一、该问题的重现步骤是什么?
1. 添加接口权限
2. 为租户为000000的用户设置接口权限,验证生效
3.为租户不为000000的用户设置接口权限,访问接口提示未授权
二、你期待的结果是什么?实际看到的又是什么?
为租户为000000的用户设置接口权限,验证生效
为租户不为000000的用户设置接口权限,访问接口提示未授权
三、你正在使用的是什么产品,什么版本?在什么操作系统上?
商业版本。2.5.0,linux
四、请提供详细的错误堆栈信息,这很重要。
五、若有更多详细信息,请在下面提供。
一、该问题的重现步骤是什么?
代码添加注解
页面添加接口
添加新租户
为租户为000000的角色设置接口权限
添加超级管理员blade-auth ,访问接口提示成功。
Blade-Au
去掉接口权限,再次访问接口,提示未授权(正常)
为租户不为000000的角色设置接口权限,更换账号访问接口。提示未授权
================ Request Start ================
===> GET: /camera_info/list Parameters: {"query":{"current":null,"size":null,"ascs":null,"descs":null},"cameraInfo":{"id":null,"county":null,"town":null,"towerName":null,"towerCode":null,"towerType":null,"longitude":null,"latitude":null,"towerAltitude":null,"machineRoomType":null,"propertyRight":null,"tenant":null,"drawingHeight":null,"direction":null,"review":null,"hasTestErport":null,"hasExplorationPhotos":null,"remark":null,"createDate":null,"cameraIndexCode":null,"ip":null,"token":null,"speed":null,"standingTime":null,"sequences":null,"isVisibleLight":null,"nickName":null,"isOnline":null,"isBayonet":null}}
===Headers=== content-length: 18
===Headers=== X-Forwarded-Prefix: /xc-resource-monitor
===Headers=== Accept: */*
===Headers=== User-Agent: PostmanRuntime/7.29.0
===Headers=== X-Forwarded-Proto: http
===Headers=== X-Forwarded-Host: 192.168.1.235
===Headers=== Accept-Encoding: gzip, deflate, br
===Headers=== X-Forwarded-Port: 80
===Headers=== Forwarded: proto=http;host=192.168.1.235;for="0:0:0:0:0:0:0:1%0:44158"
===Headers=== host: 192.168.1.235:19002
===Headers=== X-Forwarded-For: 192.168.1.81,0:0:0:0:0:0:0:1%0
===Headers=== Postman-Token: 5be375d1-e839-4e2e-8d15-068dae099c5d
===Headers=== X-Real-IP: 192.168.1.81
===Headers=== Blade-Auth: bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0ZW5hbnRfaWQiOiIzODI2ODkiLCJ1c2VyX25hbWUiOiJhZG1pbiIsInJlYWxfbmFtZSI6IueuoeeQhuWRmCIsImF2YXRhciI6IiIsImF1dGhvcml0aWVzIjpbImFkbWluIl0sImNsaWVudF9pZCI6InNhYmVyIiwicm9sZV9uYW1lIjoiYWRtaW4iLCJsaWNlbnNlIjoicG93ZXJlZCBieSBibGFkZXgiLCJwb3N0X2lkIjoiMTM5Mjc1MDkwMTM1Mjk5Mjc2OSIsInVzZXJfaWQiOiIxMzkyNzUwOTA0MDI0NzY0NDE4Iiwicm9sZV9pZCI6IjEzOTI3NTA4Nzg5NzYzODA5MjkiLCJzY29wZSI6WyJhbGwiXSwibmlja19uYW1lIjoi566h55CG5ZGYIiwib2F1dGhfaWQiOiIiLCJkZXRhaWwiOnsidHlwZSI6IndlYiJ9LCJleHAiOjE2NDg3MjE3NDcsImRlcHRfaWQiOiIxMzkyNzUwOTAxMjc3NDk1Mjk3IiwianRpIjoiMTQyOTRiNDktODYyMi00YjJjLTkxZmMtOGNlMzE4MzUxMDYxIiwiYWNjb3VudCI6ImFkbWluIn0.BH7fohcICf3CFrJjal-SyEQc1yL04cdHUQuPagUHtMI
===Headers=== Content-Type: application/json
================ Request End ================
2022-03-31 09:16:37.264 DEBUG 1 --- [XNIO-1 task-337] io.lettuce.core.RedisChannelHandler : dispatching command AsyncCommand [type=GET, output=ValueOutput [output=null, error='null'], commandType=io.lettuce.core.protocol.Command]
2022-03-31 09:16:37.265 DEBUG 1 --- [XNIO-1 task-337] i.lettuce.core.protocol.DefaultEndpoint : [channel=0x56898bb2, /192.168.1.235:47414 -> /192.168.1.235:6379, epid=0x2] write() writeAndFlush command AsyncCommand [type=GET, output=ValueOutput [output=null, error='null'], commandType=io.lettuce.core.protocol.Command]
2022-03-31 09:16:37.266 DEBUG 1 --- [XNIO-1 task-337] i.lettuce.core.protocol.DefaultEndpoint : [channel=0x56898bb2, /192.168.1.235:47414 -> /192.168.1.235:6379, epid=0x2] write() done
2022-03-31 09:16:37.266 DEBUG 1 --- [ioEventLoop-4-2] io.lettuce.core.protocol.CommandHandler : [channel=0x56898bb2, /192.168.1.235:47414 -> /192.168.1.235:6379, chid=0x2] write(ctx, AsyncCommand [type=GET, output=ValueOutput [output=null, error='null'], commandType=io.lettuce.core.protocol.Command], promise)
2022-03-31 09:16:37.267 DEBUG 1 --- [ioEventLoop-4-2] io.lettuce.core.protocol.CommandEncoder : [channel=0x56898bb2, /192.168.1.235:47414 -> /192.168.1.235:6379] writing command AsyncCommand [type=GET, output=ValueOutput [output=null, error='null'], commandType=io.lettuce.core.protocol.Command]
2022-03-31 09:16:37.267 DEBUG 1 --- [ioEventLoop-4-2] io.lettuce.core.protocol.CommandHandler : [channel=0x56898bb2, /192.168.1.235:47414 -> /192.168.1.235:6379, chid=0x2] Received: 21 bytes, 1 commands in the stack
2022-03-31 09:16:37.268 DEBUG 1 --- [ioEventLoop-4-2] io.lettuce.core.protocol.CommandHandler : [channel=0x56898bb2, /192.168.1.235:47414 -> /192.168.1.235:6379, chid=0x2] Stack contains: 1 commands
2022-03-31 09:16:37.268 DEBUG 1 --- [ioEventLoop-4-2] i.l.core.protocol.RedisStateMachine : Decode LatencyMeteredCommand [type=GET, output=ValueOutput [output=null, error='null'], commandType=io.lettuce.core.protocol.AsyncCommand]
2022-03-31 09:16:37.268 DEBUG 1 --- [ioEventLoop-4-2] i.l.core.protocol.RedisStateMachine : Decoded LatencyMeteredCommand [type=GET, output=ValueOutput [output=[B@e3bc059, error='null'], commandType=io.lettuce.core.protocol.AsyncCommand], empty stack: true
2022-03-31 09:16:37.268 INFO 1 --- [XNIO-1 task-337] o.s.core.log.aspect.RequestLogAspect :
================ Response Start ================
<=== GET: /camera_info/list (9 ms)
================ Response End ================
2022-03-31 09:16:37.269 ERROR 1 --- [XNIO-1 task-337] o.s.c.l.e.BladeRestExceptionTranslator : 认证异常
org.springblade.core.secure.exception.SecureException: 请求未授权
添加接口权限
2. 为租户为000000的用户设置接口权限,验证生效
3.为租户不为000000的用户设置接口权限,访问接口提示未授权
二、你期待的结果是什么?实际看到的又是什么?
希望看到
为租户为000000的用户设置接口权限,验证生效
为租户不为000000的用户设置接口权限,验证生效
实际看到
为租户为000000的用户设置接口权限,验证生效
为租户不为000000的用户设置接口权限,访问接口提示未授权
请把工程打包,以及数据库完整sql脚本发一份到bladejava@qq.com,我本地测试了下无法重现。
当然其他的业务模块代码可以全部删掉,只需要保证发过来的最简版工程可以让我们重现便可。
扫一扫访问 Blade技术社区 移动端