当用户一个权限都没有时，会导致用户无法进入管理端页面，问题修复

2021-12-08 20:21:51 +08:00 · 2021-12-08 20:21:51 +08:00 · 520c09b801
commit 520c09b801
parent f850e4adaa
2 changed files with 30 additions and 29 deletions
--- a/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java
+++ b/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java
@ -68,14 +68,13 @@ public class ManagerTokenGenerate extends AbstractTokenGenerate {
     */
    private Map<String, List<String>> permissionList(List<UserMenuVO> userMenuVOList) {
        Map<String, List<String>> permission = new HashMap<>(2);
-        if (userMenuVOList == null || userMenuVOList.size() == 0) {
-            return permission;
-        }
+
        List<String> superPermissions = new ArrayList<>();
        List<String> queryPermissions = new ArrayList<>();
        initPermission(superPermissions, queryPermissions);

        //循环权限菜单
+        if (userMenuVOList == null || userMenuVOList.isEmpty()) {
            userMenuVOList.forEach(menu -> {
                //循环菜单，赋予用户权限
                if (StrUtil.isNotEmpty(menu.getPermission())) {
@ -102,6 +101,7 @@ public class ManagerTokenGenerate extends AbstractTokenGenerate {
                //去除重复的权限
                queryPermissions.removeAll(superPermissions);
            });
+        }
        permission.put(PermissionEnum.SUPER.name(), superPermissions);
        permission.put(PermissionEnum.QUERY.name(), queryPermissions);
        return permission;
--- a/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java
+++ b/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java
@ -1,6 +1,7 @@
 package cn.lili.security;

 import cn.hutool.core.util.StrUtil;
+import cn.hutool.json.JSONUtil;
 import cn.lili.cache.Cache;
 import cn.lili.cache.CachePrefix;
 import cn.lili.common.security.AuthUser;
@ -94,16 +95,16 @@ public class ManagerAuthenticationFilter extends BasicAuthenticationFilter {
                        match(permission.get(PermissionEnum.QUERY.name()), requestUrl)) {
                } else {
                    ResponseUtil.output(response, ResponseUtil.resultMap(false, 400, "权限不足"));
-                    log.error("当前请求路径：{},所拥有权限：{}", requestUrl, permission);
-                    throw new NoPermissionException("权限不足-" + requestUrl);
+                    log.error("当前请求路径：{},所拥有权限：{}", requestUrl, JSONUtil.toJsonStr(permission));
+                    throw new NoPermissionException("权限不足");
                }
            }
            //非get请求（数据操作） 判定鉴权
            else {
                if (!match(permission.get(PermissionEnum.SUPER.name()), requestUrl)) {
                    ResponseUtil.output(response, ResponseUtil.resultMap(false, 400, "权限不足"));
-                    log.error("当前请求路径：{},所拥有权限：{}", requestUrl, permission);
-                    throw new NoPermissionException("权限不足-" + requestUrl);
+                    log.error("当前请求路径：{},所拥有权限：{}", requestUrl, JSONUtil.toJsonStr(permission));
+                    throw new NoPermissionException("权限不足");
                }
            }
        }