From 520c09b80160508a3c2e50a0776ff83fc4c8f9a9 Mon Sep 17 00:00:00 2001
From: Chopper <liushuai711@gmail.com>
Date: Wed, 8 Dec 2021 20:21:51 +0800
Subject: [PATCH] =?UTF-8?q?=E5=BD=93=E7=94=A8=E6=88=B7=E4=B8=80=E4=B8=AA?=
 =?UTF-8?q?=E6=9D=83=E9=99=90=E9=83=BD=E6=B2=A1=E6=9C=89=E6=97=B6=EF=BC=8C?=
 =?UTF-8?q?=E4=BC=9A=E5=AF=BC=E8=87=B4=E7=94=A8=E6=88=B7=E6=97=A0=E6=B3=95?=
 =?UTF-8?q?=E8=BF=9B=E5=85=A5=E7=AE=A1=E7=90=86=E7=AB=AF=E9=A1=B5=E9=9D=A2?=
 =?UTF-8?q?=EF=BC=8C=E9=97=AE=E9=A2=98=E4=BF=AE=E5=A4=8D?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../system/token/ManagerTokenGenerate.java    | 50 +++++++++----------
 .../security/ManagerAuthenticationFilter.java |  9 ++--
 2 files changed, 30 insertions(+), 29 deletions(-)

diff --git a/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java b/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java
index 850560a9..aa9ec8e3 100644
--- a/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java
+++ b/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java
@@ -68,40 +68,40 @@ public class ManagerTokenGenerate extends AbstractTokenGenerate {
      */
     private Map<String, List<String>> permissionList(List<UserMenuVO> userMenuVOList) {
         Map<String, List<String>> permission = new HashMap<>(2);
-        if (userMenuVOList == null || userMenuVOList.size() == 0) {
-            return permission;
-        }
+
         List<String> superPermissions = new ArrayList<>();
         List<String> queryPermissions = new ArrayList<>();
         initPermission(superPermissions, queryPermissions);
 
         //循环权限菜单
-        userMenuVOList.forEach(menu -> {
-            //循环菜单，赋予用户权限
-            if (StrUtil.isNotEmpty(menu.getPermission())) {
-                //获取路径集合
-                String[] permissionUrl = menu.getPermission().split(",");
-                //for循环路径集合
-                for (String url : permissionUrl) {
-                    //如果是超级权限 则计入超级权限
-                    if (menu.getSuper()) {
-                        //如果已有超级权限，则这里就不做权限的累加
-                        if (!superPermissions.contains(url)) {
-                            superPermissions.add(url);
+        if (userMenuVOList == null || userMenuVOList.isEmpty()) {
+            userMenuVOList.forEach(menu -> {
+                //循环菜单，赋予用户权限
+                if (StrUtil.isNotEmpty(menu.getPermission())) {
+                    //获取路径集合
+                    String[] permissionUrl = menu.getPermission().split(",");
+                    //for循环路径集合
+                    for (String url : permissionUrl) {
+                        //如果是超级权限 则计入超级权限
+                        if (menu.getSuper()) {
+                            //如果已有超级权限，则这里就不做权限的累加
+                            if (!superPermissions.contains(url)) {
+                                superPermissions.add(url);
+                            }
                         }
-                    }
-                    //否则计入浏览权限
-                    else {
-                        //没有权限，则累加。
-                        if (!queryPermissions.contains(url)) {
-                            queryPermissions.add(url);
+                        //否则计入浏览权限
+                        else {
+                            //没有权限，则累加。
+                            if (!queryPermissions.contains(url)) {
+                                queryPermissions.add(url);
+                            }
                         }
                     }
                 }
-            }
-            //去除重复的权限
-            queryPermissions.removeAll(superPermissions);
-        });
+                //去除重复的权限
+                queryPermissions.removeAll(superPermissions);
+            });
+        }
         permission.put(PermissionEnum.SUPER.name(), superPermissions);
         permission.put(PermissionEnum.QUERY.name(), queryPermissions);
         return permission;
diff --git a/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java b/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java
index 23fdbf61..27a1586f 100755
--- a/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java
+++ b/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java
@@ -1,6 +1,7 @@
 package cn.lili.security;
 
 import cn.hutool.core.util.StrUtil;
+import cn.hutool.json.JSONUtil;
 import cn.lili.cache.Cache;
 import cn.lili.cache.CachePrefix;
 import cn.lili.common.security.AuthUser;
@@ -94,16 +95,16 @@ public class ManagerAuthenticationFilter extends BasicAuthenticationFilter {
                         match(permission.get(PermissionEnum.QUERY.name()), requestUrl)) {
                 } else {
                     ResponseUtil.output(response, ResponseUtil.resultMap(false, 400, "权限不足"));
-                    log.error("当前请求路径：{},所拥有权限：{}", requestUrl, permission);
-                    throw new NoPermissionException("权限不足-" + requestUrl);
+                    log.error("当前请求路径：{},所拥有权限：{}", requestUrl, JSONUtil.toJsonStr(permission));
+                    throw new NoPermissionException("权限不足");
                 }
             }
             //非get请求（数据操作） 判定鉴权
             else {
                 if (!match(permission.get(PermissionEnum.SUPER.name()), requestUrl)) {
                     ResponseUtil.output(response, ResponseUtil.resultMap(false, 400, "权限不足"));
-                    log.error("当前请求路径：{},所拥有权限：{}", requestUrl, permission);
-                    throw new NoPermissionException("权限不足-" + requestUrl);
+                    log.error("当前请求路径：{},所拥有权限：{}", requestUrl, JSONUtil.toJsonStr(permission));
+                    throw new NoPermissionException("权限不足");
                 }
             }
         }