diff --git a/.DS_Store b/.DS_Store old mode 100644 new mode 100755 diff --git a/device-server/mqtt-client-simulator/.DS_Store b/device-server/mqtt-client-simulator/.DS_Store old mode 100644 new mode 100755 diff --git a/manager/src/main/java/cc/iotkit/manager/config/KeycloakSecurityConfig.java b/manager/src/main/java/cc/iotkit/manager/config/KeycloakSecurityConfig.java index cb7230ff..a87de6b1 100755 --- a/manager/src/main/java/cc/iotkit/manager/config/KeycloakSecurityConfig.java +++ b/manager/src/main/java/cc/iotkit/manager/config/KeycloakSecurityConfig.java @@ -54,7 +54,10 @@ public class KeycloakSecurityConfig extends KeycloakWebSecurityConfigurerAdapter http .authorizeRequests() .antMatchers("/*.html", "/favicon.ico","/v2/api-docs", "/webjars/**", "/swagger-resources/**", "/*.js").permitAll() - .antMatchers("/user/registerCheck", "/user/registerConfirm").permitAll() + .antMatchers("/**/save*").hasRole("iot_write") + .antMatchers("/**/del*").hasRole("iot_write") + .antMatchers("/**/add*").hasRole("iot_write") + .antMatchers("/**/clear*").hasRole("iot_write") .antMatchers("/**").hasAnyRole(systemRole) .antMatchers("/api/**").hasAnyRole("iot_client_user") .and().csrf().disable(); diff --git a/manager/src/main/java/cc/iotkit/manager/controller/DeviceController.java b/manager/src/main/java/cc/iotkit/manager/controller/DeviceController.java index b7f26b7f..f89e0ec8 100755 --- a/manager/src/main/java/cc/iotkit/manager/controller/DeviceController.java +++ b/manager/src/main/java/cc/iotkit/manager/controller/DeviceController.java @@ -84,10 +84,11 @@ public class DeviceController { @GetMapping("/{deviceId}/children") public List getChildren(@PathVariable("deviceId") String deviceId) { - return deviceRepository.findAll(Example.of(DeviceInfo.builder() - .parentId(deviceId) - .uid(AuthUtil.getUserId()) - .build())); + return deviceRepository.findAll(Example.of( + dataOwnerService.wrapExample( + DeviceInfo.builder() + .parentId(deviceId) + .build()))); } @GetMapping("/{deviceId}")