当用户一个权限都没有时,会导致用户无法进入管理端页面,问题修复
This commit is contained in:
Chopper
parent
f850e4adaa
commit
520c09b801
@ -68,40 +68,40 @@ public class ManagerTokenGenerate extends AbstractTokenGenerate {
|
||||
*/
|
||||
private Map<String, List<String>> permissionList(List<UserMenuVO> userMenuVOList) {
|
||||
Map<String, List<String>> permission = new HashMap<>(2);
|
||||
if (userMenuVOList == null || userMenuVOList.size() == 0) {
|
||||
return permission;
|
||||
}
|
||||
|
||||
List<String> superPermissions = new ArrayList<>();
|
||||
List<String> queryPermissions = new ArrayList<>();
|
||||
initPermission(superPermissions, queryPermissions);
|
||||
|
||||
//循环权限菜单
|
||||
userMenuVOList.forEach(menu -> {
|
||||
//循环菜单,赋予用户权限
|
||||
if (StrUtil.isNotEmpty(menu.getPermission())) {
|
||||
//获取路径集合
|
||||
String[] permissionUrl = menu.getPermission().split(",");
|
||||
//for循环路径集合
|
||||
for (String url : permissionUrl) {
|
||||
//如果是超级权限 则计入超级权限
|
||||
if (menu.getSuper()) {
|
||||
//如果已有超级权限,则这里就不做权限的累加
|
||||
if (!superPermissions.contains(url)) {
|
||||
superPermissions.add(url);
|
||||
if (userMenuVOList == null || userMenuVOList.isEmpty()) {
|
||||
userMenuVOList.forEach(menu -> {
|
||||
//循环菜单,赋予用户权限
|
||||
if (StrUtil.isNotEmpty(menu.getPermission())) {
|
||||
//获取路径集合
|
||||
String[] permissionUrl = menu.getPermission().split(",");
|
||||
//for循环路径集合
|
||||
for (String url : permissionUrl) {
|
||||
//如果是超级权限 则计入超级权限
|
||||
if (menu.getSuper()) {
|
||||
//如果已有超级权限,则这里就不做权限的累加
|
||||
if (!superPermissions.contains(url)) {
|
||||
superPermissions.add(url);
|
||||
}
|
||||
}
|
||||
}
|
||||
//否则计入浏览权限
|
||||
else {
|
||||
//没有权限,则累加。
|
||||
if (!queryPermissions.contains(url)) {
|
||||
queryPermissions.add(url);
|
||||
//否则计入浏览权限
|
||||
else {
|
||||
//没有权限,则累加。
|
||||
if (!queryPermissions.contains(url)) {
|
||||
queryPermissions.add(url);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
//去除重复的权限
|
||||
queryPermissions.removeAll(superPermissions);
|
||||
});
|
||||
//去除重复的权限
|
||||
queryPermissions.removeAll(superPermissions);
|
||||
});
|
||||
}
|
||||
permission.put(PermissionEnum.SUPER.name(), superPermissions);
|
||||
permission.put(PermissionEnum.QUERY.name(), queryPermissions);
|
||||
return permission;
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
package cn.lili.security;
|
||||
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import cn.hutool.json.JSONUtil;
|
||||
import cn.lili.cache.Cache;
|
||||
import cn.lili.cache.CachePrefix;
|
||||
import cn.lili.common.security.AuthUser;
|
||||
@ -94,16 +95,16 @@ public class ManagerAuthenticationFilter extends BasicAuthenticationFilter {
|
||||
match(permission.get(PermissionEnum.QUERY.name()), requestUrl)) {
|
||||
} else {
|
||||
ResponseUtil.output(response, ResponseUtil.resultMap(false, 400, "权限不足"));
|
||||
log.error("当前请求路径:{},所拥有权限:{}", requestUrl, permission);
|
||||
throw new NoPermissionException("权限不足-" + requestUrl);
|
||||
log.error("当前请求路径:{},所拥有权限:{}", requestUrl, JSONUtil.toJsonStr(permission));
|
||||
throw new NoPermissionException("权限不足");
|
||||
}
|
||||
}
|
||||
//非get请求(数据操作) 判定鉴权
|
||||
else {
|
||||
if (!match(permission.get(PermissionEnum.SUPER.name()), requestUrl)) {
|
||||
ResponseUtil.output(response, ResponseUtil.resultMap(false, 400, "权限不足"));
|
||||
log.error("当前请求路径:{},所拥有权限:{}", requestUrl, permission);
|
||||
throw new NoPermissionException("权限不足-" + requestUrl);
|
||||
log.error("当前请求路径:{},所拥有权限:{}", requestUrl, JSONUtil.toJsonStr(permission));
|
||||
throw new NoPermissionException("权限不足");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user