修改cms/notice/noticTotal接口权限，不放行这个接口

2026-04-22 11:09:06 +08:00
parent 18f84e3c82
commit 3d5d8a3972
2 changed files with 3 additions and 3 deletions
--- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsNoticeController.java
+++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsNoticeController.java
@@ -190,8 +190,8 @@ public class CmsNoticeController extends BaseController
            return AjaxResult.success("未登录!,返回为空");
        }
        if(notice.getUserId()==null){
-            String idCard= RoleUtils.getCurrentUseridCard();
-            AppUser appUser=appUserService.selectAppuserByIdcard(idCard);
+            Long appuserId= RoleUtils.getSysAppuserId();
+            AppUser appUser=appUserService.selectAppUserByUserId(appuserId);
            if(appUser==null){
                error(HttpStatus.ERROR,"用户信息未完善,请完善身份证信息!");
            }else{
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -113,7 +113,7 @@ public class SecurityConfig
                // 对于登录login 注册register 验证码captchaImage 允许匿名访问
                requests.antMatchers("/login", "/register", "/captchaImage","/app/login","/websocket/**","/ws/**","/speech-recognition","/speech-synthesis",
                                "/cms/company/listPage","/cms/appUser/noTmlist","/getTjmhToken","/getWwTjmhToken","/getWwTjmHlwToken",
-                                "/cms/notice/noticTotal","/cms/jobApply/zphApply","/cms/jobApply/zphApplyAgree","/actuator/health").permitAll()
+                                "/cms/jobApply/zphApply","/cms/jobApply/zphApplyAgree","/actuator/health").permitAll()
                    // 静态资源，可匿名访问
                    .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
                    // 移动端公用查询，可匿名访问