7 months ago · 39bf9cf5b0
--- a/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/jmreport/core/service/JmReportTokenServiceImpl.java
+++ b/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/jmreport/core/service/JmReportTokenServiceImpl.java
@@ -133,6 +133,13 @@ public class JmReportTokenServiceImpl implements JmReportTokenServiceI {
 
				 
			
 
				     @Override
			
 
				     public String[] getRoles(String token) {
			
 
				+        // 设置租户上下文。原因是：/jmreport/** 纯前端地址，不会走 buildLoginUserByToken 逻辑
			
 
				+        LoginUser loginUser = SecurityFrameworkUtils.getLoginUser();
			
 
				+        if (loginUser == null) {
			
 
				+            return null;
			
 
				+        }
			
 
				+        TenantContextHolder.setTenantId(loginUser.getTenantId());
			
 
				+
			
 
				         // 参见文档 https://help.jeecg.com/jimureport/prodSafe.html 文档
			
 
				         // 适配：如果是本系统的管理员，则转换成 jimu 报表的管理员
			
 
				         Long userId = SecurityFrameworkUtils.getLoginUserId();
			
--- a/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java
+++ b/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java
@@ -1,8 +1,6 @@
 
				 package cn.iocoder.yudao.module.report.framework.security.config;
			
 
				 
			
 
				 import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer;
			
 
				-import cn.iocoder.yudao.module.system.api.oauth2.OAuth2TokenApi;
			
 
				-import jakarta.annotation.Resource;
			
 
				 import org.springframework.context.annotation.Bean;
			
 
				 import org.springframework.context.annotation.Configuration;
			
 
				 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
			
@@ -14,16 +12,15 @@ import org.springframework.security.config.annotation.web.configurers.AuthorizeH
 
				 @Configuration("reportSecurityConfiguration")
			
 
				 public class SecurityConfiguration {
			
 
				 
			
 
				-    @Resource
			
 
				-    private OAuth2TokenApi oauth2TokenApi;
			
 
				-
			
 
				     @Bean("reportAuthorizeRequestsCustomizer")
			
 
				     public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() {
			
 
				         return new AuthorizeRequestsCustomizer() {
			
 
				+
			
 
				             @Override
			
 
				             public void customize(AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry registry) {
			
 
				                 registry.requestMatchers("/jmreport/**").permitAll(); // 积木报表
			
 
				             }
			
 
				+
			
 
				         };
			
 
				     }