From 2980c6e3eb503b4489870d9e12e73e3fc256e401 Mon Sep 17 00:00:00 2001
From: Awen <39176130+yu1183688986@users.noreply.github.com>
Date: Wed, 9 Mar 2022 14:55:54 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=AD=A3=E5=B8=B8=E7=A7=9F?=
 =?UTF-8?q?=E6=88=B7=E7=99=BB=E9=99=86=E5=90=8E=E9=80=80=E5=87=BA=E5=88=87?=
 =?UTF-8?q?=E6=8D=A2=E5=88=B0=E8=BF=87=E6=9C=9F=E7=A7=9F=E6=88=B7=E6=97=B6?=
 =?UTF-8?q?=E9=80=A0=E6=88=90=E7=9A=84tenant.ignore-urls=E9=85=8D=E7=BD=AE?=
 =?UTF-8?q?=E5=A4=B1=E6=95=88=E7=9A=84=E9=97=AE=E9=A2=98=EF=BC=8C=E6=AF=94?=
 =?UTF-8?q?=E5=A6=82=E6=97=A0=E6=B3=95=E8=8E=B7=E5=8F=96=E9=AA=8C=E8=AF=81?=
 =?UTF-8?q?=E7=A0=81=E5=9B=BE=E7=89=87=E7=AD=89=E9=80=A0=E6=88=90=E6=97=A0?=
 =?UTF-8?q?=E6=B3=95=E7=99=BB=E5=BD=95=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../security/TenantSecurityWebFilter.java     | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/yudao-framework/yudao-spring-boot-starter-biz-tenant/src/main/java/cn/iocoder/yudao/framework/tenant/core/security/TenantSecurityWebFilter.java b/yudao-framework/yudao-spring-boot-starter-biz-tenant/src/main/java/cn/iocoder/yudao/framework/tenant/core/security/TenantSecurityWebFilter.java
index 0e1f63461..31cab144b 100644
--- a/yudao-framework/yudao-spring-boot-starter-biz-tenant/src/main/java/cn/iocoder/yudao/framework/tenant/core/security/TenantSecurityWebFilter.java
+++ b/yudao-framework/yudao-spring-boot-starter-biz-tenant/src/main/java/cn/iocoder/yudao/framework/tenant/core/security/TenantSecurityWebFilter.java
@@ -75,16 +75,16 @@ public class TenantSecurityWebFilter extends ApiRequestFilter {
             }
         }
 
-        // 2. 如果请求未带租户的编号，检查是否是忽略的 URL，否则也不允许访问。
-        if (tenantId == null && !isIgnoreUrl(request)) {
-            log.error("[doFilterInternal][URL({}/{}) 未传递租户编号]", request.getRequestURI(), request.getMethod());
-            ServletUtils.writeJSON(response, CommonResult.error(GlobalErrorCodeConstants.BAD_REQUEST.getCode(),
-                    "租户的请求未传递，请进行排查"));
-            return;
-        }
-
-        // 3. 校验租户是合法，例如说被禁用、到期
-        if (tenantId != null) {
+        //检查是否是忽略的 URL, 如果是则允许访问
+        if (!isIgnoreUrl(request)) {
+            // 2. 如果请求未带租户的编号，不允许访问。
+            if (tenantId == null) {
+                log.error("[doFilterInternal][URL({}/{}) 未传递租户编号]", request.getRequestURI(), request.getMethod());
+                ServletUtils.writeJSON(response, CommonResult.error(GlobalErrorCodeConstants.BAD_REQUEST.getCode(),
+                        "租户的请求未传递，请进行排查"));
+                return;
+            }
+            // 3. 校验租户是合法，例如说被禁用、到期
             try {
                 tenantFrameworkService.validTenant(tenantId);
             } catch (Throwable ex) {