From 39bf9cf5b0cbdadd9167718d4bfebe5d885fa03e Mon Sep 17 00:00:00 2001
From: YunaiV <zhijiantianya@gmail.com>
Date: Tue, 23 Jul 2024 22:15:14 +0800
Subject: [PATCH] =?UTF-8?q?=E3=80=90=E4=BB=A3=E7=A0=81=E4=BF=AE=E5=A4=8D?=
 =?UTF-8?q?=E3=80=91REPORT=EF=BC=9A=E4=BF=AE=E5=A4=8D=E7=A7=AF=E6=9C=A8?=
 =?UTF-8?q?=E5=9C=A8=E8=AE=BF=E9=97=AE=20jmreport/index=20=E4=BC=9A?=
 =?UTF-8?q?=E6=8A=A5=E9=94=99=E7=9A=84=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../jmreport/core/service/JmReportTokenServiceImpl.java    | 7 +++++++
 .../framework/security/config/SecurityConfiguration.java   | 7 ++-----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/jmreport/core/service/JmReportTokenServiceImpl.java b/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/jmreport/core/service/JmReportTokenServiceImpl.java
index 6d3225164..fd28ac3a0 100644
--- a/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/jmreport/core/service/JmReportTokenServiceImpl.java
+++ b/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/jmreport/core/service/JmReportTokenServiceImpl.java
@@ -133,6 +133,13 @@ public class JmReportTokenServiceImpl implements JmReportTokenServiceI {
 
     @Override
     public String[] getRoles(String token) {
+        // 设置租户上下文。原因是：/jmreport/** 纯前端地址，不会走 buildLoginUserByToken 逻辑
+        LoginUser loginUser = SecurityFrameworkUtils.getLoginUser();
+        if (loginUser == null) {
+            return null;
+        }
+        TenantContextHolder.setTenantId(loginUser.getTenantId());
+
         // 参见文档 https://help.jeecg.com/jimureport/prodSafe.html 文档
         // 适配：如果是本系统的管理员，则转换成 jimu 报表的管理员
         Long userId = SecurityFrameworkUtils.getLoginUserId();
diff --git a/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java b/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java
index a21f5f7f7..5e5297127 100644
--- a/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java
+++ b/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java
@@ -1,8 +1,6 @@
 package cn.iocoder.yudao.module.report.framework.security.config;
 
 import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer;
-import cn.iocoder.yudao.module.system.api.oauth2.OAuth2TokenApi;
-import jakarta.annotation.Resource;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -14,16 +12,15 @@ import org.springframework.security.config.annotation.web.configurers.AuthorizeH
 @Configuration("reportSecurityConfiguration")
 public class SecurityConfiguration {
 
-    @Resource
-    private OAuth2TokenApi oauth2TokenApi;
-
     @Bean("reportAuthorizeRequestsCustomizer")
     public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() {
         return new AuthorizeRequestsCustomizer() {
+
             @Override
             public void customize(AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry registry) {
                 registry.requestMatchers("/jmreport/**").permitAll(); // 积木报表
             }
+
         };
     }