浏览代码

增加老师端查询订单的方法到白名单

hgw 3 年之前
父节点
当前提交
2f51efeecc
共有 1 个文件被更改,包括 26 次插入26 次删除
  1. 26 26
      mec-teacher/src/main/java/com/ym/mec/teacher/config/ResourceServerConfig.java

+ 26 - 26
mec-teacher/src/main/java/com/ym/mec/teacher/config/ResourceServerConfig.java

@@ -1,5 +1,7 @@
 package com.ym.mec.teacher.config;
 
+import com.ym.mec.common.security.BaseAccessDeniedHandler;
+import com.ym.mec.common.security.BaseAuthenticationEntryPoint;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
@@ -8,36 +10,34 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.E
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
 
-import com.ym.mec.common.security.BaseAccessDeniedHandler;
-import com.ym.mec.common.security.BaseAuthenticationEntryPoint;
-
 @Configuration
 @EnableResourceServer
 @EnableGlobalMethodSecurity(prePostEnabled = true)
 public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
 
-	@Autowired
-	private BaseAccessDeniedHandler baseAccessDeniedHandler;
-
-	@Autowired
-	private BaseAuthenticationEntryPoint baseAuthenticationEntryPoint;
-
-	@Override
-	public void configure(HttpSecurity http) throws Exception {
-		http.csrf()
-				.disable()
-				.exceptionHandling()
-				.accessDeniedHandler(baseAccessDeniedHandler)
-				.authenticationEntryPoint(baseAuthenticationEntryPoint)
-				.and()
-				.authorizeRequests()
-				.antMatchers("/v2/api-docs", "/code/*", "/teacher/queryStudentApply", "/teacher/querySubByMusicGroupId", "/studentRegistration/updateSubject",
-						"/studyReport/createEvaluate", "/teacherOrder/*","/teacher/getRegisterOrPreList","/teacherContract/callback").permitAll().anyRequest().authenticated().and().httpBasic();
-	}
-
-	@Override
-	public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
-		resources.authenticationEntryPoint(baseAuthenticationEntryPoint).accessDeniedHandler(baseAccessDeniedHandler);
-	}
+    @Autowired
+    private BaseAccessDeniedHandler baseAccessDeniedHandler;
+
+    @Autowired
+    private BaseAuthenticationEntryPoint baseAuthenticationEntryPoint;
+
+    @Override
+    public void configure(HttpSecurity http) throws Exception {
+        http.csrf()
+                .disable()
+                .exceptionHandling()
+                .accessDeniedHandler(baseAccessDeniedHandler)
+                .authenticationEntryPoint(baseAuthenticationEntryPoint)
+                .and()
+                .authorizeRequests()
+                .antMatchers("/v2/api-docs", "/code/*", "/teacher/queryStudentApply", "/teacher/querySubByMusicGroupId", "/studentRegistration/updateSubject",
+                        "/studyReport/createEvaluate", "/teacherOrder/*", "/teacher/getRegisterOrPreList", "/teacherContract/callback", "/eduPracticeGroup/queryOrderInfo")
+                .permitAll().anyRequest().authenticated().and().httpBasic();
+    }
+
+    @Override
+    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
+        resources.authenticationEntryPoint(baseAuthenticationEntryPoint).accessDeniedHandler(baseAccessDeniedHandler);
+    }
 
 }