mirror of
https://bitbucket.org/wisemapping/wisemapping-open-source.git
synced 2024-11-23 22:47:57 +01:00
Fix public map access.
This commit is contained in:
parent
c783feef65
commit
87712b2493
@ -1,7 +1,5 @@
|
||||
package com.wisemapping.config;
|
||||
|
||||
import com.wisemapping.exceptions.AccessDeniedSecurityException;
|
||||
import com.wisemapping.exceptions.MapNotPublicSecurityException;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.web.servlet.HandlerExceptionResolver;
|
||||
@ -11,8 +9,6 @@ import org.springframework.web.servlet.handler.SimpleMappingExceptionResolver;
|
||||
import org.springframework.web.servlet.view.InternalResourceViewResolver;
|
||||
import org.springframework.web.servlet.view.JstlView;
|
||||
|
||||
import java.util.Properties;
|
||||
|
||||
@EnableWebMvc
|
||||
@Configuration
|
||||
public class AppConfig {
|
||||
|
@ -80,7 +80,7 @@ public class SecurityConfig {
|
||||
.requestMatchers("/registration", "registration-success", "/registration-google").permitAll()
|
||||
.requestMatchers("/forgot-password", "/forgot-password-success").permitAll()
|
||||
.requestMatchers("/maps/*/embed", "/maps/*/try", "/maps/*/public").permitAll()
|
||||
.requestMatchers("/restful/maps/*/document/xml-pub").permitAll()
|
||||
.requestMatchers("/maps/*/document/xml-pub").permitAll()
|
||||
.requestMatchers("/**").hasAnyRole("USER", "ADMIN")
|
||||
.anyRequest().authenticated())
|
||||
.formLogin((loginForm) ->
|
||||
@ -112,7 +112,7 @@ public class SecurityConfig {
|
||||
public SecurityFilterChain shareResourcesFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
|
||||
return http.authorizeHttpRequests(
|
||||
(auth) ->
|
||||
auth.requestMatchers("/static/**", "/css/**", "/js/**", "/images/**", "/favicon.ico").permitAll()
|
||||
auth.requestMatchers("/static/**", "/css/**", "/js/**", "/images/**", "/*").permitAll()
|
||||
).build();
|
||||
}
|
||||
|
||||
|
@ -84,8 +84,7 @@ public class MindmapController extends BaseController {
|
||||
List<Mindmap> mindmaps = mindmapService.findMindmapsByUser(user);
|
||||
mindmaps = mindmaps
|
||||
.stream()
|
||||
.filter(m -> filter.accept(m, user))
|
||||
.collect(Collectors.toUnmodifiableList());
|
||||
.filter(m -> filter.accept(m, user)).toList();
|
||||
|
||||
return new RestMindmapList(mindmaps, user);
|
||||
}
|
||||
@ -148,6 +147,7 @@ public class MindmapController extends BaseController {
|
||||
saveMindmapDocument(minor, mindmap, user);
|
||||
}
|
||||
|
||||
@PreAuthorize("permitAll()")
|
||||
@RequestMapping(method = RequestMethod.GET, value = {"/maps/{id}/document/xml", "/maps/{id}/document/xml-pub"}, consumes = {"text/plain"}, produces = {"application/xml; charset=UTF-8"})
|
||||
@ResponseBody
|
||||
public byte[] retrieveDocument(@PathVariable int id, @NotNull HttpServletResponse response) throws WiseMappingException, IOException {
|
||||
|
Loading…
Reference in New Issue
Block a user