mirror of
https://github.com/jeecgboot/JimuReport.git
synced 2025-10-15 15:30:23 +00:00
JEECG
@@ -22,6 +22,29 @@ public class SpringSecurityConfig {
|
|||||||
http.csrf().disable()
|
http.csrf().disable()
|
||||||
.authorizeRequests()
|
.authorizeRequests()
|
||||||
.antMatchers("/login/**").permitAll()
|
.antMatchers("/login/**").permitAll()
|
||||||
|
// 放过静态资源
|
||||||
|
.antMatchers("/jmreport/**/cdn/**",
|
||||||
|
"/jmreport/desreport_/**/*.js",
|
||||||
|
"/jmreport/desreport_/**/*.css",
|
||||||
|
"/jmreport/desreport_/**/*.png").permitAll()
|
||||||
|
// 不需要登录的接口
|
||||||
|
.antMatchers("/jmreport/excelQueryByTemplate",
|
||||||
|
"/jmreport/img/**",
|
||||||
|
"/jmreport/download/image",
|
||||||
|
"/jmreport/verificationToken",
|
||||||
|
"/jmreport/link/queryByIds",
|
||||||
|
"/jmreport/test/getUserMsg",
|
||||||
|
"/jmreport/test/getOrder",
|
||||||
|
"/jmreport/auto/export/download/**").permitAll()
|
||||||
|
// 分享页面
|
||||||
|
.antMatchers("/jmreport/shareView/**",
|
||||||
|
"/jmreport/checkParam/**",
|
||||||
|
"/jmreport/share/verification",
|
||||||
|
"/jmreport/getQueryInfo",
|
||||||
|
"/jmreport/show",
|
||||||
|
"/jmreport/addViewCount/**").permitAll()
|
||||||
|
// view页面
|
||||||
|
.antMatchers("/jmreport/view/**").access("@viewPageCustomAccess.check(request,authentication)")
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
|
|||||||
@@ -0,0 +1,42 @@
|
|||||||
|
package com.jeecg.modules.jmreport.config;
|
||||||
|
|
||||||
|
import org.jeecg.modules.jmreport.common.util.OkConvertUtils;
|
||||||
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
|
import org.springframework.security.core.Authentication;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 自定义view页面access处理
|
||||||
|
* for: [TV360X-2206] 目前这个版本必须登录后才能看报表,如何设置不登录也能查看报表 #2919
|
||||||
|
* @author chenrui
|
||||||
|
* @date 2024/8/23 14:28
|
||||||
|
*/
|
||||||
|
@Component("viewPageCustomAccess")
|
||||||
|
public class ViewPageCustomAccess {
|
||||||
|
|
||||||
|
@Value("${spring.security.open-view-page:false}")
|
||||||
|
boolean openViewPage = false;
|
||||||
|
|
||||||
|
public boolean check(HttpServletRequest request, Authentication authentication) {
|
||||||
|
Object principal = authentication.getPrincipal();
|
||||||
|
if (OkConvertUtils.isEmpty(principal) || "anonymousUser".equalsIgnoreCase(principal.toString())) {
|
||||||
|
// 未登录
|
||||||
|
if (openViewPage) {
|
||||||
|
// 配置文件设置了开放view页面
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
HttpServletRequest httpRequest = (HttpServletRequest) request;
|
||||||
|
String previousPage = httpRequest.getParameter("previousPage");
|
||||||
|
String jmLink = httpRequest.getParameter("jmLink");
|
||||||
|
if (OkConvertUtils.isNotEmpty(previousPage) && OkConvertUtils.isNotEmpty(jmLink) ) {
|
||||||
|
// 参数中有previousPage和jmLink
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
Reference in New Issue
Block a user