增加写权限验证

manager/src/main/java/cc/iotkit/manager/config/KeycloakSecurityConfig.java

@@ -54,7 +54,10 @@ public class KeycloakSecurityConfig extends KeycloakWebSecurityConfigurerAdapter
         http
                 .authorizeRequests()
                 .antMatchers("/*.html", "/favicon.ico","/v2/api-docs", "/webjars/**", "/swagger-resources/**", "/*.js").permitAll()
-                .antMatchers("/user/registerCheck", "/user/registerConfirm").permitAll()
+                .antMatchers("/**/save*").hasRole("iot_write")
+                .antMatchers("/**/del*").hasRole("iot_write")
+                .antMatchers("/**/add*").hasRole("iot_write")
+                .antMatchers("/**/clear*").hasRole("iot_write")
                 .antMatchers("/**").hasAnyRole(systemRole)
                 .antMatchers("/api/**").hasAnyRole("iot_client_user")
                 .and().csrf().disable();

manager/src/main/java/cc/iotkit/manager/controller/DeviceController.java

@@ -84,10 +84,11 @@ public class DeviceController {
 
     @GetMapping("/{deviceId}/children")
     public List<DeviceInfo> getChildren(@PathVariable("deviceId") String deviceId) {
-        return deviceRepository.findAll(Example.of(DeviceInfo.builder()
+        return deviceRepository.findAll(Example.of(
+                dataOwnerService.wrapExample(
+                        DeviceInfo.builder()
                                 .parentId(deviceId)
-                .uid(AuthUtil.getUserId())
-                .build()));
+                                .build())));
     }
 
     @GetMapping("/{deviceId}")