拦截器加白名单

e6517937 · 伍思炜 · 556ce5c3 · e6517937 · e6517937 · e6517937
Commit e6517937 authored Mar 16, 2022 by 伍思炜
6 changed files
--- a/common/src/main/resources/com/winsun/mapper/mapping/SysUserMapper.xml
+++ b/common/src/main/resources/com/winsun/mapper/mapping/SysUserMapper.xml
@@ -31,7 +31,7 @@
            LEFT JOIN sys_menu sm ON sr.menuid = sm.id
        WHERE
            sr.roleid in
-            <foreach collection="roleIds" item="role" open="(" close=")">
+            <foreach collection="roleIds" item="role" separator="," open="(" close=")">
                #{role}
            </foreach>
    </select>

--- a/core-service/src/main/java/com/winsun/item/modular/config/LoginApplicaionConfig.java
+++ b/core-service/src/main/java/com/winsun/item/modular/config/LoginApplicaionConfig.java
@@ -41,7 +41,33 @@ public class LoginApplicaionConfig extends WebMvcConfigurationSupport {
        registry.addInterceptor(changePwdInterceptor).addPathPatterns("/mgr/changeOtherPwd");
        List<String> s = new ArrayList<>();
        s.add("/login");
+        s.add("/sys/logout");
+        s.add("/logout");
+        s.add("/GetPermissionList");
+        s.add("/menu/getMenus");
        s.add("/getPhoneCode");
+        s.add("/getPhoneCodeY");
+        s.add("/cloud/**");
+        s.add("/appInfo/**");
+        s.add("mgr/queryUserInuse");
+        s.add("mgr/getUserListByRoleIdAndDeptId");
+        s.add("mgr/userByUerId");
+        s.add("mgr/releaseUser");
+        s.add("/dept/selectDeptList");
+        s.add("/dept/selectDept");
+        s.add("/role/roleLable");
+        s.add("/area/selectTaskAreaRel");
+        s.add("/forgerpw/verificationCode");
+        s.add("/forgerpw/changePwd");
+        s.add("/forgerpw/bindingAccount");
+        s.add("/forgerpw/defaultLogin");
+        s.add("/forgerpw/weixinLogin");
+        s.add("/forgerpw/weixinUnbundling");
+        s.add("/forgerpw/selectAddress");
+        s.add("/forgerpw/selectSchool");
+        s.add("/forgerpw/openHall");
+        s.add("/forgerpw/registeredAccount");
+        s.add("/Personal/**");
        registry.addInterceptor(authIntercept).excludePathPatterns(s);
        super.addInterceptors(registry);
    }

--- a/service-manager/src/main/java/com/winsun/controller/NewUserController.java
+++ b/service-manager/src/main/java/com/winsun/controller/NewUserController.java
--- a/service-manager/src/main/java/com/winsun/controller/PartnerController.java
+++ b/service-manager/src/main/java/com/winsun/controller/PartnerController.java
--- a/service-manager/src/main/java/com/winsun/controller/school/SchoolAllocationController.java
+++ b/service-manager/src/main/java/com/winsun/controller/school/SchoolAllocationController.java
@@ -31,7 +31,7 @@ import java.util.*;
 @RequestMapping("/school/schoolAllocation")
 public class SchoolAllocationController extends BaseController {
-	private static SchoolMapper schoolMapper;
+    private static SchoolMapper schoolMapper;
    private static SysUserMapper sysUserMapper;
    @Autowired
@@ -45,7 +45,7 @@ public class SchoolAllocationController extends BaseController {
            @RequestParam("account") String account,
            @RequestParam("schoolId") String schoolId) {
-        if(StringUtils.isBlank(account) || "undefined".equals(account)){
+        if (StringUtils.isBlank(account) || "undefined".equals(account)) {
            return ResponseData.error("账号不能为空！！!");
        }
        List<String> list = Arrays.asList(account.split(","));
@@ -54,7 +54,7 @@ public class SchoolAllocationController extends BaseController {
            wrapperUser.eq("account", acc);
            //wrapperUser.eq(column, params);
            List<SysUser> userList = sysUserMapper.selectList(wrapperUser);
-            if (userList.size() > 0){
+            if (userList.size() > 0) {
                schoolMapper.addSupervisorSchool(userList.get(0).getId(), schoolId);
                return ResponseData.success("添加成功！");
            }
@@ -67,15 +67,14 @@ public class SchoolAllocationController extends BaseController {
        int num = schoolMapper.deleteSupervisorSchool(id);
-        if (num == 1){
+        if (num == 1) {
            return ResponseData.success("删除成功！");
        }
-        return  ResponseData.error("删除失败");
+        return ResponseData.error("删除失败");
    }
    /**
-     *
     * @param account
     * @param name
     * @param substName
@@ -85,22 +84,22 @@ public class SchoolAllocationController extends BaseController {
     * @return
     */
    @Permission(menuname = "查询学校分配", value = "findByList", method = RequestMethod.POST)
-    public ResponseData<Page<Map<String,Object>>> listSchool(
+    public ResponseData<Page<Map<String, Object>>> listSchool(
            @RequestParam("account") String account, @RequestParam("name") String name,
            @RequestParam("substName") String substName, @RequestParam("schoolName") String schoolName,
            @RequestParam(name = "pageNo", required = false) int pageIndex,
            @RequestParam(name = "pageSize", required = false) int pageSize) {
-        List<Map<String, Object>> dataList = sysUserMapper.schoolAllocationList(account,name,substName,schoolName);
+        List<Map<String, Object>> dataList = sysUserMapper.schoolAllocationList(account, name, substName, schoolName);
        Page<Map<String, Object>> page = new Page<>(pageIndex, pageSize);
-        List<Map<String, Object>> newList = new ArrayList<Map<String,Object>>();
+        List<Map<String, Object>> newList = new ArrayList<Map<String, Object>>();
-        if(pageIndex*pageSize > dataList.size()) {
+        if (pageIndex * pageSize > dataList.size()) {
-        	newList = dataList.subList((pageIndex-1)*pageSize, dataList.size());
+            newList = dataList.subList((pageIndex - 1) * pageSize, dataList.size());
-        }else {
+        } else {
-        	newList = dataList.subList((pageIndex-1)*pageSize, pageIndex*pageSize);
+            newList = dataList.subList((pageIndex - 1) * pageSize, pageIndex * pageSize);
        }
        for (Map<String, Object> map : newList) {
-            if (StringUtils.isNotBlank(map.get("account").toString())){
+            if (map.get("account") != null && StringUtils.isNotBlank(map.get("account").toString())) {
                map.put("account", DesensitizationUtil.desensitizedPhoneNumber(map.get("account").toString()));
            }
        }
@@ -110,5 +109,4 @@ public class SchoolAllocationController extends BaseController {
    }
 }
--- a/service-manager/src/main/java/com/winsun/intercept/AuthConfigurationSupport.java
+++ b/service-manager/src/main/java/com/winsun/intercept/AuthConfigurationSupport.java
@@ -25,7 +25,13 @@ public class AuthConfigurationSupport extends WebMvcConfigurationSupport {
        log.info("配置拦截中");
        List<String> s = new ArrayList<>();
        s.add("/login");
+        s.add("/logout");
        s.add("/getPhoneCode");
+        s.add("/hhrUser/getOrderList");
+        s.add("/hhrUser/getSallesList");
+        s.add("/PersonalCenter/**");
        registry.addInterceptor(authIntercept).excludePathPatterns(s);
        super.addInterceptors(registry);
    }