Commit 2de7c17

committed

feat: add possibility to disable specific endpoints

1 parent 03d7605 commit 2de7c17Copy full SHA for 2de7c17

File tree

2 files changed

+28

-2

lines changed

server/api-service
- lowcoder-sdk/src/main/java/org/lowcoder/sdk/config
  - CommonConfig.java
- lowcoder-server/src/main/java/org/lowcoder/api/framework/security
  - SecurityConfig.java

2 files changed

+28

-2

lines changed

`‎server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/config/CommonConfig.java‎`

Lines changed: 15 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -8,9 +8,11 @@`
`8`	`8`	`import java.util.Set;`
`9`	`9`
`10`	`10`	`import org.apache.commons.collections4.CollectionUtils;`
	`11`	`+import org.apache.commons.collections4.ListUtils;`
`11`	`12`	`import org.apache.commons.lang3.StringUtils;`
`12`	`13`	`import org.lowcoder.sdk.constants.WorkspaceMode;`
`13`	`14`	`import org.springframework.boot.context.properties.ConfigurationProperties;`
	`15`	`+import org.springframework.http.HttpMethod;`
`14`	`16`	`import org.springframework.stereotype.Component;`
`15`	`17`
`16`	`18`	`import lombok.Data;`
`@@ -63,6 +65,8 @@ public static class Security {`
`63`	`65`	`// support of docker env file.`
`64`	`66`	`private String corsAllowedDomainString;`
`65`	`67`
	`68`	`+ private List<ApiEndpoint> forbiddenEndpoints;`
	`69`	`+`
`66`	`70`	`public List<String> getAllCorsAllowedDomains() {`
`67`	`71`	`List<String> all = new ArrayList<>();`
`68`	`72`	`if (CollectionUtils.isNotEmpty(corsAllowedDomains)) {`
`@@ -74,8 +78,19 @@ public List<String> getAllCorsAllowedDomains() {`
`74`	`78`	`}`
`75`	`79`	`return all;`
`76`	`80`	`}`
	`81`	`+`
	`82`	`+ public List<ApiEndpoint> getForbiddenEndpoints()`
	`83`	`+ {`
	`84`	`+ return ListUtils.emptyIfNull(forbiddenEndpoints);`
	`85`	`+ }`
`77`	`86`	`}`
`78`	`87`
	`88`	`+ @Data`
	`89`	`+ public static class ApiEndpoint {`
	`90`	`+ private HttpMethod method;`
	`91`	`+ private String uri;`
	`92`	`+ }`
	`93`	`+`
`79`	`94`	`@Data`
`80`	`95`	`public static class Workspace {`
`81`	`96`

`‎server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/framework/security/SecurityConfig.java‎`

Lines changed: 13 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -34,6 +34,7 @@`
`34`	`34`	`import org.springframework.security.config.web.server.ServerHttpSecurity;`
`35`	`35`	`import org.springframework.security.web.server.SecurityWebFilterChain;`
`36`	`36`	`import org.springframework.security.web.server.ServerAuthenticationEntryPoint;`
	`37`	`+import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;`
`37`	`38`	`import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;`
`38`	`39`	`import org.springframework.web.cors.CorsConfiguration;`
`39`	`40`	`import org.springframework.web.cors.reactive.CorsConfigurationSource;`
`@@ -62,8 +63,17 @@ public class SecurityConfig {`
`62`	`63`	`@Bean`
`63`	`64`	`public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {`
`64`	`65`
`65`		`-`
`66`		`- http.cors()`
	`66`	`+ if (!commonConfig.getSecurity().getForbiddenEndpoints().isEmpty())`
	`67`	`+ {`
	`68`	`+ http.authorizeExchange()`
	`69`	`+ .matchers(`
	`70`	`+ commonConfig.getSecurity().getForbiddenEndpoints().stream()`
	`71`	`+ .map(apiEndpoint -> ServerWebExchangeMatchers.pathMatchers(apiEndpoint.getMethod(), apiEndpoint.getUri()))`
	`72`	`+ .toArray(size -> new ServerWebExchangeMatcher[size])`
	`73`	`+ ).denyAll();`
	`74`	`+ }`
	`75`	`+`
	`76`	`+ http.cors()`
`67`	`77`	`.configurationSource(buildCorsConfigurationSource())`
`68`	`78`	`.and()`
`69`	`79`	`.csrf().disable()`
`@@ -137,6 +147,7 @@ public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {`
`137`	`147`	`return http.build();`
`138`	`148`	`}`
`139`	`149`
	`150`	`+`
`140`	`151`	`/**`
`141`	`152`	`* enable CORS`
`142`	`153`	`*/`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit 2de7c17

File tree

2 files changed

2 files changed

`‎server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/config/CommonConfig.java‎`

`‎server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/framework/security/SecurityConfig.java‎`

0 commit comments