diff --git a/aircraft-common/src/main/java/com/aircraft/annotation/rest/AnonymousAccess.java b/aircraft-common/src/main/java/com/aircraft/annotation/rest/AnonymousAccess.java index 0f6867e..eaf34e0 100644 --- a/aircraft-common/src/main/java/com/aircraft/annotation/rest/AnonymousAccess.java +++ b/aircraft-common/src/main/java/com/aircraft/annotation/rest/AnonymousAccess.java @@ -21,7 +21,7 @@ import java.lang.annotation.*; * @author jacky * 用于标记匿名访问方法 */ -//@Inherited +@Inherited @Documented @Target({ElementType.METHOD,ElementType.ANNOTATION_TYPE}) @Retention(RetentionPolicy.RUNTIME) diff --git a/aircraft-common/src/main/java/com/aircraft/config/webConfig/SwaggerConfig.java b/aircraft-common/src/main/java/com/aircraft/config/webConfig/SwaggerConfig.java index 376fdb0..e927bf4 100644 --- a/aircraft-common/src/main/java/com/aircraft/config/webConfig/SwaggerConfig.java +++ b/aircraft-common/src/main/java/com/aircraft/config/webConfig/SwaggerConfig.java @@ -17,6 +17,7 @@ package com.aircraft.config.webConfig; import lombok.RequiredArgsConstructor; import com.aircraft.utils.AnonTagUtils; +import org.apache.commons.lang3.RegExUtils; import org.springframework.beans.BeansException; import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.config.BeanPostProcessor; @@ -43,6 +44,7 @@ import java.util.ArrayList; import java.util.Collections; import java.util.List; import java.util.Set; +import java.util.regex.Pattern; import java.util.stream.Collectors; /** @@ -66,6 +68,10 @@ public class SwaggerConfig { private final ApplicationContext applicationContext; + private static final Pattern PATTERN = Pattern.compile("\\{(.*?)\\}"); + + public String ASTERISK = "*"; + @Bean public Docket createRestApi() { return new Docket(DocumentationType.SWAGGER_2) @@ -106,7 +112,12 @@ public class SwaggerConfig { private SecurityContext getContextByPath() { Set urls = AnonTagUtils.getAllAnonymousUrl(applicationContext); - urls = urls.stream().filter(url -> !url.equals("/")).collect(Collectors.toSet()); + urls = urls.stream().filter(url -> !url.equals("/")) + .map(url -> { + //替代path variable 为 * + return RegExUtils.replaceAll(url, PATTERN, ASTERISK); + }) + .collect(Collectors.toSet()); String regExp = "^(?!" + apiPath + String.join("|" + apiPath, urls) + ").*$"; return SecurityContext.builder() .securityReferences(defaultAuth()) diff --git a/aircraft-system/src/main/java/com/aircraft/modules/article/controller/CpTextController.java b/aircraft-system/src/main/java/com/aircraft/modules/article/controller/CpTextController.java index 0bc5d73..a1a1058 100644 --- a/aircraft-system/src/main/java/com/aircraft/modules/article/controller/CpTextController.java +++ b/aircraft-system/src/main/java/com/aircraft/modules/article/controller/CpTextController.java @@ -105,9 +105,9 @@ public class CpTextController { } } -// @AnonymousAccess + @AnonymousAccess @ApiOperation(value = "查询单个文本内容") - @RequestMapping(value = "{id}", method = {RequestMethod.GET}) + @GetMapping(value = "/{id}") @ApiImplicitParam(name = "id", value = "文本内容ID", required = true, paramType = "path") public ResponseEntity one(@PathVariable final Integer id) { try { diff --git a/aircraft-system/src/main/java/com/aircraft/modules/security/config/SpringSecurityConfig.java b/aircraft-system/src/main/java/com/aircraft/modules/security/config/SpringSecurityConfig.java index caddeeb..7d8cbad 100644 --- a/aircraft-system/src/main/java/com/aircraft/modules/security/config/SpringSecurityConfig.java +++ b/aircraft-system/src/main/java/com/aircraft/modules/security/config/SpringSecurityConfig.java @@ -66,14 +66,6 @@ public class SpringSecurityConfig { protected SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception { // 获取匿名标记 Map> anonymousUrls = AnonTagUtils.getAnonymousUrl(applicationContext); - // 手动添加需要匿名访问的接口路径(核心修改) - // 1. 分页查询接口:GET /cpText - anonymousUrls.computeIfAbsent(RequestMethodEnum.GET.getType(), k -> new HashSet<>()) - .add("/cpText"); - // 2. 通过 ID 查询接口:GET /cpText/{id}(支持任意 ID) - anonymousUrls.computeIfAbsent(RequestMethodEnum.GET.getType(), k -> new HashSet<>()) - .add("/cpText/**"); - return httpSecurity // 禁用 CSRF .csrf().disable()