q792602257/DataMate
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(auth): harden confidential knowledge access checks and sensitivity filtering

Browse Source
This commit is contained in:
Jerry Yan
2026-02-09 17:09:34 +08:00
parent 71f8f7d1c3
commit 2f8645a011
19 changed files with 383 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/api-gateway/src/main/java/com/datamate/gateway/filter/UserContextFilter.java
View File

@@ -83,11 +83,13 @@ public class UserContextFilter implements GlobalFilter, Ordered {
String userId = String.valueOf(claims.get("userId"));
String username = claims.getSubject();
List<String> roles = gatewayJwtUtils.getStringListClaim(claims, "roles");
List<String> permissions = gatewayJwtUtils.getStringListClaim(claims, "permissions");
ServerHttpRequest mutatedRequest = request.mutate()
.header("X-User-Id", userId)
.header("X-User-Name", username)
.header("X-User-Roles", String.join(",", roles))
.header("X-User-Permissions", String.join(",", permissions))
.build();
return chain.filter(exchange.mutate().request(mutatedRequest).build());
}