diff --git a/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java b/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java index 20827a25..bcdbdb60 100644 --- a/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java +++ b/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java @@ -77,7 +77,7 @@ public class ManagerTokenGenerate extends AbstractTokenGenerate { //循环权限菜单 userMenuVOList.forEach(menu -> { //循环菜单,赋予用户权限 - if (menu.getPermission() != null) { + if (!menu.getPermission().isEmpty()) { //获取路径集合 String[] permissionUrl = menu.getPermission().split(","); //for循环路径集合 diff --git a/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java b/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java index ad040122..46c12778 100755 --- a/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java +++ b/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java @@ -84,7 +84,9 @@ public class ManagerAuthenticationFilter extends BasicAuthenticationFilter { //如果不是超级管理员, 则鉴权 if (!authUser.getIsSuper()) { + //获取缓存中的权限 Map> permission = (Map>) cache.get(CachePrefix.PERMISSION_LIST.getPrefix(UserEnums.MANAGER) + authUser.getId()); + //获取数据(GET 请求)权限 if (request.getMethod().equals(RequestMethod.GET.name())) { //如果用户的超级权限和查阅权限都不包含当前请求的api