From 79b4d0cf0938293e4d4d16bbef732786173d1ce0 Mon Sep 17 00:00:00 2001
From: zhuxinru <zhuxinru@honeycombis.com>
Date: Fri, 5 Dec 2025 15:44:24 +0800
Subject: [PATCH] =?UTF-8?q?fix:=E6=B7=BB=E5=8A=A0=E7=99=BD=E5=90=8D?=
 =?UTF-8?q?=E5=8D=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/sdm/capability/filter/AuthFilter.java | 21 ++++++++++++++++--
 .../src/main/resources/application-dev.yml    |  1 +
 data/src/main/resources/application-dev.yml   |  2 ++
 .../com/sdm/project/filter/AuthFilter.java    | 21 ++++++++++++++++--
 .../src/main/resources/application-dev.yml    |  2 +-
 .../java/com/sdm/task/filter/AuthFilter.java  | 22 +++++++++++++++++--
 task/src/main/resources/application-dev.yml   |  2 +-
 7 files changed, 63 insertions(+), 8 deletions(-)

diff --git a/capability/src/main/java/com/sdm/capability/filter/AuthFilter.java b/capability/src/main/java/com/sdm/capability/filter/AuthFilter.java
index d64ed4e2..baa57361 100644
--- a/capability/src/main/java/com/sdm/capability/filter/AuthFilter.java
+++ b/capability/src/main/java/com/sdm/capability/filter/AuthFilter.java
@@ -2,22 +2,31 @@ package com.sdm.capability.filter;
 
 import com.sdm.common.common.ThreadLocalContext;
 //import com.sdm.ability.service.UserService;
+import com.sdm.common.config.WhitelistProperties;
 import jakarta.servlet.*;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.AntPathMatcher;
 
 import java.io.IOException;
+import java.util.List;
 
 @Slf4j
 public class AuthFilter implements Filter {
-//    @Resource
-//    private UserService userService;
+    @Autowired
+    private WhitelistProperties whitelistProperties;
+
+    private List<String> excludedPaths;
+    private final AntPathMatcher pathMatcher = new AntPathMatcher();
 
     @Override
     public void init(FilterConfig filterConfig) throws ServletException {
         Filter.super.init(filterConfig);
+        // 从初始化参数中读取白名单
+        excludedPaths = whitelistProperties.getPaths();
         log.info("----------- AuthFilter init ----------");
     }
 
@@ -25,6 +34,14 @@ public class AuthFilter implements Filter {
     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
         if (servletRequest instanceof HttpServletRequest) {
             HttpServletRequest req = (HttpServletRequest) servletRequest;
+            String path = req.getRequestURI().substring(req.getContextPath().length());
+            // 检查当前请求是否在白名单中
+            for (String excludedPath : excludedPaths) {
+                if (pathMatcher.match(excludedPath, path)) {
+                    filterChain.doFilter(servletRequest, servletResponse);
+                    return;
+                }
+            }
             if(!ThreadLocalContext.verifyRequest(req))
             {
                 HttpServletResponse response = (HttpServletResponse) servletResponse;
diff --git a/capability/src/main/resources/application-dev.yml b/capability/src/main/resources/application-dev.yml
index 495cb312..910c21c7 100644
--- a/capability/src/main/resources/application-dev.yml
+++ b/capability/src/main/resources/application-dev.yml
@@ -108,6 +108,7 @@ security:
   whitelist:
     paths:
       - /pbs/jobFileCallback
+      - /flow/approveHandleNotice
 
 #logging:
 #  config: ./config/logback.xml
\ No newline at end of file
diff --git a/data/src/main/resources/application-dev.yml b/data/src/main/resources/application-dev.yml
index c43b63e6..40c9e645 100644
--- a/data/src/main/resources/application-dev.yml
+++ b/data/src/main/resources/application-dev.yml
@@ -121,5 +121,7 @@ security:
   whitelist:
     paths:
       - /data/previewImage
+      - /data/approveDataFile
+      - /data/downloadFile
       - /data/flowableUpFileToLocal
       - /data/flowableUpFileToLocalMerge
\ No newline at end of file
diff --git a/project/src/main/java/com/sdm/project/filter/AuthFilter.java b/project/src/main/java/com/sdm/project/filter/AuthFilter.java
index d80e82c8..80bc3f20 100644
--- a/project/src/main/java/com/sdm/project/filter/AuthFilter.java
+++ b/project/src/main/java/com/sdm/project/filter/AuthFilter.java
@@ -1,22 +1,31 @@
 package com.sdm.project.filter;
 
 import com.sdm.common.common.ThreadLocalContext;
+import com.sdm.common.config.WhitelistProperties;
 import jakarta.servlet.*;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.AntPathMatcher;
 
 import java.io.IOException;
+import java.util.List;
 
