From 3af43ef6c7fa3f4f2d4d390d47fae9c5f518e60d Mon Sep 17 00:00:00 2001 From: Charles7c Date: Fri, 25 Jul 2025 22:08:27 +0800 Subject: [PATCH] =?UTF-8?q?refactor:=20CRUD=20Api=20=E5=BF=BD=E7=95=A5?= =?UTF-8?q?=E6=8E=92=E9=99=A4=EF=BC=88=E6=94=BE=E8=A1=8C=EF=BC=89=E8=B7=AF?= =?UTF-8?q?=E5=BE=84=E7=9A=84=E6=9D=83=E9=99=90=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../admin/common/base/controller/BaseController.java | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/continew-common/src/main/java/top/continew/admin/common/base/controller/BaseController.java b/continew-common/src/main/java/top/continew/admin/common/base/controller/BaseController.java index 7ec76035..f9caf1cc 100644 --- a/continew-common/src/main/java/top/continew/admin/common/base/controller/BaseController.java +++ b/continew-common/src/main/java/top/continew/admin/common/base/controller/BaseController.java @@ -22,8 +22,12 @@ import cn.dev33.satoken.context.model.SaRequest; import cn.dev33.satoken.sign.template.SaSignTemplate; import cn.dev33.satoken.stp.StpUtil; import cn.hutool.core.annotation.AnnotationUtil; +import cn.hutool.extra.spring.SpringUtil; import top.continew.admin.common.base.service.BaseService; import top.continew.admin.common.config.crud.CrudApiPermissionPrefixCache; +import top.continew.starter.auth.satoken.autoconfigure.SaTokenExtensionProperties; +import top.continew.starter.core.util.ServletUtils; +import top.continew.starter.core.util.SpringWebUtils; import top.continew.starter.extension.crud.annotation.CrudApi; import top.continew.starter.extension.crud.controller.AbstractCrudController; import top.continew.starter.extension.crud.enums.Api; @@ -61,6 +65,14 @@ public class BaseController, L, D, Q, C> exten .hasAnnotation(targetClass, SaIgnore.class)) { return; } + // 忽略排除(放行)路径 + SaTokenExtensionProperties saTokenExtensionProperties = SpringUtil.getBean(SaTokenExtensionProperties.class); + if (saTokenExtensionProperties.isEnabled()) { + String[] excludePatterns = saTokenExtensionProperties.getSecurity().getExcludes(); + if (SpringWebUtils.isMatch(ServletUtils.getRequestPath(), excludePatterns)) { + return; + } + } // 校验权限,例如:创建用户接口(POST /system/user) => 校验 system:user:create 权限 String permissionPrefix = CrudApiPermissionPrefixCache.get(targetClass); String apiName = getApiName(crudApi.value());