)
|
||||||
Map<Long, Integer> likeStatusMap = SecurityUtils.getUserId() != null ?
|
Map<Long, Integer> likeStatusMap = SecurityUtils.getUserIdMax() != 0 ?
|
||||||
batchGetLikeStatus(allCommentIds, SecurityUtils.getUserId()) :
|
batchGetLikeStatus(allCommentIds, SecurityUtils.getUserIdMax()) :
|
||||||
new HashMap<>();
|
new HashMap<>();
|
||||||
|
|
||||||
// 6. 构建评论树结构(传递点赞状态)
|
// 6. 构建评论树结构(传递点赞状态)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue