|
@@ -70,6 +70,11 @@ public class RequestPermissionInterceptor implements HandlerInterceptor {
|
|
|
String mapping = (String) request
|
|
String mapping = (String) request
|
|
|
.getAttribute(HttpServletRequestAttribute.$_MAPPING.name());
|
|
.getAttribute(HttpServletRequestAttribute.$_MAPPING.name());
|
|
|
|
|
|
|
|
|
|
+ boolean naked = resourceManager.isNaked(apiInfo, mapping);
|
|
|
|
|
+ if (naked) {
|
|
|
|
|
+ return true;
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
String key = null;
|
|
String key = null;
|
|
|
String token = null;
|
|
String token = null;
|
|
|
String kt = request.getHeader("user_token");
|
|
String kt = request.getHeader("user_token");
|
|
@@ -90,14 +95,9 @@ public class RequestPermissionInterceptor implements HandlerInterceptor {
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
if (StringUtils.isBlank(key) || StringUtils.isBlank(token)) {
|
|
if (StringUtils.isBlank(key) || StringUtils.isBlank(token)) {
|
|
|
- boolean naked = resourceManager.isNaked(apiInfo, mapping);
|
|
|
|
|
- if (naked) {
|
|
|
|
|
- return true;
|
|
|
|
|
- } else {
|
|
|
|
|
- response.setStatus(HttpStatus.FORBIDDEN.value());
|
|
|
|
|
- ServletUtil.returnJson(new StatusResponse("403", "unallowed"), response);
|
|
|
|
|
- return false;
|
|
|
|
|
- }
|
|
|
|
|
|
|
+ response.setStatus(HttpStatus.FORBIDDEN.value());
|
|
|
|
|
+ ServletUtil.returnJson(new StatusResponse("403", "unallowed"), response);
|
|
|
|
|
+ return false;
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
if (StringUtils.isBlank(key)) {
|
|
if (StringUtils.isBlank(key)) {
|
WANG