引入 spring boot admin 监控

2021-01-23 23:26:38 +08:00
parent bbe71ec2c8
commit 53fbd985c8
8 changed files with 109 additions and 92 deletions
--- a/src/main/java/cn/iocoder/dashboard/framework/security/config/SecurityConfiguration.java
+++ b/src/main/java/cn/iocoder/dashboard/framework/security/config/SecurityConfiguration.java
@@ -3,6 +3,7 @@ package cn.iocoder.dashboard.framework.security.config;
 import cn.iocoder.dashboard.framework.security.core.filter.JwtAuthenticationTokenFilter;
 import cn.iocoder.dashboard.framework.security.core.handler.LogoutSuccessHandlerImpl;
 import cn.iocoder.dashboard.framework.web.config.WebProperties;
+import de.codecentric.boot.admin.server.config.AdminServerProperties;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.http.HttpMethod;
@@ -60,6 +61,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Resource
    private WebProperties webProperties;
+    @Resource
+    private AdminServerProperties adminServerProperties;

    /**
     * 由于 Spring Security 创建 AuthenticationManager 对象时，没声明 @Bean 注解，导致无法被注入
@@ -134,6 +137,13 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
                .antMatchers("/swagger-resources/**").anonymous()
                .antMatchers("/webjars/**").anonymous()
                .antMatchers("/*/api-docs").anonymous()
+                // Spring Boot Admin Server 的安全配置
+                .antMatchers(adminServerProperties.getContextPath()).anonymous()
+                .antMatchers(adminServerProperties.getContextPath() + "/**").anonymous()
+                // Spring Boot Actuator 的安全配置
+                .antMatchers("/actuator").anonymous()
+                .antMatchers("/actuator/**").anonymous()
+                // TODO
                .antMatchers("/druid/**").hasAnyAuthority("druid") // TODO 芋艿，未来需要在拓展下
                // 除上面外的所有请求全部需要鉴权认证
                .anyRequest().authenticated()
--- a/src/main/java/cn/iocoder/dashboard/framework/security/core/service/SecurityPermissionFrameworkService.java
+++ b/src/main/java/cn/iocoder/dashboard/framework/security/core/service/SecurityPermissionFrameworkService.java
@@ -1,5 +1,7 @@
 package cn.iocoder.dashboard.framework.security.core.service;

+import cn.iocoder.dashboard.modules.system.dal.mysql.dataobject.permission.SysRoleDO;
+
 /**
 * Security 框架 Permission Service 接口，定义 security 组件需要的功能
 *
@@ -23,4 +25,22 @@ public interface SecurityPermissionFrameworkService {
     */
    boolean hasAnyPermissions(String... permissions);

+    /**
+     * 判断是否有角色
+     *
+     * 注意，角色使用的是 {@link SysRoleDO#getCode()} 标识
+     *
+     * @param role 角色
+     * @return 是否
+     */
+    boolean hasRole(String role);
+
+    /**
+     * 判断是否有角色，任一一个即可
+     *
+     * @param roles 角色数组
+     * @return 是否
+     */
+    boolean hasAnyRoles(String... roles);
+
 }