diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java index 8d002ccde..4537bc39b 100644 --- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java +++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java @@ -9,6 +9,7 @@ import org.springframework.boot.autoconfigure.AutoConfiguration; import org.springframework.boot.autoconfigure.AutoConfigureOrder; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.Bean; +import org.springframework.core.env.Environment; import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.Customizer; @@ -30,10 +31,12 @@ import org.springframework.web.util.pattern.PathPattern; import javax.annotation.Resource; import javax.annotation.security.PermitAll; +import java.util.Arrays; import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Set; +import java.util.stream.Collectors; import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.convertList; @@ -47,10 +50,15 @@ import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils. @EnableMethodSecurity(securedEnabled = true) public class YudaoWebSecurityConfigurerAdapter { + private static final String INNER_PROFILE = "inner"; + private static final String HOME_INFO_PERMIT_ALL_URL = "/admin-api/home/info/**"; + @Resource private WebProperties webProperties; @Resource private SecurityProperties securityProperties; + @Resource + private Environment environment; /** * 认证失败处理类 Bean @@ -137,7 +145,7 @@ public class YudaoWebSecurityConfigurerAdapter { .requestMatchers(HttpMethod.HEAD, permitAllUrls.get(HttpMethod.HEAD).toArray(new String[0])).permitAll() .requestMatchers(HttpMethod.PATCH, permitAllUrls.get(HttpMethod.PATCH).toArray(new String[0])).permitAll() // 1.3 基于 yudao.security.permit-all-urls 无需认证 - .requestMatchers(securityProperties.getPermitAllUrls().toArray(new String[0])).permitAll() + .requestMatchers(getPermitAllUrls().toArray(new String[0])).permitAll() ) // ②:每个项目的自定义规则 .authorizeHttpRequests(c -> authorizeRequestsCustomizers.forEach(customizer -> customizer.customize(c))) @@ -149,6 +157,19 @@ public class YudaoWebSecurityConfigurerAdapter { return httpSecurity.build(); } + private List getPermitAllUrls() { + if (isInnerProfile()) { + return securityProperties.getPermitAllUrls(); + } + return securityProperties.getPermitAllUrls().stream() + .filter(url -> !HOME_INFO_PERMIT_ALL_URL.equals(url)) + .collect(Collectors.toList()); + } + + private boolean isInnerProfile() { + return Arrays.asList(environment.getActiveProfiles()).contains(INNER_PROFILE); + } + private String buildAppApi(String url) { return webProperties.getAppApi().getPrefix() + url; } diff --git a/yudao-module-mes/yudao-module-mes-biz/src/main/java/cn/iocoder/yudao/module/mes/controller/admin/home/HomeController.java b/yudao-module-mes/yudao-module-mes-biz/src/main/java/cn/iocoder/yudao/module/mes/controller/admin/home/HomeController.java index 9795063b0..f566c9c73 100644 --- a/yudao-module-mes/yudao-module-mes-biz/src/main/java/cn/iocoder/yudao/module/mes/controller/admin/home/HomeController.java +++ b/yudao-module-mes/yudao-module-mes-biz/src/main/java/cn/iocoder/yudao/module/mes/controller/admin/home/HomeController.java @@ -12,13 +12,17 @@ import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpGet; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.util.EntityUtils; +import org.springframework.core.env.Environment; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; +import javax.annotation.Resource; +import javax.annotation.security.PermitAll; import java.io.IOException; import java.util.ArrayList; +import java.util.Arrays; import static cn.iocoder.yudao.framework.common.pojo.CommonResult.success; @@ -28,6 +32,18 @@ import static cn.iocoder.yudao.framework.common.pojo.CommonResult.success; @Validated public class HomeController { + private static final String INNER_PROFILE = "inner"; + + @Resource + private Environment environment; + + @GetMapping("/public-access-enabled") + @PermitAll + @Operation(summary = "是否允许免登录访问首页") + public CommonResult isPublicAccessEnabled() { + return success(Arrays.asList(environment.getActiveProfiles()).contains(INNER_PROFILE)); + } + //中文名 adcode citycode 呼和浩特市 150100 0471 @@ -75,4 +91,4 @@ public class HomeController { return gaodeVO; } -} \ No newline at end of file +}