Merge remote-tracking branch 'origin/master'

ruoyi-admin/src/main/java/com/ruoyi/busi/service/impl/BusiNoticeServiceImpl.java

@@ -211,7 +211,7 @@ public class BusiNoticeServiceImpl extends ServiceImpl<BusiNoticeMapper,BusiNoti
     }
 
     @Override
-    @Transactional
+    @Transactional(rollbackFor = Exception.class)
     public String saveOrUpdateVo(BusiNotice data) throws Exception {
         //获取当前登录用户id
         Long userId = SecurityUtils.getUserId();

ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java

@@ -23,7 +23,7 @@ import com.ruoyi.framework.security.handle.LogoutSuccessHandlerImpl;
 
 /**
  * spring security配置
- * 
+ *
  * @author ruoyi
  */
 @EnableMethodSecurity(prePostEnabled = true, securedEnabled = true)
@@ -35,7 +35,7 @@ public class SecurityConfig
      */
     @Autowired
     private UserDetailsService userDetailsService;
-    
+
     /**
      * 认证失败处理类
      */
@@ -53,7 +53,7 @@ public class SecurityConfig
      */
     @Autowired
     private JwtAuthenticationTokenFilter authenticationTokenFilter;
-    
+
     /**
      * 跨域过滤器
      */
@@ -117,6 +117,7 @@ public class SecurityConfig
                         // 静态资源，可匿名访问
                         .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
                         .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
+                        .antMatchers("/cos/sts").permitAll()
                         // 除上面外的所有请求全部需要鉴权认证
                         .anyRequest().authenticated();
             })