diff --git a/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java b/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java index 850560a9..aa9ec8e3 100644 --- a/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java +++ b/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java @@ -68,40 +68,40 @@ public class ManagerTokenGenerate extends AbstractTokenGenerate { */ private Map> permissionList(List userMenuVOList) { Map> permission = new HashMap<>(2); - if (userMenuVOList == null || userMenuVOList.size() == 0) { - return permission; - } + List superPermissions = new ArrayList<>(); List queryPermissions = new ArrayList<>(); initPermission(superPermissions, queryPermissions); //循环权限菜单 - userMenuVOList.forEach(menu -> { - //循环菜单,赋予用户权限 - if (StrUtil.isNotEmpty(menu.getPermission())) { - //获取路径集合 - String[] permissionUrl = menu.getPermission().split(","); - //for循环路径集合 - for (String url : permissionUrl) { - //如果是超级权限 则计入超级权限 - if (menu.getSuper()) { - //如果已有超级权限,则这里就不做权限的累加 - if (!superPermissions.contains(url)) { - superPermissions.add(url); + if (userMenuVOList == null || userMenuVOList.isEmpty()) { + userMenuVOList.forEach(menu -> { + //循环菜单,赋予用户权限 + if (StrUtil.isNotEmpty(menu.getPermission())) { + //获取路径集合 + String[] permissionUrl = menu.getPermission().split(","); + //for循环路径集合 + for (String url : permissionUrl) { + //如果是超级权限 则计入超级权限 + if (menu.getSuper()) { + //如果已有超级权限,则这里就不做权限的累加 + if (!superPermissions.contains(url)) { + superPermissions.add(url); + } } - } - //否则计入浏览权限 - else { - //没有权限,则累加。 - if (!queryPermissions.contains(url)) { - queryPermissions.add(url); + //否则计入浏览权限 + else { + //没有权限,则累加。 + if (!queryPermissions.contains(url)) { + queryPermissions.add(url); + } } } } - } - //去除重复的权限 - queryPermissions.removeAll(superPermissions); - }); + //去除重复的权限 + queryPermissions.removeAll(superPermissions); + }); + } permission.put(PermissionEnum.SUPER.name(), superPermissions); permission.put(PermissionEnum.QUERY.name(), queryPermissions); return permission; diff --git a/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java b/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java index 23fdbf61..27a1586f 100755 --- a/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java +++ b/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java @@ -1,6 +1,7 @@ package cn.lili.security; import cn.hutool.core.util.StrUtil; +import cn.hutool.json.JSONUtil; import cn.lili.cache.Cache; import cn.lili.cache.CachePrefix; import cn.lili.common.security.AuthUser; @@ -94,16 +95,16 @@ public class ManagerAuthenticationFilter extends BasicAuthenticationFilter { match(permission.get(PermissionEnum.QUERY.name()), requestUrl)) { } else { ResponseUtil.output(response, ResponseUtil.resultMap(false, 400, "权限不足")); - log.error("当前请求路径:{},所拥有权限:{}", requestUrl, permission); - throw new NoPermissionException("权限不足-" + requestUrl); + log.error("当前请求路径:{},所拥有权限:{}", requestUrl, JSONUtil.toJsonStr(permission)); + throw new NoPermissionException("权限不足"); } } //非get请求(数据操作) 判定鉴权 else { if (!match(permission.get(PermissionEnum.SUPER.name()), requestUrl)) { ResponseUtil.output(response, ResponseUtil.resultMap(false, 400, "权限不足")); - log.error("当前请求路径:{},所拥有权限:{}", requestUrl, permission); - throw new NoPermissionException("权限不足-" + requestUrl); + log.error("当前请求路径:{},所拥有权限:{}", requestUrl, JSONUtil.toJsonStr(permission)); + throw new NoPermissionException("权限不足"); } } }