 @Slf4j
 public class AuthFilter implements Filter {
-//    @Resource
-//    private UserService userService;
+    @Autowired
+    private WhitelistProperties whitelistProperties;
+
+    private List<String> excludedPaths;
+    private final AntPathMatcher pathMatcher = new AntPathMatcher();
 
     @Override
     public void init(FilterConfig filterConfig) throws ServletException {
         Filter.super.init(filterConfig);
+        // 从初始化参数中读取白名单
+        excludedPaths = whitelistProperties.getPaths();
         log.info("----------- AuthFilter init ----------");
     }
 
@@ -24,6 +33,14 @@ public class AuthFilter implements Filter {
     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
         if (servletRequest instanceof HttpServletRequest) {
             HttpServletRequest req = (HttpServletRequest) servletRequest;
+            String path = req.getRequestURI().substring(req.getContextPath().length());
+            // 检查当前请求是否在白名单中
+            for (String excludedPath : excludedPaths) {
+                if (pathMatcher.match(excludedPath, path)) {
+                    filterChain.doFilter(servletRequest, servletResponse);
+                    return;
+                }
+            }
             if(!ThreadLocalContext.verifyRequest(req))
             {
                 HttpServletResponse response = (HttpServletResponse) servletResponse;
diff --git a/project/src/main/resources/application-dev.yml b/project/src/main/resources/application-dev.yml
index e3cc24de..d7024d09 100644
--- a/project/src/main/resources/application-dev.yml
+++ b/project/src/main/resources/application-dev.yml
@@ -119,6 +119,6 @@ file:
 security:
   whitelist:
     paths:
-      - aa
+      - /run/deliverableApproveCallback
 #logging:
 #  config: ./config/logback.xml
\ No newline at end of file
diff --git a/task/src/main/java/com/sdm/task/filter/AuthFilter.java b/task/src/main/java/com/sdm/task/filter/AuthFilter.java
index c2a1423b..a7ef3d66 100644
--- a/task/src/main/java/com/sdm/task/filter/AuthFilter.java
+++ b/task/src/main/java/com/sdm/task/filter/AuthFilter.java
@@ -1,22 +1,32 @@
 package com.sdm.task.filter;
 
 import com.sdm.common.common.ThreadLocalContext;
+import com.sdm.common.config.WhitelistProperties;
 import jakarta.servlet.*;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.AntPathMatcher;
 
 import java.io.IOException;
+import java.util.List;
 
 @Slf4j
 public class AuthFilter implements Filter {
-//    @Resource
-//    private UserService userService;
+
+    @Autowired
+    private WhitelistProperties whitelistProperties;
+
+    private List<String> excludedPaths;
+    private final AntPathMatcher pathMatcher = new AntPathMatcher();
 
     @Override
     public void init(FilterConfig filterConfig) throws ServletException {
         Filter.super.init(filterConfig);
+        // 从初始化参数中读取白名单
+        excludedPaths = whitelistProperties.getPaths();
         log.info("----------- AuthFilter init ----------");
     }
 
@@ -24,6 +34,14 @@ public class AuthFilter implements Filter {
     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
         if (servletRequest instanceof HttpServletRequest) {
             HttpServletRequest req = (HttpServletRequest) servletRequest;
+            String path = req.getRequestURI().substring(req.getContextPath().length());
+            // 检查当前请求是否在白名单中
+            for (String excludedPath : excludedPaths) {
+                if (pathMatcher.match(excludedPath, path)) {
+                    filterChain.doFilter(servletRequest, servletResponse);
+                    return;
+                }
+            }
             if(!ThreadLocalContext.verifyRequest(req))
             {
                 HttpServletResponse response = (HttpServletResponse) servletResponse;
diff --git a/task/src/main/resources/application-dev.yml b/task/src/main/resources/application-dev.yml
index 435e8784..a6b15bbe 100644
--- a/task/src/main/resources/application-dev.yml
+++ b/task/src/main/resources/application-dev.yml
@@ -126,4 +126,4 @@ approve:
 security:
   whitelist:
     paths:
-      - aa
\ No newline at end of file
+      - /taskpool/approveHandleNotice
\ No newline at end of file